schemathesis 3.39.15__py3-none-any.whl → 4.0.0__py3-none-any.whl

schemathesis/core/failures.py

@@ -0,0 +1,315 @@
+from __future__ import annotations
+
+import http.client
+import textwrap
+import traceback
+from collections.abc import Sequence
+from dataclasses import dataclass
+from enum import Enum, auto
+from json import JSONDecodeError
+from typing import Any, Callable
+
+from schemathesis.config import OutputConfig
+from schemathesis.core.compat import BaseExceptionGroup
+from schemathesis.core.output import prepare_response_payload
+from schemathesis.core.transport import Response
+
+
+class Severity(Enum):
+    # For server errors, security issues like ignored auth
+    CRITICAL = auto()
+    # For schema violations
+    HIGH = auto()
+    # For content type issues, header problems
+    MEDIUM = auto()
+    # For performance issues, minor inconsistencies
+    LOW = auto()
+
+    def __lt__(self, other: Severity) -> bool:
+        # Lower values are more severe
+        return self.value < other.value
+
+
+@dataclass
+class Failure(AssertionError):
+    """API check failure."""
+
+    __slots__ = ("operation", "title", "message", "case_id", "severity")
+
+    def __init__(
+        self,
+        *,
+        operation: str,
+        title: str,
+        message: str,
+        case_id: str | None = None,
+        severity: Severity = Severity.MEDIUM,
+    ) -> None:
+        self.operation = operation
+        self.title = title
+        self.message = message
+        self.case_id = case_id
+        self.severity = severity
+
+    def __str__(self) -> str:
+        if not self.message:
+            return self.title
+        return f"{self.title}\n\n{self.message}"
+
+    def __lt__(self, other: Failure) -> bool:
+        return (
+            self.severity,
+            self.__class__.__name__,
+            self.message,
+        ) < (other.severity, other.__class__.__name__, other.message)
+
+    # Comparison & hashing is done purely on classes to simplify keeping the minimized failure during shrinking
+    def __hash__(self) -> int:
+        return hash(self.__class__)
+
+    def __eq__(self, other: object, /) -> bool:
+        if not isinstance(other, Failure):
+            return NotImplemented
+        return type(self) is type(other) and self.operation == other.operation and self._unique_key == other._unique_key
+
+    @property
+    def _unique_key(self) -> Any:
+        return self.message
+
+
+def get_origin(exception: BaseException, seen: tuple[BaseException, ...] = ()) -> tuple:
+    filename, lineno = None, None
+    if tb := exception.__traceback__:
+        filename, lineno, *_ = traceback.extract_tb(tb)[-1]
+    seen = (*seen, exception)
+    context = ()
+    if exception.__context__ is not None and exception.__context__ not in seen:
+        context = get_origin(exception.__context__, seen=seen)
+    return (
+        type(exception),
+        filename,
+        lineno,
+        context,
+        (
+            tuple(get_origin(exc, seen=seen) for exc in exception.exceptions if exc not in seen)
+            if isinstance(exception, BaseExceptionGroup)
+            else ()
+        ),
+    )
+
+
+class CustomFailure(Failure):
+    __slots__ = ("operation", "title", "message", "exception", "case_id", "severity", "origin")
+
+    def __init__(
+        self,
+        *,
+        operation: str,
+        title: str,
+        message: str,
+        exception: AssertionError,
+        case_id: str | None = None,
+        severity: Severity = Severity.MEDIUM,
+    ) -> None:
+        self.operation = operation
+        self.title = title
+        self.message = message
+        self.exception = exception
+        self.case_id = case_id
+        self.severity = severity
+        self.origin = get_origin(exception)
+
+    @property
+    def _unique_key(self) -> Any:
+        return self.origin
+
+
+class ResponseTimeExceeded(Failure):
+    """Response took longer than expected."""
+
+    __slots__ = ("operation", "elapsed", "deadline", "title", "message", "case_id", "severity")
+
+    def __init__(
+        self,
+        *,
+        operation: str,
+        elapsed: float,
+        deadline: float,
+        message: str,
+        title: str = "Response time limit exceeded",
+        case_id: str | None = None,
+    ) -> None:
+        self.operation = operation
+        self.elapsed = elapsed
+        self.deadline = deadline
+        self.title = title
+        self.message = message
+        self.case_id = case_id
+        self.severity = Severity.LOW
+
+    @property
+    def _unique_key(self) -> str:
+        return self.title
+
+
+class ServerError(Failure):
