remove securitySchemes

also remove DRF 3.9

Author: n2ygk

.travis.yml

@@ -6,85 +6,63 @@ matrix:
   allow_failures:
     - env: TOXENV=py35-django111-drfmaster
     - env: TOXENV=py36-django111-drfmaster
-    - env: TOXENV=py35-django21-drfmaster-oauth12
-    - env: TOXENV=py36-django21-drfmaster-oauth12
-    - env: TOXENV=py37-django21-drfmaster-oauth12
-    - env: TOXENV=py35-django22-drfmaster-oauth12
-    - env: TOXENV=py36-django22-drfmaster-oauth12
-    - env: TOXENV=py37-django22-drfmaster-oauth12
+    - env: TOXENV=py35-django21-drfmaster
+    - env: TOXENV=py36-django21-drfmaster
+    - env: TOXENV=py37-django21-drfmaster
+    - env: TOXENV=py35-django22-drfmaster
+    - env: TOXENV=py36-django22-drfmaster
+    - env: TOXENV=py37-django22-drfmaster
 
   include:
     - python: 3.6
       env: TOXENV=flake8
 
-    - python: 3.5
-      env: TOXENV=py35-django111-drf39
     - python: 3.5
       env: TOXENV=py35-django111-drf310
     - python: 3.5
       env: TOXENV=py35-django111-drfmaster
     - python: 3.5
-      env: TOXENV=py35-django21-drf39-oauth12
-    - python: 3.5
-      env: TOXENV=py35-django21-drf310-oauth12
+      env: TOXENV=py35-django21-drf310
     - python: 3.5
-      env: TOXENV=py35-django21-drfmaster-oauth12
-    - python: 3.5
-      dist: xenial
-      env: TOXENV=py35-django22-drf39-oauth12
+      env: TOXENV=py35-django21-drfmaster
     - python: 3.5
       dist: xenial
-      env: TOXENV=py35-django22-drf310-oauth12
+      env: TOXENV=py35-django22-drf310
     - python: 3.5
       dist: xenial
-      env: TOXENV=py35-django22-drfmaster-oauth12
+      env: TOXENV=py35-django22-drfmaster
 
-    - python: 3.6
-      env: TOXENV=py36-django111-drf39
     - python: 3.6
       env: TOXENV=py36-django111-drf310
     - python: 3.6
       env: TOXENV=py36-django111-drfmaster
     - python: 3.6
-      env: TOXENV=py36-django21-drf39-oauth12
-    - python: 3.6
-      env: TOXENV=py36-django21-drf310-oauth12
-    - python: 3.6
-      env: TOXENV=py36-django21-drfmaster-oauth12
+      env: TOXENV=py36-django21-drf310
     - python: 3.6
-      dist: xenial
-      env: TOXENV=py36-django22-drf39-oauth12
+      env: TOXENV=py36-django21-drfmaster
     - python: 3.6
       dist: xenial
-      env: TOXENV=py36-django22-drf310-oauth12
+      env: TOXENV=py36-django22-drf310
     - python: 3.6
       dist: xenial
-      env: TOXENV=py36-django22-drfmaster-oauth12
+      env: TOXENV=py36-django22-drfmaster
 
     - python: 3.7
       dist: xenial
       sudo: required
-      env: TOXENV=py37-django21-drf39-oauth12
-    - python: 3.7
-      dist: xenial
-      sudo: required
-      env: TOXENV=py37-django21-drf310-oauth12
-    - python: 3.7
-      dist: xenial
-      sudo: required
-      env: TOXENV=py37-django21-drfmaster-oauth12
+      env: TOXENV=py37-django21-drf310
     - python: 3.7
       dist: xenial
       sudo: required
-      env: TOXENV=py37-django22-drf39-oauth12
+      env: TOXENV=py37-django21-drfmaster
     - python: 3.7
       dist: xenial
       sudo: required
-      env: TOXENV=py37-django22-drf310-oauth12
+      env: TOXENV=py37-django22-drf310
     - python: 3.7
       dist: xenial
       sudo: required
-      env: TOXENV=py37-django22-drfmaster-oauth12
+      env: TOXENV=py37-django22-drfmaster
 install:
   - pip install tox
 script:

