schemathesis 3.25.6__py3-none-any.whl → 4.0.0a1__py3-none-any.whl

schemathesis/specs/openapi/_hypothesis.py

@@ -1,122 +1,65 @@
 from __future__ import annotations
-import string
-from base64 import b64encode
+
+import time
 from contextlib import suppress
 from dataclasses import dataclass
-from functools import lru_cache
-from typing import Any, Callable, Dict, Iterable, Optional
+from typing import Any, Callable, Dict, Iterable, Optional, Union, cast
 from urllib.parse import quote_plus
 from weakref import WeakKeyDictionary
 
-from hypothesis import strategies as st, reject
+from hypothesis import event, note, reject
+from hypothesis import strategies as st
 from hypothesis_jsonschema import from_schema
-from requests.auth import _basic_auth_str
-from requests.structures import CaseInsensitiveDict
-from requests.utils import to_key_val_list
-
-from ..._hypothesis import prepare_urlencoded
-from ...constants import NOT_SET
-from .formats import STRING_FORMATS
-from ... import auths, serializers
-from ...generation import DataGenerationMethod, GenerationConfig
-from ...internal.copy import fast_deepcopy
-from ...exceptions import SerializationNotPossible, BodyInGetRequestError
+
+from schemathesis.core import NOT_SET, NotSet, media_types
+from schemathesis.core.control import SkipTest
+from schemathesis.core.errors import SERIALIZERS_SUGGESTION_MESSAGE, SerializationNotPossible
+from schemathesis.core.transforms import deepclone
+from schemathesis.core.transport import prepare_urlencoded
+from schemathesis.generation.meta import (
+    CaseMetadata,
+    ComponentInfo,
+    ComponentKind,
+    ExplicitPhaseData,
+    GeneratePhaseData,
+    GenerationInfo,
+    PhaseInfo,
+    TestPhase,
+)
+from schemathesis.openapi.generation.filters import is_valid_header, is_valid_path, is_valid_query, is_valid_urlencoded
+from schemathesis.schemas import APIOperation
+
+from ... import auths
+from ...generation import GenerationConfig, GenerationMode
 from ...hooks import HookContext, HookDispatcher, apply_to_all_dispatchers
-from ...internal.validation import is_illegal_surrogate
-from ...models import APIOperation, Case, cant_serialize
-from ...transports.content_types import parse_content_type
-from ...transports.headers import has_invalid_characters, is_latin_1_encodable
-from ...types import NotSet
-from ...serializers import Binary
-from ...utils import compose, skip
 from .constants import LOCATION_TO_CONTAINER
+from .formats import HEADER_FORMAT, STRING_FORMATS, get_default_format_strategies, header_values
+from .media_types import MEDIA_TYPES
 from .negative import negative_schema
 from .negative.utils import can_negate
-from .parameters import OpenAPIBody, parameters_to_json_schema
+from .parameters import OpenAPIBody, OpenAPIParameter, parameters_to_json_schema
 from .utils import is_header_location
 
-HEADER_FORMAT = "_header_value"
 SLASH = "/"
 StrategyFactory = Callable[[Dict[str, Any], str, str, Optional[str], GenerationConfig], st.SearchStrategy]
 
