🎉 I am excited to announce the latest release of Schemathesis! 🎉
You can now use custom authentication mechanisms from the
requests library, apply authentication conditionally to specific API operations, and even throttle requests via the CLI. As always, we've also squashed a few bugs to improve the overall stability of Schemathesis! Happy testing! 🙌
- Schemathesis now supports custom authentication mechanisms from the
You can use
schemathesis.auth.set_from_requeststo set up Schemathesis CLI with any third-party authentication implementation that works with
import schemathesis from requests_ntlm import HttpNtlmAuth schemathesis.auth.set_from_requests( HttpNtlmAuth("domain\\username", "password") )
- Ability to apply authentication conditionally to specific API operations using a combination of
import schemathesis # Apply auth only for operations that path starts with `/users/` but not the `POST` method @schemathesis.auth().apply_to(path_regex="^/users/").skip_for(method="POST") class MyAuth: ...
- Add a convenience mapping-like interface to
OperationDefinitionincluding indexing access, the
getmethod, and "in" support.
- Request throttling via the
--rate-limitCLI option. #910
- Unified Schemathesis custom authentication usage via the
schema.authdecorator, replacing the previous
import schemathesis schema = schemathesis.from_uri("https://example.schemathesis.io/openapi.json") # Schema-level auth # Before: @schema.auth.register() @schema.auth() class MyAuth: ... # Test-level auth # Before: @schema.auth.apply(MyAuth) @schema.auth(MyAuth) @schema.parametrize() def test_api(case): ...
- Handling of query parameters and cookies passed to
case.calland query parameters passed to
The user-provided values are now merged with the data generated by Schemathesis, instead of overriding it completely. #1705
- Parameter definition takes precedence over security schemes with the same name.
Unsatisfiableerror when explicit header name passed via CLI clashes with the header parameter name. #1699
- Not using the
portkeyword argument in schema loaders during API schema loading. #1721