From f1f6f69235b878df580a228f752081552ce20ffe Mon Sep 17 00:00:00 2001
From: Jennifer Richards <jennifer@staff.ietf.org>
Date: Thu, 24 Oct 2024 21:29:58 -0300
Subject: [PATCH] fix: limit /api/appauth URLs as intended

---
 ietf/api/urls.py  | 2 +-
 ietf/api/views.py | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ietf/api/urls.py b/ietf/api/urls.py
index 431ad5c5d4..6846e32747 100644
--- a/ietf/api/urls.py
+++ b/ietf/api/urls.py
@@ -69,7 +69,7 @@
     # Datatracker version
     url(r'^version/?$', api_views.version),
     # Application authentication API key
-    url(r'^appauth/[authortools|bibxml]', api_views.app_auth),
+    url(r'^appauth/(?P<app>authortools|bibxml)$', api_views.app_auth),
     # latest versions
     url(r'^rfcdiff-latest-json/%(name)s(?:-%(rev)s)?(\.txt|\.html)?/?$' % settings.URL_REGEXPS, api_views.rfcdiff_latest_json),
     url(r'^rfcdiff-latest-json/(?P<name>[Rr][Ff][Cc] [0-9]+?)(\.txt|\.html)?/?$', api_views.rfcdiff_latest_json),
diff --git a/ietf/api/views.py b/ietf/api/views.py
index f8662f9a0e..df67cffd56 100644
--- a/ietf/api/views.py
+++ b/ietf/api/views.py
@@ -30,7 +30,7 @@
 from tastypie.utils.mime import determine_format, build_content_type
 from textwrap import dedent
 from traceback import format_exception, extract_tb
-from typing import Iterable, Optional
+from typing import Iterable, Optional, Literal
 
 import ietf
 from ietf.api import _api_list
@@ -251,7 +251,7 @@ def version(request):
 
 @require_api_key
 @csrf_exempt
-def app_auth(request):
+def app_auth(request, app: Literal["authortools", "bibxml"]):
     return HttpResponse(
             json.dumps({'success': True}),
             content_type='application/json')