require 'spec_helper'

describe Gris::AuthenticationHelpers do
  context 'without permitted token' do
    before(:each) do
      stub_const 'ENV', 'PERMITTED_TOKENS' => %w(my-token another-token)
      @helper = SpecApiAuthHelper.new
    end

    context '#token_authentication!' do
      context 'without matching tokens' do
        it 'returns a 401 Forbidden error' do
          allow(@helper).to receive(:params).and_return(token: nil)
          allow(@helper).to receive_message_chain(:request, :headers).and_return('Http-Authorization' => nil)
          @helper.token_authentication!
          expect(@helper.message).to eq(message: 'Forbidden', status: 401)
        end
      end
      context 'with included params token' do
        it 'returns nil' do
          allow(@helper).to receive(:params).and_return(token: 'my-token')
          allow(@helper).to receive_message_chain(:request, :headers).and_return('Http-Authorization' => nil)
          expect(@helper.token_authentication!).to be_nil
        end
      end
      context 'with included request header token' do
        it 'returns nil' do
          allow(@helper).to receive(:params).and_return(token: nil)
          allow(@helper).to receive_message_chain(:request, :headers).and_return('Http-Authorization' => 'my-token')
          expect(@helper.token_authentication!).to be_nil
        end
      end
    end
  end
end