From eb720241da3d786c6ec79f2325277fa4af23846f Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Wed, 26 Feb 2025 13:04:55 +0100
Subject: [feature] Enforce OAuth token scopes (#3835)

* move tokenauth to apiutil

* enforce scopes

* docs

* update test models, remove deprecated "follow"

* file header

* tests

* tweak scope matcher

* simplify...

* fix tests

* log user out of settings panel in case of oauth error
---
 internal/api/client/push/pushsubscriptionpost_test.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'internal/api/client/push/pushsubscriptionpost_test.go')

diff --git a/internal/api/client/push/pushsubscriptionpost_test.go b/internal/api/client/push/pushsubscriptionpost_test.go
index e7e8582df..251dde1f9 100644
--- a/internal/api/client/push/pushsubscriptionpost_test.go
+++ b/internal/api/client/push/pushsubscriptionpost_test.go
@@ -116,7 +116,7 @@ func (suite *PushTestSuite) postSubscription(
 func (suite *PushTestSuite) TestPostSubscription() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	endpoint := "https://example.test/push"
 	auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -152,7 +152,7 @@ func (suite *PushTestSuite) TestPostSubscription() {
 func (suite *PushTestSuite) TestPostSubscriptionMinimal() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	endpoint := "https://example.test/push"
 	auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -186,7 +186,7 @@ func (suite *PushTestSuite) TestPostSubscriptionMinimal() {
 func (suite *PushTestSuite) TestPostInvalidSubscription() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	// No endpoint.
 	auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -212,7 +212,7 @@ func (suite *PushTestSuite) TestPostInvalidSubscription() {
 func (suite *PushTestSuite) TestPostSubscriptionJSON() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	requestJson := `{
 		"subscription": {
@@ -258,7 +258,7 @@ func (suite *PushTestSuite) TestPostSubscriptionJSON() {
 func (suite *PushTestSuite) TestPostSubscriptionJSONMinimal() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	requestJson := `{
 		"subscription": {
@@ -298,7 +298,7 @@ func (suite *PushTestSuite) TestPostSubscriptionJSONMinimal() {
 func (suite *PushTestSuite) TestPostInvalidSubscriptionJSON() {
 	accountFixtureName := "local_account_1"
 	// This token should not have a subscription.
-	tokenFixtureName := "local_account_1_user_authorization_token"
+	tokenFixtureName := "local_account_1_push_only"
 
 	// No endpoint.
 	requestJson := `{
-- 
cgit v1.2.3