Merge pull request #97 from iterait/dev

Release 0.9.3
iterait · Sep 19, 2019 · c9834c7 · c9834c7
2 parents a76aa51 + fb27806
commit c9834c7
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 7 deletions.
diff --git a/apistrap/__init__.py b/apistrap/__init__.py
@@ -1 +1 @@
-__version__ = "0.9.2"
+__version__ = "0.9.3"
diff --git a/apistrap/operation_wrapper.py b/apistrap/operation_wrapper.py
@@ -88,8 +88,7 @@ def process_metadata(self):
         self._query_parameters = dict(self._get_query_string_parameters())
         self._path_parameters = dict(self._get_path_parameters())
 
-        self._security = dict(self._get_security_requirements())
-
+        self._security = [*self._get_security_requirements()]
         self._tags = [*self._get_tags()]
 
     ##############
@@ -461,7 +460,7 @@ def _get_path_parameters(self) -> Generator[Tuple[str, Type], None, None]:
         Get a list of path parameters accepted by the wrapped endpoint.
         """
 
-    def _get_security_requirements(self) -> Generator[Tuple[str, Sequence[str]], None, None]:
+    def _get_security_requirements(self) -> Generator[Dict[str, Sequence[str]], None, None]:
         """
         Get a security requirement specification from the endpoint.
         """
@@ -474,7 +473,7 @@ def _get_security_requirements(self) -> Generator[Tuple[str, Sequence[str]], Non
             return  # No security requirements
 
         for scheme in self._extension.security_schemes:
-            yield scheme.name, decorators[0].scopes
+            yield {scheme.name: [*map(str, decorators[0].scopes)]}
 
     def _get_tags(self) -> Generator[str, None, None]:
         """

diff --git a/setup.py b/setup.py
@@ -1,7 +1,7 @@
 from setuptools import find_packages, setup
 
 setup(name='apistrap',
-      version='0.9.2',
+      version='0.9.3',
       description='Iterait REST API utilities',
       classifiers=[
           'Development Status :: 4 - Beta',

diff --git a/tests/test_security_spec.py b/tests/test_security_spec.py
@@ -41,4 +41,56 @@ def test_security_spec(app_with_oauth, client):
         },
     }
 
-    assert response.json["paths"]["/secured"]["get"]["security"] == {"oauth": ["read"]}
+    assert response.json["paths"]["/secured"]["get"]["security"] == [{"oauth": ["read"]}]
+
+
+class Scope:
+    def __init__(self, name):
+        self.name = name
+
+    def __str__(self):
+        return self.name
+
+    def __eq__(self, other):
+        return other.name == self.name
+
+
+@pytest.fixture()
+def app_with_oauth_non_string_scopes(app):
+    oapi = FlaskApistrap()
+    oapi.add_security_scheme(
+        OAuthSecurity(
+            "oauth",
+            lambda scopes: None,
+            OAuthFlowDefinition(
+                "authorization_code", {"read": "Read stuff", "write": "Write stuff"}, "/auth", "/token"
+            ),
+        )
+    )
+
+    @app.route("/secured", methods=["GET"])
+    @oapi.security(Scope("read"))
+    def view():
+        pass
+
+    oapi.init_app(app)
+
+
+def test_security_spec_non_string_scopes(app_with_oauth_non_string_scopes, client):
+    response = client.get("/spec.json")
+    assert response.status_code == 200
+
+    assert len(response.json["components"]["securitySchemes"]) == 1
+
+    assert response.json["components"]["securitySchemes"]["oauth"] == {
+        "type": "oauth2",
+        "flows": {
+            "authorization_code": {
+                "authorizationUrl": "/auth",
+                "tokenUrl": "/token",
+                "scopes": {"read": "Read stuff", "write": "Write stuff"},
+            }
+        },
+    }
+
+    assert response.json["paths"]["/secured"]["get"]["security"] == [{"oauth": ["read"]}]