Increase test coverage

This commit adds two tests that cover lines flagged by codecov.

One test covers the use case when oauthlib create_token_response method
returns a different status than 200.
The second test covers an edge case where the second time is_expired is
called, the memoised value is returned.

Author: cristiprg

oauth2_provider/views/base.py

@@ -360,10 +360,11 @@ def device_flow_token_response(
             )
 
         url, headers, body, status = self.create_token_response(request)
+        response = http.JsonResponse(data=json.loads(body), status=status)
+
         if status != 200:
-            return http.JsonResponse(data=json.loads(body), status=status)
+            return response
 
-        response = http.JsonResponse(data=json.loads(body), status=status)
         for k, v in headers.items():
             response[k] = v
 

tests/test_device.py

@@ -53,6 +53,15 @@ def tearDown(self):
         return super().tearDown()
 
 
+class MockOauthlibCoreClass:
+    """
+    Mock oauthlib, used in test_token_view_status_equals_what_oauthlib_token_response_method_returns.
+    """
+
+    def create_token_response(self, _):
+        return "url", {"headers_are_ignored": True}, '{"Key": "Value"}', 299
+
+
 class TestDeviceFlow(DeviceFlowBaseTestCase):
     """
     The first 2 tests test the device flow in order
@@ -439,6 +448,43 @@ def test_token_view_returns_404_error_if_device_not_found(self):
         # consumed by devices.
         self.assertEqual(response.__getitem__("content-type"), "application/json")
 
+    @mock.patch("oauth2_provider.views.mixins.OAuthLibMixin.get_oauthlib_core", MockOauthlibCoreClass)
+    def test_token_view_status_equals_what_oauthlib_token_response_method_returns(self):
+        """
+        Tests the use case where oauthlib create_token_response returns a status different
+        than 200.
+        """
+        device = DeviceModel(
+            client_id="client_id",
+            device_code="device_code",
+            user_code="user_code",
+            scope="scope",
+            expires=datetime.now() + timedelta(seconds=60),
+            status="authorized",
+        )
+        device.save()
+
+        token_payload = {
+            "device_code": "device_code",
+            "client_id": "client_id",
+            "grant_type": "urn:ietf:params:oauth:grant-type:device_code",
+        }
+
+        response = self.client.post(
+            "/o/token/",
+            data=urlencode(token_payload),
+            content_type="application/x-www-form-urlencoded",
+        )
+
+        self.assertEqual(response["content-type"], "application/json")
+        self.assertContains(
+            response=response,
+            status_code=299,
+            text='{"Key": "Value"}',
+            count=1,
+        )
+        assert not response.has_header("headers_are_ignored")
+
     @mock.patch(
         "oauthlib.oauth2.rfc8628.endpoints.device_authorization.generate_token",
         lambda: "abc",
@@ -644,3 +690,9 @@ def test_device_is_expired_method_sets_status_to_expired_if_deadline_passed(self
 
         assert is_expired
         assert device.status == device.EXPIRED
+
+        # calling again is_expired() should return true and not change the state
+        is_expired = device.is_expired()
+
+        assert is_expired
+        assert device.status == device.EXPIRED