Making an authenticated request

- [Instructor] To get rolling with an authenticate test, let's do the absolute minimum that we have available. A couple videos ago we got a list of issues on a specific repository. Now let's shift that idea and get a list of repositories from our accounts and determine if a private repository is there. Since it's a private repository that'll be a clear indication that our authentication worked. By the way, if you haven't set up your personal access token, go back to the last lesson to get that set up right now. Now, with that in mind, let's go through this line by line. The given line is quite a bit different. This time we're ensuring that we have an authenticated user. Then we get a list of repositories. Finally, we're going to look through that list of repositories to find a specific private one. Now that we know our goal, let's go ahead and dive in. Before we implement this test, let's go back to our GitHub account and make sure this could pass. So within GitHub, we go ahead and come over to our repository list. We'll create a new one, we want to call this one is-your-api-misbehaving. Make sure to mark this private. And then we create it. We don't need any other settings or information or content in this repository. We just need to make sure it exists. And now we head back to the command line. On the command line we do our normal thing, vendor bin behat. And if all goes well our previous tests should continue to pass. It's a good sign. And we should get back to the thing where we have undefined functions. We go ahead and execute that. We can copy and paste this code directly into our editor. So we copy and paste this just as we did before. Now we need to go ahead and implement these things. So this time we need to implement iAmAnAuthenticatedUser. We'll do this using our client that we've already created. We'll tell it to authenticate. And then we use the parameters that we set up in the last lesson. So we use our GitHub token, second parameter's null, and then we tell this to use GitHub AuthMethod. And we want to use access token. And that just goes ahead and sets up what we're expecting there so that we'll be authenticated. Now we've set up this function we don't know if it actually works or not. So we still need to do a little bit of work here. We'll go to our next method of, iRequestAListOfMyRepositories, and we retrieve this information. So let's grab our repositories. We use the client that we've already set up. We use the API capability on it using the current user context. And we get a list of repositories. Now, the GitHub library behind the scenes is doing a lot of work for us. We really don't care about that this time around but it's something to keep in mind. Previously, when we got a list of issues, our first pass was just use this information to say, this results equals repositories. This is sufficient, but it leaves us open to the possibilities of this request didn't work. We're not going to detect it here. So let's add a way of detecting it right now. So we'll do the same thing we did before with status code. We'll use our client. We want to get the last response. And we want to get the status code from that. And if it's anything other than a 200 we want to throw an error. So we check to see if it's not a 200. And if it's not, we'll go ahead and throw an exception. And we'll say, explicitly expected a 200 status code but got a different one instead. All right, so now if all's going well, we've authenticated properly, we've gone ahead and gotten a list of repositories, if that generated anything other than a 200 Okay, we'll know about it immediately. Now we need to iterate over this list of repositories and make sure that we're finding the right one. So now we'll go ahead and implement this method. So we'll say for each, we'll go over the results that we have. We'll get each repo individually. And we want to make sure that our arg, the input, the actual repository that we're looking for, is one of the repositories in this list. And if it worked we want to return true. Otherwise, if we didn't find a match on this list let's throw a new exception. And this one will just say what we expected to happen. Expected to find a repository. Repository called arg1. But it doesn't exist. Quick, simple message. If all's worked out at this point we'll go back to the command line, we'll execute this test, and we'll see some successes. So go ahead and run the same command we had. We have a syntax error, so let's go back to our editor and figure out exactly where we messed this up. Turns out you need a semicolon at the end of each line. Amazing that. So now let's go back to the command line again. Once again, we run our tests. The first couple passed as expected, and it turns out they all passed exactly the way we expected. Now to make sure we're not fooling ourselves here let's go back to our feature spec and change the repository we're looking for to see if this still passes. So we'll go back to our editor. So we'll just add a two here just to make it different. And now we'll go back to the command line and run the exact same command again. And hopefully this fails exactly where we expect it to. And sure enough it does. So we don't have a repository called is-your-api-misbehaving2. So this worked and failed exactly where we expected to. This is great. That was a lot of work but we accomplished quite a bit there. And I don't just mean with code. We proved that we could authenticate with our API test by retrieving information that an anonymous user couldn't access. That's a huge accomplishment and a fundamental part of API testing. So in the next lesson, let's go ahead and take the next step and write to our API.