- Introduction
- Making Requests
- Testing JSON APIs
- Testing File Uploads
- Testing Views
- Available Assertions
Laravel provides a very fluent API for making HTTP requests to your application and examining the responses. For example, take a look at the feature test defined below:
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\WithoutMiddleware;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function test_a_basic_request()
{
$response = $this->get('/');
$response->assertStatus(200);
}
}
The get
method makes a GET
request into the application, while the assertStatus
method asserts that the returned response should have the given HTTP status code. In addition to this simple assertion, Laravel also contains a variety of assertions for inspecting the response headers, content, JSON structure, and more.
To make a request to your application, you may invoke the get
, post
, put
, patch
, or delete
methods within your test. These methods do not actually issue a "real" HTTP request to your application. Instead, the entire network request is simulated internally.
Instead of returning an Illuminate\Http\Response
instance, test request methods return an instance of Illuminate\Testing\TestResponse
, which provides a variety of helpful assertions that allow you to inspect your application's responses:
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\WithoutMiddleware;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function test_a_basic_request()
{
$response = $this->get('/');
$response->assertStatus(200);
}
}
In general, each of your tests should only make one request to your application. Unexpected behavior may occur if multiple requests are executed within a single test method.
{tip} For convenience, the CSRF middleware is automatically disabled when running tests.
You may use the withHeaders
method to customize the request's headers before it is sent to the application. This method allows you to add any custom headers you would like to the request:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic functional test example.
*
* @return void
*/
public function test_interacting_with_headers()
{
$response = $this->withHeaders([
'X-Header' => 'Value',
])->post('/user', ['name' => 'Sally']);
$response->assertStatus(201);
}
}
You may use the withCookie
or withCookies
methods to set cookie values before making a request. The withCookie
method accepts a cookie name and value as its two arguments, while the withCookies
method accepts an array of name / value pairs:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_interacting_with_cookies()
{
$response = $this->withCookie('color', 'blue')->get('/');
$response = $this->withCookies([
'color' => 'blue',
'name' => 'Taylor',
])->get('/');
}
}
Laravel provides several helpers for interacting with the session during HTTP testing. First, you may set the session data to a given array using the withSession
method. This is useful for loading the session with data before issuing a request to your application:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_interacting_with_the_session()
{
$response = $this->withSession(['banned' => false])->get('/');
}
}
Laravel's session is typically used to maintain state for the currently authenticated user. Therefore, the actingAs
helper method provides a simple way to authenticate a given user as the current user. For example, we may use a model factory to generate and authenticate a user:
<?php
namespace Tests\Feature;
use App\Models\User;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_an_action_that_requires_authentication()
{
$user = User::factory()->create();
$response = $this->actingAs($user)
->withSession(['banned' => false])
->get('/');
}
}
You may also specify which guard should be used to authenticate the given user by passing the guard name as the second argument to the actingAs
method:
$this->actingAs($user, 'web')
After making a test request to your application, the dump
, dumpHeaders
, and dumpSession
methods may be used to examine and debug the response contents:
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\WithoutMiddleware;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function test_basic_test()
{
$response = $this->get('/');
$response->dumpHeaders();
$response->dumpSession();
$response->dump();
}
}
Laravel also provides several helpers for testing JSON APIs and their responses. For example, the json
, getJson
, postJson
, putJson
, patchJson
, deleteJson
, and optionsJson
methods may be used to issue JSON requests with various HTTP verbs. You may also easily pass data and headers to these methods. To get started, let's write a test to make a POST
request to /api/user
and assert that the expected JSON data was returned:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic functional test example.
*
* @return void
*/
public function test_making_an_api_request()
{
$response = $this->postJson('/api/user', ['name' => 'Sally']);
$response
->assertStatus(201)
->assertJson([
'created' => true,
]);
}
}
In addition, JSON response data may be accessed as array variables on the response, making it convenient for you to inspect the individual values returned within a JSON response:
$this->assertTrue($response['created']);
{tip} The
assertJson
method converts the response to an array and utilizesPHPUnit::assertArraySubset
to verify that the given array exists within the JSON response returned by the application. So, if there are other properties in the JSON response, this test will still pass as long as the given fragment is present.
As previously mentioned, the assertJson
method may be used to assert that a fragment of JSON exists within the JSON response. If you would like to verify that a given array exactly matches the JSON returned by your application, you should use the assertExactJson
method:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic functional test example.
