28_introduce_rswag #35
4 changed files with 16 additions and 7 deletions
|
@ -3,18 +3,29 @@ require 'swagger_helper'
|
||||||
describe 'Users API', type: :request do
|
describe 'Users API', type: :request do
|
||||||
path '/user' do
|
path '/user' do
|
||||||
get 'info about the currently logged-in user' do
|
get 'info about the currently logged-in user' do
|
||||||
|
# security [oauth2: []]
|
||||||
tags '1. User'
|
tags '1. User'
|
||||||
produces 'application/json'
|
produces 'application/json'
|
||||||
|
let(:user) { create(:user) }
|
||||||
|
let(:api_access_token) { create(:oauth2_access_token, resource_owner_id: user.id, scopes: api_scopes&.join(' ')).token }
|
||||||
|
let(:Authorization) { "Bearer #{api_access_token}" }
|
||||||
|
|
||||||
response '200', 'success' do
|
response '200', 'success' do
|
||||||
|
let(:api_scopes) { ['user:read'] }
|
||||||
run_test! do |response|
|
run_test! do |response|
|
||||||
let(:Authorization) { "Basic #{::Base64.strict_encode64('jsmith:jspass')}" }
|
|
||||||
data = JSON.parse(response.body)
|
data = JSON.parse(response.body)
|
||||||
# expect(data[])
|
expect(data['user']['id']).to eq(user.id)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
response '403', 'missing scope' do
|
||||||
|
let(:api_scopes) { [] }
|
||||||
|
run_test!
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
response '401', 'not logged-in' do
|
response '401', 'not logged-in' do
|
||||||
|
let(:Authorization) { "" }
|
||||||
run_test!
|
run_test!
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
RSpec.configure do |config|
|
RSpec.configure do |config|
|
||||||
# load FactoryBot shortcuts create(), etc.
|
# load FactoryBot shortcuts create(), etc.
|
||||||
config.include FactoryBot::Syntax::Methods
|
config.include FactoryBot::Syntax::Methods
|
||||||
end
|
end
|
|
@ -26,8 +26,6 @@ RSpec.configure do |config|
|
||||||
securitySchemes: {
|
securitySchemes: {
|
||||||
oauth2: {
|
oauth2: {
|
||||||
type: :oauth2,
|
type: :oauth2,
|
||||||
in: :header,
|
|
||||||
name: 'Authorization',
|
|
||||||
flows: {
|
flows: {
|
||||||
implicit: {
|
implicit: {
|
||||||
authorizationUrl: 'http://localhost:3000/f/oauth/authorize',
|
authorizationUrl: 'http://localhost:3000/f/oauth/authorize',
|
||||||
|
|
|
@ -12,14 +12,14 @@ paths:
|
||||||
responses:
|
responses:
|
||||||
'200':
|
'200':
|
||||||
description: success
|
description: success
|
||||||
|
'403':
|
||||||
|
description: missing scope
|
||||||
'401':
|
'401':
|
||||||
description: not logged-in
|
description: not logged-in
|
||||||
components:
|
components:
|
||||||
securitySchemes:
|
securitySchemes:
|
||||||
oauth2:
|
oauth2:
|
||||||
type: oauth2
|
type: oauth2
|
||||||
in: header
|
|
||||||
name: Authorization
|
|
||||||
flows:
|
flows:
|
||||||
implicit:
|
implicit:
|
||||||
authorizationUrl: http://localhost:3000/f/oauth/authorize
|
authorizationUrl: http://localhost:3000/f/oauth/authorize
|
||||||
|
|
Loading…
Reference in a new issue