refactor(internal): switch auth to api-client headers

2026-03-31 21:09:18 +08:00
parent cf02d9ec41
commit 85e67ae0cd
3 changed files with 21 additions and 32 deletions
--- a/tests/test_internal_authentik_sync.py
+++ b/tests/test_internal_authentik_sync.py
@@ -1,19 +1,23 @@
 from fastapi.testclient import TestClient

 from app.main import app
+from app.security.api_client_auth import require_api_client


 def test_internal_authentik_ensure_requires_config() -> None:
+    app.dependency_overrides[require_api_client] = lambda: None
    client = TestClient(app)
-    resp = client.post(
-        "/internal/authentik/users/ensure",
-        headers={"X-Internal-Secret": "CHANGE_ME"},
-        json={
-            "sub": "authentik-sub-1",
-            "email": "user@example.com",
-            "display_name": "User Example",
-            "is_active": True,
-        },
-    )
-    assert resp.status_code == 503
-    assert resp.json()["detail"] == "authentik_admin_not_configured"
+    try:
+        resp = client.post(
+            "/internal/authentik/users/ensure",
+            json={
+                "sub": "authentik-sub-1",
+                "email": "user@example.com",
+                "display_name": "User Example",
+                "is_active": True,
+            },
+        )
+        assert resp.status_code == 503
+        assert resp.json()["detail"] == "authentik_admin_not_configured"
+    finally:
+        app.dependency_overrides.pop(require_api_client, None)