auth-hmac功能测试问题 [英] auth-hmac functional testing problem
本文介绍了auth-hmac功能测试问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想在我的api应用程序中使用此gem https://github.com/seangeo/auth -hmac/
I want to use this gem in my api application https://github.com/seangeo/auth-hmac/
我对创建用于请求身份验证的测试有疑问. 我想用hmac签名请求,但是在下一个代码之后,rails控制器没有http头
I have a question about creating tests for request authentification. I want to sign request with hmac but rails controller has no http headers after next code
def setup
#load from fixture
@client = clients(:client_2)
end
def sign_valid_request(request,client)
auth_hmac = AuthHMAC.new(client.key => client.secret )
auth_hmac.sign!(request,client.key)
request
end
def test_response_client_xml
@request = sign_valid_request(@request,@client)
get :index , :api_client_key => @client.key , :format=> "xml"
@xml_response = @response.body
assert_response :success
assert_select 'id' , @client.id.to_s
end
路线具有这样的配置
scope '/:token/' do
# route only json & xml format
constraints :format=> /(json|xml)/ do
resources :clients, :only => [:index]
end
end
推荐答案
我在功能测试中遇到了相同的问题.要使用AuthHMAC正确签署每个请求,您应将以下内容放入test_helper.rb
I had the same issue with functional testing. To correctly sign each request with AuthHMAC you should put the following in your test_helper.rb
def with_hmac_signed_requests(access_key_id, secret, &block)
unless ActionController::Base < ActionController::Testing
ActionController::Base.class_eval { include ActionController::Testing }
end
@controller.instance_eval %Q(
alias real_process_with_new_base_test process_with_new_base_test
def process_with_new_base_test(request, response)
signature = AuthHMAC.signature(request, "#{secret}")
request.env['Authorization'] = "AuthHMAC #{access_key_id}:" + signature
real_process_with_new_base_test(request, response)
end
)
yield
@controller.instance_eval %Q(
undef process_with_new_base_test
alias process_with_new_base_test real_process_with_new_base_test
)
end
然后在功能测试中:
test "secret_method should be protected by an HMAC signature" do
with_hmac_signed_requests(key_id, secret) do
get :protected_method
assert_response :success
end
end
这篇关于auth-hmac功能测试问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