 
-def header_values(blacklist_characters: str = "\n\r") -> st.SearchStrategy[str]:
-    return st.text(alphabet=st.characters(min_codepoint=0, max_codepoint=255, blacklist_characters="\n\r"))
-
-
-@lru_cache
-def get_default_format_strategies() -> dict[str, st.SearchStrategy]:
-    """Get all default "format" strategies."""
-
-    def make_basic_auth_str(item: tuple[str, str]) -> str:
-        return _basic_auth_str(*item)
-
-    latin1_text = st.text(alphabet=st.characters(min_codepoint=0, max_codepoint=255))
-
-    # Define valid characters here to avoid filtering them out in `is_valid_header` later
-    header_value = header_values()
-
-    return {
-        "binary": st.binary().map(Binary),
-        "byte": st.binary().map(lambda x: b64encode(x).decode()),
-        # RFC 7230, Section 3.2.6
-        "_header_name": st.text(
-            min_size=1, alphabet=st.sampled_from("!#$%&'*+-.^_`|~" + string.digits + string.ascii_letters)
-        ),
-        # Header values with leading non-visible chars can't be sent with `requests`
-        HEADER_FORMAT: header_value.map(str.lstrip),
-        "_basic_auth": st.tuples(latin1_text, latin1_text).map(make_basic_auth_str),
-        "_bearer_auth": header_value.map("Bearer {}".format),
-    }
-
-
-def is_valid_header(headers: dict[str, Any]) -> bool:
-    """Verify if the generated headers are valid."""
-    for name, value in headers.items():
-        if not is_latin_1_encodable(value):
-            return False
-        if has_invalid_characters(name, value):
-            return False
-    return True
-
-
-def is_valid_query(query: dict[str, Any]) -> bool:
-    """Surrogates are not allowed in a query string.
-
-    `requests` and `werkzeug` will fail to send it to the application.
-    """
-    for name, value in query.items():
-        if is_illegal_surrogate(name) or is_illegal_surrogate(value):
-            return False
-    return True
-
-
-def is_valid_urlencoded(data: Any) -> bool:
-    if data is NOT_SET:
-        return True
-    try:
-        for _, __ in to_key_val_list(data):  # type: ignore[no-untyped-call]
-            pass
-        return True
-    except (TypeError, ValueError):
-        return False
-
-
 @st.composite  # type: ignore
-def get_case_strategy(
+def openapi_cases(
     draw: Callable,
+    *,
     operation: APIOperation,
     hooks: HookDispatcher | None = None,
     auth_storage: auths.AuthStorage | None = None,
-    generator: DataGenerationMethod = DataGenerationMethod.default(),
-    generation_config: GenerationConfig | None = None,
+    generation_mode: GenerationMode = GenerationMode.default(),
+    generation_config: GenerationConfig,
     path_parameters: NotSet | dict[str, Any] = NOT_SET,
     headers: NotSet | dict[str, Any] = NOT_SET,
     cookies: NotSet | dict[str, Any] = NOT_SET,
     query: NotSet | dict[str, Any] = NOT_SET,
     body: Any = NOT_SET,
     media_type: str | None = None,
-    skip_on_not_negated: bool = True,
+    phase: TestPhase = TestPhase.GENERATE,
 ) -> Any:
     """A strategy that creates `Case` instances.
 
@@ -130,70 +73,110 @@ def get_case_strategy(
     The primary purpose of this behavior is to prevent sending incomplete explicit examples by generating missing parts
     as it works with `body`.
     """
-    strategy_factory = DATA_GENERATION_METHOD_TO_STRATEGY_FACTORY[generator]
+    start = time.monotonic()
+    strategy_factory = GENERATOR_MODE_TO_STRATEGY_FACTORY[generation_mode]
 
     context = HookContext(operation)
 
-    generation_config = generation_config or operation.schema.generation_config
-
     path_parameters_ = generate_parameter(
-        "path", path_parameters, operation, draw, context, hooks, generator, generation_config
+        "path", path_parameters, operation, draw, context, hooks, generation_mode, generation_config
+    )
+    headers_ = generate_parameter(
+        "header", headers, operation, draw, context, hooks, generation_mode, generation_config
+    )
+    cookies_ = generate_parameter(
+        "cookie", cookies, operation, draw, context, hooks, generation_mode, generation_config
     )
-    headers_ = generate_parameter("header", headers, operation, draw, context, hooks, generator, generation_config)
-    cookies_ = generate_parameter("cookie", cookies, operation, draw, context, hooks, generator, generation_config)
-    query_ = generate_parameter("query", query, operation, draw, context, hooks, generator, generation_config)
+    query_ = generate_parameter("query", query, operation, draw, context, hooks, generation_mode, generation_config)
 
