Dependency overrides are ignored

[gabloe]

Describe the bug
I use dependency_overrides in my pytest config so that I can mock the security dependency and inject a mocked user into the request. This works with FastAPI but with Cadwyn it looks like dependency overrides are ignored, or at least does not work as expected.

To Reproduce
Steps to reproduce the behavior:

1. Create a simple application with some route security (I am using azure authorization code)
2. In conftest.py create a test client fixture and mock the security context with a dependency override
3. Create a test that calls a protected route.
4. Test will fail with Error 401 Unauthorized

A simple example using fastapi-azure-oauth:

import pytest
from httpx import AsyncClient
from demo_project.api.dependencies import azure_scheme
from fastapi import Request
from fastapi_azure_auth.user import User
from demo_project.main import app as cadwyn_app

@pytest.fixture
async def normal_user_client():
    async def mock_normal_user(request: Request):
        user = User(
            claims={},
            preferred_username="NormalUser",
            roles=["role1"],
            aud="aud",
            tid="tid",
            access_token="123",
            is_guest=False,
            iat=1537231048,
            nbf=1537231048,
            exp=1537234948,
            iss="iss",
            aio="aio",
            sub="sub",
            oid="oid",
            uti="uti",
            rh="rh",
            ver="2.0",
        )
        request.state.user = user
        return user

    cadwyn_app.dependency_overrides[azure_scheme] = mock_normal_user
    async with AsyncClient(app=cadwyn_app, base_url='http://test') as ac:
        yield ac

Expected behavior
I expect that the mocked user will be injected into the request and the route succeeds with a HTTP2XX. This works with FastAPI, but when I switch to Cadwyn I get HTTP401.

[zmievsa]

I'll take a look

[zmievsa]

Fixed in 3.15.5. Please, take a look.

[gabloe]

@zmievsa it does not seem to be working still after your fix.

I can reproduce the problem with my test client fixture. I verified that my mock_valid_user dependency is never called and instead the original security_scheme dependency is, and I get HTTP401 still.

@pytest.fixture
async def test_client():
    """
    Create an instance of the client.
    :return: yield HTTP client.
    """

    # Mock the user context
    app.dependency_overrides[security_scheme] = mock_valid_user

    # Create the client
    async with LifespanManager(app):
        async with AsyncClient(
            app=app, base_url="http://test", follow_redirects=True
        ) as ac:
            yield ac

[zmievsa]

Understood. My test was not sufficient, then -- it covered three use cases out of four. Sadly, you have the fourth. I understand the issue that occurs here but the fix is going to be a little more involved. I'll hopefully come back to you tomorrow with a fix for this use case.

In fact, it might be so involved that I would recommend just using a regular monkeypatch mock right now.

[zmievsa]

@gabloe Fixed the bug in its entirety. Should work in all cases now. Can I ask you to check again? Version 3.15.7

[gabloe]

Sorry to say it is still not working with dependency overrides. Using the same code example in the bug description I get HTTP401 unauthorized using Cadwyn and success response using FastAPI.

[zmievsa]

Can you provide the full example, i.e. a repository along with requirements.txt (or pyproject.toml)? My tests indicate that this problem should be impossible.

I'll look at it right away.