commit d5d83fdced9d65f5208490fbbef243ff29d060ba
author Dave Brondsema <dbrondsema@slashdotmedia.com> Wed Sep 07 14:15:43 2022 -0400
committer Kenton Taylor <ktaylor@slashdotmedia.com> Thu Sep 22 14:57:10 2022 +0000
tree 38681a6572c3beb0e056582f8a1fcf61782b1edc
parent 107ba37d0cc57e177ec01d9c3d7a712ddaf98765

[#8461] distinguish "api_key" used for consumer tokens vs request tokens, in tests

Allura/allura/tests/functional/test_auth.py

diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 1d15220..a2b936f 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -1915,18 +1915,18 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='oob',
             user_id=user._id,
         )
         ThreadLocalORMSession.flush_all()
-        r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'})
+        r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'})
         assert_in('ctok_desc', r.text)
-        assert_in('api_key', r.text)
+        assert_in('api_key_reqtok', r.text)
 
     def test_authorize_invalid(self):
-        self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'}, status=401)
+        self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'}, status=401)
 
     def test_do_authorize_no(self):
         user = M.User.by_username('test-admin')
@@ -1936,15 +1936,15 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='oob',
             user_id=user._id,
         )
         ThreadLocalORMSession.flush_all()
         self.app.post('/rest/oauth/do_authorize',
-                      params={'no': '1', 'oauth_token': 'api_key'})
-        assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key'))
+                      params={'no': '1', 'oauth_token': 'api_key_reqtok'})
+        assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key_reqtok'))
 
     def test_do_authorize_oob(self):
         user = M.User.by_username('test-admin')
@@ -1954,13 +1954,13 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='oob',
             user_id=user._id,
         )
         ThreadLocalORMSession.flush_all()
-        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'})
+        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'})
         assert_is_not_none(r.html.find(text=re.compile('^PIN: ')))
 
     def test_do_authorize_cb(self):
@@ -1971,14 +1971,14 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='http://my.domain.com/callback',
             user_id=user._id,
         )
         ThreadLocalORMSession.flush_all()
-        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'})
-        assert r.location.startswith('http://my.domain.com/callback?oauth_token=api_key&oauth_verifier=')
+        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'})
+        assert r.location.startswith('http://my.domain.com/callback?oauth_token=api_key_reqtok&oauth_verifier=')
 
     def test_do_authorize_cb_params(self):
         user = M.User.by_username('test-admin')
@@ -1988,14 +1988,14 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='http://my.domain.com/callback?myparam=foo',
             user_id=user._id,
         )
         ThreadLocalORMSession.flush_all()
-        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'})
-        assert r.location.startswith('http://my.domain.com/callback?myparam=foo&oauth_token=api_key&oauth_verifier=')
+        r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'})
+        assert r.location.startswith('http://my.domain.com/callback?myparam=foo&oauth_token=api_key_reqtok&oauth_verifier=')
 
 
 class TestOAuthRequestToken(TestController):
@@ -2052,7 +2052,7 @@
     oauth_params = dict(
         client_key='api_key',
         client_secret='dummy-client-secret',
-        resource_owner_key='api_key',
+        resource_owner_key='api_key_reqtok',
         resource_owner_secret='dummy-token-secret',
         verifier='good',
     )
@@ -2082,7 +2082,7 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='http://my.domain.com/callback?myparam=foo',
             user_id=user._id,
@@ -2105,7 +2105,7 @@
             secret_key='dummy-client-secret',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             consumer_token_id=ctok._id,
             callback='http://my.domain.com/callback?myparam=foo',
             user_id=user._id,
@@ -2126,7 +2126,7 @@
             description='ctok_desc',
         )
         M.OAuthRequestToken(
-            api_key='api_key',
+            api_key='api_key_reqtok',
             secret_key='dummy-token-secret',
             consumer_token_id=ctok._id,
             callback='http://my.domain.com/callback?myparam=foo',