From 619007dd805e36d1976170de30348ef38daca822 Mon Sep 17 00:00:00 2001
From: Varun Valada <varun.valada@gmail.com>
Date: Tue, 10 Sep 2024 17:50:00 -0500
Subject: [PATCH] Return 401 error code with invalid credentials on
 authentication endpoint

---
 server/tests/test_v1.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/server/tests/test_v1.py b/server/tests/test_v1.py
index 358f6eff8..305c01bb4 100644
--- a/server/tests/test_v1.py
+++ b/server/tests/test_v1.py
@@ -779,3 +779,19 @@ def test_authenticate_client_get(mongo_app):
     token = output.data
     decoded_token = jwt.decode(token, v1.SECRET_KEY, algorithms="HS256")
     assert decoded_token["permissions"] == permissions
+
+
+def test_authenticate_invalid_credentials(mongo_app):
+    """
+    Tests that authentication endpoint returns 401 error code
+    when receiving invalid credentials
+    """
+    app, _ = mongo_app
+    client_id = "my_client_id"
+    client_key = "my_client_key"
+
+    output = app.get(
+        f"/v1/authenticate/token/{client_id}",
+        headers={"client-key": client_key},
+    )
+    assert output.status_code == 401