     if body is NOT_SET:
         if operation.body:
-            body_generator = generator
-            if generator.is_negative:
+            body_generator = generation_mode
+            if generation_mode.is_negative:
                 # Consider only schemas that are possible to negate
                 candidates = [item for item in operation.body.items if can_negate(item.as_json_schema(operation))]
                 # Not possible to negate body, fallback to positive data generation
                 if not candidates:
                     candidates = operation.body.items
                     strategy_factory = make_positive_strategy
-                    body_generator = DataGenerationMethod.positive
+                    body_generator = GenerationMode.POSITIVE
             else:
                 candidates = operation.body.items
             parameter = draw(st.sampled_from(candidates))
             strategy = _get_body_strategy(parameter, strategy_factory, operation, generation_config)
             strategy = apply_hooks(operation, context, hooks, strategy, "body")
             # Parameter may have a wildcard media type. In this case, choose any supported one
-            possible_media_types = sorted(serializers.get_matching_media_types(parameter.media_type))
+            possible_media_types = sorted(
+                operation.schema.transport.get_matching_media_types(parameter.media_type), key=lambda x: x[0]
+            )
             if not possible_media_types:
                 all_media_types = operation.get_request_payload_content_types()
-                if all(serializers.get_first_matching_media_type(media_type) is None for media_type in all_media_types):
+                if all(
+                    operation.schema.transport.get_first_matching_media_type(media_type) is None
+                    for media_type in all_media_types
+                ):
                     # None of media types defined for this operation are not supported
                     raise SerializationNotPossible.from_media_types(*all_media_types)
                 # Other media types are possible - avoid choosing this media type in the future
-                cant_serialize(parameter.media_type)
-            media_type = draw(st.sampled_from(possible_media_types))
-            if media_type is not None and parse_content_type(media_type) == ("application", "x-www-form-urlencoded"):
+                event_text = f"Can't serialize data to `{parameter.media_type}`."
+                note(f"{event_text} {SERIALIZERS_SUGGESTION_MESSAGE}")
+                event(event_text)
+                reject()  # type: ignore
+            media_type, _ = draw(st.sampled_from(possible_media_types))
+            if media_type is not None and media_types.parse(media_type) == (
+                "application",
+                "x-www-form-urlencoded",
+            ):
                 strategy = strategy.map(prepare_urlencoded).filter(is_valid_urlencoded)
             body_ = ValueContainer(value=draw(strategy), location="body", generator=body_generator)
         else:
             body_ = ValueContainer(value=body, location="body", generator=None)
     else:
+        # This explicit body payload comes for a media type that has a custom strategy registered
+        # Such strategies only support binary payloads, otherwise they can't be serialized
+        if not isinstance(body, bytes) and media_type in MEDIA_TYPES:
+            all_media_types = operation.get_request_payload_content_types()
+            raise SerializationNotPossible.from_media_types(*all_media_types)
         body_ = ValueContainer(value=body, location="body", generator=None)
 
-    if operation.schema.validate_schema and operation.method.upper() == "GET" and operation.body:
-        raise BodyInGetRequestError("GET requests should not contain body parameters.")
     # If we need to generate negative cases but no generated values were negated, then skip the whole test
-    if generator.is_negative and not any_negated_values([query_, cookies_, headers_, path_parameters_, body_]):
-        if skip_on_not_negated:
-            skip(operation.verbose_name)
+    if generation_mode.is_negative and not any_negated_values([query_, cookies_, headers_, path_parameters_, body_]):
+        if generation_config.modes == [GenerationMode.NEGATIVE]:
+            raise SkipTest("Impossible to generate negative test cases")
         else:
             reject()
-    instance = Case(
-        operation=operation,
+
+    _phase_data = {
+        TestPhase.EXPLICIT: ExplicitPhaseData(),
+        TestPhase.GENERATE: GeneratePhaseData(),
+    }[phase]
+    phase_data = cast(Union[ExplicitPhaseData, GeneratePhaseData], _phase_data)
+
+    instance = operation.Case(
         media_type=media_type,
         path_parameters=path_parameters_.value,
-        headers=CaseInsensitiveDict(headers_.value) if headers_.value is not None else headers_.value,
+        headers=headers_.value,
         cookies=cookies_.value,
         query=query_.value,
         body=body_.value,
-        data_generation_method=generator,
+        meta=CaseMetadata(
+            generation=GenerationInfo(
+                time=time.monotonic() - start,
+                mode=generation_mode,
+            ),
+            phase=PhaseInfo(name=phase, data=phase_data),
+            components={
+                kind: ComponentInfo(mode=value.generator)
+                for kind, value in [
+                    (ComponentKind.QUERY, query_),
+                    (ComponentKind.PATH_PARAMETERS, path_parameters_),
+                    (ComponentKind.HEADERS, headers_),
+                    (ComponentKind.COOKIES, cookies_),
+                    (ComponentKind.BODY, body_),
+                ]
+                if value.generator is not None
+            },
+        ),
     )
     auth_context = auths.AuthContext(
         operation=operation,
@@ -212,13 +195,15 @@ def _get_body_strategy(
     operation: APIOperation,
     generation_config: GenerationConfig,
 ) -> st.SearchStrategy:
+    if parameter.media_type in MEDIA_TYPES:
+        return MEDIA_TYPES[parameter.media_type]
     # The cache key relies on object ids, which means that the parameter should not be mutated
     # Note, the parent schema is not included as each parameter belong only to one schema
     if parameter in _BODY_STRATEGIES_CACHE and strategy_factory in _BODY_STRATEGIES_CACHE[parameter]:
         return _BODY_STRATEGIES_CACHE[parameter][strategy_factory]
     schema = parameter.as_json_schema(operation)
     schema = operation.schema.prepare_schema(schema)
-    strategy = strategy_factory(schema, operation.verbose_name, "body", parameter.media_type, generation_config)
+    strategy = strategy_factory(schema, operation.label, "body", parameter.media_type, generation_config)
     if not parameter.is_required:
         strategy |= st.just(NOT_SET)
     _BODY_STRATEGIES_CACHE.setdefault(parameter, {})[strategy_factory] = strategy
@@ -248,7 +233,7 @@ def get_parameters_value(
     strategy = apply_hooks(operation, context, hooks, strategy, location)
     new = draw(strategy)
     if new is not None:
-        copied = fast_deepcopy(value)
+        copied = deepclone(value)
         copied.update(new)
         return copied
     return value
@@ -263,7 +248,9 @@ class ValueContainer:
 
