Menu
I want to test my basic auth protected pages. The test for unauthorization works fine. But I struggle on the authorized login, as I do not know how to set the headers on in the test.
I could not find a hint, how to set headers on $this->call(). The only information I could find was:
$this->call($method, $uri, $parameters, $cookies, $files, $server, $content);
and there are the headers missing.
How do I easily test basic auth on laravel. Concrete: How do I set the basic auth header for the test request?
What I currently have:
class ExampleTest extends TestCase {
public function test401UnauthorizedOnMe() {
$response = $this->call('GET', '/api/me');
$this->assertResponseStatus( 401);
}
public function testCorrectLoginOnMe() {
// http://shortrecipes.blogspot.de/2009/12/testing-basic-http-authentication-using.html
//send header with correct user and password i.e.
////YWRtaW46YWRtaW4xMg== is equal to base64_encode( "admin:admin12")
$this->request->setHeader( 'Authorization','Basic YWRtaW46YWRtaW4xMg==');
$response = $this->call('GET', '/api/me');
$this->assertResponseStatus(200);
}
}
I tried $this->$request->setHeader(); but with this I only get an error:
1) ExampleTest::testCorrectLoginOnMe
ErrorException: Undefined property: ExampleTest::$request
399
Testing Basic Auth with httpbin The endpoint for Basic Auth is /basic-auth/{user}/{passwd} . For example, if you go to http://httpbin.org/basic-auth/foo/bar you'll see a prompt and you can authenticate using the username foo and the password bar .
Basic authentication involves sending a verified username and password with your request. In the request Authorization tab, select Basic Auth from the Type dropdown list. Enter your API username and password in the Username and Password fields. For additional security, store these in variables.
httpAuth Method. Specifies test-wide credentials for HTTP Basic and Windows (NTLM) authentication. Browsers do not display native browser authentication prompts when TestCafe authenticates the user. Contains credentials used for authentication.
We can do HTTP basic authentication URL with @ in password. We have to pass the credentials appended with the URL. The username and password must be added with the format − https://username:password@URL.
When you open the first URL which has basic authentication (using driver.get, etc.) in the testscript. When you navigate to a URL which has basic authentication (using click action, Javascript navigation commands, etc.). When you want to dismiss the basic auth login pop-up.
To test a website which is protected by basic auth (username and password), you can authenticate yourself using one of the following techniques in the test script: When you open the first URL which has basic authentication (using driver.get, etc.) in the testscript.
Understanding Basic Auth is very simple, the user requesting the access to an endpoint has to provide either, Username and password as credentials in the API call (or) Basic authorization token as credentials in the request header
Basic Auth is usually achieved with a header key of 'Authorization'. For convenience, I have the following method in my base TestCase class: protected function withBasicAuth (User $user, $password = 'password'): self { return $this->withHeaders ( [ 'Authorization' => 'Basic '. base64_encode (" {$user->email}: {$password}") ]); }
Found the solution with HTTP authentication with PHP. This can be used in the $server parameter of $this->call().
Here's my working function:
public function testCorrectLoginOnMe() {
// call( $method, $uri, $parameters = [], $cookies = [], $files = [], $server = [], $content = null)
$this->call('GET', '/api/me', [], [], [], ['PHP_AUTH_USER' => 'admin', 'PHP_AUTH_PW' => 'admin12']);
$this->assertResponseStatus( 200 );
}
Basic Auth is usually achieved with a header key of 'Authorization'. For convenience, I have the following method in my base TestCase class:
protected function withBasicAuth(User $user, $password = 'password'): self
{
return $this->withHeaders([
'Authorization' => 'Basic '. base64_encode("{$user->email}:{$password}")
]);
}
Then in any of my test cases I can run a HTTP test with a user authenticated over basic auth like so:
$user = User::factory()->create();
$this->withBasicAuth($user)
->get('/');
->assertStatus(Response::HTTP_OK);
Note: the default password for a user created from the factory is 'password'.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
