schemathesis 4.1.1__py3-none-any.whl → 4.1.3__py3-none-any.whl

schemathesis/core/curl.py

@@ -23,7 +23,11 @@ def generate(
     _filter_headers(headers, known_generated_headers or {})
     command = f"curl -X {method}"
     for key, value in headers.items():
-        header = f"{key}: {value}"
+        # To send an empty header with cURL we need to use `;`, otherwise empty header is ignored
+        if not value:
+            header = f"{key};"
+        else:
+            header = f"{key}: {value}"
         command += f" -H {quote(header)}"
     if body:
         if isinstance(body, bytes):

schemathesis/specs/openapi/checks.py

@@ -497,7 +497,11 @@ def ignored_auth(ctx: CheckContext, response: Response, case: Case) -> bool | No
     """Check if an operation declares authentication as a requirement but does not actually enforce it."""
     from .schemas import BaseOpenAPISchema
 
-    if not isinstance(case.operation.schema, BaseOpenAPISchema) or is_unexpected_http_status_case(case):
+    if (
+        not isinstance(case.operation.schema, BaseOpenAPISchema)
+        or is_unexpected_http_status_case(case)
+        or _has_optional_auth(case.operation)
+    ):
         return True
     security_parameters = _get_security_parameters(case.operation)
     # Authentication is required for this API operation and response is successful
@@ -585,6 +589,13 @@ def _get_security_parameters(operation: APIOperation) -> list[SecurityParameter]
     ]
 
 
+def _has_optional_auth(operation: APIOperation) -> bool:
+    from .schemas import BaseOpenAPISchema
+
+    schema = cast(BaseOpenAPISchema, operation.schema)
+    return schema.security.has_optional_auth(schema.raw_schema, operation)
+
+
 def _contains_auth(
     ctx: CheckContext, case: Case, response: Response, security_parameters: list[SecurityParameter]
 ) -> AuthKind | None:

schemathesis/specs/openapi/security.py

@@ -32,20 +32,28 @@ class BaseSecurityProcessor:
                 self.process_api_key_security_definition(definition, operation)
             self.process_http_security_definition(definition, operation)
 
+    @staticmethod
+    def _get_security_requirements(schema: dict[str, Any], operation: APIOperation) -> list[dict]:
+        global_requirements = schema.get("security", [])
+        local_requirements = operation.definition.raw.get("security", None)
+        if local_requirements is not None:
+            return local_requirements
+        return global_requirements
+
     @staticmethod
     def get_security_requirements(schema: dict[str, Any], operation: APIOperation) -> list[str]:
         """Get applied security requirements for the given API operation."""
         # https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#operation-object
         # > This definition overrides any declared top-level security.
         # > To remove a top-level security declaration, an empty array can be used.
-        global_requirements = schema.get("security", [])
-        local_requirements = operation.definition.raw.get("security", None)
-        if local_requirements is not None:
-            requirements = local_requirements
-        else:
-            requirements = global_requirements
+        requirements = BaseSecurityProcessor._get_security_requirements(schema, operation)
         return [key for requirement in requirements for key in requirement]
 
+    @staticmethod
+    def has_optional_auth(schema: dict[str, Any], operation: APIOperation) -> bool:
+        requirements = BaseSecurityProcessor._get_security_requirements(schema, operation)
+        return {} in requirements
+
     def _get_active_definitions(
         self, schema: dict[str, Any], operation: APIOperation, resolver: RefResolver
     ) -> Generator[dict[str, Any], None, None]:

{schemathesis-4.1.1.dist-info → schemathesis-4.1.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: schemathesis
-Version: 4.1.1
+Version: 4.1.3
 Summary: Property-based testing framework for Open API and GraphQL based apps
 Project-URL: Documentation, https://schemathesis.readthedocs.io/en/stable/
 Project-URL: Changelog, https://github.com/schemathesis/schemathesis/blob/master/CHANGELOG.md

