Rspec-rails: ability to add header on every request spec
I just can't find an easy way to add an authorization header to every request easily? am i missing something? this seems like it should be a standard use case for request specs against an API that utilizes the Authorization header for authentication?
paulwalker
All 5 comments
rspec-rails is a thin shim around Rails test helpers so if they haven't added this ability neither have we
JonRowe
on 10 Nov 2014
There is not way to "auto" set this. As Jon stated, most of rspec-rails is a thin wrapper, in this case request specs are a wrapper around Rails integration tests.
Based on the Rails API the headers are not really inherited from anything. They must be uniquely set each time. This is how requests work, a client must send the headers each time they make a request, it is up to the client to manage that.
IMO, request specs for an API should be documenting how the API interaction works from a consumer's perspective. Showing that the headers need to always be sent, and which headers those are, is good documentation.
If you wish to achieve this on your own there are a few options:
- Wrap the integration request helpers
ruby
def get(path, parameters = nil, headers_or_env = nil)
headers_or_env ||= { 'some' => 'defaults' }
super
end
- Make a custom DSL helper (the Rails Guide has another example using sessions)
``` ruby
RSpec.describe "some API endpoint" do
let(:auth_headers) {
{ 'HTTP-AUTHORIZATION' => 'Token token="pancakes"' }
}
def request_widgets
get api_widgets, '', auth_headers
response
end
it "gets the widgets" do
expect(request_widgets).to have_http_status(:success)
end
end
```
cupakromer
on 10 Nov 2014
As far as request authentication, an authorization header has little difference than a cookie header. In both request and controller specs, we have access to the session instance, providing us the ability to set the "cookie" header.
Request specs to an API can document the fundamentals, including authentication, in a specific set of tests. This should not be necessary for every single spec in which the focus is to spec an authenticated response.
Again, the desire here is no different than what everyone already uses with standard web browser controller/request specs.
paulwalker
on 10 Nov 2014
@paulwalker we're not saying it's an unreasonable request, just that you're making it to the wrong project, please open this feature request with the rails team
JonRowe
on 10 Nov 2014
Thanks @JonRowe, fair enough.
paulwalker
on 10 Nov 2014
Related issues
philiplambok
·
5Comments
a-leung
·
6Comments
Matrixbirds
·
4Comments
bibisreebi
·
5Comments
sanjsharma
·
3Comments
Most helpful comment
There is not way to "auto" set this. As Jon stated, most of
rspec-railsis a thin wrapper, in this case request specs are a wrapper around Rails integration tests.Based on the Rails API the headers are not really inherited from anything. They must be uniquely set each time. This is how requests work, a client must send the headers each time they make a request, it is up to the client to manage that.
IMO, request specs for an API should be documenting how the API interaction works from a consumer's perspective. Showing that the headers need to always be sent, and which headers those are, is good documentation.
If you wish to achieve this on your own there are a few options:
ruby def get(path, parameters = nil, headers_or_env = nil) headers_or_env ||= { 'some' => 'defaults' } super end``` ruby
RSpec.describe "some API endpoint" do
end
```