Devise::JWT::TestHelpers not authenticate in rspec test

Question

Devise::JWT::TestHelpers not authenticate in rspec test

fero46 opened this issue 8 months ago · comments

Issue Description:
I'm encountering an issue with the Devise::JWT::TestHelpers that was previously working fine in my test setup. The problem seems to be related to user authentication when using the helper in conjunction with RSpec tests.

Steps to Reproduce:

I'm creating the headers for my request test as described in the documentation:

let!(:admin) { FactoryBot.create(:superadmin) }
let(:headers) { { 'Accept' => 'application/json', 'Content-Type' => 'application/json' } }

let(:valid_headers) do
  Devise::JWT::TestHelpers.auth_headers(headers, admin)
end

In my test, I'm making a request like this:

get core_agencies_url, headers: valid_headers, as: :json

However, I'm encountering an exception when trying to authenticate the user.

Expected Behavior:
I expected the authentication process to work as it did previously when using the Devise::JWT::TestHelpers with my RSpec tests.

Actual Behavior:
I'm currently encountering an exception when attempting to authenticate the user, and I'm unsure of the root cause of this issue. I've verified that the request header appears to be correctly formatted, as shown here:

(ruby) request.headers['Authorization']
"Bearer eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJlMjc5fVUS35kI_hPRZeqUG7gKfjJB8PtF2fVhqOdc_k"

Additional Information:

Here is my user model definition:

class User < ApplicationRecord
    include Devise::JWT::RevocationStrategies::JTIMatcher
    devise :database_authenticatable, :registerable, :jwt_authenticatable, jwt_revocation_strategy: self
    ...
end

Notes:
I had to skip approximately 80 RSpec tests due to this issue, and I'm unsure about what might have caused this problem. Any help or guidance on resolving this issue would be greatly appreciated.

Environment Information:

Ruby version: 3.0.6
Rails version: 7.0.6
gem version: 0.11.0
Devise version: 4.9.3

Thank you for your assistance in resolving this issue.

Marc Busqué · Answer 1 · Wed Oct 18 2023 12:00:44 GMT+0800 (China Standard Time)

Hi, @fero46, thanks for reporting. Could you please share which is the exception you're finding?

Ferhat Ziba · Answer 2 · Thu Oct 19 2023 02:17:59 GMT+0800 (China Standard Time)

So, I printed out the response body in my RSpec test, and I received the following JSON:

{"error": "No verification key available"}

Ferhat Ziba · Answer 3 · Thu Oct 19 2023 05:49:44 GMT+0800 (China Standard Time)

After investigating this error, I found this device configuration:

jwt.secret = Rails.application.credentials.jwt_secret_key

I checked my test environment configuration and discovered that I don't have MASTER_KEY set in the test environment. So, I had to create a secret key only for the test environment.

In my humble opinion, this should be documented or there should be a default secret key for the testing environment.

Marc Busqué · Answer 4 · Thu Oct 19 2023 23:23:42 GMT+0800 (China Standard Time)

Thanks for the update, @fero46. It looks like that's a specific Rails issue, maybe related to recent changes on 7.1. . Closing here.