From 7e8ebd18b670bc206ff93335b958a89c7fbb4a4e Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulip.com>
Date: Fri, 4 Nov 2022 16:24:17 -0700
Subject: [PATCH] test_scim: Add test for missing or wrong authentication.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
---
 zerver/tests/test_scim.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/zerver/tests/test_scim.py b/zerver/tests/test_scim.py
index a45f24c444..166ac044e2 100644
--- a/zerver/tests/test_scim.py
+++ b/zerver/tests/test_scim.py
@@ -114,6 +114,19 @@ class TestExceptionDetailsNotRevealedToClient(SCIMTestCase):
 
 
 class TestSCIMUser(SCIMTestCase):
+    def test_bad_authentication(self) -> None:
+        hamlet = self.example_user("hamlet")
+
+        result = self.client_get(f"/scim/v2/Users/{hamlet.id}", {})
+        self.assertEqual(result.status_code, 401)
+        self.assertEqual(result.headers["WWW-Authenticate"], 'Basic realm="django-scim2"')
+
+        result = self.client_get(
+            f"/scim/v2/Users/{hamlet.id}", {"HTTP_AUTHORIZATION": "Bearer wrong"}
+        )
+        self.assertEqual(result.status_code, 401)
+        self.assertEqual(result.headers["WWW-Authenticate"], 'Basic realm="django-scim2"')
+
     def test_get_by_id(self) -> None:
         hamlet = self.example_user("hamlet")
         expected_response_schema = self.generate_user_schema(hamlet)