schemathesis 4.0.15__py3-none-any.whl → 4.0.17__py3-none-any.whl

schemathesis/cli/commands/run/handlers/output.py

@@ -26,6 +26,7 @@ from schemathesis.engine import Status, events
 from schemathesis.engine.phases import PhaseName, PhaseSkipReason
 from schemathesis.engine.phases.probes import ProbeOutcome
 from schemathesis.engine.recorder import Interaction, ScenarioRecorder
+from schemathesis.generation.meta import CoveragePhaseData
 from schemathesis.generation.modes import GenerationMode
 from schemathesis.schemas import ApiStatistic
 
@@ -1053,10 +1054,19 @@ class OutputHandler(EventHandler):
 
         warnings = self.config.warnings_for(operation=operation)
 
+        def has_only_missing_auth_case() -> bool:
+            case = list(event.recorder.cases.values())[0].value
+            return bool(
+                case.meta
+                and isinstance(case.meta.phase.data, CoveragePhaseData)
+                and case.meta.phase.data.description == "Missing `Authorization` at header"
+            )
+
         if SchemathesisWarning.MISSING_AUTH in warnings:
-            for status_code in (401, 403):
-                if statistic.ratio_for(status_code) >= AUTH_ERRORS_THRESHOLD:
-                    self.warnings.missing_auth.setdefault(status_code, set()).add(event.recorder.label)
+            if not (len(event.recorder.cases) == 1 and has_only_missing_auth_case()):
+                for status_code in (401, 403):
+                    if statistic.ratio_for(status_code) >= AUTH_ERRORS_THRESHOLD:
+                        self.warnings.missing_auth.setdefault(status_code, set()).add(event.recorder.label)
 
         # Warn if all positive test cases got 4xx in return and no failure was found
         def all_positive_are_rejected(recorder: ScenarioRecorder) -> bool:
@@ -1220,10 +1230,10 @@ class OutputHandler(EventHandler):
         click.echo()
         if self.warnings.missing_auth:
             self._display_warning_block(
-                title="Missing authentication",
+                title="Authentication failed",
                 operations=self.warnings.missing_auth,
                 operation_suffix=" returned authentication errors",
-                tips=["💡 Use --auth or -H to provide authentication credentials"],
+                tips=["💡 Ensure valid authentication credentials are set via --auth or -H"],
             )
 
         if self.warnings.missing_test_data:

schemathesis/generation/coverage.py

@@ -597,12 +597,49 @@ def cover_schema_iter(
                         with _ignore_unfixable():
                             canonical = canonicalish(schema)
                             yield from cover_schema_iter(nctx, canonical, seen)
-                elif key == "anyOf" or key == "oneOf":
+                elif key == "anyOf":
                     nctx = ctx.with_negative()
-                    # NOTE: Other sub-schemas are not filtered out
+                    validators = [jsonschema.validators.validator_for(sub_schema)(sub_schema) for sub_schema in value]
                     for idx, sub_schema in enumerate(value):
                         with nctx.at(idx):
-                            yield from cover_schema_iter(nctx, sub_schema, seen)
+                            for value in cover_schema_iter(nctx, sub_schema, seen):
+                                # Negative value for this schema could be a positive value for another one
+                                if is_valid_for_others(value.value, idx, validators):
+                                    continue
+                                yield value
+                elif key == "oneOf":
+                    nctx = ctx.with_negative()
+                    validators = [jsonschema.validators.validator_for(sub_schema)(sub_schema) for sub_schema in value]
+                    for idx, sub_schema in enumerate(value):
+                        with nctx.at(idx):
+                            for value in cover_schema_iter(nctx, sub_schema, seen):
+                                if is_invalid_for_oneOf(value.value, idx, validators):
+                                    yield value
+
+
+def is_valid_for_others(value: Any, idx: int, validators: list[jsonschema.Validator]) -> bool:
+    for vidx, validator in enumerate(validators):
+        if idx == vidx:
+            # This one is being negated
+            continue
+        if validator.is_valid(value):
+            return True
+    return False
+
+
+def is_invalid_for_oneOf(value: Any, idx: int, validators: list[jsonschema.Validator]) -> bool:
+    valid_count = 0
+    for vidx, validator in enumerate(validators):
+        if idx == vidx:
+            # This one is being negated
+            continue
+        if validator.is_valid(value):
+            valid_count += 1
+            # Should circuit - no need to validate more, it is already invalid
+            if valid_count > 1:
+                return True
+    # No matching at all - we successfully generated invalid value
+    return valid_count == 0
 
 
 def _get_properties(schema: dict | bool) -> dict | bool:

schemathesis/generation/stateful/state_machine.py

@@ -185,9 +185,11 @@ class APIStateMachine(RuleBasedStateMachine):
         if target is not None:
             super()._add_result_to_targets((target,), result)
 
