diff --git a/tests/contrib/test_appengine.py b/tests/contrib/test_appengine.py index 964b239..255afef 100644 --- a/tests/contrib/test_appengine.py +++ b/tests/contrib/test_appengine.py @@ -1008,6 +1008,17 @@ class DecoratorTests(unittest2.TestCase): # This is never set, but it's consistent with other tests. self.assertFalse(decorator._in_error) + def test_invalid_state(self): + with mock.patch.object(appengine, '_parse_state_value', + return_value=None, autospec=True): + # Now simulate the callback to /oauth2callback. + response = self.app.get('/oauth2callback', { + 'code': 'foo_access_code', + 'state': 'foo_path:xsrfkey123', + }) + self.assertEqual('200 OK', response.status) + self.assertEqual('The authorization request failed', response.body) + class DecoratorXsrfSecretTests(unittest2.TestCase): """Test xsrf_secret_key.""" diff --git a/tests/contrib/test_sqlalchemy.py b/tests/contrib/test_sqlalchemy.py index 14067e0..421f516 100644 --- a/tests/contrib/test_sqlalchemy.py +++ b/tests/contrib/test_sqlalchemy.py @@ -68,21 +68,21 @@ class TestSQLAlchemyStorage(unittest2.TestCase): def test_get(self): session = self.session() + credentials_storage = oauth2client.contrib.sqlalchemy.Storage( + session=session, + model_class=DummyModel, + key_name='key', + key_value=1, + property_name='credentials', + ) + self.assertIsNone(credentials_storage.get()) session.add(DummyModel( key=1, credentials=self.credentials, )) session.commit() - credentials = oauth2client.contrib.sqlalchemy.Storage( - session=session, - model_class=DummyModel, - key_name='key', - key_value=1, - property_name='credentials', - ).get() - - self.compare_credentials(credentials) + self.compare_credentials(credentials_storage.get()) def test_put(self): session = self.session()