add authorization to tests
This commit is contained in:
parent
95deb6a984
commit
df3a2c0c48
4 changed files with 16 additions and 7 deletions
|
@ -3,18 +3,29 @@ require 'swagger_helper'
|
|||
describe 'Users API', type: :request do
|
||||
path '/user' do
|
||||
get 'info about the currently logged-in user' do
|
||||
# security [oauth2: []]
|
||||
tags '1. User'
|
||||
produces 'application/json'
|
||||
let(:user) { create(:user) }
|
||||
let(:api_access_token) { create(:oauth2_access_token, resource_owner_id: user.id, scopes: api_scopes&.join(' ')).token }
|
||||
let(:Authorization) { "Bearer #{api_access_token}" }
|
||||
|
||||
response '200', 'success' do
|
||||
let(:api_scopes) { ['user:read'] }
|
||||
run_test! do |response|
|
||||
let(:Authorization) { "Basic #{::Base64.strict_encode64('jsmith:jspass')}" }
|
||||
data = JSON.parse(response.body)
|
||||
# expect(data[])
|
||||
expect(data['user']['id']).to eq(user.id)
|
||||
end
|
||||
end
|
||||
|
||||
response '403', 'missing scope' do
|
||||
let(:api_scopes) { [] }
|
||||
run_test!
|
||||
end
|
||||
|
||||
|
||||
response '401', 'not logged-in' do
|
||||
let(:Authorization) { "" }
|
||||
run_test!
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
RSpec.configure do |config|
|
||||
# load FactoryBot shortcuts create(), etc.
|
||||
config.include FactoryBot::Syntax::Methods
|
||||
end
|
||||
end
|
|
@ -26,8 +26,6 @@ RSpec.configure do |config|
|
|||
securitySchemes: {
|
||||
oauth2: {
|
||||
type: :oauth2,
|
||||
in: :header,
|
||||
name: 'Authorization',
|
||||
flows: {
|
||||
implicit: {
|
||||
authorizationUrl: 'http://localhost:3000/f/oauth/authorize',
|
||||
|
|
|
@ -12,14 +12,14 @@ paths:
|
|||
responses:
|
||||
'200':
|
||||
description: success
|
||||
'403':
|
||||
description: missing scope
|
||||
'401':
|
||||
description: not logged-in
|
||||
components:
|
||||
securitySchemes:
|
||||
oauth2:
|
||||
type: oauth2
|
||||
in: header
|
||||
name: Authorization
|
||||
flows:
|
||||
implicit:
|
||||
authorizationUrl: http://localhost:3000/f/oauth/authorize
|
||||
|
|
Loading…
Reference in a new issue