main commit

venv/lib/python3.12/site-packages/fastapi/security/api_key.py

@@ -5,19 +5,11 @@ from fastapi.security.base import SecurityBase
 from starlette.exceptions import HTTPException
 from starlette.requests import Request
 from starlette.status import HTTP_403_FORBIDDEN
-from typing_extensions import Annotated, Doc
+from typing_extensions import Annotated, Doc  # type: ignore [attr-defined]
 
 
 class APIKeyBase(SecurityBase):
-    @staticmethod
-    def check_api_key(api_key: Optional[str], auto_error: bool) -> Optional[str]:
-        if not api_key:
-            if auto_error:
-                raise HTTPException(
-                    status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
-                )
-            return None
-        return api_key
+    pass
 
 
 class APIKeyQuery(APIKeyBase):
@@ -84,7 +76,7 @@ class APIKeyQuery(APIKeyBase):
             Doc(
                 """
                 By default, if the query parameter is not provided, `APIKeyQuery` will
-                automatically cancel the request and send the client an error.
+                automatically cancel the request and sebd the client an error.
 
                 If `auto_error` is set to `False`, when the query parameter is not
                 available, instead of erroring out, the dependency result will be
@@ -100,7 +92,7 @@ class APIKeyQuery(APIKeyBase):
         ] = True,
     ):
         self.model: APIKey = APIKey(
-            **{"in": APIKeyIn.query},
+            **{"in": APIKeyIn.query},  # type: ignore[arg-type]
             name=name,
             description=description,
         )
@@ -109,7 +101,14 @@ class APIKeyQuery(APIKeyBase):
 
     async def __call__(self, request: Request) -> Optional[str]:
         api_key = request.query_params.get(self.model.name)
-        return self.check_api_key(api_key, self.auto_error)
+        if not api_key:
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
+                )
+            else:
+                return None
+        return api_key
 
 
 class APIKeyHeader(APIKeyBase):
@@ -188,7 +187,7 @@ class APIKeyHeader(APIKeyBase):
         ] = True,
     ):
         self.model: APIKey = APIKey(
-            **{"in": APIKeyIn.header},
+            **{"in": APIKeyIn.header},  # type: ignore[arg-type]
             name=name,
             description=description,
         )
@@ -197,7 +196,14 @@ class APIKeyHeader(APIKeyBase):
 
     async def __call__(self, request: Request) -> Optional[str]:
         api_key = request.headers.get(self.model.name)
-        return self.check_api_key(api_key, self.auto_error)
+        if not api_key:
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
+                )
+            else:
+                return None
+        return api_key
 
 
 class APIKeyCookie(APIKeyBase):
@@ -276,7 +282,7 @@ class APIKeyCookie(APIKeyBase):
         ] = True,
     ):
         self.model: APIKey = APIKey(
-            **{"in": APIKeyIn.cookie},
+            **{"in": APIKeyIn.cookie},  # type: ignore[arg-type]
             name=name,
             description=description,
         )
@@ -285,4 +291,11 @@ class APIKeyCookie(APIKeyBase):
 
     async def __call__(self, request: Request) -> Optional[str]:
         api_key = request.cookies.get(self.model.name)
-        return self.check_api_key(api_key, self.auto_error)
+        if not api_key:
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
+                )
+            else:
+                return None
+        return api_key