I am writing an API, which is also an OAuth provider. Is there a recommended way to write rspec tests?
After you enable security for all your endpoints, how do you write rspec tests that pass the authentication phase?
If you use oauth and oauth-plugin gems this post may help you: http://peachshake.com/2010/11/11/oauth-capybara-rspec-headers-and-a-lot-of-pain/
However, the oauth-plugin gem generates some specs that include an assistant that helps you simulate the authentication process.
: https://github.com/pelle/oauth-plugin/blob/v0.4.0.pre4/lib/generators/rspec/templates/controller_spec_helper.rb
:
def sign_request_with_oauth(token=nil,options={}) ActionController::TestRequest.use_oauth=true @request.configure_oauth(current_consumer,token,options) end def two_legged_sign_request_with_oauth(consumer=nil,options={}) ActionController::TestRequest.use_oauth=true @request.configure_oauth(consumer,nil,options) end def add_oauth2_token_header(token,options={}) request.env['HTTP_AUTHORIZATION'] = "OAuth #{token.token}" end
.