chore: Check headers in args

.github/workflows/main.yml

@@ -17,12 +17,16 @@ jobs:
       # Start the API in the background
       - run: python apps/python/app.py &
 
+      # Set sample access token
+      - name: Set access token
+        run: cat apps/python/secret.json | python3 -c "import sys, json; print(f'ACCESS_TOKEN={json.load(sys.stdin)[\"access_token\"]}')" >> $GITHUB_ENV
+
       - name: Default test
         uses: ./
         with:
           schema: 'http://127.0.0.1:5001/openapi.json'
           token: ${{ secrets.SCHEMATHESIS_TOKEN }}
-          args: '-E success'
+          args: '-E success -H "Authorization: Bearer ${{ env.ACCESS_TOKEN }}"'
 
       - name: Custom hooks
         uses: ./
@@ -31,4 +35,4 @@ jobs:
           token: ${{ secrets.SCHEMATHESIS_TOKEN }}
           version: '3.18.5'
           hooks: 'apps.python.hooks'
-          args: '-c custom_check -E success'
+          args: '-c custom_check -E success -H "Authorization: Bearer ${{ env.ACCESS_TOKEN }}"'

apps/python/app.py

@@ -1,8 +1,18 @@
-from flask import Flask
+import json
+import pathlib
+from flask import Flask, request
 from werkzeug.exceptions import InternalServerError
 
 app = Flask("test_app")
 
+HERE = pathlib.Path(__file__).parent.absolute()
+
+with (HERE / "secret.json").open() as fd:
+    SECRET_DATA = json.load(fd)
+
+
+ACCESS_TOKEN = SECRET_DATA["access_token"]
+
 
 @app.route("/openapi.json")
 def schema():
@@ -45,7 +55,9 @@ def schema():
 
 @app.route("/api/success", methods=["GET"])
 def success():
-    return {"success": True}
+    if "Authorization" in request.headers and request.headers["Authorization"] == f"Bearer {ACCESS_TOKEN}":
+        return {"success": True}
+    return {"detail": "Unauthorized"}, 401
 
 
 @app.route("/api/failure", methods=["GET"])

apps/python/secret.json

@@ -0,0 +1,3 @@
+{
+    "access_token": "super-secret"
+}