from typing import List

from fastapi import FastAPI, Query
from fastapi.testclient import TestClient

app = FastAPI()


@app.get("/items/")

            

Reported by Pylint.

              

@app.get("/items/")
def read_items(q: List[int] = Query(None)):
    return {"q": q}


client = TestClient(app)


            

Reported by Pylint.

              

@app.get("/items/")
def read_items(q: List[int] = Query(None)):
    return {"q": q}


client = TestClient(app)


            

Reported by Pylint.

              }


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema



            

Reported by Pylint.

              
def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema


def test_multi_query():
    response = client.get("/items/?q=5&q=6")

            

Reported by Bandit.

              def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema


def test_multi_query():
    response = client.get("/items/?q=5&q=6")
    assert response.status_code == 200, response.text

            

Reported by Bandit.

                  assert response.json() == openapi_schema


def test_multi_query():
    response = client.get("/items/?q=5&q=6")
    assert response.status_code == 200, response.text
    assert response.json() == {"q": [5, 6]}



            

Reported by Pylint.

              
def test_multi_query():
    response = client.get("/items/?q=5&q=6")
    assert response.status_code == 200, response.text
    assert response.json() == {"q": [5, 6]}


def test_multi_query_incorrect():
    response = client.get("/items/?q=five&q=six")

            

Reported by Bandit.

              def test_multi_query():
    response = client.get("/items/?q=5&q=6")
    assert response.status_code == 200, response.text
    assert response.json() == {"q": [5, 6]}


def test_multi_query_incorrect():
    response = client.get("/items/?q=five&q=six")
    assert response.status_code == 422, response.text

            

Reported by Bandit.

                  assert response.json() == {"q": [5, 6]}


def test_multi_query_incorrect():
    response = client.get("/items/?q=five&q=six")
    assert response.status_code == 422, response.text
    assert response.json() == multiple_errors

            

Reported by Pylint.

              from fastapi import FastAPI
from fastapi.testclient import TestClient

from .utils import needs_py39


@needs_py39
def test_typing():
    types = {

            

Reported by Pylint.

              @needs_py39
def test_typing():
    types = {
        list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`
    }
    for test_type, expect in types.items():

            

Reported by Pylint.

              def test_typing():
    types = {
        list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`
    }
    for test_type, expect in types.items():
        app = FastAPI()

            

Reported by Pylint.

              def test_typing():
    types = {
        list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`
    }
    for test_type, expect in types.items():
        app = FastAPI()

            

Reported by Pylint.

                  types = {
        list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`
    }
    for test_type, expect in types.items():
        app = FastAPI()


            

Reported by Pylint.

                      list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`
    }
    for test_type, expect in types.items():
        app = FastAPI()

        @app.post("/", response_model=test_type)

            

Reported by Pylint.

                      app = FastAPI()

        @app.post("/", response_model=test_type)
        def post_endpoint(input: test_type):
            return input

        res = TestClient(app).post("/", json=expect)
        assert res.status_code == 200, res.json()
        assert res.json() == expect

            

Reported by Pylint.

                      app = FastAPI()

        @app.post("/", response_model=test_type)
        def post_endpoint(input: test_type):
            return input

        res = TestClient(app).post("/", json=expect)
        assert res.status_code == 200, res.json()
        assert res.json() == expect

            

Reported by Pylint.

              from fastapi import FastAPI
from fastapi.testclient import TestClient

from .utils import needs_py39


@needs_py39
def test_typing():
    types = {

            

Reported by Pylint.

