Update tests for client_secret=None behavior

jlowin · jlowin · commit 8e57fe43a0dd · 2025-12-03T15:48:47.000-05:00
diff --git a/tests/server/auth/test_oauth_proxy.py b/tests/server/auth/test_oauth_proxy.py
@@ -420,7 +420,8 @@ async def test_register_client(self, oauth_proxy):
         stored = await oauth_proxy.get_client("original-client")
         assert stored is not None
         assert stored.client_id == "original-client"
-        assert stored.client_secret == "original-secret"
+        # Proxy uses token_endpoint_auth_method="none", so client_secret is not stored
+        assert stored.client_secret is None
 
     async def test_get_registered_client(self, oauth_proxy):
         """Test retrieving a registered client."""
diff --git a/tests/server/auth/test_oauth_proxy_storage.py b/tests/server/auth/test_oauth_proxy_storage.py
@@ -75,7 +75,8 @@ async def test_register_and_get_client(self, jwt_verifier, temp_storage):
         client = await proxy.get_client("test-client-123")
         assert client is not None
         assert client.client_id == "test-client-123"
-        assert client.client_secret == "secret-456"
+        # Proxy uses token_endpoint_auth_method="none", so client_secret is not stored
+        assert client.client_secret is None
         assert client.scope == "read write"
 
     async def test_client_persists_across_proxy_instances(
@@ -96,7 +97,8 @@ async def test_client_persists_across_proxy_instances(
         proxy2 = self.create_proxy(jwt_verifier, storage=temp_storage)
         client = await proxy2.get_client("persistent-client")
         assert client is not None
-        assert client.client_secret == "persistent-secret"
+        # Proxy uses token_endpoint_auth_method="none", so client_secret is not stored
+        assert client.client_secret is None
         assert client.scope == "openid profile"
 
     async def test_nonexistent_client_returns_none(
@@ -199,7 +201,7 @@ async def test_storage_data_structure(self, jwt_verifier, temp_storage):
                 "software_id": None,
                 "software_version": None,
                 "client_id": "structured-client",
-                "client_secret": "secret",
+                "client_secret": None,
                 "client_id_issued_at": None,
                 "client_secret_expires_at": None,
                 "allowed_redirect_uri_patterns": None,
