Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Antonella's avatar

Fail Assert API token Laravel

I am running the following test and something is not right:

public function testBasicTest()
{
    $token = 'lFMcWnzCWxzP...nIPMF8UF...gbQKCO';
    $token_fake = '';
    $response = $this->withHeaders([
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'Authorization' => 'Bearer '.$token,
    ])->get('/api');
    $response->assertStatus(200);
    $response->assertJson([]);

    $response = $this->withHeaders([
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'Authorization' => 'Bearer '.$token_fake,
    ])->get('/api');
    $response->assertStatus(401);
}

because he answers me

Time: 00:00.087, Memory: 22.00 MB

There was 1 failure:

1) Tests\Feature\ExampleTest::testBasicTest
Expected status code 401 but received 200.
Failed asserting that 401 is identical to 200.

.../vendor/laravel/framework/src/Illuminate/Testing/TestResponse.php:186
.../tests/Feature/ExampleTest.php:32

if I test the api GET from insomnia it replies 401 if the token is incorrect or I don't put it. I don't understand why the last assert fails me.

$response->assertStatus(401);

I would expect 401 but it answers 201. I don't understand

0 likes
5 replies
SarwarAhmed's avatar

Try the second assertion with fresh()

$response = $this->fresh()->withHeaders([
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'Authorization' => 'Bearer '.$token_fake,
    ])->get('/api');
    $response->assertStatus(401);
1 like
Antonella's avatar

same error @sarwarahmed

indeed now from his own mistake:

.E                                                                  2 / 2 (100%)

Time: 00:00.142, Memory: 22.00 MB

There was 1 error:

1) Tests\Feature\ExampleTest::testBasicTest
Error: Call to undefined method Tests\Feature\ExampleTest::fresh()
SarwarAhmed's avatar

@gianmarx Your assertion returns 201 which means your data is creating. You need to change your actual code not test code.

Antonella's avatar

I simply want to show that with the token the data is accessed and without token or with incorrect token 401 is returned. The API actually behaves like this. But I have to write the test. Frankly I don't understand why I should change the actual code?

@sarwarahmed

Antonella's avatar

if I put the test that returns 401 first it works I still don't understand why?

    $token = 'lFMcWnzCWxzPFLCry....8UFjEcogbQKCO';
    $token_fake = '';

    $response = $this->withHeaders([
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'Authorization' => 'Bearer '.$token_fake,
    ])->get('/api');
    $response->assertStatus(401);

    $response = $this->withHeaders([
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'Authorization' => 'Bearer '.$token,
    ])->get('/api');
    $response->assertStatus(200);
    $response->assertJson([]);

Please or to participate in this conversation.