Dagert's avatar

Laravel TestCase not sending Authorization headers

This is a duplicate of a question on StackOverflow. I hope to get a better response on the forums.

http://stackoverflow.com/questions/31309098/laravel-testcase-not-sending-authorization-headers-jwt-token

Summary

We are writing unit tests to test the creation and invalidation of JWT tokens and receiving a "The token could not be parsed from the request" error back from a JWTException every time we try to JWTAuth::invalidate the token.

Description

Inside our controller, to create a user token, we are passing through the user email address and then returning the JWT token.

Afterwards, we are destroying the token by invalidating it using invalidateToken method and passing through the token by sending an Authorization header.

public function invalidateToken()
{
    try {
        JWTAuth::invalidate(JWTAuth::getToken());
        return Response::json(['status' => 'success'], 200);
    } catch (JWTException $e) {
        return Response::json(['status' => 'error', 'message' => $e->getMessage()], 401);
    }
}

This works perfectly by using Postman as well as PHPStorms Restful client.

When we try to write a test for this method, we are faced with an error response and a "The token could not be parsed from the request" error message.

Our test is as follow:

public function testInvalidateToken()
{
    $createUserToken = $this->call('POST', '/token/create', ['email' => 'test@test.com']);
    $user = $this->parseJson($createUserToken);

    $response = $this->call('POST', '/token/invalidate',
        [/* params */], [/* cookies */], [/* files */], ['HTTP_Authorization' => 'Bearer '.$user->token]);

    // var_dump($user->token);
    // die();

    $data = $this->parseJson($response);
    $this->assertEquals($data->status, 'success');
    $this->assertEquals($data->status, '200');
}

We are using Laravel 5.1 (which has the cookies as a parameter before the server parameter)

PHP version 5.6.10

PHPUnit 3.7.28

  • EDIT * Updated to PHPUnit 4.7.6 and still failing to send through Authorization header.
0 likes
4 replies
matiasbeckerle's avatar

I was trying to do the same. When you make more than one request in a single test something is not being flushed internally (I don't know why). To solve it you can execute the following method between your requests:

$this->refreshApplication();

After refresh, the second request will have the headers you desire. Here is a complete example:

...
$token = \JWTAuth::fromUser($user);

$this->refreshApplication();

$request = $this->get('auth/logout', [
    'HTTP_Authorization' => 'Bearer ' . $token
]);
...

All the honors goes to other people in other threads. Here they are:

5 likes
superfly's avatar

Maybe my solution to run tests with a JWT Token setup helps someone else.

To debug Tests you can use ->dump()

public function it_should_edit_a_user()
{

    $user = factory(App\User::class)->create();

    $token = \Tymon\JWTAuth\Facades\JWTAuth::fromUser($user);
    $payload = \Tymon\JWTAuth\Facades\JWTAuth::getPayload($token);
    $headers = [
        'Accept'        => 'application/vnd.laravel.v1+json',
        'AUTHORIZATION' => 'Bearer ' . $token
        ];
    
    $this->post('api/user/edit', ['email' => '[email protected]'], $headers)
            ->dump()
            ->assertResponseStatus(202);


}
``
3 likes

Please or to participate in this conversation.