example/tests/snapshots/snap_test_openapi.py

@@ -178,15 +178,7 @@
       },
       "description": "not found"
     }
-  },
-  "security": [
-    {
-      "cookieAuth": []
-    },
-    {
-      "basicAuth": []
-    }
-  ]
+  }
 }'''
 
 snapshots['test_path_with_id_parameter 1'] = '''{
@@ -348,15 +340,7 @@
       },
       "description": "not found"
     }
-  },
-  "security": [
-    {
-      "cookieAuth": []
-    },
-    {
-      "basicAuth": []
-    }
-  ]
+  }
 }'''
 
 snapshots['test_post_request 1'] = '''{
@@ -588,15 +572,7 @@
       },
       "description": "[Conflict](https://jsonapi.org/format/#crud-creating-responses-409)"
     }
-  },
-  "security": [
-    {
-      "cookieAuth": []
-    },
-    {
-      "basicAuth": []
-    }
-  ]
+  }
 }'''
 
 snapshots['test_patch_request 1'] = '''{
@@ -822,15 +798,7 @@
       },
       "description": "[Conflict]([Conflict](https://jsonapi.org/format/#crud-updating-responses-409)"
     }
-  },
-  "security": [
-    {
-      "cookieAuth": []
-    },
-    {
-      "basicAuth": []
-    }
-  ]
+  }
 }'''
 
 snapshots['test_delete_request 1'] = '''{
@@ -890,13 +858,5 @@
       },
       "description": "[Resource does not exist](https://jsonapi.org/format/#crud-deleting-responses-404)"
     }
-  },
-  "security": [
-    {
-      "cookieAuth": []
-    },
-    {
-      "basicAuth": []
-    }
-  ]
+  }
 }'''

example/tests/test_openapi.py

@@ -1,32 +1,15 @@
 # largely based on DRF's test_openapi
 import json
 
-import pytest
 from django.conf.urls import url
 from django.test import RequestFactory, override_settings
-from rest_condition import And, Not, Or
-from rest_framework import VERSION as DRFVERSION
-from rest_framework.authentication import BasicAuthentication, SessionAuthentication
-from rest_framework.permissions import (
-    AllowAny,
-    DjangoModelPermissions,
-    IsAdminUser,
-    IsAuthenticated
-)
 from rest_framework.request import Request
 
-from rest_framework_json_api.optional import OAuth2Authentication, TokenMatchesOASRequirements
+from rest_framework_json_api.schemas.openapi import AutoSchema, SchemaGenerator
 from rest_framework_json_api.views import ModelViewSet
 
 from example import models, serializers, views
 
-drf_version = tuple(int(x) for x in DRFVERSION.split('.'))
-
-if drf_version >= (3, 10):
-    from rest_framework_json_api.schemas.openapi import AutoSchema, SchemaGenerator
-
-pytestmark = pytest.mark.skipif(drf_version < (3, 10), reason="requires DRF 3.10 or higher")
-
 
 def create_request(path):
     factory = RequestFactory()
@@ -131,127 +114,6 @@ def test_delete_request(snapshot):
     snapshot.assert_match(json.dumps(operation, indent=2, sort_keys=True))
 