+    """Server responded with an error."""
+
+    __slots__ = ("operation", "status_code", "title", "message", "case_id", "severity")
+
+    def __init__(
+        self,
+        *,
+        operation: str,
+        status_code: int,
+        title: str = "Server error",
+        message: str = "",
+        case_id: str | None = None,
+    ) -> None:
+        self.operation = operation
+        self.status_code = status_code
+        self.title = title
+        self.message = message
+        self.case_id = case_id
+        self.severity = Severity.CRITICAL
+
+    @property
+    def _unique_key(self) -> str:
+        return str(self.status_code)
+
+
+class MalformedJson(Failure):
+    """Failed to deserialize JSON."""
+
+    __slots__ = (
+        "operation",
+        "validation_message",
+        "document",
+        "position",
+        "lineno",
+        "colno",
+        "message",
+        "title",
+        "case_id",
+        "severity",
+    )
+
+    def __init__(
+        self,
+        *,
+        operation: str,
+        validation_message: str,
+        document: str,
+        position: int,
+        lineno: int,
+        colno: int,
+        message: str,
+        title: str = "JSON deserialization error",
+        case_id: str | None = None,
+    ) -> None:
+        self.operation = operation
+        self.validation_message = validation_message
+        self.document = document
+        self.position = position
+        self.lineno = lineno
+        self.colno = colno
+        self.message = message
+        self.title = title
+        self.case_id = case_id
+        self.severity = Severity.MEDIUM
+
+    @property
+    def _unique_key(self) -> Any:
+        return self.title
+
+    @classmethod
+    def from_exception(cls, *, operation: str, exc: JSONDecodeError) -> MalformedJson:
+        message = f"Response must be valid JSON with 'Content-Type: application/json' header:\n\n  {exc}"
+        return cls(
+            operation=operation,
+            message=message,
+            validation_message=exc.msg,
+            document=exc.doc,
+            position=exc.pos,
+            lineno=exc.lineno,
+            colno=exc.colno,
+        )
+
+
+class FailureGroup(BaseExceptionGroup):
+    """Multiple distinct check failures."""
+
+    exceptions: Sequence[Failure]
+
+    def __init__(self, exceptions: Sequence[Failure], message: str = "", /) -> None:
+        super().__init__(message, exceptions)
+
+    def __new__(cls, failures: Sequence[Failure], message: str | None = None) -> FailureGroup:
+        if message is None:
+            message = failure_report_title(failures)
+        return super().__new__(cls, message, list(failures))
+
+
+class MessageBlock(str, Enum):
+    CASE_ID = "case_id"
+    FAILURE = "failure"
+    STATUS = "status"
+    CURL = "curl"
+
+
+BlockFormatter = Callable[[MessageBlock, str], str]
+
+
+def failure_report_title(failures: Sequence[Failure]) -> str:
+    message = f"Schemathesis found {len(failures)} distinct failure"
+    if len(failures) > 1:
+        message += "s"
+    return message
+
+
+def format_failures(
+    *,
+    case_id: str | None,
+    response: Response | None,
+    failures: Sequence[Failure],
+    curl: str,
+    formatter: BlockFormatter | None = None,
+    config: OutputConfig,
+) -> str:
+    """Format failure information with custom styling."""
+    formatter = formatter or (lambda _, x: x)
+
+    if case_id is not None:
+        output = formatter(MessageBlock.CASE_ID, f"{case_id}\n")
+    else:
+        output = ""
+
+    # Failures
+    for idx, failure in enumerate(failures):
+        output += formatter(MessageBlock.FAILURE, f"\n- {failure.title}")
+        if failure.message:
+            output += "\n\n"
+            output += textwrap.indent(failure.message, "    ")
+        if idx != len(failures):
+            output += "\n"
+
+    # Response status
+    if isinstance(response, Response):
+        reason = http.client.responses.get(response.status_code, "Unknown")
+        output += formatter(MessageBlock.STATUS, f"\n[{response.status_code}] {reason}:\n")
+        # Response payload
+        if response.content is None or not response.content:
+            output += "\n    <EMPTY>"
+        else:
+            try:
+                payload = prepare_response_payload(response.text, config=config)
+                output += textwrap.indent(f"\n`{payload}`", prefix="    ")
+            except UnicodeDecodeError:
+                output += "\n    <BINARY>"
+    else:
+        output += "\n    <NO RESPONSE>"
+
+    # cURL
+    output += "\n" + formatter(MessageBlock.CURL, f"\nReproduce with: \n\n    {curl}")
+
+    return output

