Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix authorization header #72

Merged
merged 1 commit into from Apr 16, 2019
Merged

Fix authorization header #72

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/webpush/request.rb
View file
Open in desktop
Expand Up @@ -59,7 +59,7 @@ def headers
end

if api_key?
headers["Authorization"] = api_key
headers["Authorization"] = "key=#{api_key}"
elsif vapid?
vapid_headers = build_vapid_headers
headers["Authorization"] = vapid_headers["Authorization"]
Expand Down
45 changes: 45 additions & 0 deletions spec/webpush/request_spec.rb
View file
Open in desktop
Expand Up @@ -19,6 +19,51 @@
end
end

describe 'from :api_key' do
def build_request_with_api_key(endpoint, options = {})
subscription = {
endpoint: endpoint,
keys: {
p256dh: 'p256dh',
auth: 'auth'
}
}
request = Webpush::Request.new(message: "", subscription: subscription, vapid: {}, **options)
end

it 'inserts Authorization header when api_key present, and endpoint is for Chrome\'s non-standards-compliant GCM endpoints' do
request = build_request_with_api_key('https://gcm-http.googleapis.com/gcm/xyz', api_key: "api_key")

expect(request.headers['Authorization']).to eq("key=api_key")
end

it 'does not insert Authorization header for Chrome\'s new standards-compliant endpoints, even if api_key is present' do
request = build_request_with_api_key('https://fcm.googleapis.com/fcm/send/ABCD1234', api_key: "api_key")

expect(request.headers['Authorization']).to be_nil
end

it 'does not insert Authorization header when endpoint is not for Chrome, even if api_key is present' do
request = build_request_with_api_key('https://some.random.endpoint.com/xyz', api_key: "api_key")

expect(request.headers['Authorization']).to be_nil
end

it 'does not insert Authorization header when api_key blank' do
request = build_request_with_api_key("endpoint", api_key: nil)

expect(request.headers['Authorization']).to be_nil

request = build_request_with_api_key("endpoint", api_key: "")

expect(request.headers['Authorization']).to be_nil

request = build_request_with_api_key("endpoint")

expect(request.headers['Authorization']).to be_nil
end
end

describe 'from :ttl' do
it 'can override Ttl with :ttl option with string' do
request = build_request(ttl: '300', vapid: vapid_options)
Expand Down