*
* @return void
*/
public function test_asserting_an_exact_json_match()
{
$response = $this->json('POST', '/user', ['name' => 'Sally']);
$response
->assertStatus(201)
->assertExactJson([
'created' => true,
]);
}
}
If you would like to verify that the JSON response contains the given data at a specified path, you should use the assertJsonPath
method:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic functional test example.
*
* @return void
*/
public function test_asserting_a_json_paths_value()
{
$response = $this->json('POST', '/user', ['name' => 'Sally']);
$response
->assertStatus(201)
->assertJsonPath('team.owner.name', 'Darian');
}
}
Laravel also offers a beautiful way to fluently test your application's JSON responses. To get started, pass a closure to the assertJson
method. This closure will be invoked with an instance of Illuminate\Testing\Fluent\AssertableJson
which can be used to make assertions against the JSON that was returned by your application. The where
method may be used to make assertions against a particular attribute of the JSON, while the missing
method may be used to assert that a particular attribute is missing from the JSON:
use Illuminate\Testing\Fluent\AssertableJson;
/**
* A basic functional test example.
*
* @return void
*/
public function test_fluent_json()
{
$response = $this->json('GET', '/users/1');
$response
->assertJson(fn (AssertableJson $json) =>
$json->where('id', 1)
->where('name', 'Victoria Faith')
->missing('password')
->etc()
);
}
In the example above, you may have noticed we invoked the etc
method at the end of our assertion chain. This method informs Laravel that there may be other attributes present on the JSON object. If the etc
method is not used, the test will fail if other attributes that you did not make assertions against exist on the JSON object.
The intention behind this behavior is to protect you from unintentionally exposing sensitive information in your JSON responses by forcing you to either explicitly make an assertion against the attribute or explicitly allow additional attributes via the etc
method.
Often, your route will return a JSON response that contains multiple items, such as multiple users:
Route::get('/users', function () {
return User::all();
});
In these situations, we may use the fluent JSON object's has
method to make assertions against the users included in the response. For example, let's assert that the JSON response contains three users. Next, we'll make some assertions about the first user in the collection using the first
method. The first
method accepts a closure which receives another assertable JSON string that we can use to make assertions about the first object in the JSON collection:
$response
->assertJson(fn (AssertableJson $json) =>
$json->has(3)
->first(fn ($json) =>
$json->where('id', 1)
->where('name', 'Victoria Faith')
->missing('password')
->etc()
)
);
Sometimes, your application's routes will return JSON collections that are assigned named keys:
Route::get('/users', function () {
return [
'meta' => [...],
'users' => User::all(),
];
})
When testing these routes, you may use the has
method to assert against the number of items in the collection. In addition, you may use the has
method to scope a chain of assertions:
$response
->assertJson(fn (AssertableJson $json) =>
$json->has('meta')
->has('users', 3)
->has('users.0', fn ($json) =>
$json->where('id', 1)
->where('name', 'Victoria Faith')
->missing('password')
->etc()
)
);
However, instead of making two separate calls to the has
method to assert against the users
collection, you may make a single call which provides a closure as its third parameter. When doing so, the closure will automatically be invoked and scoped to the first item in the collection:
$response
->assertJson(fn (AssertableJson $json) =>
$json->has('meta')
->has('users', 3, fn ($json) =>
$json->where('id', 1)
->where('name', 'Victoria Faith')
->missing('password')
->etc()
)
);
You may only want to assert that the properties in the JSON response are of a certain type. The Illuminate\Testing\Fluent\AssertableJson
class provides the whereType
and whereAllType
methods for doing just that:
$response->assertJson(fn (AssertableJson $json) =>
$json->whereType('id', 'integer')
->whereAllType([
'users.0.name' => 'string',
'meta' => 'array'
])
);
You may specify multiple types using the |
character, or passing an array of types as the second parameter to the whereType
method. The assertion will be successful if the response value is any of the listed types:
$response->assertJson(fn (AssertableJson $json) =>
$json->whereType('name', 'string|null')
->whereType('id', ['string', 'integer'])
);
The whereType
and whereAllType
methods recognize the following types: string
, integer
, double
, boolean
, array
, and null
.