schemathesis/core/fs.py

@@ -0,0 +1,19 @@
+import os
+import pathlib
+
+
+def ensure_parent(path: os.PathLike, fail_silently: bool = True) -> None:
+    # Try to create the parent dir
+    try:
+        pathlib.Path(path).parent.mkdir(mode=0o755, parents=True, exist_ok=True)
+    except OSError:
+        if not fail_silently:
+            raise
+
+
+def file_exists(path: str) -> bool:
+    try:
+        return pathlib.Path(path).is_file()
+    except OSError:
+        # For example, path could be too long
+        return False

schemathesis/core/hooks.py

@@ -0,0 +1,20 @@
+import os
+import sys
+
+from schemathesis.core.errors import HookError
+
+HOOKS_MODULE_ENV_VAR = "SCHEMATHESIS_HOOKS"
+
+
+def load_from_env() -> None:
+    hooks = os.getenv(HOOKS_MODULE_ENV_VAR)
+    if hooks:
+        load_from_path(hooks)
+
+
+def load_from_path(module_path: str) -> None:
+    try:
+        sys.path.append(os.getcwd())  # fix ModuleNotFoundError module in cwd
+        __import__(module_path)
+    except Exception as exc:
+        raise HookError(module_path) from exc

schemathesis/core/loaders.py

@@ -0,0 +1,104 @@
+from __future__ import annotations
+
+import http.client
+from typing import TYPE_CHECKING, Any, Callable, NoReturn
+
+from schemathesis.core.errors import LoaderError, LoaderErrorKind, get_request_error_extras, get_request_error_message
+from schemathesis.core.transport import DEFAULT_RESPONSE_TIMEOUT, USER_AGENT
+
+if TYPE_CHECKING:
+    import requests
+
+
+def prepare_request_kwargs(kwargs: dict[str, Any]) -> None:
+    """Prepare common request kwargs."""
+    headers = kwargs.setdefault("headers", {})
+    if "user-agent" not in {header.lower() for header in headers}:
+        kwargs["headers"]["User-Agent"] = USER_AGENT
+
+
+def handle_request_error(exc: requests.RequestException) -> NoReturn:
+    """Handle request-level errors."""
+    import requests
+
+    url = exc.request.url if exc.request is not None else None
+    if isinstance(exc, requests.exceptions.SSLError):
+        kind = LoaderErrorKind.CONNECTION_SSL
+    elif isinstance(exc, requests.exceptions.ConnectionError):
+        kind = LoaderErrorKind.CONNECTION_OTHER
+    else:
+        kind = LoaderErrorKind.NETWORK_OTHER
+    raise LoaderError(
+        message=get_request_error_message(exc),
+        kind=kind,
+        url=url,
+        extras=get_request_error_extras(exc),
+    ) from exc
+
+
+def raise_for_status(response: requests.Response) -> requests.Response:
+    """Handle response status codes."""
+    status_code = response.status_code
+    if status_code < 400:
+        return response
+
+    reason = http.client.responses.get(status_code, "Unknown")
+    if status_code >= 500:
+        message = f"Failed to load schema due to server error (HTTP {status_code} {reason})"
+        kind = LoaderErrorKind.HTTP_SERVER_ERROR
+    else:
+        message = f"Failed to load schema due to client error (HTTP {status_code} {reason})"
+        kind = (
+            LoaderErrorKind.HTTP_FORBIDDEN
+            if status_code == 403
+            else LoaderErrorKind.HTTP_NOT_FOUND
+            if status_code == 404
+            else LoaderErrorKind.HTTP_CLIENT_ERROR
+        )
+    raise LoaderError(message=message, kind=kind, url=response.request.url, extras=[])
+
+
+def make_request(func: Callable[..., requests.Response], url: str, **kwargs: Any) -> requests.Response:
+    """Make HTTP request with error handling."""
+    import requests
+
+    try:
+        response = func(url, **kwargs)
+        return raise_for_status(response)
+    except requests.RequestException as exc:
+        handle_request_error(exc)
+
+
+WAIT_FOR_SCHEMA_INTERVAL = 0.05
+
+
+def load_from_url(
+    func: Callable[..., requests.Response],
+    *,
+    url: str,
+    wait_for_schema: float | None = None,
+    **kwargs: Any,
+) -> requests.Response:
+    """Load schema from URL with retries."""
+    import backoff
+    import requests
+
+    kwargs.setdefault("timeout", DEFAULT_RESPONSE_TIMEOUT)
+    prepare_request_kwargs(kwargs)
+
+    if wait_for_schema is not None:
+        func = backoff.on_exception(
+            backoff.constant,
+            requests.exceptions.ConnectionError,
+            max_time=wait_for_schema,
+            interval=WAIT_FOR_SCHEMA_INTERVAL,
+        )(func)
+
+    return make_request(func, url, **kwargs)
+
+
+def require_relative_url(url: str) -> None:
+    """Raise an error if the URL is not relative."""
+    # Deliberately simplistic approach
+    if "://" in url or url.startswith("//"):
+        raise ValueError("Schema path should be relative for WSGI/ASGI loaders")

