rspec validate access_token code example

Example: rspec validate access_token

shared_examples_for "an action with a access token authentication" do
  context "with a valid access token" do
    before do
      http_authorization_header(access_token)
      call_action
    end

    it { expect(response.status).to_not eq(401) }
  end

  context "with an invalid access token" do
    before do
      http_authorization_header("invalid_token")
      call_action
    end

    it "returns 401 (unauthorized)" do
      expect(response.status).to eq(401)
    end
  end

  context "without an access token" do
    before do
      http_authorization_header(nil)
      call_action
    end

    it "returns 401 (unauthorized)" do
      expect(response.status).to eq(401)
    end
  end
end

shared_examples_for "an action that does not return an error" do
  it do
    call_action
    expect(response).to_not have_http_status(:error)
  end
end

def http_authorization_header(access_token)
  request.env["HTTP_AUTHORIZATION"] = ActionController::HttpAuthentication::Token.encode_credentials(access_token)
end

Tags:

Misc Example