FFXIV_Lodestone_Handler/tests/Feature/AuthorizationTest.php

<?php

namespace Tests\Feature;

use App\AuthToken;
use Illuminate\Foundation\Testing\DatabaseTransactions;
use Illuminate\Support\Facades\Config;
use Illuminate\Support\Str;
use Tests\TestCase;

class AuthorizationTest extends TestCase
{
    use DatabaseTransactions;

    private $authToken;

    protected function setUp(): void {
        parent::setUp();
        if (!config('chaosapi.middleware-enabled'))
            Config::set('chaosapi.middleware-enabled', true);

        $this->authToken = AuthToken::create([
            'name' => 'AuthorizationTestToken'.Str::random(10),
            'token' => Str::random(config('chaosapi.token-length'))
        ]);
    }

    public function test400OnBearerFormattedIncorrect()
    {
        $this->withHeader('Authorization', 'asdf')->get('/api/v1/status')->assertStatus(400);
        $this->withHeader('Authorization', $this->authToken->token)->get('/api/v1/status')->assertStatus(400);
    }

    public function test401OnAuthorizationWrong()
    {
        $this->withHeader('Authorization', 'Bearer '.$this->authToken->token.'a')->get('/api/v1/status')->assertUnauthorized();
    }

    public function test403OnAuthorizationMissing()
    {
        $this->get('/api/v1/status')->assertForbidden();
    }

    public function test200OnAuthorizationCorrect()
    {
        $this->withHeader('Authorization', 'Bearer '.$this->authToken->token)->get('/api/v1/status')->assertOk();
    }
}