The Illuminate\Http\UploadedFile
class provides a fake
method which may be used to generate dummy files or images for testing. This, combined with the Storage
facade's fake
method, greatly simplifies the testing of file uploads. For example, you may combine these two features to easily test an avatar upload form:
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\WithoutMiddleware;
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Facades\Storage;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_avatars_can_be_uploaded()
{
Storage::fake('avatars');
$file = UploadedFile::fake()->image('avatar.jpg');
$response = $this->post('/avatar', [
'avatar' => $file,
]);
Storage::disk('avatars')->assertExists($file->hashName());
}
}
If you would like to assert that a given file does not exist, you may use the assertMissing
method provided by the Storage
facade:
Storage::fake('avatars');
// ...
Storage::disk('avatars')->assertMissing('missing.jpg');
When creating files using the fake
method provided by the UploadedFile
class, you may specify the width, height, and size of the image (in kilobytes) in order to better test your application's validation rules:
UploadedFile::fake()->image('avatar.jpg', $width, $height)->size(100);
In addition to creating images, you may create files of any other type using the create
method:
UploadedFile::fake()->create('document.pdf', $sizeInKilobytes);
If needed, you may pass a $mimeType
argument to the method to explicitly define the MIME type that should be returned by the file:
UploadedFile::fake()->create(
'document.pdf', $sizeInKilobytes, 'application/pdf'
);
Laravel also allows you to render a view without making a simulated HTTP request to the application. To accomplish this, you may call the view
method within your test. The view
method accepts the view name and an optional array of data. The method returns an instance of Illuminate\Testing\TestView
, which offers several methods to conveniently make assertions about the view's contents:
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_a_welcome_view_can_be_rendered()
{
$view = $this->view('welcome', ['name' => 'Taylor']);
$view->assertSee('Taylor');
}
}
The TestView
class provides the following assertion methods: assertSee
, assertSeeInOrder
, assertSeeText
, assertSeeTextInOrder
, assertDontSee
, and assertDontSeeText
.
If needed, you may get the raw, rendered view contents by casting the TestView
instance to a string:
$contents = (string) $this->view('welcome');
Some views may depend on errors shared in the global error bag provided by Laravel. To hydrate the error bag with error messages, you may use the withViewErrors
method:
$view = $this->withViewErrors([
'name' => ['Please provide a valid name.']
])->view('form');
$view->assertSee('Please provide a valid name.');
If necessary, you may use the blade
method to evaluate and render a raw Blade string. Like the view
method, the blade
method returns an instance of Illuminate\Testing\TestView
:
$view = $this->blade(
'<x-component :name="$name" />',
['name' => 'Taylor']
);
$view->assertSee('Taylor');
You may use the component
method to evaluate and render a Blade component. Like the view
method, the component
method returns an instance of Illuminate\Testing\TestView
:
$view = $this->component(Profile::class, ['name' => 'Taylor']);
$view->assertSee('Taylor');
Laravel's Illuminate\Testing\TestResponse
class provides a variety of custom assertion methods that you may utilize when testing your application. These assertions may be accessed on the response that is returned by the json
, get
, post
, put
, and delete
test methods:
assertCookie assertCookieExpired assertCookieNotExpired assertCookieMissing assertCreated assertDontSee assertDontSeeText assertDownload assertExactJson assertForbidden assertHeader assertHeaderMissing assertJson assertJsonCount assertJsonFragment assertJsonMissing assertJsonMissingExact assertJsonMissingValidationErrors assertJsonPath assertJsonStructure assertJsonValidationErrors assertLocation assertNoContent assertNotFound assertOk assertPlainCookie assertRedirect assertRedirectToSignedRoute assertSee assertSeeInOrder assertSeeText assertSeeTextInOrder assertSessionHas assertSessionHasInput assertSessionHasAll assertSessionHasErrors assertSessionHasErrorsIn assertSessionHasNoErrors assertSessionDoesntHaveErrors assertSessionMissing assertStatus assertSuccessful assertUnauthorized assertUnprocessable assertValid assertInvalid assertViewHas assertViewHasAll assertViewIs assertViewMissing
Assert that the response contains the given cookie:
$response->assertCookie($cookieName, $value = null);
Assert that the response contains the given cookie and it is expired:
$response->assertCookieExpired($cookieName);
Assert that the response contains the given cookie and it is not expired:
$response->assertCookieNotExpired($cookieName);
Assert that the response does not contains the given cookie:
$response->assertCookieMissing($cookieName);
Assert that the response has a 201 HTTP status code:
$response->assertCreated();
Assert that the given string is not contained within the response returned by the application. This assertion will automatically escape the given string unless you pass a second argument of false
:
$response->assertDontSee($value, $escaped = true);
Assert that the given string is not contained within the response text. This assertion will automatically escape the given string unless you pass a second argument of false
. This method will pass the response content to the strip_tags
PHP function before making the assertion:
$response->assertDontSeeText($value, $escaped = true);
Assert that the response is a "download". Typically, this means the invoked route that returned the response returned a Response::download
response, BinaryFileResponse
, or Storage::download
response:
$response->assertDownload();
If you wish, you may assert that the downloadable file was assigned a given file name:
$response->assertDownload('image.jpg');
Assert that the response contains an exact match of the given JSON data:
$response->assertExactJson(array $data);
Assert that the response has a forbidden (403) HTTP status code:
$response->assertForbidden();
Assert that the given header and value is present on the response:
$response->assertHeader($headerName, $value = null);
Assert that the given header is not present on the response:
$response->assertHeaderMissing($headerName);
Assert that the response contains the given JSON data:
$response->assertJson(array $data, $strict = false);
The assertJson
method converts the response to an array and utilizes PHPUnit::assertArraySubset
to verify that the given array exists within the JSON response returned by the application. So, if there are other properties in the JSON response, this test will still pass as long as the given fragment is present.
