If you are using VCR to record/playback HTTP requests for your Rails tests, you may run into problems if your cassettes use tokens to authenticate with those services.
After recording a cassette, you may see this familiar error upon running your tests:
VCR uses a RequestMatcher to determine if an outgoing request (and response) already exist in a cassette. Upon finding a match, the test will use the response pre-recorded in the cassette.
Two common ways to Authenticate on an external request are:
Because tokens typically expire, cassettes recorded at different times may contain different authentication tokens. This becomes a problem when running the whole test suite. Because the request/response to get a token will also be pre-recorded, VCR will return the same response (and auth token) to all of the tests. The first test will pass, but those using cassettes recorded at a different time will experience the error mentioned above. Which test(s) pass may vary on each run because VCR uses a Seed to (randomly) order & execute the tests.
Breaking down a request
The next step is to understand which part of the request is failing to match, and what can be done about it.
Depending on which authentication method is used, the culprit is in one of two places:
VCR allows you to create a Custom RequestMatcher. With this, we can create a matcher that ignores the auth token (or other problematic/mutable param).
If you supply a Token Param…
If you use a Basic Auth Header…
While the ability to use
uri_without_param is easy enough, creating a custom matcher is definitely a workaround at best. Unfortunately, requests for a cleaner solution to this problem seem to have been closed. Until that changes, we’ll have to keep using the custom matcher.