-    def _add_results_to_targets(self, targets: tuple[str, ...], results: list[StepOutput]) -> None:
+    def _add_results_to_targets(self, targets: tuple[str, ...], results: list[StepOutput | None]) -> None:
         # Hypothesis >6.131.15
         for result in results:
+            if result is None:
+                continue
             target = self._get_target_for_result(result)
             if target is not None:
                 super()._add_results_to_targets((target,), [result])

schemathesis/specs/openapi/stateful/__init__.py

@@ -4,6 +4,7 @@ from dataclasses import dataclass
 from functools import lru_cache
 from typing import TYPE_CHECKING, Any, Callable, Iterator
 
+import jsonschema
 from hypothesis import strategies as st
 from hypothesis.stateful import Bundle, Rule, precondition, rule
 
@@ -14,6 +15,7 @@ from schemathesis.engine.recorder import ScenarioRecorder
 from schemathesis.generation import GenerationMode
 from schemathesis.generation.case import Case
 from schemathesis.generation.hypothesis import strategies
+from schemathesis.generation.meta import ComponentInfo, ComponentKind
 from schemathesis.generation.stateful import STATEFUL_TESTS_LABEL
 from schemathesis.generation.stateful.state_machine import APIStateMachine, StepInput, StepOutput, _normalize_name
 from schemathesis.schemas import APIOperation
@@ -281,6 +283,15 @@ def into_step_input(
                     case.body = {**case.body, **new}
                 else:
                     case.body = new
+                if case.meta and case.meta.generation.mode == GenerationMode.NEGATIVE:
+                    # It is possible that the new body is now valid and the whole test case could be valid too
+                    for alternative in case.operation.body:
+                        if alternative.media_type == case.media_type:
+                            schema = alternative.as_json_schema(case.operation)
+                            if jsonschema.validators.validator_for(schema)(schema).is_valid(new):
+                                case.meta.components[ComponentKind.BODY] = ComponentInfo(mode=GenerationMode.POSITIVE)
+                                if all(info.mode == GenerationMode.POSITIVE for info in case.meta.components.values()):
+                                    case.meta.generation.mode = GenerationMode.POSITIVE
             return StepInput(case=case, transition=transition)
 
         return inner(output=_output)

schemathesis/transport/requests.py

@@ -80,6 +80,10 @@ class RequestsTransport(BaseTransport["requests.Session"]):
         if cookies is not None:
             merge_at(data, "cookies", cookies)
 
+        excluded_headers = get_exclude_headers(case)
+        for name in excluded_headers:
+            data["headers"].pop(name, None)
+
         return data
 
     def send(self, case: Case, *, session: requests.Session | None = None, **kwargs: Any) -> Response:
@@ -112,9 +116,6 @@ class RequestsTransport(BaseTransport["requests.Session"]):
         data.update({key: value for key, value in kwargs.items() if key not in data})
         data.setdefault("timeout", DEFAULT_RESPONSE_TIMEOUT)
 
-        excluded_headers = get_exclude_headers(case)
-        for name in excluded_headers:
-            data["headers"].pop(name, None)
         current_session_headers: MutableMapping[str, Any] = {}
         current_session_auth = None
 
@@ -124,9 +125,11 @@ class RequestsTransport(BaseTransport["requests.Session"]):
             close_session = True
         else:
             current_session_headers = session.headers
-            if isinstance(session.auth, tuple) and "Authorization" in excluded_headers:
-                current_session_auth = session.auth
-                session.auth = None
+            if isinstance(session.auth, tuple):
+                excluded_headers = get_exclude_headers(case)
+                if "Authorization" in excluded_headers:
+                    current_session_auth = session.auth
+                    session.auth = None
             close_session = False
         session.headers = {}
 