Assert that the response JSON has an array with the expected number of items at the given key:
$response->assertJsonCount($count, $key = null);
Assert that the response contains the given JSON data anywhere in the response:
Route::get('/users', function () {
return [
'users' => [
[
'name' => 'Taylor Otwell',
],
],
];
});
$response->assertJsonFragment(['name' => 'Taylor Otwell']);
Assert that the response does not contain the given JSON data:
$response->assertJsonMissing(array $data);
Assert that the response does not contain the exact JSON data:
$response->assertJsonMissingExact(array $data);
Assert that the response has no JSON validation errors for the given keys:
$response->assertJsonMissingValidationErrors($keys);
Assert that the response contains the given data at the specified path:
$response->assertJsonPath($path, $expectedValue);
For example, if the JSON response returned by your application contains the following data:
{
"user": {
"name": "Steve Schoger"
}
}
You may assert that the name
property of the user
object matches a given value like so:
$response->assertJsonPath('user.name', 'Steve Schoger');
Assert that the response has a given JSON structure:
$response->assertJsonStructure(array $structure);
For example, if the JSON response returned by your application contains the following data:
{
"user": {
"name": "Steve Schoger"
}
}
You may assert that the JSON structure matches your expectations like so:
$response->assertJsonStructure([
'user' => [
'name',
]
]);
Sometimes, JSON responses returned by your application may contain arrays of objects:
{
"user": [
{
"name": "Steve Schoger",
"age": 55,
"location": "Earth"
},
{
"name": "Mary Schoger",
"age": 60,
"location": "Earth"
}
]
}
In this situation, you may use the *
character to assert against the structure of all of the objects in the array:
$response->assertJsonStructure([
'user' => [
'*' => [
'name',
'age',
'location'
]
]
]);
Assert that the response has the given JSON validation errors for the given keys. This method should be used when asserting against responses where the validation errors are returned as a JSON structure instead of being flashed to the session:
$response->assertJsonValidationErrors(array $data);
Assert that the response has the given URI value in the Location
header:
$response->assertLocation($uri);
Assert that the response has the given HTTP status code and no content:
$response->assertNoContent($status = 204);
Assert that the response has a not found (404) HTTP status code:
$response->assertNotFound();
Assert that the response has a 200 HTTP status code:
$response->assertOk();
Assert that the response contains the given unencrypted cookie:
$response->assertPlainCookie($cookieName, $value = null);
Assert that the response is a redirect to the given URI:
$response->assertRedirect($uri);
Assert that the response is a redirect to the given signed route:
$response->assertRedirectToSignedRoute($name = null, $parameters = []);
Assert that the given string is contained within the response. This assertion will automatically escape the given string unless you pass a second argument of false
:
$response->assertSee($value, $escaped = true);
Assert that the given strings are contained in order within the response. This assertion will automatically escape the given strings unless you pass a second argument of false
:
$response->assertSeeInOrder(array $values, $escaped = true);
Assert that the given string is contained within the response text. This assertion will automatically escape the given string unless you pass a second argument of false
. The response content will be passed to the strip_tags
PHP function before the assertion is made:
$response->assertSeeText($value, $escaped = true);
Assert that the given strings are contained in order within the response text. This assertion will automatically escape the given strings unless you pass a second argument of false
. The response content will be passed to the strip_tags
PHP function before the assertion is made:
$response->assertSeeTextInOrder(array $values, $escaped = true);
Assert that the session contains the given piece of data:
$response->assertSessionHas($key, $value = null);
Assert that the session has a given value in the flashed input array:
$response->assertSessionHasInput($key, $value = null);
Assert that the session contains a given array of key / value pairs:
$response->assertSessionHasAll(array $data);
For example, if your application's session contains name
and status
keys, you may assert that both exist and have the specified values like so:
$response->assertSessionHasAll([
'name' => 'Taylor Otwell',
