diff --git a/apps/oauth2/tests/Controller/OauthApiControllerTest.php b/apps/oauth2/tests/Controller/OauthApiControllerTest.php
index 71294850f9def..eb9311dbbc755 100644
--- a/apps/oauth2/tests/Controller/OauthApiControllerTest.php
+++ b/apps/oauth2/tests/Controller/OauthApiControllerTest.php
@@ -203,16 +203,21 @@ public function testGetTokenInvalidAppToken() {
 
 		$client = new Client();
 		$client->setClientIdentifier('clientId');
-		$client->setSecret('clientSecret');
+		$client->setSecret('encryptedClientSecret');
 		$this->clientMapper->method('getByUid')
 			->with(42)
 			->willReturn($client);
 
-		$this->crypto->method('decrypt')
-			->with(
-				'encryptedToken',
-				'validrefresh'
-			)->willReturn('decryptedToken');
+		$this->crypto
+			->method('decrypt')
+			->with($this->callback(function (string $text) {
+				return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+			}))
+			->willReturnCallback(function (string $text) {
+				return $text === 'encryptedClientSecret'
+					? 'clientSecret'
+					: ($text === 'encryptedToken' ? 'decryptedToken' : '');
+			});
 
 		$this->tokenProvider->method('getTokenById')
 			->with(1337)
@@ -237,16 +242,21 @@ public function testGetTokenValidAppToken() {
 
 		$client = new Client();
 		$client->setClientIdentifier('clientId');
-		$client->setSecret('clientSecret');
+		$client->setSecret('encryptedClientSecret');
 		$this->clientMapper->method('getByUid')
 			->with(42)
 			->willReturn($client);
 
-		$this->crypto->method('decrypt')
-			->with(
-				'encryptedToken',
-				'validrefresh'
-			)->willReturn('decryptedToken');
+		$this->crypto
+			->method('decrypt')
+			->with($this->callback(function (string $text) {
+				return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+			}))
+			->willReturnCallback(function (string $text) {
+				return $text === 'encryptedClientSecret'
+					? 'clientSecret'
+					: ($text === 'encryptedToken' ? 'decryptedToken' : '');
+			});
 
 		$appToken = new PublicKeyToken();
 		$appToken->setUid('userId');
@@ -329,16 +339,21 @@ public function testGetTokenValidAppTokenBasicAuth() {
 
 		$client = new Client();
 		$client->setClientIdentifier('clientId');
-		$client->setSecret('clientSecret');
+		$client->setSecret('encryptedClientSecret');
 		$this->clientMapper->method('getByUid')
 			->with(42)
 			->willReturn($client);
 
-		$this->crypto->method('decrypt')
-			->with(
-				'encryptedToken',
-				'validrefresh'
-			)->willReturn('decryptedToken');
+		$this->crypto
+			->method('decrypt')
+			->with($this->callback(function (string $text) {
+				return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+			}))
+			->willReturnCallback(function (string $text) {
+				return $text === 'encryptedClientSecret'
+					? 'clientSecret'
+					: ($text === 'encryptedToken' ? 'decryptedToken' : '');
+			});
 
 		$appToken = new PublicKeyToken();
 		$appToken->setUid('userId');
@@ -424,16 +439,21 @@ public function testGetTokenExpiredAppToken() {
 
 		$client = new Client();
 		$client->setClientIdentifier('clientId');
-		$client->setSecret('clientSecret');
+		$client->setSecret('encryptedClientSecret');
 		$this->clientMapper->method('getByUid')
 			->with(42)
 			->willReturn($client);
 
-		$this->crypto->method('decrypt')
-			->with(
-				'encryptedToken',
-				'validrefresh'
-			)->willReturn('decryptedToken');
+		$this->crypto
+			->method('decrypt')
+			->with($this->callback(function (string $text) {
+				return $text === 'encryptedClientSecret' || $text === 'encryptedToken';
+			}))
+			->willReturnCallback(function (string $text) {
+				return $text === 'encryptedClientSecret'
+					? 'clientSecret'
+					: ($text === 'encryptedToken' ? 'decryptedToken' : '');
+			});
 
 		$appToken = new PublicKeyToken();
 		$appToken->setUid('userId');
diff --git a/apps/oauth2/tests/Settings/AdminTest.php b/apps/oauth2/tests/Settings/AdminTest.php
index fc5ebbb83651d..fb19a9fc6d177 100644
--- a/apps/oauth2/tests/Settings/AdminTest.php
+++ b/apps/oauth2/tests/Settings/AdminTest.php
@@ -28,7 +28,9 @@
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\AppFramework\Services\IInitialState;
 use OCP\IURLGenerator;
+use OCP\Security\ICrypto;
 use PHPUnit\Framework\MockObject\MockObject;
+use Psr\Log\LoggerInterface;
 use Test\TestCase;
 
 class AdminTest extends TestCase {
@@ -48,7 +50,13 @@ protected function setUp(): void {
 		$this->initialState = $this->createMock(IInitialState::class);
 		$this->clientMapper = $this->createMock(ClientMapper::class);
 
-		$this->admin = new Admin($this->initialState, $this->clientMapper, $this->createMock(IURLGenerator::class));
+		$this->admin = new Admin(
+			$this->initialState,
+			$this->clientMapper,
+			$this->createMock(IURLGenerator::class),
+			$this->createMock(ICrypto::class),
+			$this->createMock(LoggerInterface::class)
+		);
 	}
 
 	public function testGetForm() {