From 54eaf863ff8a6dfd9163d1f6e5b5124638a7fb41 Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Sat, 3 Sep 2022 11:37:56 +0200
Subject: [PATCH] Fix OAuth regression test

---
 .../core/tests/regression/test_regression.py   | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/aleksis/core/tests/regression/test_regression.py b/aleksis/core/tests/regression/test_regression.py
index 6d6056ad2..d1a344637 100644
--- a/aleksis/core/tests/regression/test_regression.py
+++ b/aleksis/core/tests/regression/test_regression.py
@@ -97,33 +97,39 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
     https://edugit.org/AlekSIS/official/AlekSIS-Core/-/issues/688
     """
 
-    wrong_application = OAuthApplication.objects.create(
+    wrong_application = OAuthApplication(
         name="Test Application",
         allowed_scopes=[],
         authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
         client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
         redirect_uris=["http://localhost:8000/"],
     )
-    wrong_application_2 = OAuthApplication.objects.create(
+    wrong_application_secret = wrong_application.client_secret
+    wrong_application.save()
+    wrong_application_2 = OAuthApplication(
         name="Test Application",
         allowed_scopes=["read"],
         authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
         client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
         redirect_uris=["http://localhost:8000/"],
     )
-    correct_application = OAuthApplication.objects.create(
+    wrong_application_2_secret = wrong_application_2.client_secret
+    wrong_application_2.save()
+    correct_application = OAuthApplication(
         name="Test Application",
         allowed_scopes=["write"],
         authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
         client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
         redirect_uris=["http://localhost:8000/"],
     )
+    correct_application_secret = correct_application.client_secret
+    correct_application.save()
 
     url = reverse("client_protected_resource_mixin_test")
     auth_header = (
         "Basic "
         + base64.b64encode(
-            f"{wrong_application.client_id}:{wrong_application.client_secret}".encode()
+            f"{wrong_application.client_id}:{wrong_application_secret}".encode()
         ).decode()
     )
     r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -132,7 +138,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
     auth_header = (
         "Basic "
         + base64.b64encode(
-            f"{wrong_application_2.client_id}:{wrong_application_2.client_secret}".encode()
+            f"{wrong_application_2.client_id}:{wrong_application_2_secret}".encode()
         ).decode()
     )
     r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -141,7 +147,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
     auth_header = (
         "Basic "
         + base64.b64encode(
-            f"{correct_application.client_id}:{correct_application.client_secret}".encode()
+            f"{correct_application.client_id}:{correct_application_secret}".encode()
         ).decode()
     )
     r = client.get(url, HTTP_AUTHORIZATION=auth_header)
-- 
GitLab