✅ [#80] Add assertion for default settings

* No Basic auth header * Client ID and secret in request body
maykinmedia · Feb 5, 2024 · e76cd0b · e76cd0b
1 parent 9a85481
commit e76cd0b
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/tests/test_integration_oidc_flow_variants.py b/tests/test_integration_oidc_flow_variants.py
@@ -9,7 +9,7 @@
 
 @pytest.mark.vcr
 def test_client_id_secret_full_flow(
-    keycloak_config, mock_state_and_nonce, client, django_user_model
+    keycloak_config, mock_state_and_nonce, client, django_user_model, vcr
 ):
     login_url = reverse("login")
     django_login_response = client.get(login_url)
@@ -26,3 +26,15 @@ def test_client_id_secret_full_flow(
 
     # a user was created
     assert django_user_model.objects.count() == 1
+
+    # check that the token request was performed as expected
+    token_request = next(
+        req
+        for req in vcr.requests
+        if req.uri == f"{KEYCLOAK_BASE_URL}protocol/openid-connect/token"
+        and req.method == "POST"
+    )
+    assert token_request is not None
+    assert b"client_id=testid" in token_request.body
+    assert b"secret=7DB3KUAAizYCcmZufpHRVOcD0TOkNO3I" in token_request.body
+    assert "Authorization" not in token_request.headers