[Backport] Generating application token only when it doesn't exist

2016-05-26 14:43:33 +02:00 · 2016-05-26 14:43:33 +02:00 · 7445e9ca72
parent 4539925251
commit 7445e9ca72
2 changed files with 27 additions and 1 deletions
--- a/taiga/external_apps/models.py
+++ b/taiga/external_apps/models.py
@ -83,4 +83,5 @@ class ApplicationToken(models.Model):

    def generate_token(self):
        self.auth_code = None
-        self.token = _generate_uuid()
+        if not self.token:
+            self.token = _generate_uuid()
--- a/tests/integration/test_application_tokens.py
+++ b/tests/integration/test_application_tokens.py
@ -100,3 +100,28 @@ def test_token_validate(client):
    decyphered_token = encryption.decrypt(response.data["cyphered_token"], token.application.key)[0]
    decyphered_token = json.loads(decyphered_token.decode("utf-8"))
    assert decyphered_token["token"] == token.token
+
+
+def test_token_validate_validated(client):
+    # Validating a validated token should update the token attribute
+    user = f.UserFactory.create()
+    application = f.ApplicationFactory(next_url="http://next.url")
+    token = f.ApplicationTokenFactory(
+        auth_code="test-auth-code",
+        state="test-state",
+        application=application,
+        token="existing-token")
+
+    url = reverse("application-tokens-validate")
+    client.login(user)
+
+    data = {
+        "application": token.application.id,
+        "auth_code": "test-auth-code",
+        "state": "test-state"
+    }
+    response = client.json.post(url, json.dumps(data))
+    assert response.status_code == 200
+
+    token = models.ApplicationToken.objects.get(id=token.id)
+    assert token.token == "existing-token"