              

@needs_py39
def test_typing():
    types = {
        list[int]: [1, 2, 3],
        dict[str, list[int]]: {"a": [1, 2, 3], "b": [4, 5, 6]},
        set[int]: [1, 2, 3],  # `set` is converted to `list`
        tuple[int, ...]: [1, 2, 3],  # `tuple` is converted to `list`

            

Reported by Pylint.

              from typing import Optional

from fastapi import FastAPI
from pydantic import BaseModel, EmailStr

app = FastAPI()


class UserIn(BaseModel):

            

Reported by Pylint.

              from typing import Optional

from fastapi import FastAPI
from pydantic import BaseModel, EmailStr

app = FastAPI()


class UserIn(BaseModel):

            

Reported by Pylint.

              from typing import Optional

from fastapi import FastAPI
from pydantic import BaseModel, EmailStr

app = FastAPI()


class UserIn(BaseModel):

            

Reported by Pylint.

              app = FastAPI()


class UserIn(BaseModel):
    username: str
    password: str
    email: EmailStr
    full_name: Optional[str] = None


            

Reported by Pylint.

              app = FastAPI()


class UserIn(BaseModel):
    username: str
    password: str
    email: EmailStr
    full_name: Optional[str] = None


            

Reported by Pylint.

                  full_name: Optional[str] = None


class UserOut(BaseModel):
    username: str
    email: EmailStr
    full_name: Optional[str] = None



            

Reported by Pylint.

                  full_name: Optional[str] = None


class UserOut(BaseModel):
    username: str
    email: EmailStr
    full_name: Optional[str] = None



            

Reported by Pylint.

                  full_name: Optional[str] = None


class UserInDB(BaseModel):
    username: str
    hashed_password: str
    email: EmailStr
    full_name: Optional[str] = None


            

Reported by Pylint.

                  full_name: Optional[str] = None


class UserInDB(BaseModel):
    username: str
    hashed_password: str
    email: EmailStr
    full_name: Optional[str] = None


            

Reported by Pylint.

                  full_name: Optional[str] = None


def fake_password_hasher(raw_password: str):
    return "supersecret" + raw_password


def fake_save_user(user_in: UserIn):
    hashed_password = fake_password_hasher(user_in.password)

            

Reported by Pylint.

              import importlib

from fastapi.testclient import TestClient

from docs_src.conditional_openapi import tutorial001

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              }


def test_default_openapi():
    client = TestClient(tutorial001.app)
    response = client.get("/openapi.json")
    assert response.json() == openapi_schema
    response = client.get("/docs")
    assert response.status_code == 200, response.text

            

Reported by Pylint.

              def test_default_openapi():
    client = TestClient(tutorial001.app)
    response = client.get("/openapi.json")
    assert response.json() == openapi_schema
    response = client.get("/docs")
    assert response.status_code == 200, response.text
    response = client.get("/redoc")
    assert response.status_code == 200, response.text


            

Reported by Bandit.

                  response = client.get("/openapi.json")
    assert response.json() == openapi_schema
    response = client.get("/docs")
    assert response.status_code == 200, response.text
    response = client.get("/redoc")
    assert response.status_code == 200, response.text


def test_disable_openapi(monkeypatch):

            

Reported by Bandit.

                  response = client.get("/docs")
    assert response.status_code == 200, response.text
    response = client.get("/redoc")
    assert response.status_code == 200, response.text


def test_disable_openapi(monkeypatch):
    monkeypatch.setenv("OPENAPI_URL", "")
    importlib.reload(tutorial001)

            

Reported by Bandit.

                  assert response.status_code == 200, response.text


def test_disable_openapi(monkeypatch):
    monkeypatch.setenv("OPENAPI_URL", "")
    importlib.reload(tutorial001)
    client = TestClient(tutorial001.app)
    response = client.get("/openapi.json")
    assert response.status_code == 404, response.text

            

Reported by Pylint.

                  importlib.reload(tutorial001)
    client = TestClient(tutorial001.app)
    response = client.get("/openapi.json")
    assert response.status_code == 404, response.text
    response = client.get("/docs")
    assert response.status_code == 404, response.text
    response = client.get("/redoc")
    assert response.status_code == 404, response.text


            

Reported by Bandit.