schemathesis/core/marks.py

@@ -0,0 +1,66 @@
+"""A lightweight mechanism to attach Schemathesis-specific metadata to test functions."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Callable, Generic, TypeVar
+
+from schemathesis.core import NOT_SET, NotSet
+
+METADATA_ATTR = "_schemathesis_metadata"
+
+
+@dataclass
+class SchemathesisMetadata:
+    """Container for all Schemathesis-specific data attached to test functions."""
+
+
+T = TypeVar("T")
+
+
+class Mark(Generic[T]):
+    """Access to specific attributes in SchemathesisMetadata."""
+
+    def __init__(
+        self, *, attr_name: str, default: T | Callable[[], T] | None = None, check: Callable[[T], bool] | None = None
+    ) -> None:
+        self.attr_name = attr_name
+        self._default = default
+        self._check = check
+
+    def _get_default(self) -> T | None:
+        if callable(self._default):
+            return self._default()
+        return self._default
+
+    def _check_value(self, value: T) -> bool:
+        if self._check is not None:
+            return self._check(value)
+        return True
+
+    def get(self, func: Callable) -> T | None:
+        """Get marker value if it's set."""
+        metadata = getattr(func, METADATA_ATTR, None)
+        if metadata is None:
+            return self._get_default()
+        value = getattr(metadata, self.attr_name, NOT_SET)
+        if value is NOT_SET:
+            return self._get_default()
+        assert not isinstance(value, NotSet)
+        if self._check_value(value):
+            return value
+        return self._get_default()
+
+    def set(self, func: Callable, value: T) -> None:
+        """Set marker value, creating metadata if needed."""
+        if not hasattr(func, METADATA_ATTR):
+            setattr(func, METADATA_ATTR, SchemathesisMetadata())
+        metadata = getattr(func, METADATA_ATTR)
+        setattr(metadata, self.attr_name, value)
+
+    def is_set(self, func: Callable) -> bool:
+        """Check if function has metadata with this marker set."""
+        metadata = getattr(func, METADATA_ATTR, None)
+        if metadata is None:
+            return False
+        return hasattr(metadata, self.attr_name)

schemathesis/{transports/content_types.py → core/media_types.py}

@@ -1,6 +1,8 @@
 from functools import lru_cache
 from typing import Generator, Tuple
 
+from schemathesis.core.errors import MalformedMediaType
+
 
 def _parseparam(s: str) -> Generator[str, None, None]:
     while s[:1] == ";":
@@ -15,7 +17,7 @@ def _parseparam(s: str) -> Generator[str, None, None]:
         s = s[end:]
 
 
-def parse_header(line: str) -> Tuple[str, dict]:
+def _parse_header(line: str) -> Tuple[str, dict]:
     parts = _parseparam(";" + line)
     key = parts.__next__()
     pdict = {}
@@ -32,36 +34,36 @@ def parse_header(line: str) -> Tuple[str, dict]:
 
 
 @lru_cache
-def parse_content_type(content_type: str) -> Tuple[str, str]:
+def parse(media_type: str) -> Tuple[str, str]:
     """Parse Content Type and return main type and subtype."""
     try:
-        content_type, _ = parse_header(content_type)
-        main_type, sub_type = content_type.split("/", 1)
+        media_type, _ = _parse_header(media_type)
+        main_type, sub_type = media_type.split("/", 1)
     except ValueError as exc:
-        raise ValueError(f"Malformed media type: `{content_type}`") from exc
+        raise MalformedMediaType(f"Malformed media type: `{media_type}`") from exc
     return main_type.lower(), sub_type.lower()
 
 
-def is_json_media_type(value: str) -> bool:
+def is_json(value: str) -> bool:
     """Detect whether the content type is JSON-compatible.
 
