本文介绍了auth-hmac功能测试问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想在我的api应用程序中使用此gem https://github.com/seangeo/auth -hmac/

I want to use this gem in my api application https://github.com/seangeo/auth-hmac/

我对创建用于请求身份验证的测试有疑问.我想用hmac签名请求,但是在下一个代码之后,rails控制器没有http头

I have a question about creating tests for request authentification.I want to sign request with hmac but rails controller has no http headers after next code

 def setup
    #load from fixture
     @client = clients(:client_2)


 end

 def sign_valid_request(request,client)
    auth_hmac = AuthHMAC.new(client.key => client.secret )
    auth_hmac.sign!(request,client.key)
    request
  end

 def test_response_client_xml

      @request =  sign_valid_request(@request,@client)
      get :index  , :api_client_key => @client.key , :format=> "xml"
      @xml_response = @response.body

      assert_response :success
      assert_select   'id' , @client.id.to_s
end

路线具有这样的配置

scope '/:token/' do
     # route only json & xml format
    constraints :format=> /(json|xml)/  do
       resources :clients, :only => [:index]
    end

  end

推荐答案

我在功能测试中遇到了相同的问题.要使用AuthHMAC正确签署每个请求,您应将以下内容放入test_helper.rb

I had the same issue with functional testing. To correctly sign each request with AuthHMAC you should put the following in your test_helper.rb

def with_hmac_signed_requests(access_key_id, secret, &block)
  unless ActionController::Base < ActionController::Testing
    ActionController::Base.class_eval { include ActionController::Testing }
  end

  @controller.instance_eval %Q(
    alias real_process_with_new_base_test process_with_new_base_test

    def process_with_new_base_test(request, response)
      signature = AuthHMAC.signature(request, "#{secret}")
      request.env['Authorization'] = "AuthHMAC #{access_key_id}:" + signature
      real_process_with_new_base_test(request, response)
    end
  )

  yield

  @controller.instance_eval %Q(
    undef process_with_new_base_test
    alias process_with_new_base_test real_process_with_new_base_test
  )
end

然后在功能测试中:

test "secret_method should be protected by an HMAC signature" do
    with_hmac_signed_requests(key_id, secret) do
      get :protected_method
      assert_response :success
    end
end

这篇关于auth-hmac功能测试问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-27 06:30