[Discussion] Should we remove the assumed assertOk() in ProceduralRequests trait?

[SimonMacIntyre]

Consider this use case:

Authentication happens in headers with api tokens. I'd like to test through a procedure call attempt, that the headers successfully require auth, and thus return a 401 HTTP code.

I know I could bypass the trait methods and make my own setup that rips out the assertOk, but specifically I'd like to use the original callProcedure method to test all my procedures. It would just be nice if I could use the same calling of a procedure test, to test the auth for the procedure routes as well.

Maybe enlighten me if I am missing a bit of the philosophy behind this. I understand that jrpc must return http 200, and error key for application errors. However I thought it is reasonable to want to test the procedure call, and fail auth, and thus have a http response code that is not 200 (this is not a failure/error or mistake of JRPC, but of the authentication in the headers trying to POST to hit a procedure).

Please let me know! I didn't make the PR yet just because I wanted to see & understand if it was a desired change for the package.

[tabuna]

Hi @SimonMacIntyre If we want to test exactly RPC calls, we must be sure that the client will receive a correctly interpreted response that does not depend on the transport state. This means that we expect errors specified only in the body of the response, and not at other levels (such as transport). For example:

{
    "jsonrpc": "2.0",
    "id": 1,
    "error": "..."
}

I also don't want to get rid of this check in my tests, but I don't mind if we add a new method without any assets:

public function callHttpProcedure(string $method, array $content = [], $id = 1): TestResponse
{
    return $this->json('POST', $this->rpcEndpoint, [
        'jsonrpc' => '2.0',
        'id'      => $id,
        'method'  => $method,
        'params'  => $content,
    ]);
}

public function callProcedure(string $method, array $content = [], $id = 1): TestResponse
{
    return $this
        ->callHttpProcedure($method, $content, $id)
        ->assertOk()
        ->assertHeader('content-type', 'application/json');
}

In this case, we would have a pure response and a ready-made method with basic current and future checks. What do you think about this?

[SimonMacIntyre]

I think that would be a great compromise and I appreciate! That way I can still re-use the test classes to simulate testing a procedure over http that fails at transport layer.

I can work on the tiny PR, don't want to take up more of your time! Appreciate the response!~ 🙏

[SimonMacIntyre]

#37

[tabuna]

Available since version 5.1.0