Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ability to add header on every request spec #1209

Closed
paulwalker opened this issue Nov 10, 2014 · 5 comments
Closed

ability to add header on every request spec #1209

paulwalker opened this issue Nov 10, 2014 · 5 comments

Comments

@paulwalker
Copy link

I just can't find an easy way to add an authorization header to every request easily? am i missing something? this seems like it should be a standard use case for request specs against an API that utilizes the Authorization header for authentication?
@JonRowe
Copy link
Member

JonRowe commented Nov 10, 2014

rspec-rails is a thin shim around Rails test helpers so if they haven't added this ability neither have we

@cupakromer
Copy link
Member

There is not way to "auto" set this. As Jon stated, most of rspec-rails is a thin wrapper, in this case request specs are a wrapper around Rails integration tests.

Based on the Rails API the headers are not really inherited from anything. They must be uniquely set each time. This is how requests work, a client must send the headers each time they make a request, it is up to the client to manage that.

IMO, request specs for an API should be documenting how the API interaction works from a consumer's perspective. Showing that the headers need to always be sent, and which headers those are, is good documentation.

If you wish to achieve this on your own there are a few options:

  • Wrap the integration request helpers

    def get(path, parameters = nil, headers_or_env = nil)
  headers_or_env ||= { 'some' => 'defaults' }
  super
end

  • Make a custom DSL helper (the Rails Guide has another example using sessions)

    RSpec.describe "some API endpoint" do

  let(:auth_headers) {
    { 'HTTP-AUTHORIZATION' => 'Token token="pancakes"' }
  }

  def request_widgets
    get api_widgets, '', auth_headers
    response
  end

  it "gets the widgets" do
    expect(request_widgets).to have_http_status(:success)
  end
end

@paulwalker
Copy link
Author

As far as request authentication, an authorization header has little difference than a cookie header. In both request and controller specs, we have access to the session instance, providing us the ability to set the "cookie" header.

Request specs to an API can document the fundamentals, including authentication, in a specific set of tests. This should not be necessary for every single spec in which the focus is to spec an authenticated response.

Again, the desire here is no different than what everyone already uses with standard web browser controller/request specs.

@JonRowe
Copy link
Member

JonRowe commented Nov 10, 2014

@paulwalker we're not saying it's an unreasonable request, just that you're making it to the wrong project, please open this feature request with the rails team

@paulwalker
Copy link
Author

Thanks @JonRowe, fair enough.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@paulwalker @JonRowe @cupakromer