![Google Mocks Apple's 'New' iOS 26 Features in Pixel Ad [Video]](https://www.iclarified.com/images/news/97638/97638/97638-640.jpg)
_wsf_AL_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![[The AI Show Episode 153]: OpenAI Releases o3-Pro, Disney Sues Midjourney, Altman: “Gentle Singularity” Is Here, AI and Jobs & News Sites Getting Crushed by AI Search](https://www.marketingaiinstitute.com/hubfs/ep%20153%20cover.png)
![Designing a Robust Modular Hardware-Oriented Application in C++ [closed]](https://i.sstatic.net/f2sQd76t.webp)
.png?#)
.jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#){kind=tracking}
Check if a Signed URL is Valid in Laravel Tests
Introduction There may be times when you want to check whether a URL in your Laravel application is a valid signed URL. Most of the time, this is something you'd need to do in your application code where you can reach for the \Illuminate\Routing\Middleware\ValidateSignature middleware class, or the $request->hasValidSignature() method on the Illuminate\Http\Request class. However, in the past, I've needed to write some tests to ensure that a signed URL is correctly generated and stored in the database. Admittedly, it's not something I need to do often, but I thought it might be useful to share how to do this in case you find yourself in a similar situation. In this Quickfire article, I'm going to show you how to check whether a signed URL is valid in your tests. If you're not familiar with signed URLs, you might be interested in my existing article which explains what they are: How to Assert Redirects to Signed URLs in Laravel Tests Checking if a Signed URL is Valid in Laravel Tests Let's imagine we're building a Laravel application that allows users to invite other users to join their team. When a user invites another user, we'll assume a new team_invitation_url field is created on an App\Models\Invitation model, which contains a signed URL that the invitee can use to join the team. Note: You'd likely use a different approach than storing the hardcoded URL in the database. But this example is purely to demonstrate how to check if a signed URL is valid. To check if the team_invitation_url is a valid signed URL, we need to create an instance of the Illuminate\Http\Request class using the URL stored in the team_invitation_url field. Then, we can use the hasValidSignature method to check if the URL is valid: use Illuminate\Http\Request; $isValid = Request::create($invitation->team_invitation_url)->hasValidSignature(); If the URL is in fact a valid signed URL, the $isValid variable will be true. Otherwise, if the URL is not a valid signed URL or has expired, it will be false. Let's take a look at how we could use this in an example test case: use App\Actions\InviteUserToTeamAction; use App\Models\User; use Illuminate\Http\Request; use PHPUnit\Framework\Attributes\Test; use Tests\TestCase; class UserTest extends TestCase { #[Test] public function user_can_be_invited(): void { // Create a user and another user to invite. $user = User::factory()->create(); $userToInvite = User::factory()->create(); // Call the action to invite the user. // The action will return an instance of `App\Models\Invitation`. $invitation = new InviteUserToTeamAction()->execute( user: $user, userToInvite: $userToInvite ); // Other assertions to check the user was invited correctly... // Assert the `team_invitation_url` is a valid signed URL. $this->assertTrue( Request::create($invitation->team_invitation_url)->hasValidSignature(), ); } } As we can see in the example test above, we're inviting a user to a team using an App\Actions\InviteUserToTeamAction action. After the user is invited, we're then asserting that the team_invitation_url is a valid signed URL using the hasValidSignature method on the Illuminate\Http\Request instance created from the URL. As a result of this assertion, we can have confidence that we're generating valid signed URLs in our application. Conclusion In this Quickfire article, we've taken a quick look at how to check whether a signed URL is valid in your Laravel tests. If you enjoyed reading this post, you might be interested in checking out my 220+ page ebook "Battle Ready Laravel" which covers similar topics in more depth. Or, you might want to check out my other 440+ page ebook "Consuming APIs in Laravel" which teaches you how to use Laravel to consume APIs from other services. If you're interested in getting updated each time I publish a new post, feel free to sign up for my newsletter. Keep on building awesome stuff!
Introduction
There may be times when you want to check whether a URL in your Laravel application is a valid signed URL. Most of the time, this is something you'd need to do in your application code where you can reach for the \Illuminate\Routing\Middleware\ValidateSignature middleware class, or the $request->hasValidSignature() method on the Illuminate\Http\Request class.
However, in the past, I've needed to write some tests to ensure that a signed URL is correctly generated and stored in the database. Admittedly, it's not something I need to do often, but I thought it might be useful to share how to do this in case you find yourself in a similar situation.
In this Quickfire article, I'm going to show you how to check whether a signed URL is valid in your tests.
If you're not familiar with signed URLs, you might be interested in my existing article which explains what they are: How to Assert Redirects to Signed URLs in Laravel Tests
Checking if a Signed URL is Valid in Laravel Tests
Let's imagine we're building a Laravel application that allows users to invite other users to join their team. When a user invites another user, we'll assume a new team_invitation_url field is created on an App\Models\Invitation model, which contains a signed URL that the invitee can use to join the team.
Note: You'd likely use a different approach than storing the hardcoded URL in the database. But this example is purely to demonstrate how to check if a signed URL is valid.
To check if the team_invitation_url is a valid signed URL, we need to create an instance of the Illuminate\Http\Request class using the URL stored in the team_invitation_url field. Then, we can use the hasValidSignature method to check if the URL is valid:
use Illuminate\Http\Request;
$isValid = Request::create($invitation->team_invitation_url)->hasValidSignature();
If the URL is in fact a valid signed URL, the $isValid variable will be true. Otherwise, if the URL is not a valid signed URL or has expired, it will be false.
Let's take a look at how we could use this in an example test case:
use App\Actions\InviteUserToTeamAction;
use App\Models\User;
use Illuminate\Http\Request;
use PHPUnit\Framework\Attributes\Test;
use Tests\TestCase;
class UserTest extends TestCase
{
#[Test]
public function user_can_be_invited(): void
{
// Create a user and another user to invite.
$user = User::factory()->create();
$userToInvite = User::factory()->create();
// Call the action to invite the user.
// The action will return an instance of `App\Models\Invitation`.
$invitation = new InviteUserToTeamAction()->execute(
user: $user,
userToInvite: $userToInvite
);
// Other assertions to check the user was invited correctly...
// Assert the `team_invitation_url` is a valid signed URL.
$this->assertTrue(
Request::create($invitation->team_invitation_url)->hasValidSignature(),
);
}
}
As we can see in the example test above, we're inviting a user to a team using an App\Actions\InviteUserToTeamAction action. After the user is invited, we're then asserting that the team_invitation_url is a valid signed URL using the hasValidSignature method on the Illuminate\Http\Request instance created from the URL.
As a result of this assertion, we can have confidence that we're generating valid signed URLs in our application.
Conclusion
In this Quickfire article, we've taken a quick look at how to check whether a signed URL is valid in your Laravel tests.
If you enjoyed reading this post, you might be interested in checking out my 220+ page ebook "Battle Ready Laravel" which covers similar topics in more depth.
Or, you might want to check out my other 440+ page ebook "Consuming APIs in Laravel" which teaches you how to use Laravel to consume APIs from other services.
If you're interested in getting updated each time I publish a new post, feel free to sign up for my newsletter.
Keep on building awesome stuff!