'status' => 'active',
]);
Assert that the session contains an error for the given $keys
. If $keys
is an associative array, assert that the session contains a specific error message (value) for each field (key). This method should be used when testing routes that flash validation errors to the session instead of returning them as a JSON structure:
$response->assertSessionHasErrors(
array $keys, $format = null, $errorBag = 'default'
);
For example, to assert that the name
and email
fields have validation error messages that were flashed to the session, you may invoke the assertSessionHasErrors
method like so:
$response->assertSessionHasErrors(['name', 'email']);
Or, you may assert that a given field has a particular validation error message:
$response->assertSessionHasErrors([
'name' => 'The given name was invalid.'
]);
Assert that the session contains an error for the given $keys
within a specific error bag. If $keys
is an associative array, assert that the session contains a specific error message (value) for each field (key), within the error bag:
$response->assertSessionHasErrorsIn($errorBag, $keys = [], $format = null);
Assert that the session has no validation errors:
$response->assertSessionHasNoErrors();
Assert that the session has no validation errors for the given keys:
$response->assertSessionDoesntHaveErrors($keys = [], $format = null, $errorBag = 'default');
Assert that the session does not contain the given key:
$response->assertSessionMissing($key);
Assert that the response has a given HTTP status code:
$response->assertStatus($code);
Assert that the response has a successful (>= 200 and < 300) HTTP status code:
$response->assertSuccessful();
Assert that the response has an unauthorized (401) HTTP status code:
$response->assertUnauthorized();
Assert that the response has an unprocessable entity (422) HTTP status code:
$response->assertUnprocessable();
Assert that the response has no validation errors for the given keys. This method may be used for asserting against responses where the validation errors are returned as a JSON structure or where the validation errors have been flashed to the session:
// Assert that no validation errors are present...
$response->assertValid();
// Assert that the given keys do not have validation errors...
$response->assertValid(['name', 'email']);
Assert that the response has validation errors for the given keys. This method may be used for asserting against responses where the validation errors are returned as a JSON structure or where the validation errors have been flashed to the session:
$response->assertInvalid(['name', 'email']);
You may also assert that a given key has a particular validation error message. When doing so, you may provide the entire message or only a small portion of the message:
$response->assertInvalid([
'name' => 'The name field is required.',
'email' => 'valid email address',
]);
Assert that the response view contains given a piece of data:
$response->assertViewHas($key, $value = null);
Passing a closure as the second argument to the assertViewHas
method will allow you to inspect and make assertions against a particular piece of view data:
$response->assertViewHas('user', function (User $user) {
return $user->name === 'Taylor';
});
In addition, view data may be accessed as array variables on the response, allowing you to conveniently inspect it:
$this->assertEquals('Taylor', $response['name']);
Assert that the response view has a given list of data:
$response->assertViewHasAll(array $data);
This method may be used to assert that the view simply contains data matching the given keys:
$response->assertViewHasAll([
'name',
'email',
]);
Or, you may assert that the view data is present and has specific values:
$response->assertViewHasAll([
'name' => 'Taylor Otwell',
'email' => '[email protected],',
]);
Assert that the given view was returned by the route:
$response->assertViewIs($value);
Assert that the given data key was not made available to the view returned in the application's response:
$response->assertViewMissing($key);
Laravel also provides a variety of authentication related assertions that you may utilize within your application's feature tests. Note that these methods are invoked on the test class itself and not the Illuminate\Testing\TestResponse
instance returned by methods such as get
and post
.
Assert that a user is authenticated:
$this->assertAuthenticated($guard = null);
Assert that a user is not authenticated:
$this->assertGuest($guard = null);
Assert that a specific user is authenticated:
$this->assertAuthenticatedAs($user, $guard = null);