@yordisprieto Firstly, shout out to you and the other maintainers for Ueberauth! Implementing Google OAuth was quite easy thanks to this package.

I’m attempting to write tests for the callback in a Phoenix application, and I can’t get past a Ueberauth.Failure.Error. I have been digging through docs for Ueberauth, Plug.Conn, and Phoenix.Controller, and I didn’t see any tests in ueberauth_example.

When the server is running, I can successfully authenticate with Google, so I’m just blocked on the test. My conn/controller chops are a little rusty since I’m usually writing LiveView code, so I wouldn’t be surprised if there’s a non-Ueberauth-specific solution here. I tried manually setting _csrf_token in the conn session before calling get/2, but that didn’t work.

How does one put a CSRF token on a conn during testing?

Test code

defmodule MyAppWeb.AuthenticationTest do
  @moduledoc false
  alias MyApp.AuthenticationFixtures
  alias MyApp.Identity.User
  alias MyApp.IdentityFixtures
  use MyAppWeb.ConnCase, async: true
  use Plug.Test

  describe "callback/2" do
    test "starts session for valid user", %{conn: conn} do
      %User{email: email} = IdentityFixtures.user_fixture()
      auth = AuthenticationFixtures.auth_attrs(email: email)
      conn = get(conn, ~p"/auth/google/callback", ueberauth_auth: auth)
      assert redirected_to(conn, 302) == ~p"/"
    end
  end
end

Error

%Ueberauth.Failure{
  provider: :google,
  strategy: Ueberauth.Strategy.Google,
  errors: [
    %Ueberauth.Failure.Error{
      message_key: "csrf_attack",
      message: "Cross-Site Request Forgery attack"
    }
  ]
}