{schemathesis-4.0.15.dist-info → schemathesis-4.0.17.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: schemathesis
-Version: 4.0.15
+Version: 4.0.17
 Summary: Property-based testing framework for Open API and GraphQL based apps
 Project-URL: Documentation, https://schemathesis.readthedocs.io/en/stable/
 Project-URL: Changelog, https://github.com/schemathesis/schemathesis/blob/master/CHANGELOG.md

{schemathesis-4.0.15.dist-info → schemathesis-4.0.17.dist-info}/RECORD

@@ -23,7 +23,7 @@ schemathesis/cli/commands/run/handlers/__init__.py,sha256=TPZ3KdGi8m0fjlN0GjA31M
 schemathesis/cli/commands/run/handlers/base.py,sha256=yDsTtCiztLksfk7cRzg8JlaAVOfS-zwK3tsJMOXAFyc,530
 schemathesis/cli/commands/run/handlers/cassettes.py,sha256=rRD4byjp4HXCkJS-zx3jSIFOJsPq77ejPpYeyCtsEZs,19461
 schemathesis/cli/commands/run/handlers/junitxml.py,sha256=ydk6Ofj-Uti6H8EucT4Snp85cmTA5W7uVpKkoHrIDKE,2586
-schemathesis/cli/commands/run/handlers/output.py,sha256=zlI0M5PuzduzluzONv3eyuoWWnigPkErPpUtjgHWESE,62476
+schemathesis/cli/commands/run/handlers/output.py,sha256=oS3HP4idz99IxpZcjsqADtEOkuu8wruTcri5c1YIph0,62986
 schemathesis/cli/ext/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 schemathesis/cli/ext/fs.py,sha256=3lvoAsEDDdih75ITJJNxemd3nwxX55gGWrI7uDxm0cM,447
 schemathesis/cli/ext/groups.py,sha256=kQ37t6qeArcKaY2y5VxyK3_KwAkBKCVm58IYV8gewds,2720
@@ -85,7 +85,7 @@ schemathesis/engine/phases/unit/_executor.py,sha256=9MmZoKSBVSPk0LWwN3PZ3iaO9nzp
 schemathesis/engine/phases/unit/_pool.py,sha256=iU0hdHDmohPnEv7_S1emcabuzbTf-Cznqwn0pGQ5wNQ,2480
 schemathesis/generation/__init__.py,sha256=tvNO2FLiY8z3fZ_kL_QJhSgzXfnT4UqwSXMHCwfLI0g,645
 schemathesis/generation/case.py,sha256=zwAwFQ-Fp7SOxCXYOQyAdwAtNwVJe63PdLpvqackFQY,12296
-schemathesis/generation/coverage.py,sha256=jpl1GpAGZXyoO2aZLUZlIE0h_ygdHMnvUK14oBg51k4,53896
+schemathesis/generation/coverage.py,sha256=2GZIyVfaZ8wAcF1GQohm9pftwNIVeeu5uWhYp8qHKlA,55606
 schemathesis/generation/meta.py,sha256=adkoMuCfzSjHJ9ZDocQn0GnVldSCkLL3eVR5A_jafwM,2552
 schemathesis/generation/metrics.py,sha256=cZU5HdeAMcLFEDnTbNE56NuNq4P0N4ew-g1NEz5-kt4,2836
 schemathesis/generation/modes.py,sha256=Q1fhjWr3zxabU5qdtLvKfpMFZJAwlW9pnxgenjeXTyU,481
@@ -97,7 +97,7 @@ schemathesis/generation/hypothesis/given.py,sha256=sTZR1of6XaHAPWtHx2_WLlZ50M8D5
 schemathesis/generation/hypothesis/reporting.py,sha256=uDVow6Ya8YFkqQuOqRsjbzsbyP4KKfr3jA7ZaY4FuKY,279
 schemathesis/generation/hypothesis/strategies.py,sha256=RurE81E06d99YKG48dizy9346ayfNswYTt38zewmGgw,483
 schemathesis/generation/stateful/__init__.py,sha256=s7jiJEnguIj44IsRyMi8afs-8yjIUuBbzW58bH5CHjs,1042
-schemathesis/generation/stateful/state_machine.py,sha256=1cY3AH-f_AbUGfvfK8WMMKkUxAJT9Iw8eZGyRE2Sd44,8740