 
-@pytest.mark.skipif(TokenMatchesOASRequirements is None, reason="requires oauth")
-class OauthProtectedAuthorViewSet(views.AuthorViewSet):
-    authentication_classes = (OAuth2Authentication, BasicAuthentication,
-                              SessionAuthentication)
-    permission_classes = (TokenMatchesOASRequirements, IsAuthenticated)
-    required_alternate_scopes = {
-        'GET': [['scope1', 'scope2'], ['scope3', 'scope4']],
-    }
-
-
-oauth2_server = 'oauth.example.com'
-oauth2_config = {
-    'authorization_endpoint': oauth2_server + '/authorize',
-    'token_endpoint': oauth2_server + '/token',
-    'scopes_supported': ['scope1', 'scope2', 'scope3', 'scope4'],
-    'grant_types_supported': ['implicit', 'authorization_code', 'client_credentials',
-                              'password'],
-}
-
-
-@pytest.mark.skipif(TokenMatchesOASRequirements is None, reason="requires oauth")
-def test_schema_security_list():
-    """
-    Checks for security objects
-    """
-
-    path = '/authors/'
-    method = 'GET'
-
-    view = create_view_with_kw(
-        OauthProtectedAuthorViewSet,
-        method,
-        create_request(path),
-        {'get': 'list'}
-    )
-    inspector = AutoSchema()
-    inspector.view = view
-
-    with override_settings(OAUTH2_CONFIG=oauth2_config):
-        operation = inspector.get_operation(path, method)
-
-    assert 'security' in operation
-    assert len(operation['security']) == 4
-    assert operation['security'][0] == {'oauth': ['scope1', 'scope2']}
-    assert operation['security'][1] == {'oauth': ['scope3', 'scope4']}
-    assert operation['security'][2] == {'basicAuth': []}
-    assert operation['security'][3] == {'cookieAuth': []}
-
-
-@pytest.mark.skipif(TokenMatchesOASRequirements is None, reason="requires oauth")
-def test_schema_security_drf_condition():
-    """
-    Checks for security objects with DRF bitwise conditional operators
-    """
-    class DRF_Cond_ViewSet(OauthProtectedAuthorViewSet):
-        # this is a crazy example just to make sure all the recursive code is covered
-        permission_classes = [
-            (IsAuthenticated & DjangoModelPermissions) |
-            ~(TokenMatchesOASRequirements & AllowAny),
-            ~AllowAny | (IsAdminUser & IsAuthenticated),
-            (TokenMatchesOASRequirements & AllowAny) |
-            (IsAuthenticated & DjangoModelPermissions),
-            ~TokenMatchesOASRequirements
-        ]
-
-    path = '/authors/'
-    method = 'GET'
-
-    view = create_view_with_kw(
-        DRF_Cond_ViewSet,
-        method,
-        create_request(path),
-        {'get': 'list'}
-    )
-    inspector = AutoSchema()
-    inspector.view = view
-
-    with override_settings(OAUTH2_CONFIG=oauth2_config):
-        operation = inspector.get_operation(path, method)
-
-    assert 'security' in operation
-    assert {'oauth': ['scope1', 'scope2']} in operation['security']
-    assert {'oauth': ['scope3', 'scope4']} in operation['security']
-    assert {'basicAuth': []} in operation['security']
-    assert {'cookieAuth': []} in operation['security']
-
-
-@pytest.mark.skipif(TokenMatchesOASRequirements is None, reason="requires oauth")
-def test_schema_security_rest_condition():
-    """
-    Checks for security objects with rest_condition operator methods
-    """
-    class Rest_Cond_ViewSet(OauthProtectedAuthorViewSet):
-        permission_classes = [
-            Or(
-                And(IsAuthenticated, DjangoModelPermissions),
-                And(Not(TokenMatchesOASRequirements), AllowAny)),
-        ]
-
-    path = '/authors/'
-    method = 'GET'
-
-    view = create_view_with_kw(
-        Rest_Cond_ViewSet,
-        method,
-        create_request(path),
-        {'get': 'list'}
-    )
-    inspector = AutoSchema()
-    inspector.view = view
-
-    with override_settings(OAUTH2_CONFIG=oauth2_config):
-        operation = inspector.get_operation(path, method)
-
-    assert 'security' in operation
-    assert {'oauth': ['scope1', 'scope2']} in operation['security']
-    assert {'oauth': ['scope3', 'scope4']} in operation['security']
-    assert {'basicAuth': []} in operation['security']
-    assert {'cookieAuth': []} in operation['security']
-
-
 @override_settings(REST_FRAMEWORK={
     'DEFAULT_SCHEMA_CLASS': 'rest_framework_json_api.schemas.openapi.AutoSchema'})
 def test_schema_construction():