Fix OAuth regression test

54eaf863 · Jonathan Weth · 3cc25a06 · 54eaf863
Verified Commit 54eaf863 authored 2 years ago by Jonathan Weth
--- a/aleksis/core/tests/regression/test_regression.py
+++ b/aleksis/core/tests/regression/test_regression.py
@@ -97,33 +97,39 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    https://edugit.org/AlekSIS/official/AlekSIS-Core/-/issues/688
    """

-    wrong_application = OAuthApplication.objects.create(
+    wrong_application = OAuthApplication(
        name="Test Application",
        allowed_scopes=[],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
-    wrong_application_2 = OAuthApplication.objects.create(
+    wrong_application_secret = wrong_application.client_secret
+    wrong_application.save()
+    wrong_application_2 = OAuthApplication(
        name="Test Application",
        allowed_scopes=["read"],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
-    correct_application = OAuthApplication.objects.create(
+    wrong_application_2_secret = wrong_application_2.client_secret
+    wrong_application_2.save()
+    correct_application = OAuthApplication(
        name="Test Application",
        allowed_scopes=["write"],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
+    correct_application_secret = correct_application.client_secret
+    correct_application.save()

    url = reverse("client_protected_resource_mixin_test")
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{wrong_application.client_id}:{wrong_application.client_secret}".encode()
+            f"{wrong_application.client_id}:{wrong_application_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -132,7 +138,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{wrong_application_2.client_id}:{wrong_application_2.client_secret}".encode()
+            f"{wrong_application_2.client_id}:{wrong_application_2_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -141,7 +147,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{correct_application.client_id}:{correct_application.client_secret}".encode()
+            f"{correct_application.client_id}:{correct_application_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)