Merge branch 'fix/oauth-2.0' into 'master'

Fix integration of django-oauth-toolkit with version ^2.0 See merge request !1087

Merge branch 'fix/oauth-2.0' into 'master'
f865444a · Nik | Klampfradler · 52514ad6 · 54eaf863 · 52514ad6 · f865444a
Commit f865444a authored 2 years ago by Nik | Klampfradler
--- a/aleksis/core/templates/oauth2_provider/authorized-oob.html
+++ b/aleksis/core/templates/oauth2_provider/authorized-oob.html
-{% extends "core/base.html" %}
-
-{% load i18n %}
-
-{% block content %}
-
-  {% if not error %}
-    <div class="container">
-      <div class="card green">
-        <div class="card-content white-text">
-          <div class="material-icons iconify small left" data-icon="mdi:check"></div>
-          <span class="card-title">{% blocktrans %}Success!{% endblocktrans %}</span>
-          <p>
-            {% trans "Please return to your application and enter this code:" %} {{ code }}
-          </p>
-        </div>
-      </div>
-    </div>
-  {% else %}
-    <div class="container">
-      <div class="card red">
-        <div class="card-content white-text">
-          <div class="material-icons iconify small left" data-icon="mdi:alert-octagon-outline"></div>
-          <span class="card-title">{% trans "Error" %}: {{ error.error }}</span>
-          <p>
-            {{ error.description }}
-          </p>
-          <p>
-            Please verify if the application is configured correctly or contact one of your site administrators:
-          </p>
-          {% include "core/partials/admins_list.html" %}
-        </div>
-      </div>
-    </div>
-  {% endif %}
-{% endblock %}
--- a/aleksis/core/tests/regression/test_regression.py
+++ b/aleksis/core/tests/regression/test_regression.py
@@ -97,33 +97,39 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    https://edugit.org/AlekSIS/official/AlekSIS-Core/-/issues/688
    """

-    wrong_application = OAuthApplication.objects.create(
+    wrong_application = OAuthApplication(
        name="Test Application",
        allowed_scopes=[],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
-    wrong_application_2 = OAuthApplication.objects.create(
+    wrong_application_secret = wrong_application.client_secret
+    wrong_application.save()
+    wrong_application_2 = OAuthApplication(
        name="Test Application",
        allowed_scopes=["read"],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
-    correct_application = OAuthApplication.objects.create(
+    wrong_application_2_secret = wrong_application_2.client_secret
+    wrong_application_2.save()
+    correct_application = OAuthApplication(
        name="Test Application",
        allowed_scopes=["write"],
        authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
        client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
        redirect_uris=["http://localhost:8000/"],
    )
+    correct_application_secret = correct_application.client_secret
+    correct_application.save()

    url = reverse("client_protected_resource_mixin_test")
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{wrong_application.client_id}:{wrong_application.client_secret}".encode()
+            f"{wrong_application.client_id}:{wrong_application_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -132,7 +138,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{wrong_application_2.client_id}:{wrong_application_2.client_secret}".encode()
+            f"{wrong_application_2.client_id}:{wrong_application_2_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)
@@ -141,7 +147,7 @@ def test_no_access_oauth2_client_credentials_without_allowed_scopes(client):
    auth_header = (
        "Basic "
        + base64.b64encode(
-            f"{correct_application.client_id}:{correct_application.client_secret}".encode()
+            f"{correct_application.client_id}:{correct_application_secret}".encode()
        ).decode()
    )
    r = client.get(url, HTTP_AUTHORIZATION=auth_header)