#Can't perform API requests in medusa test runner

2 messages · Page 1 of 1 (latest)

tight depot
#

Hello, I'm new here. I would love to help others once I get a good grasp of Medusa, but for now, I need your help.

I've been developing tests for my workflows and I've not being able to run api methods that require x-publishable-api-key header.

I'm creating all the prerequisites for the test in the beforeAll block, but I'm not adding these steps here to reduce verbosity.

I'll share one test for reference:

it("should apply promotion after customer creates account", async () => {
                const storeHeaders: Record<string, string> = {
                    "x-publishable-api-key": pak.token,
                    "Content-Type": "application/json",
                };

                const regTokenRes = await api
                    .post(
                        "/auth/customer/emailpass/register",
                        { email: "[email protected]", password: "supersecret" },
                        { headers: { "Content-Type": "application/json" } },
                    )
                    .catch((e) => {
                        console.error("Registration error:", e.response?.data);
                        throw e;
                    });

                const registrationToken = regTokenRes.data.token;

                await api
                    .post(
                        "/store/customers",
                        { email: "[email protected]" },
                        {
                            headers: {
                                ...storeHeaders,
                                Authorization: `Bearer ${registrationToken}`,
                            },
                        },
                    )
                    .catch((e) => {
                        console.error("Registration error:", e.response?.data);
                        throw e;
                    });

                const loginRes = await api.post(
                    "/auth/customer/emailpass",
                    { email: "[email protected]", password: "supersecret" },
                    { headers: { "Content-Type": "application/json" } },
                );
                const authToken = loginRes.data.token;

                const transferRes = await api.post(
                    `/store/carts/${cartId}/customer`,
                    {},
                    {
                        headers: {
                            ...storeHeaders,
                            authorization: `Bearer ${authToken}`,
                        },
                    },
                );

                expect(transferRes.status).toEqual(200);
                expect(transferRes.data.cart.id).toEqual(cartId);
            });

These are the steps on this test:

  1. create api key via createApiKeyWorkflow (succesful)
  2. check if api key has linked sales channel (no sales channel)
  3. if api key don't have sales channel, link default channel to api key via linkSalesChannelsToApiKeyWorkflow (links sales channel succesfully)
  4. create registration token via api.post(/auth/customer/emailpass/register) (response: 200)
  5. create customer via api.post(/store/customers) (400 error: not allowed, message: "A valid publishable key is required to proceed with the request`
  6. login customer via api.post(/auth/customer/emailpass) (does not reach this step)

What I've Done

  1. I've check every step with console.log
  2. I've used query to verify each workflow produce the desired changes
  3. I've asked Bloom, the Medusa AI docs helper

No idea what else I can do. I've been thinkin on using a SDK instance for my test instead of the api variable provided by the Medusa test suite.

acoustic prairie
#

That error means Medusa is not recognizing the header value as a valid publishable key, not just that the sales channel is missing.

For /store routes, you need both:

  1. a real publishable API key token in x-publishable-api-key
  2. that key linked to a sales channel.

So I'd check these first:

  • make sure the key was created as publishable, not secret
  • make sure you’re sending the token, not the key id
  • make sure the sales channel link is actually there

So I probably would not switch to the SDK yet. I'd first verify that the exact publishable key token being created is the same one being sent in the header. 🙂