                  response = client.get("/openapi.json")
    assert response.status_code == 404, response.text
    response = client.get("/docs")
    assert response.status_code == 404, response.text
    response = client.get("/redoc")
    assert response.status_code == 404, response.text


def test_root():

            

Reported by Bandit.

                  response = client.get("/docs")
    assert response.status_code == 404, response.text
    response = client.get("/redoc")
    assert response.status_code == 404, response.text


def test_root():
    client = TestClient(tutorial001.app)
    response = client.get("/")

            

Reported by Bandit.

                  assert response.status_code == 404, response.text


def test_root():
    client = TestClient(tutorial001.app)
    response = client.get("/")
    assert response.status_code == 200
    assert response.json() == {"message": "Hello World"}

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial001 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial001 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial001 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              }


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema



            

Reported by Pylint.

              
def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema


def test_post_item():
    response = client.post("/items/", json={"name": "Foo", "price": 3})

            

Reported by Bandit.

              def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema


def test_post_item():
    response = client.post("/items/", json={"name": "Foo", "price": 3})
    assert response.status_code == 200

            

Reported by Bandit.

                  assert response.json() == openapi_schema


def test_post_item():
    response = client.post("/items/", json={"name": "Foo", "price": 3})
    assert response.status_code == 200
    assert response.json() == {
        "name": "Foo",
        "price": 3,

            

Reported by Pylint.

              
def test_post_item():
    response = client.post("/items/", json={"name": "Foo", "price": 3})
    assert response.status_code == 200
    assert response.json() == {
        "name": "Foo",
        "price": 3,
        "description": None,
        "tax": None,

            

Reported by Bandit.

              def test_post_item():
    response = client.post("/items/", json={"name": "Foo", "price": 3})
    assert response.status_code == 200
    assert response.json() == {
        "name": "Foo",
        "price": 3,
        "description": None,
        "tax": None,
    }

            

Reported by Bandit.

                  }


def test_post_invalid_item():
    response = client.post("/items/", json={"name": "Foo", "price": "invalid price"})
    assert response.status_code == 422
    assert response.json() == {
        "detail": [
            {

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial003 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial003 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.dataclasses.tutorial003 import app

client = TestClient(app)

openapi_schema = {
    "openapi": "3.0.2",
    "info": {"title": "FastAPI", "version": "0.1.0"},

            

Reported by Pylint.

              }


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema



            

Reported by Pylint.

              
def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema


def test_post_authors_item():
    response = client.post(

            

Reported by Bandit.

              def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200
    assert response.json() == openapi_schema


def test_post_authors_item():
    response = client.post(
        "/authors/foo/items/",

            

Reported by Bandit.

                  assert response.json() == openapi_schema


def test_post_authors_item():
    response = client.post(
        "/authors/foo/items/",
        json=[{"name": "Bar"}, {"name": "Baz", "description": "Drop the Baz"}],
    )
    assert response.status_code == 200

            

Reported by Pylint.

                      "/authors/foo/items/",
        json=[{"name": "Bar"}, {"name": "Baz", "description": "Drop the Baz"}],
    )
    assert response.status_code == 200
    assert response.json() == {
        "name": "foo",
        "items": [
            {"name": "Bar", "description": None},
            {"name": "Baz", "description": "Drop the Baz"},

            

Reported by Bandit.

                      json=[{"name": "Bar"}, {"name": "Baz", "description": "Drop the Baz"}],
    )
    assert response.status_code == 200
    assert response.json() == {
        "name": "foo",
        "items": [
            {"name": "Bar", "description": None},
            {"name": "Baz", "description": "Drop the Baz"},
        ],

            

Reported by Bandit.

