BornHack 2018 Info Program Villages Sponsors Teams

Schedule Events Speakers Call for Participation

Return to schedule

Making REST API in Sinatra with automation tests in bash Feedback

Goals for this presentation is to show how to:

  • build authorization service which provides JSON Web Tokens using open source tools,
  • explain how to use JWT to secure a REST API built in Sinatra,
  • mange complex REST tests of a secured API using a handy tool called: bash ;).

I believe that after this live session, each participant will be able to increase security and stability of their projects.

Speech plan:

Introduction: In a few words I give summary of JSON Web tokens, what they are and how we can use them.

Part I: Use Rails API + Devise and JWT libs to build an authorization service which will authenticate users using email to provide JSON Web Tokens. I will show core steps which are required to get it running then we will create a user and authorize them to obtain a JWT token.

Part II: I will show a simple REST API built in Sinatra and what steps are necessary to apply JWT authorization on it, with token blacklisting as the invalidation strategy. Sinatra is a great Ruby framework for small and large projects. It's lighter than Rails and really flexible.

Part III: Having free open source authorization service and secured REST API is not all. Now we should be able to run all bunch of tests on it. Using bash with bats + jq + jo will give us powerful testing tool, which can be used in command line or TeamCity. I will show how to test REST endpoints locally and remotely without touching any commercial software or UI tools. We will run simple tests like GET /endpoint == status 200 but also a complex ones which require:

  • authorization,
  • JSON payload,
  • multi line response parsing,
  • matching regular expressions against the response.

Summary: Biggest value of this is that each part can be done separately. Some of us already have API services but lack automated tests or maybe there is a need to secure them.

These 3 parts have been already combined in a new open source deployment solution called PutIt.

Speakers for Making REST API in Sinatra with automation tests in bash:

Mateusz Wolsza

Metadata for Making REST API in Sinatra with automation tests in bash

To be recorded: Yes

URLs for Making REST API in Sinatra with automation tests in bash

Recording: https://www.youtube.com/watch?v=hlYhYrV3ysM

Schedule for Making REST API in Sinatra with automation tests in bash

  • Saturday, Aug 18th, 2018, 14:00 (CEST) - Saturday, Aug 18th, 2018, 15:00 (CEST) at Speakers Tent