{schemathesis-4.1.1.dist-info → schemathesis-4.1.3.dist-info}/RECORD

@@ -49,7 +49,7 @@ schemathesis/config/schema.json,sha256=3CRSBfUK2vLVl1h5PfeK_YDdEoBZSojYl8Q1kT-IT
 schemathesis/core/__init__.py,sha256=h4gmDePIPvPiVuYxnjrpPKytSZPi6fZeVdTG6c822E4,1973
 schemathesis/core/compat.py,sha256=9BWCrFoqN2sJIaiht_anxe8kLjYMR7t0iiOkXqLRUZ8,1058
 schemathesis/core/control.py,sha256=IzwIc8HIAEMtZWW0Q0iXI7T1niBpjvcLlbuwOSmy5O8,130
-schemathesis/core/curl.py,sha256=yuaCe_zHLGwUjEeloQi6W3tOA3cGdnHDNI17-5jia0o,1723
+schemathesis/core/curl.py,sha256=jrPL9KpNHteyJ6A1oxJRSkL5bfuBeuPs3xh9Z_ml2cE,1892
 schemathesis/core/deserialization.py,sha256=qjXUPaz_mc1OSgXzTUSkC8tuVR8wgVQtb9g3CcAF6D0,2951
 schemathesis/core/errors.py,sha256=pwiyGhX7tId88Toe2H4ZYsCDc_OvUJtW8Wv-xDv2UD4,16361
 schemathesis/core/failures.py,sha256=yFpAxWdEnm0Ri8z8RqRI9H7vcLH5ztOeSIi4m4SGx5g,8996
@@ -123,7 +123,7 @@ schemathesis/specs/graphql/schemas.py,sha256=B6FULWIIWoN_gx9OeQOd-6qWsz9yVg5h1Xl
 schemathesis/specs/graphql/validation.py,sha256=-W1Noc1MQmTb4RX-gNXMeU2qkgso4mzVfHxtdLkCPKM,1422
 schemathesis/specs/openapi/__init__.py,sha256=C5HOsfuDJGq_3mv8CRBvRvb0Diy1p0BFdqyEXMS-loE,238
 schemathesis/specs/openapi/_hypothesis.py,sha256=XK-g2284wCsqOuPhubpE-PQ5_YotUwNodAnjeHs_-R0,21712
-schemathesis/specs/openapi/checks.py,sha256=P4WaLJ_dqssrZI-fpRwsy4kZ8u6O93YvpQ-98JuMkIQ,30320
+schemathesis/specs/openapi/checks.py,sha256=CVUBhJgdVZZdgCIydsO0OYf3K4gGgnYw6XDSJo3q6OU,30623
 schemathesis/specs/openapi/constants.py,sha256=JqM_FHOenqS_MuUE9sxVQ8Hnw0DNM8cnKDwCwPLhID4,783
 schemathesis/specs/openapi/converter.py,sha256=LkpCCAxZzET4Qa_3YStSNuhGlsm5G6TVwpxYu6lPO4g,4169
 schemathesis/specs/openapi/definitions.py,sha256=8htclglV3fW6JPBqs59lgM4LnA25Mm9IptXBPb_qUT0,93949
@@ -134,7 +134,7 @@ schemathesis/specs/openapi/parameters.py,sha256=XpuZ2sex2aYUzKDK17GXVNWFBmvamuyV
 schemathesis/specs/openapi/patterns.py,sha256=GqPZEXMRdWENQxanWjBOalIZ2MQUjuxk21kmdiI703E,18027
 schemathesis/specs/openapi/references.py,sha256=40YcDExPLR2B8EOwt-Csw-5MYFi2xj_DXf91J0Pc9d4,8855
 schemathesis/specs/openapi/schemas.py,sha256=qJ0ChkZuXQafQ-nPwMzckSk3iC32H2O5W9Cbd7DN_2I,51379
-schemathesis/specs/openapi/security.py,sha256=6UWYMhL-dPtkTineqqBFNKca1i4EuoTduw-EOLeE0aQ,7149
+schemathesis/specs/openapi/security.py,sha256=Vv5Y76hM49ZqLlivViSURKQlxDd1F_FQRj5gEUfyBU0,7552
 schemathesis/specs/openapi/serialization.py,sha256=VdDLmeHqxlWM4cxQQcCkvrU6XurivolwEEaT13ohelA,11972
 schemathesis/specs/openapi/utils.py,sha256=ER4vJkdFVDIE7aKyxyYatuuHVRNutytezgE52pqZNE8,900
 schemathesis/specs/openapi/expressions/__init__.py,sha256=hfuRtXD75tQFhzSo6QgDZ3zByyWeZRKevB8edszAVj4,2272
@@ -157,8 +157,8 @@ schemathesis/transport/prepare.py,sha256=erYXRaxpQokIDzaIuvt_csHcw72iHfCyNq8VNEz
 schemathesis/transport/requests.py,sha256=XWiQVG4rGnFX0rOhOZAKVIPbrlknLuS7pHYwUcOiEGs,10942
 schemathesis/transport/serialization.py,sha256=igUXKZ_VJ9gV7P0TUc5PDQBJXl_s0kK9T3ljGWWvo6E,10339
 schemathesis/transport/wsgi.py,sha256=KoAfvu6RJtzyj24VGB8e-Iaa9smpgXJ3VsM8EgAz2tc,6152
-schemathesis-4.1.1.dist-info/METADATA,sha256=twjFIgwG3ZuiTWbHSwLnuRZtfy03aPhzwOwQQGb-TOo,8540
-schemathesis-4.1.1.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-schemathesis-4.1.1.dist-info/entry_points.txt,sha256=hiK3un-xfgPdwj9uj16YVDtTNpO128bmk0U82SMv8ZQ,152
-schemathesis-4.1.1.dist-info/licenses/LICENSE,sha256=2Ve4J8v5jMQAWrT7r1nf3bI8Vflk3rZVQefiF2zpxwg,1121
-schemathesis-4.1.1.dist-info/RECORD,,
+schemathesis-4.1.3.dist-info/METADATA,sha256=cl5HHC8Riq884RzJBvb-RN7TrUilt5T3x41W7X93G0M,8540
+schemathesis-4.1.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+schemathesis-4.1.3.dist-info/entry_points.txt,sha256=hiK3un-xfgPdwj9uj16YVDtTNpO128bmk0U82SMv8ZQ,152
+schemathesis-4.1.3.dist-info/licenses/LICENSE,sha256=2Ve4J8v5jMQAWrT7r1nf3bI8Vflk3rZVQefiF2zpxwg,1121
+schemathesis-4.1.3.dist-info/RECORD,,