@@ -203,27 +203,25 @@ async def test_should_validate_v3_tokens_with_check_database_enabled(app: TestCl
203203 }
204204
205205
206- async def test_ignore_protected_props_in_create_session (app : TestClient ):
207- init (** get_st_init_args ([session .init ()])) # type:ignore
206+ async def test_ignore_protected_props_in_create_session ():
207+ init (** get_st_init_args ([session .init ()]))
208208 start_st ()
209209
210- create_session_res = app .post ("/create" , data = {"sub" : "asdf" })
211-
212- assert create_session_res .status_code == 200
213-
214- info = extract_info (create_session_res )
215- assert info ["accessTokenFromAny" ] is not None
216- assert info ["refreshTokenFromAny" ] is not None
217- assert info ["frontToken" ] is not None
218-
219- parsed_token = parse_jwt_without_signature_verification (info ["accessTokenFromAny" ])
220- assert parsed_token .payload ["sub" ] != "asdf"
221-
222210 s = await create_new_session_without_request_response (
223- "public" , "user-id" , {"sub" : "asdf" }
211+ "public" ,
212+ "user1" ,
213+ {"foo" : "bar" },
224214 )
225215 payload = parse_jwt_without_signature_verification (s .access_token ).payload
226- assert payload ["sub" ] != "asdf"
216+ assert payload ["foo" ] == "bar"
217+ assert payload ["sub" ] == "user1"
218+
219+ s2 = await create_new_session_without_request_response (
220+ "public" , "user2" , s .get_access_token_payload ()
221+ )
222+ payload = parse_jwt_without_signature_verification (s2 .access_token ).payload
223+ assert payload ["foo" ] == "bar"
224+ assert payload ["sub" ] == "user2"
227225
228226
229227async def test_validation_logic_with_keys_that_can_use_json_nulls_values_in_claims ():
0 commit comments