Update tests to prepare for needing C-S API scope

Author: reivilibre

policies/authorization_grant/authorization_grant_test.rego

@@ -78,65 +78,65 @@ test_unstable_device_scopes if {
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
 
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01-asdasdsa1-2313"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01-asdasdsa1-2313"
 
 	# Too short
 	not authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:abcd"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:abcd"
 
 	# Multiple device scope
 	not authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01 urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd02"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01 urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd02"
 
 	# Allowed with the device code grant
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "urn:ietf:params:oauth:grant-type:device_code"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
 
 	# Not authorization_grant.allowed for the client credentials grant
 	not authorization_grant.allow with input.client as client
 		with input.grant_type as "client_credentials"
-		with input.scope as "urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
+		with input.scope as "urn:matrix:org.matrix.msc2967.client:api:* urn:matrix:org.matrix.msc2967.client:device:AAbbCCdd01"
 }
 
 test_stable_device_scopes if {
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:client:device:AAbbCCdd01"
+		with input.scope as "urn:matrix:client:api:* urn:matrix:client:device:AAbbCCdd01"
 
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:client:device:AAbbCCdd01-asdasdsa1-2313"
+		with input.scope as "urn:matrix:client:api:* urn:matrix:client:device:AAbbCCdd01-asdasdsa1-2313"
 
 	# Too short
 	not authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:client:device:abcd"
+		with input.scope as "urn:matrix:client:api:* urn:matrix:client:device:abcd"
 
 	# Multiple device scope
 	not authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "authorization_code"
-		with input.scope as "urn:matrix:client:device:AAbbCCdd01 urn:matrix:client:device:AAbbCCdd02"
+		with input.scope as "urn:matrix:client:api:* urn:matrix:client:device:AAbbCCdd01 urn:matrix:client:device:AAbbCCdd02"
 
 	# Allowed with the device code grant
 	authorization_grant.allow with input.user as user
 		with input.client as client
 		with input.grant_type as "urn:ietf:params:oauth:grant-type:device_code"
-		with input.scope as "urn:matrix:client:device:AAbbCCdd01"
+		with input.scope as "urn:matrix:client:api:* urn:matrix:client:device:AAbbCCdd01"
 
 	# Not authorization_grant.allowed for the client credentials grant
 	not authorization_grant.allow with input.client as client