     value: Any
     location: str
-    generator: DataGenerationMethod | None
+    generator: GenerationMode | None
+
+    __slots__ = ("value", "location", "generator")
 
     @property
     def is_generated(self) -> bool:
@@ -273,7 +260,7 @@ class ValueContainer:
 
 def any_negated_values(values: list[ValueContainer]) -> bool:
     """Check if any generated values are negated."""
-    return any(value.generator == DataGenerationMethod.negative for value in values if value.is_generated)
+    return any(value.generator == GenerationMode.NEGATIVE for value in values if value.is_generated)
 
 
 def generate_parameter(
@@ -283,7 +270,7 @@ def generate_parameter(
     draw: Callable,
     context: HookContext,
     hooks: HookDispatcher | None,
-    generator: DataGenerationMethod,
+    generator: GenerationMode,
     generation_config: GenerationConfig,
 ) -> ValueContainer:
     """Generate a value for a parameter.
@@ -297,13 +284,13 @@ def generate_parameter(
         # If we can't negate any parameter, generate positive ones
         # If nothing else will be negated, then skip the test completely
         strategy_factory = make_positive_strategy
-        generator = DataGenerationMethod.positive
+        generator = GenerationMode.POSITIVE
     else:
-        strategy_factory = DATA_GENERATION_METHOD_TO_STRATEGY_FACTORY[generator]
+        strategy_factory = GENERATOR_MODE_TO_STRATEGY_FACTORY[generator]
     value = get_parameters_value(
         explicit, location, draw, operation, context, hooks, strategy_factory, generation_config
     )
-    used_generator: DataGenerationMethod | None = generator
+    used_generator: GenerationMode | None = generator
     if value == explicit:
         # When we pass `explicit`, then its parts are excluded from generation of the final value
         # If the final value is the same, then other parameters were generated at all
@@ -332,6 +319,18 @@ def can_negate_headers(operation: APIOperation, location: str) -> bool:
     return any(header != {"type": "string"} for header in headers.values())
 
 
+def get_schema_for_location(
+    operation: APIOperation, location: str, parameters: Iterable[OpenAPIParameter]
+) -> dict[str, Any]:
+    schema = parameters_to_json_schema(operation, parameters)
+    if location == "path":
+        schema["required"] = list(schema["properties"])
+        for prop in schema.get("properties", {}).values():
+            if prop.get("type") == "string":
+                prop.setdefault("minLength", 1)
+    return operation.schema.prepare_schema(schema)
+
+
 def get_parameters_strategy(
     operation: APIOperation,
     strategy_factory: StrategyFactory,
@@ -346,13 +345,7 @@ def get_parameters_strategy(
         nested_cache_key = (strategy_factory, location, tuple(sorted(exclude)))
         if operation in _PARAMETER_STRATEGIES_CACHE and nested_cache_key in _PARAMETER_STRATEGIES_CACHE[operation]:
             return _PARAMETER_STRATEGIES_CACHE[operation][nested_cache_key]
-        schema = parameters_to_json_schema(operation, parameters)
-        if not operation.schema.validate_schema and location == "path":
-            # If schema validation is disabled, we try to generate data even if the parameter definition
-            # contains errors.
-            # In this case, we know that the `required` keyword should always be `True`.
-            schema["required"] = list(schema["properties"])
-        schema = operation.schema.prepare_schema(schema)
+        schema = get_schema_for_location(operation, location, parameters)
         for name in exclude:
             # Values from `exclude` are not necessarily valid for the schema - they come from user-defined examples
             # that may be invalid
@@ -363,7 +356,7 @@ def get_parameters_strategy(
             # Nothing to negate - all properties were excluded
             strategy = st.none()
         else:
-            strategy = strategy_factory(schema, operation.verbose_name, location, None, generation_config)
+            strategy = strategy_factory(schema, operation.label, location, None, generation_config)
             serialize = operation.get_parameter_serializer(location)
             if serialize is not None:
                 strategy = strategy.map(serialize)
@@ -380,12 +373,10 @@ def get_parameters_strategy(
             # `True` / `False` / `None` improves chances of them passing validation in apps
             # that expect boolean / null types
             # and not aware of Python-specific representation of those types
-            map_func = {
-                "path": compose(quote_all, jsonify_python_specific_types),
-                "query": jsonify_python_specific_types,
-            }.get(location)
-            if map_func:
-                strategy = strategy.map(map_func)  # type: ignore
+            if location == "path":
+                strategy = strategy.map(quote_all).map(jsonify_python_specific_types)
+            elif location == "query":
+                strategy = strategy.map(jsonify_python_specific_types)
         _PARAMETER_STRATEGIES_CACHE.setdefault(operation, {})[nested_cache_key] = strategy
         return strategy
     # No parameters defined for this location
@@ -412,6 +403,17 @@ def jsonify_python_specific_types(value: dict[str, Any]) -> dict[str, Any]:
     return value
 
