rspec validate access_token code example
Example: rspec validate access_token
shared_examples_for "an action with a access token authentication" do
context "with a valid access token" do
before do
http_authorization_header(access_token)
call_action
end
it { expect(response.status).to_not eq(401) }
end
context "with an invalid access token" do
before do
http_authorization_header("invalid_token")
call_action
end
it "returns 401 (unauthorized)" do
expect(response.status).to eq(401)
end
end
context "without an access token" do
before do
http_authorization_header(nil)
call_action
end
it "returns 401 (unauthorized)" do
expect(response.status).to eq(401)
end
end
end
shared_examples_for "an action that does not return an error" do
it do
call_action
expect(response).to_not have_http_status(:error)
end
end
def http_authorization_header(access_token)
request.env["HTTP_AUTHORIZATION"] = ActionController::HttpAuthentication::Token.encode_credentials(access_token)
end