I remember struggling with this for days when writing our API - I ended up using regular rails integration tests to hit our API endpoints and validate the data. The hard part was getting the headers in place to allow the test to go through.
We're using the OAuth gem, 0.4.7, running on rails 3.2. We had this working back on 2.3 rails too though. I added this helper to our test_helper.rb class: https://gist.github.com/cschulte22/68cfb58d4182870788fe client_app and client_app_user are the models we use to represent an oauth application w/keys (client_app), and the user's authorized token for using that app (client_app_user), so you'll have to tweak those values a bit to fit your situation. Then in your integration tests, you just need to the following: add_oauth_header('GET', url, app) get url, nil, @headers If you're returning JSON, you can then do: result = ActiveSupport::JSON.decode(@response.body) And test for whatever you need. On Fri, Feb 14, 2014 at 10:50 AM, James Miller <[email protected]> wrote: > Hey Ian, > > This isn't specific to OAuth, but I mix in this API macros module to my > tests (I generally use rspec/rack-test for API testing): > > https://gist.github.com/bensie/9006703 > > Then in specs that require auth, I use authorize_token(token) or > authorize_basic(user, pass). Nothing fancy, but it works. > > James > > > On Fri, Feb 14, 2014 at 10:45 AM, Ian Young <[email protected]> wrote: > >> This seems like a common need, so thought I'd check and see if anyone >> knows of a nice way to handle this. I keep ending up writing specs against >> authenticated API endpoints, and want a nice way to a) encapsulate the >> repetitive work of creating credentials for a user, and b) automatically >> pass the credentials in the preferred form (HTTP header, extra query param, >> whatever) on all authenticated requests. I hate having a test suite where >> every request has `{"Authorization": "token #{access_token}"}` cluttering >> it up. I use rspec, but would assume that most solutions would be equally >> viable in MiniTest. >> >> -- >> -- >> SD Ruby mailing list >> [email protected] >> http://groups.google.com/group/sdruby >> --- >> You received this message because you are subscribed to the Google Groups >> "SD Ruby" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > -- > SD Ruby mailing list > [email protected] > http://groups.google.com/group/sdruby > --- > You received this message because you are subscribed to the Google Groups > "SD Ruby" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby --- You received this message because you are subscribed to the Google Groups "SD Ruby" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
