Version: rswag (2.0.5), rspec (3.8.0)
Environment: Rails 5.2.3, Ruby 2.4.5
It is my first time to use it, was stuck in authorization header for a day. Here is what I did:
# in spec/swagger_helper.rb
config.swagger_docs = {
'api/v1/swagger.json' => {
swagger: '2.0',
info: {
title: 'API V1',
version: 'v1'
},
paths: {},
securityDefinitions: {
JWT: {
description: 'the jwt for API auth',
type: :apiKey,
name: 'Authorization',
in: :header
}
}
}
}
# in spec/integration/api/v1/nodes_spec.rb
path '/api/v1/nodes' do
get 'Get all servers' do
tags TAGS_NODE
produces 'application/json'
security [JWT: {}]
parameter name: :searchString, in: :query, type: :string
parameter name: :searchColumn, in: :query, type: :string
#parameter name: 'Authorization', :in => :header, :type => :string
let(:nodes) { create_list(:node_list, 32) }
response '200', 'Servers found' do
let(:'Authorization') { "Bearer #{gen_jwt}" }
let(:searchString) { 'test' }
let(:searchColumn) { ';Name;' }
run_test! do |repsonse|
data = JSON.parse(response.body)
puts data
end
end
end
end
Expected: The 'Bearer ....' is set in 'Authorization' header Actual: In the test log, I found:
[INFO] [2019-09-29 01:11:13 UTC] [anony] [no session] [no req] [other other]Started GET "/api/v1/nodes?searchString=test&searchColumn=;Name;¶ms&headers[HTTP_AUTHORIZATION]=Bearer+eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1Njk3NjI2NzMsImVtYWlsIjoidGVzdEBpYm0uY29tIiwib3JnYW5pemF0aW9ucyI6WyJ0ZXN0X29yZzEiLCJvcmcyIl0sInJvbGVzIjpbImNjX2NvbnNvbGVfYWRtaW4iLCJyb2xlMiJdLCJpbnZlbnRvcnkiOlsidGVzdF9pbnYiXX0.eenTMWUy6kSHO58_kLKoKWmNjvQ9i5TU9ex4Ou-ausE&headers[HTTP_ACCEPT]=application%2Fjson" for 127.0.0.1 at 2019-09-29 01:11:13 +0000 [INFO] [2019-09-29 01:11:13 UTC] [anony] [no session] [no req] [other other]Processing by Api::V1::NodesController#index as HTML ...... [DEBUG] [2019-09-29 01:11:13 UTC] [anony] [no session] [no req] [other other]Auth by JWT token.... [ERROR] [2019-09-29 01:11:13 UTC] [anony] [no session] [no req] [other other]No JWT token included in request
As marked as bold in the log, the 'Authorization' as well as 'Accept' headers are appeared in query parameters, which are supposed to be http headers, so that no JWT token can be retrieved from header in code.
I also tried not to use securityDefinition, but specify a parameter in header as following: parameter name: 'Authorization', :in => :header, :type => :string. It did not work either.
Not sure any configuration I missed, or something wrong I did? Thanks!
Update: it seems to be related to other gems conflict? I had another try to create a new Rails 5 api only app, add rspec and rswag gems only, and run with a simple test case, it worked! Here is my Gemfile:
source 'https://rubygems.org'
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
ruby '2.4.5'
gem 'rails', '5.2.3'
gem 'puma', '3.11'
gem 'bootsnap', '1.1.0', require: false
group :development, :test do
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
end
group :development do
gem 'listen', '>= 3.0.5', '< 3.2'
end
group :test do
# Test framework
gem "rspec-rails"
gem "database_cleaner", '1.6.0'
gem "simplecov"
gem "simplecov-rcov"
gem "factory_bot_rails", '5.1.0'
gem "ci_reporter_rspec"
gem "faker"
end
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
gem 'pg', '1.1.4'
gem 'delayed_job_active_record', '4.1.3'
gem 'delayed_job_worker_pool', '0.2.3'
gem 'dalli', '2.7.8'
gem 'ruby-kafka', '0.7.5'
gem 'active_model_serializers', '0.10.10'
gem 'will_paginate', '3.1.7'
gem 'rest-client', '1.8.0'
gem 'symmetric-encryption', '4.3.0', require: false
gem 'unicorn', '5.2.0'
gem 'rubyzip', '1.2.2'
gem 'jwt', '2.2.1'
gem 'rubyXL', '3.3.30'
gem 'apartment', '2.2.1'
gem 'rswag', '2.0.5'
[Resolved] Seems not working with Rack::Test::Methods
It worked after remove the line 'include Rack::Test::Methods" in a helper file, which was added previously to use 'get' to test the API.
Seems not working with Rack::Test::Methods
It worked after remove the line 'include Rack::Test::Methods" in a helper file, which was added previously to use 'get' to test the API.