如何在 laravel 5 中使用 codeception 编写测试时重用 JWT 令牌?
How to reuse JWT tokens while writing testing using codeception in laravel 5?
我正在尝试在我的 Laravel 5 应用程序中使用 Codeception 编写测试,专门用于测试 Web 服务。身份验证使用 JWT 令牌进行。我已成功编写 运行 一个验证身份验证时返回的令牌的测试。
<?php
$I = new ApiTester($scenario);
$I->wantTo('authenticate a user');
$I->haveHttpHeader('Content-Type', 'application/x-www-form-urlencoded');
$I->sendPOST('authenticate', [
'username' => 'carparts',
'email' => 'admin@admin.com',
'password' => 'password'
]);
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
很有魅力。我面临的问题是如何在其他请求中使用此处返回的令牌,因为显然所有其他请求都需要令牌才能继续,所以我在测试每个 API 调用之前进行身份验证并获取新令牌,或者有没有办法围绕这个?
我已经可以做到了:
<?php
$I = new ApiTester($scenario);
$I->wantTo('see a list of all users');
$I->haveHttpHeader('Authorization', 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImNhcnBhcnRzIiwic3ViIjoiMSIsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDAwXC9hcGlcL2F1dGhlbnRpY2F0ZSIsImlhdCI6IjE0NDY2NDA0ODYiLCJleHAiOiIxNDQ2NjQ0MDg2IiwibmJmIjoiMTQ0NjY0MDQ4NiIsImp0aSI6ImZmYTNkZjc4Yzg5YjdmNDNhYThkZTRmZTViZWI4YjI3In0.9UBZgEz3hHTEMlK5hPzYRV1DsAI3TSSHSZxV0FcBLio');
$I->sendGET('/users');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
但这不是很有效,原因很明显,我正在对令牌进行硬编码。感谢任何帮助。
您可以通过调用 $I->grabDataFromJsonResponse() 从 json 获取令牌。示例假设您的回答类似于:
{
"status": "ok",
"token": "xxxxxxxx"
}
那么您的测试将如下所示。警告,未经测试的代码。
$I = new ApiTester($scenario);
$I->wantTo('authenticate a user');
$I->haveHttpHeader('Content-Type', 'application/x-www-form-urlencoded');
$I->sendPOST('authenticate', [
'username' => 'carparts',
'email' => 'admin@admin.com',
'password' => 'password'
]);
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$token = $I->grabDataFromJsonResponse('token');
$I->deleteHeader('Authorization'); /* Needed with old version of codeception. */
$I->amBearerAuthenticated($token);
$I->sendGET('/users');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
你可以在位于_support目录下的ApiTester class中定义你的通用方法,然后你可以在所有测试中访问它classes
这就是我所做的
class ApiTester extends \Codeception\Actor
{
use _generated\ApiTesterActions;
private $userToken = null;
public function getUserToken()
{
if ($this->userToken) {
return $this->userToken;
}
$this->generateUserToken();
return $this->userToken;
}
private function generateUserToken()
{
$email = 'testUser@test.com';
$password = '123456789';
$I = $this;
$encoder = new BCryptPasswordEncoder(12);
$I->haveInDatabase('users', [
'email' => $email,
'status' => UserConstants::USER_STATUS_VERIFIED,
'password' => $encoder->encodePassword($password, 'dasdsa'), // salt is not important for Bcrypt
'created_at' => '2019-01-01 20:20:20',
'updated_at' => '2019-01-01 20:20:20',
]);
$userId = $I->grabFromDatabase('users', 'id', [
'email' => $email
]);
$I->haveHttpHeader('Content-Type', 'application/json');
$I->sendPOST('/api/v1/auth/login', ['username' => $email, 'password' => $password]);
$response = $I->grabResponse();
$responseArray = json_decode($response, true);
$this->userToken = $responseArray['token'];
}
}
在我的测试中class我是这样使用它的
class UserControllerCest
{
/**
* @param ApiTester $I
*/
public function testIndexAction(ApiTester $I)
{
$token = $I->getUserToken();
//we should login first
$I->haveHttpHeader('Content-Type', 'application/json');
$I->amBearerAuthenticated($token);
$I->sendGET('/api/v1/posts');
$I->seeResponseCodeIs(\Codeception\Util\HttpCode::OK); // 200
}
}
我正在尝试在我的 Laravel 5 应用程序中使用 Codeception 编写测试,专门用于测试 Web 服务。身份验证使用 JWT 令牌进行。我已成功编写 运行 一个验证身份验证时返回的令牌的测试。
<?php
$I = new ApiTester($scenario);
$I->wantTo('authenticate a user');
$I->haveHttpHeader('Content-Type', 'application/x-www-form-urlencoded');
$I->sendPOST('authenticate', [
'username' => 'carparts',
'email' => 'admin@admin.com',
'password' => 'password'
]);
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
很有魅力。我面临的问题是如何在其他请求中使用此处返回的令牌,因为显然所有其他请求都需要令牌才能继续,所以我在测试每个 API 调用之前进行身份验证并获取新令牌,或者有没有办法围绕这个?
