I'm trying to test a .NET NancyFX website which is using JWT Bearer token for authorization.
Right now, I'm faking up the context.CurrentUser property (which works, mind you).
return new Browser(with =>
{
with.Module<FooModule>();
with.RequestStartup((container,
pipelines,
context) =>
{
context.CurrentUser = new UserIdentity(new User("Leia"));
});
// <snip the rest>
}
But I was wondering if this isn't really a proper way to be testing my end-to-end route? Should I be doing this instead .. and if so, how do I wire up whatever I need to wire up?
eg..
browser.Get("/",
with =>
{
with.HttpsRequest();
with.Header("Authorize", "Bearer BLAH");
});
Suggestions, kind people?
Test the header decoding/receipt, don't fake context unless its a burden (it shouldn't be as its common to all (un)authorised tests).
Personally I minimise the number of calls I make to "new Browser() + browser.Method()" as this takes a while to initialise for each test. Depending on your modules it can take 400ms+, slow for unit tests. The reason for this is the reflection that Nancyfx performs to enumerate the nancyfx modules in binaries in the same directory.
Therefore if I have to test using the nancyfx browser, I make sure to test as much of what the route does as I can. If it requires a bearer, I pass that to enact the bearer auth code. I will however mock the database interaction, which in my case uses IDatabase.
If you want to test that your header decoding is working, test that in a separate set of unit tests. They will be faster, and more contained.