+schemathesis/generation/stateful/state_machine.py,sha256=3oAGpn46adNJx3sp5ym9e30SyYOjJGiEqenDZ5gWtBY,8803
 schemathesis/graphql/__init__.py,sha256=_eO6MAPHGgiADVGRntnwtPxmuvk666sAh-FAU4cG9-0,326
 schemathesis/graphql/checks.py,sha256=IADbxiZjgkBWrC5yzHDtohRABX6zKXk5w_zpWNwdzYo,3186
 schemathesis/graphql/loaders.py,sha256=2tgG4HIvFmjHLr_KexVXnT8hSBM-dKG_fuXTZgE97So,9445
@@ -148,17 +148,17 @@ schemathesis/specs/openapi/negative/__init__.py,sha256=1sajF22SrE4pUK7-C6PiseZ9P
 schemathesis/specs/openapi/negative/mutations.py,sha256=xDSUVnGWjuuIcvmW_mJGChf-G-nXst-JBX1okQAzon4,19865
 schemathesis/specs/openapi/negative/types.py,sha256=a7buCcVxNBG6ILBM3A7oNTAX0lyDseEtZndBuej8MbI,174
 schemathesis/specs/openapi/negative/utils.py,sha256=ozcOIuASufLqZSgnKUACjX-EOZrrkuNdXX0SDnLoGYA,168
-schemathesis/specs/openapi/stateful/__init__.py,sha256=FSitLbJxjBYU814cqjI_QCkdyoIc-9xfT_1HQcYwsXw,15064
+schemathesis/specs/openapi/stateful/__init__.py,sha256=t5O84nKXIk_NhFihuSip3EWMLBo4_AG95W_YVbTKPl4,15985
 schemathesis/specs/openapi/stateful/control.py,sha256=QaXLSbwQWtai5lxvvVtQV3BLJ8n5ePqSKB00XFxp-MA,3695
 schemathesis/specs/openapi/stateful/links.py,sha256=h5q40jUbcIk5DS_Tih1cvFJxS_QxxG0_9ZQnTs1A_zo,8806
 schemathesis/transport/__init__.py,sha256=6yg_RfV_9L0cpA6qpbH-SL9_3ggtHQji9CZrpIkbA6s,5321
 schemathesis/transport/asgi.py,sha256=qTClt6oT_xUEWnRHokACN_uqCNNUZrRPT6YG0PjbElY,926
 schemathesis/transport/prepare.py,sha256=erYXRaxpQokIDzaIuvt_csHcw72iHfCyNq8VNEzXd0o,4743
-schemathesis/transport/requests.py,sha256=rziZTrZCVMAqgy6ldB8iTwhkpAsnjKSgK8hj5Sq3ThE,10656
+schemathesis/transport/requests.py,sha256=46aplzhSmBupegPNMawma-iJWCegWkEd6mzdWLTpgM4,10742
 schemathesis/transport/serialization.py,sha256=igUXKZ_VJ9gV7P0TUc5PDQBJXl_s0kK9T3ljGWWvo6E,10339
 schemathesis/transport/wsgi.py,sha256=KoAfvu6RJtzyj24VGB8e-Iaa9smpgXJ3VsM8EgAz2tc,6152
-schemathesis-4.0.15.dist-info/METADATA,sha256=nQbpPuX0uQ1CRaGdgF7Sor6E9pqtPKFYNHraxONfRdM,8472
-schemathesis-4.0.15.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-schemathesis-4.0.15.dist-info/entry_points.txt,sha256=hiK3un-xfgPdwj9uj16YVDtTNpO128bmk0U82SMv8ZQ,152
-schemathesis-4.0.15.dist-info/licenses/LICENSE,sha256=2Ve4J8v5jMQAWrT7r1nf3bI8Vflk3rZVQefiF2zpxwg,1121
-schemathesis-4.0.15.dist-info/RECORD,,
+schemathesis-4.0.17.dist-info/METADATA,sha256=W-ng4zywYAQxqVAdxHO-m6DAHhBnE5jGSgQIhx04uTY,8472
+schemathesis-4.0.17.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+schemathesis-4.0.17.dist-info/entry_points.txt,sha256=hiK3un-xfgPdwj9uj16YVDtTNpO128bmk0U82SMv8ZQ,152
+schemathesis-4.0.17.dist-info/licenses/LICENSE,sha256=2Ve4J8v5jMQAWrT7r1nf3bI8Vflk3rZVQefiF2zpxwg,1121
+schemathesis-4.0.17.dist-info/RECORD,,