我已经可以做到了:
<?php
$I = new ApiTester($scenario);
$I->wantTo('see a list of all users');
$I->haveHttpHeader('Authorization', 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImNhcnBhcnRzIiwic3ViIjoiMSIsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDAwXC9hcGlcL2F1dGhlbnRpY2F0ZSIsImlhdCI6IjE0NDY2NDA0ODYiLCJleHAiOiIxNDQ2NjQ0MDg2IiwibmJmIjoiMTQ0NjY0MDQ4NiIsImp0aSI6ImZmYTNkZjc4Yzg5YjdmNDNhYThkZTRmZTViZWI4YjI3In0.9UBZgEz3hHTEMlK5hPzYRV1DsAI3TSSHSZxV0FcBLio');
$I->sendGET('/users');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
但这不是很有效,原因很明显,我正在对令牌进行硬编码。感谢任何帮助。
您可以通过调用 $I->grabDataFromJsonResponse() 从 json 获取令牌。示例假设您的回答类似于:
{
"status": "ok",
"token": "xxxxxxxx"
}
那么您的测试将如下所示。警告,未经测试的代码。
$I = new ApiTester($scenario);
$I->wantTo('authenticate a user');
$I->haveHttpHeader('Content-Type', 'application/x-www-form-urlencoded');
$I->sendPOST('authenticate', [
'username' => 'carparts',
'email' => 'admin@admin.com',
'password' => 'password'
]);
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$token = $I->grabDataFromJsonResponse('token');
$I->deleteHeader('Authorization'); /* Needed with old version of codeception. */
$I->amBearerAuthenticated($token);
$I->sendGET('/users');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
你可以在位于_support目录下的ApiTester class中定义你的通用方法,然后你可以在所有测试中访问它classes
这就是我所做的
class ApiTester extends \Codeception\Actor
{
use _generated\ApiTesterActions;
private $userToken = null;
public function getUserToken()
{
if ($this->userToken) {
return $this->userToken;
}
$this->generateUserToken();
return $this->userToken;
}
private function generateUserToken()
{
$email = 'testUser@test.com';
$password = '123456789';
$I = $this;
$encoder = new BCryptPasswordEncoder(12);
$I->haveInDatabase('users', [
'email' => $email,
'status' => UserConstants::USER_STATUS_VERIFIED,
'password' => $encoder->encodePassword($password, 'dasdsa'), // salt is not important for Bcrypt
'created_at' => '2019-01-01 20:20:20',
'updated_at' => '2019-01-01 20:20:20',
]);
$userId = $I->grabFromDatabase('users', 'id', [
'email' => $email
]);
$I->haveHttpHeader('Content-Type', 'application/json');
$I->sendPOST('/api/v1/auth/login', ['username' => $email, 'password' => $password]);
$response = $I->grabResponse();
$responseArray = json_decode($response, true);
$this->userToken = $responseArray['token'];
}
}
在我的测试中class我是这样使用它的
class UserControllerCest
{
/**
* @param ApiTester $I
*/
public function testIndexAction(ApiTester $I)
{
$token = $I->getUserToken();
//we should login first
$I->haveHttpHeader('Content-Type', 'application/json');
$I->amBearerAuthenticated($token);
$I->sendGET('/api/v1/posts');
$I->seeResponseCodeIs(\Codeception\Util\HttpCode::OK); // 200
}
}