Making REST API in Sinatra with automation tests in bash

Goals for this presentation is to show how to:

  • build authorization service which provides JSON Web Tokens using open source tools,
  • explain how to use JWT to secure a REST API built in Sinatra,
  • mange complex REST tests of a secured API using a handy tool called: bash ;).

I believe that after this live session, each participant will be able to increase security and stability of their projects.

Speech plan:

Introduction: In a few words I give summary of JSON Web tokens, what they are and how we can use them.

Part I: Use Rails API + Devise and JWT libs to build an authorization service which will authenticate users using email to provide JSON Web Tokens. I will show core steps which are required to get it running then we will create a user and authorize them to obtain a JWT token.

Part II: I will show a simple REST API built in Sinatra and what steps are necessary to apply JWT authorization on it, with token blacklisting as the invalidation strategy. Sinatra is a great Ruby framework for small and large projects. It's lighter than Rails and really flexible.

Part III: Having free open source authorization service and secured REST API is not all. Now we should be able to run all bunch of tests on it. Using bash with bats + jq + jo will give us powerful testing tool, which can be used in command line or TeamCity. I will show how to test REST endpoints locally and remotely without touching any commercial software or UI tools. We will run simple tests like GET /endpoint == status 200 but also a complex ones which require:

  • authorization,
  • JSON payload,
  • multi line response parsing,
  • matching regular expressions against the response.

Summary: Biggest value of this is that each part can be done separately. Some of us already have API services but lack automated tests or maybe there is a need to secure them.

These 3 parts have been already combined in a new open source deployment solution called PutIt.


URLs for Making REST API in Sinatra with automation tests in bash

No URLs found.


Instances

  • Saturday Aug. 18 14:00 - 15:00 at Speakers Tent

Speaker(s):