 
+def _build_custom_formats(
+    custom_formats: dict[str, st.SearchStrategy] | None, generation_config: GenerationConfig
+) -> dict[str, st.SearchStrategy]:
+    custom_formats = {**get_default_format_strategies(), **STRING_FORMATS, **(custom_formats or {})}
+    if generation_config.headers.strategy is not None:
+        custom_formats[HEADER_FORMAT] = generation_config.headers.strategy
+    elif not generation_config.allow_x00:
+        custom_formats[HEADER_FORMAT] = header_values(blacklist_characters="\n\r\x00")
+    return custom_formats
+
+
 def make_positive_strategy(
     schema: dict[str, Any],
     operation_name: str,
@@ -428,9 +430,10 @@ def make_positive_strategy(
         for sub_schema in schema.get("properties", {}).values():
             if list(sub_schema) == ["type"] and sub_schema["type"] == "string":
                 sub_schema.setdefault("format", HEADER_FORMAT)
+    custom_formats = _build_custom_formats(custom_formats, generation_config)
     return from_schema(
         schema,
-        custom_formats={**get_default_format_strategies(), **STRING_FORMATS, **(custom_formats or {})},
+        custom_formats=custom_formats,
         allow_x00=generation_config.allow_x00,
         codec=generation_config.codec,
     )
@@ -449,40 +452,23 @@ def make_negative_strategy(
     generation_config: GenerationConfig,
     custom_formats: dict[str, st.SearchStrategy] | None = None,
 ) -> st.SearchStrategy:
+    custom_formats = _build_custom_formats(custom_formats, generation_config)
     return negative_schema(
         schema,
         operation_name=operation_name,
         location=location,
         media_type=media_type,
-        custom_formats={**get_default_format_strategies(), **STRING_FORMATS, **(custom_formats or {})},
+        custom_formats=custom_formats,
         generation_config=generation_config,
     )
 
 
-DATA_GENERATION_METHOD_TO_STRATEGY_FACTORY = {
-    DataGenerationMethod.positive: make_positive_strategy,
-    DataGenerationMethod.negative: make_negative_strategy,
+GENERATOR_MODE_TO_STRATEGY_FACTORY = {
+    GenerationMode.POSITIVE: make_positive_strategy,
+    GenerationMode.NEGATIVE: make_negative_strategy,
 }
 
 
-def is_valid_path(parameters: dict[str, Any]) -> bool:
-    """Empty strings ("") are excluded from path by urllib3.
-
-    A path containing to "/" or "%2F" will lead to ambiguous path resolution in
-    many frameworks and libraries, such behaviour have been observed in both
-    WSGI and ASGI applications.
-
-    In this case one variable in the path template will be empty, which will lead to 404 in most of the cases.
-    Because of it this case doesn't bring much value and might lead to false positives results of Schemathesis runs.
-    """
-    disallowed_values = (SLASH, "")
-
-    return not any(
-        (value in disallowed_values or is_illegal_surrogate(value) or isinstance(value, str) and SLASH in value)
-        for value in parameters.values()
-    )
-
-
 def quote_all(parameters: dict[str, Any]) -> dict[str, Any]:
     """Apply URL quotation for all values in a dictionary."""
     # Even though, "." is an unreserved character, it has a special meaning in "." and ".." strings.
@@ -512,8 +498,3 @@ def apply_hooks(
     """Apply all hooks related to the given location."""
     container = LOCATION_TO_CONTAINER[location]
     return apply_to_all_dispatchers(operation, context, hooks, strategy, container)
-
-
-def clear_cache() -> None:
-    _PARAMETER_STRATEGIES_CACHE.clear()
-    _BODY_STRATEGIES_CACHE.clear()