我正在尝试通过laravel护照来测试multiauth,但遇到发送授权令牌的问题
基本上我有两个身份验证卫士
'guards' => [
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
'admin' => [
'driver' => 'passport',
'provider' => 'admins',
],
],
两条需要不同身份验证的路由
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
Route::middleware('auth:admin')->get('/admin', function (Request $request) {
return $request->user();
});
和测试
/** @test */
public function user_can_register()
{
(new ClientRepository)->createPasswordGrantClient(
null, 'Laravel Personal Access Client', 'http://localhost'
);
factory(Admin::class)->create(['email' => 'john.doe@example.com', 'password' => '$2y$10$TKh8H1.PfQx37YgCzwiKb.KjNyWgaHb9cbcoQgdIVFlYg7B77UdFm']);
$response = $this->postJson('/api/register', [
'name' => 'john doe',
'email' => 'john.doe@example.com',
'password' => 'secret',
'password_confirmation' => 'secret'
]);
$response->assertStatus(200);
$json = $response->json();
$this->assertEquals('Bearer',$json['token_type']);
$this->assertNotNull($json['expires_in']);
$this->assertNotNull($json['access_token']);
$this->assertNotNull($json['refresh_token']);
$this->getJson('/api/user',[
'Authorization' => 'Bearer '.$json['access_token']
])->assertStatus(Response::HTTP_OK);
$this->getJson('/api/admin',[
'Authorization' => 'Bearer '.$json['access_token']
])->assertStatus(Response::HTTP_UNAUTHORIZED);
}
奇怪的行为是测试无法断言对/ api / admin的调用返回401。它说返回了200。但是我正在通过邮递员测试同一件事,一切都很好。我认为我发送Authorization标头的方式不合适,但找不到更好的方法。有想法吗?