                  }


def test_get_authors():
    response = client.get("/authors/")
    assert response.status_code == 200
    assert response.json() == [
        {
            "name": "Breaters",

            

Reported by Pylint.

              from typing import List, Tuple

from fastapi import Depends, FastAPI, Security
from fastapi.security import SecurityScopes
from fastapi.testclient import TestClient

app = FastAPI()



            

Reported by Pylint.

              app = FastAPI()


def get_user(required_scopes: SecurityScopes):
    return "john", required_scopes.scopes


def get_user_override(required_scopes: SecurityScopes):
    return "alice", required_scopes.scopes

            

Reported by Pylint.

                  return "john", required_scopes.scopes


def get_user_override(required_scopes: SecurityScopes):
    return "alice", required_scopes.scopes


def get_data():
    return [1, 2, 3]

            

Reported by Pylint.

                  return "alice", required_scopes.scopes


def get_data():
    return [1, 2, 3]


def get_data_override():
    return [3, 4, 5]

            

Reported by Pylint.

                  return [1, 2, 3]


def get_data_override():
    return [3, 4, 5]


@app.get("/user")
def read_user(

            

Reported by Pylint.

              

@app.get("/user")
def read_user(
    user_data: Tuple[str, List[str]] = Security(get_user, scopes=["foo", "bar"]),
    data: List[int] = Depends(get_data),
):
    return {"user": user_data[0], "scopes": user_data[1], "data": data}


            

Reported by Pylint.

              client = TestClient(app)


def test_normal():
    response = client.get("/user")
    assert response.json() == {
        "user": "john",
        "scopes": ["foo", "bar"],
        "data": [1, 2, 3],

            

Reported by Pylint.

              
def test_normal():
    response = client.get("/user")
    assert response.json() == {
        "user": "john",
        "scopes": ["foo", "bar"],
        "data": [1, 2, 3],
    }


            

Reported by Bandit.

                  }


def test_override_data():
    app.dependency_overrides[get_data] = get_data_override
    response = client.get("/user")
    assert response.json() == {
        "user": "john",
        "scopes": ["foo", "bar"],

            

Reported by Pylint.

              def test_override_data():
    app.dependency_overrides[get_data] = get_data_override
    response = client.get("/user")
    assert response.json() == {
        "user": "john",
        "scopes": ["foo", "bar"],
        "data": [3, 4, 5],
    }
    app.dependency_overrides = {}

            

Reported by Bandit.

              
from fastapi import FastAPI
from fastapi.testclient import TestClient
from pydantic import BaseModel

app = FastAPI()


class Items(BaseModel):

            

Reported by Pylint.

              from typing import Dict

from fastapi import FastAPI
from fastapi.testclient import TestClient
from pydantic import BaseModel

app = FastAPI()



            

Reported by Pylint.

              app = FastAPI()


class Items(BaseModel):
    items: Dict[str, int]


@app.post("/foo")
def foo(items: Items):

            

Reported by Pylint.

              app = FastAPI()


class Items(BaseModel):
    items: Dict[str, int]


@app.post("/foo")
def foo(items: Items):

            

Reported by Pylint.

              

@app.post("/foo")
def foo(items: Items):
    return items.items


client = TestClient(app)


            

Reported by Pylint.

              

@app.post("/foo")
def foo(items: Items):
    return items.items


client = TestClient(app)


            

Reported by Pylint.

              }


def test_additional_properties_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema



            

Reported by Pylint.

              
def test_additional_properties_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema


def test_additional_properties_post():
    response = client.post("/foo", json={"items": {"foo": 1, "bar": 2}})

            

Reported by Bandit.

              def test_additional_properties_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == openapi_schema


def test_additional_properties_post():
    response = client.post("/foo", json={"items": {"foo": 1, "bar": 2}})
    assert response.status_code == 200, response.text

            

Reported by Bandit.

                  assert response.json() == openapi_schema


def test_additional_properties_post():
    response = client.post("/foo", json={"items": {"foo": 1, "bar": 2}})
    assert response.status_code == 200, response.text
    assert response.json() == {"foo": 1, "bar": 2}

            

Reported by Pylint.

              from typing import List

import pytest
from fastapi import FastAPI
from fastapi.exceptions import FastAPIError


class NonPydanticModel:
    pass

            