     For example - ``application/problem+json`` matches.
     """
-    main, sub = parse_content_type(value)
+    main, sub = parse(value)
     return main == "application" and (sub == "json" or sub.endswith("+json"))
 
 
-def is_yaml_media_type(value: str) -> bool:
+def is_yaml(value: str) -> bool:
     """Detect whether the content type is YAML-compatible."""
     return value in ("text/yaml", "text/x-yaml", "application/x-yaml", "text/vnd.yaml")
 
 
-def is_plain_text_media_type(value: str) -> bool:
+def is_plain_text(value: str) -> bool:
     """Detect variations of the ``text/plain`` media type."""
-    return parse_content_type(value) == ("text", "plain")
+    return parse(value) == ("text", "plain")
 
 
-def is_xml_media_type(value: str) -> bool:
+def is_xml(value: str) -> bool:
     """Detect variations of the ``application/xml`` media type."""
-    _, sub = parse_content_type(value)
+    _, sub = parse(value)
     return sub == "xml" or sub.endswith("+xml")

schemathesis/core/output/__init__.py

@@ -0,0 +1,46 @@
+from __future__ import annotations
+
+import json
+from typing import TYPE_CHECKING, Any
+
+if TYPE_CHECKING:
+    from schemathesis.config import OutputConfig
+
+TRUNCATED = "// Output truncated..."
+
+
+def truncate_json(data: Any, *, config: OutputConfig, max_lines: int | None = None) -> str:
+    # Convert JSON to string with indentation
+    indent = 4
+    serialized = json.dumps(data, indent=indent)
+    if not config.truncation.enabled:
+        return serialized
+
+    max_lines = max_lines if max_lines is not None else config.truncation.max_lines
+    # Split string by lines
+    lines = [
+        line[: config.truncation.max_width - 3] + "..." if len(line) > config.truncation.max_width else line
+        for line in serialized.split("\n")
+    ]
+
+    if len(lines) <= max_lines:
+        return "\n".join(lines)
+
+    truncated_lines = lines[: max_lines - 1]
+    indentation = " " * indent
+    truncated_lines.append(f"{indentation}{TRUNCATED}")
+    truncated_lines.append(lines[-1])
+
+    return "\n".join(truncated_lines)
+
+
+def prepare_response_payload(payload: str, *, config: OutputConfig) -> str:
+    if payload.endswith("\r\n"):
+        payload = payload[:-2]
+    elif payload.endswith("\n"):
+        payload = payload[:-1]
+    if not config.truncation.enabled:
+        return payload
+    if len(payload) > config.truncation.max_payload_size:
+        payload = payload[: config.truncation.max_payload_size] + f" {TRUNCATED}"
+    return payload

schemathesis/core/output/sanitization.py

@@ -0,0 +1,54 @@
+from __future__ import annotations
+
+from collections.abc import MutableMapping, MutableSequence
+from typing import Any
+from urllib.parse import parse_qs, urlencode, urlsplit, urlunsplit
+
+from schemathesis.config import SanitizationConfig
+
+
+def sanitize_value(item: Any, *, config: SanitizationConfig) -> None:
+    """Sanitize sensitive values within a given item.
+
+    This function is recursive and will sanitize sensitive data within nested
+    dictionaries and lists as well.
+    """
+    if isinstance(item, MutableMapping):
+        for key in list(item.keys()):
+            lower_key = key.lower()
+            if lower_key in config.keys_to_sanitize or any(marker in lower_key for marker in config.sensitive_markers):
+                if isinstance(item[key], list):
+                    item[key] = [config.replacement]
+                else:
+                    item[key] = config.replacement
+        for value in item.values():
+            if isinstance(value, (MutableMapping, MutableSequence)):
+                sanitize_value(value, config=config)
+    elif isinstance(item, MutableSequence):
+        for value in item:
+            if isinstance(value, (MutableMapping, MutableSequence)):
+                sanitize_value(value, config=config)
+
+
+def sanitize_url(url: str, *, config: SanitizationConfig) -> str:
+    """Sanitize sensitive parts of a given URL.
+
+    This function will sanitize the authority and query parameters in the URL.
+    """
+    parsed = urlsplit(url)
+
+    # Sanitize authority
+    netloc_parts = parsed.netloc.split("@")
+    if len(netloc_parts) > 1:
+        netloc = f"{config.replacement}@{netloc_parts[-1]}"
+    else:
+        netloc = parsed.netloc
+
+    # Sanitize query parameters
+    query = parse_qs(parsed.query, keep_blank_values=True)
+    sanitize_value(query, config=config)
+    sanitized_query = urlencode(query, doseq=True)
+
+    # Reconstruct the URL
+    sanitized_url_parts = parsed._replace(netloc=netloc, query=sanitized_query)
+    return urlunsplit(sanitized_url_parts)