Support paired security requirements - e.g. basic and apiKey

2026-01-25 15:22:56 +00:00 · 2017-08-21 01:07:47 -07:00
parent d91601b02c
commit ad9cd5de66
8 changed files with 155 additions and 38 deletions
--- a/test-app/spec/integration/auth_tests_spec.rb
+++ b/test-app/spec/integration/auth_tests_spec.rb
@@ -4,7 +4,7 @@ describe 'Auth Tests API', type: :request, swagger_doc: 'v1/swagger.json' do

  path '/auth-tests/basic' do
    post 'Authenticates with basic auth' do
-      tags 'Auth Test'
+      tags 'Auth Tests'
      operationId 'testBasicAuth'
      security [ basic_auth: [] ]

@@ -19,4 +19,42 @@ describe 'Auth Tests API', type: :request, swagger_doc: 'v1/swagger.json' do
      end
    end
  end
+
+  path '/auth-tests/api-key' do
+    post 'Authenticates with an api key' do
+      tags 'Auth Tests'
+      operationId 'testApiKey'
+      security [ api_key: [] ]
+
+      response '204', 'Valid credentials' do
+        let(:api_key) { 'foobar' }
+        run_test!
+      end
+
+      response '401', 'Invalid credentials' do
+        let(:api_key) { 'barfoo' }
+        run_test!
+      end
+    end
+  end
+
+  path '/auth-tests/basic-and-api-key' do
+    post 'Authenticates with basic auth and api key' do
+      tags 'Auth Tests'
+      operationId 'testBasicAndApiKey'
+      security [ { basic_auth: [], api_key: [] } ]
+
+      response '204', 'Valid credentials' do
+        let(:Authorization) { "Basic #{::Base64.strict_encode64('jsmith:jspass')}" }
+        let(:api_key) { 'foobar' }
+        run_test!
+      end
+
+      response '401', 'Invalid credentials' do
+        let(:Authorization) { "Basic #{::Base64.strict_encode64('jsmith:jspass')}" }
+        let(:api_key) { 'barfoo' }
+        run_test!
+      end
+    end
+  end
 end