如何在集成测试中通过授权令牌头? [英] How to Pass an authorization-token-header in an integration-test?
问题描述
一个相关问题 表示我可以在我的令牌测试中测试请求 集成测试,如下所示:
A related question implies that I can test a request with token authentication, in my intergration tests, as follows:
get "/v1/sites", nil, :authorization => "foo"
assert_response :success
由于某些原因,标头无法到达我的应用程序:
For some reason, the headers don't get to my application:
get "/v1/sites", nil, :authorization => "foo"
assert_match response.headers, /foo/
Expected {"X-Frame-Options"=>"SAMEORIGIN", "X-XSS-Protection"=>"1; mode=block", "X-Content-Type-Options"=>"nosniff", "X-UA-Compatible"=>"chrome=1", "WWW-Authenticate"=>"Token realm=\"Application\"", "Content-Type"=>"text/html; charset=utf-8", "Cache-Control"=>"no-cache", "X-Request-Id"=>"23915302-9cfe-424d-86fe-5d60bc0d6b2c", "X-Runtime"=>"0.054857", "Content-Length"=>"27"} to match /foo/.
授权标头未通过,可以在将throw response.headers放入控制器中时确认.当我
用卷曲,我做看到标题通过.我在那里
甚至可以设置令牌并获得访问权限.来自的相关代码
控制器是:
The authorization-header does not get through, which I can confirm when placing a throw response.headers in the controller. When I
test with e.g. curl, I do see the header coming through. And there I
can even set the token and get access. The relevant code from the
controller is:
module V1
class SitesController < ApplicationController
before_filter :restrict_access, :only => :index
def index
head :success
end
private
def restrict_access
authenticate_or_request_with_http_token do |token, options|
token == "foo"
end
end
end
end
这是最小的,在Rails 4上,使用 Rails-API
This is minitest, on Rails 4, using Rails-API
作为参考,这里是中间件堆栈,它比大多数默认的Rails应用程序苗条得多.
For reference, here is the Middleware stack, it is a lot slimmer then most default Rails apps.
use ActionDispatch::Static
use Rack::Lock
use #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x992cd28>
use Rack::Runtime
use ActionDispatch::RequestId
use Rails::Rack::Logger
use ActionDispatch::ShowExceptions
use ActionDispatch::DebugExceptions
use ActionDispatch::RemoteIp
use ActionDispatch::Reloader
use ActionDispatch::Callbacks
use ActiveRecord::Migration::CheckPending
use ActiveRecord::ConnectionAdapters::ConnectionManagement
use ActiveRecord::QueryCache
use ActionDispatch::ParamsParser
use Rack::Head
use Rack::ConditionalGet
use Rack::ETag
run MyApp::Application.routes
推荐答案
仅供参考.一切都很好,我只是很愚蠢,在调试时测试了错误的事情:
Just for reference. Everything was right, I was just being stupid and testing the wrong thing while debugging:
assert_match response.headers, /foo/
显然是错误的,因为这是响应.正确的是测试请求
Is obviously false, because this is the response. Correct is to test the request
get "/v1/sites", nil, :authorization => %{Token token="foo"}
assert_includes request.headers["HTTP_AUTHORIZATION"], "foo"
这一切都很好.
这篇关于如何在集成测试中通过授权令牌头?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
