client = TestClient(app)


def test_response_headers():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert "X-Process-Time" in response.headers


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "openapi": "3.1.0",
        "info": {
            "title": "FastAPI",

    /**
     * Retrieves a list of related query settings.
     *
     * @param body search parameters for filtering and pagination
     * @return JSON response containing related query configurations
     */
    // GET /api/admin/relatedquery/settings
    // PUT /api/admin/relatedquery/settings
    @Execute
    public JsonResponse<ApiResult> settings(final SearchBody body) {

    // GET /api/admin/failureurl/logs
    // PUT /api/admin/failureurl/logs
    /**
     * Retrieves failure URL logs with pagination.
     *
     * @param body the search criteria
     * @return JSON response containing the failure URL logs
     */
    @Execute
    public JsonResponse<ApiResult> logs(final SearchBody body) {
        validateApi(body, messages -> {});

    /**
     * Retrieves crawling info logs with pagination support.
     *
     * @param body the search body containing pagination and filter parameters
     * @return JSON response containing list of crawling info logs
     */
    // GET /api/admin/crawlinginfo/logs
    // PUT /api/admin/crawlinginfo/logs
    @Execute
    public JsonResponse<ApiResult> logs(final SearchBody body) {

    assert response.status_code == 200, response.text
    assert response.json() == {
        "description": "All my friends drive a low rider",
        "type": "car",
    }


def test_get_plane(client: TestClient):
    response = client.get("/items/item2")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "description": "Music is my aeroplane, it's my aeroplane",

text_type = "text/plain; charset=utf-8"
html_type = "text/html; charset=utf-8"
override_type = "application/x-override"


def test_app():
    with client:
        response = client.get("/")
    assert response.json() == {"msg": "Hello World"}
    assert response.headers["content-type"] == orjson_type


def test_app_override():
    with client:
        response = client.get("/override")

    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_token(client: TestClient):
    response = client.get("/users/me", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {
        "username": "testtokenfakedecoded",

В следующей главе вы увидите реальную защищённую реализацию с хешированием паролей и токенами <abbr title="JSON Web Tokens – JSON веб-токены">JWT</abbr>.

Но пока давайте сосредоточимся на необходимых нам деталях.
///

{* ../../docs_src/security/tutorial003_an_py310.py hl[87] *}

/// tip | Подсказка
Согласно спецификации, вы должны возвращать JSON с `access_token` и `token_type`, как в данном примере.

Y podrías hacer esto incluso si el tipo de datos en el request no es JSON.

Por ejemplo, en esta aplicación no usamos la funcionalidad integrada de FastAPI para extraer el JSON Schema de los modelos Pydantic ni la validación automática para JSON. De hecho, estamos declarando el tipo de contenido del request como YAML, no JSON:

//// tab | Pydantic v2

E você pode fazer isso até mesmo quando os dados da requisição não seguem o formato JSON.