Reported by Pylint.

                      app = FastAPI()

        @app.get("/", response_model=NonPydanticModel)
        def read_root():
            pass  # pragma: nocover


def test_invalid_response_model_sub_type_raises():
    with pytest.raises(FastAPIError):

            

Reported by Pylint.

                      app = FastAPI()

        @app.get("/", response_model=List[NonPydanticModel])
        def read_root():
            pass  # pragma: nocover


def test_invalid_response_model_in_responses_raises():
    with pytest.raises(FastAPIError):

            

Reported by Pylint.

                      app = FastAPI()

        @app.get("/", responses={"500": {"model": NonPydanticModel}})
        def read_root():
            pass  # pragma: nocover


def test_invalid_response_model_sub_type_in_responses_raises():
    with pytest.raises(FastAPIError):

            

Reported by Pylint.

                      app = FastAPI()

        @app.get("/", responses={"500": {"model": List[NonPydanticModel]}})
        def read_root():
            pass  # pragma: nocover

            

Reported by Pylint.

              from typing import List

import pytest
from fastapi import FastAPI
from fastapi.exceptions import FastAPIError


class NonPydanticModel:
    pass

            

Reported by Pylint.

              from fastapi.exceptions import FastAPIError


class NonPydanticModel:
    pass


def test_invalid_response_model_raises():
    with pytest.raises(FastAPIError):

            

Reported by Pylint.

              from fastapi.exceptions import FastAPIError


class NonPydanticModel:
    pass


def test_invalid_response_model_raises():
    with pytest.raises(FastAPIError):

            

Reported by Pylint.

                  pass


def test_invalid_response_model_raises():
    with pytest.raises(FastAPIError):
        app = FastAPI()

        @app.get("/", response_model=NonPydanticModel)
        def read_root():

            

Reported by Pylint.

                          pass  # pragma: nocover


def test_invalid_response_model_sub_type_raises():
    with pytest.raises(FastAPIError):
        app = FastAPI()

        @app.get("/", response_model=List[NonPydanticModel])
        def read_root():

            

Reported by Pylint.

              from fastapi.testclient import TestClient

from docs_src.cors.tutorial001 import app


def test_cors():
    client = TestClient(app)
    # Test pre-flight response
    headers = {

            

Reported by Pylint.

              from docs_src.cors.tutorial001 import app


def test_cors():
    client = TestClient(app)
    # Test pre-flight response
    headers = {
        "Origin": "https://localhost.tiangolo.com",
        "Access-Control-Request-Method": "GET",

            

Reported by Pylint.

                      "Access-Control-Request-Headers": "X-Example",
    }
    response = client.options("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.text == "OK"
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )

            

Reported by Bandit.

                  }
    response = client.options("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.text == "OK"
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )
    assert response.headers["access-control-allow-headers"] == "X-Example"

            

Reported by Bandit.

                  response = client.options("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.text == "OK"
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )
    assert response.headers["access-control-allow-headers"] == "X-Example"


            

Reported by Bandit.

                      response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )
    assert response.headers["access-control-allow-headers"] == "X-Example"

    # Test standard response
    headers = {"Origin": "https://localhost.tiangolo.com"}
    response = client.get("/", headers=headers)
    assert response.status_code == 200, response.text

            

Reported by Bandit.

                  # Test standard response
    headers = {"Origin": "https://localhost.tiangolo.com"}
    response = client.get("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello World"}
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )

            

Reported by Bandit.

                  headers = {"Origin": "https://localhost.tiangolo.com"}
    response = client.get("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello World"}
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )


            

Reported by Bandit.

                  response = client.get("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello World"}
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )

    # Test non-CORS response

            

Reported by Bandit.

              
    # Test non-CORS response
    response = client.get("/")
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello World"}
    assert "access-control-allow-origin" not in response.headers

            

Reported by Bandit.