1

After searching and testing different methods for hours the following seems to be the way to include an authorization header with unit tests inside Laravel 5.2 for jwt-auth:

$this->post(route('share.upload'), [
            'type' => 'video'
        ], ['HTTP_Authorization' => 'Bearer ' . $token])....

What I have tried beside that:

  • Using Authorization instead of HTTP_Authorization
  • putting ['HTTP_Authorization' => 'Bearer ' . $token] inside ['headers' => _HERE_ ]

Also the token is generated correctly and I've used ->dump() to get the output and the exception is :

The token could not be parsed from the request

I dumped the headers in a middleware (that's placed before jwt.auth) and there's an authorization element: authorization

I thought what the heck , maybe it's because of the lower case a!!! But then did the same thing with my rest client(which returns a successful response) but it was just the same.

Any ideas? Thaaaanks

P.S: I've also seen this: Laravel TestCase not sending Authorization headers (JWT Token)

Community
  • 1
  • 1
Milad.Nozari
  • 2,243
  • 3
  • 26
  • 47
  • Just to make sure we all see the code, please include middleware code you are using and tell us version you use (master or develop)? – Marcin Nabiałek Feb 08 '16 at 15:43
  • The middleware was an ACL implementation of mine. I just added a code like `var_dump($request->headers()->all()); exit();` to see what headers are present. and I'm using the master branch of 5.2 – Milad.Nozari Feb 08 '16 at 19:10

3 Answers3

1

You haven't included your middleware class as I asked, so I can only guess.

First of all you should in your test do something like this:

$user = User::find(1); // sample user
$token = JWTAuth::fromUser($user);

$this->post(route('share.upload'), [
            'type' => 'video'
        ], ['Authorization' => 'Bearer ' . $token]);

and in your middleware you need to make sure you don't do simply:

JWTAuth::parseToken()->authenticate();

but

JWTAuth::setRequest($request)->parseToken()->authenticate();

if you don't use setRequest method, your tests will fail also in case if using for example Postman everything works fine.

Marcin Nabiałek
  • 109,655
  • 42
  • 258
  • 291
  • 1
    Thanks for the answer Marcin. But I think I've misled you. The middleware that throws the exception, is the default `jwt.auth` middleware that works totally fine everywhere but when testing. The middleware that I mentioned: I just added a line to view the headers and see if the authorization is there. – Milad.Nozari Feb 09 '16 at 06:09
  • Also I just checked the jwtauth middleware, and it contains what you said: `if (! $token = $this->auth->setRequest($request)->getToken())` (duh!) – Milad.Nozari Feb 09 '16 at 06:15
  • The problem is here => `$token = JWTAuth::fromUser($user);` That's exactly what I'm doing, and if I get a valid token some other way, the exception disappears! – Milad.Nozari Feb 09 '16 at 06:39
0

You have to check that Apache stripes your Authorization header. So add the following code to your .htaccess to solve this problem:

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

Alternative

Of course, you can add the token as URL parameter instead of sending as header.

http://foo.com/page.php?token=YourJWTToken

schellingerht
  • 5,726
  • 2
  • 28
  • 56
  • Thanks a lot for the response man. But I forgot to mention that unfortunately I've done both these things to no avail. – Milad.Nozari Feb 08 '16 at 19:07
0

Here's how I solved the problem:

  1. In my login method, added a line to save the jwtauth token to a file. But only when env('APP_DEBUG', false) == true;
  2. Instead of using $token = JWTAuth::fromUser($user); to get the token to test the api, I read the token from the file.
  3. Added the file containing the token to .gitignore :-)
Milad.Nozari
  • 2,243
  • 3
  • 26
  • 47