1 files changed, 62 insertions, 50 deletions

diff --git a/spec/controllers/projects/alerting/notifications_controller_spec.rb b/spec/controllers/projects/alerting/notifications_controller_spec.rb
index fe0c4ce00bf..2fff8026b22 100644
--- a/spec/controllers/projects/alerting/notifications_controller_spec.rb
+++ b/spec/controllers/projects/alerting/notifications_controller_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'
 
 RSpec.describe Projects::Alerting::NotificationsController do
+  include HttpBasicAuthHelpers
+
   let_it_be(:project) { create(:project) }
   let_it_be(:environment) { create(:environment, project: project) }
 
@@ -53,86 +55,96 @@ RSpec.describe Projects::Alerting::NotificationsController do
         end
       end
 
-      context 'bearer token' do
-        context 'when set' do
-          context 'when extractable' do
-            before do
-              request.headers['HTTP_AUTHORIZATION'] = 'Bearer some token'
-            end
-
-            it 'extracts bearer token' do
-              expect(notify_service).to receive(:execute).with('some token', nil)
-
-              make_request
-            end
-
-            context 'with a corresponding integration' do
-              context 'with integration parameters specified' do
-                let_it_be_with_reload(:integration) { create(:alert_management_http_integration, project: project) }
+      shared_examples 'a working token' do
+        it 'extracts token' do
+          expect(notify_service).to receive(:execute).with('some token', nil)
 
-                let(:params) { project_params(endpoint_identifier: integration.endpoint_identifier, name: integration.name) }
-
-                context 'the integration is active' do
-                  it 'extracts and finds the integration' do
-                    expect(notify_service).to receive(:execute).with('some token', integration)
+          make_request
+        end
 
-                    make_request
-                  end
-                end
+        context 'with a corresponding integration' do
+          context 'with integration parameters specified' do
+            let_it_be_with_reload(:integration) { create(:alert_management_http_integration, project: project) }
 
-                context 'when the integration is inactive' do
-                  before do
-                    integration.update!(active: false)
-                  end
+            let(:params) { project_params(endpoint_identifier: integration.endpoint_identifier, name: integration.name) }
 
-                  it 'does not find an integration' do
-                    expect(notify_service).to receive(:execute).with('some token', nil)
+            context 'the integration is active' do
+              it 'extracts and finds the integration' do
+                expect(notify_service).to receive(:execute).with('some token', integration)
 
-                    make_request
-                  end
-                end
+                make_request
               end
+            end
 
-              context 'without integration parameters specified' do
-                let_it_be(:integration) { create(:alert_management_http_integration, :legacy, project: project) }
+            context 'when the integration is inactive' do
+              before do
+                integration.update!(active: false)
+              end
 
-                it 'extracts and finds the legacy integration' do
-                  expect(notify_service).to receive(:execute).with('some token', integration)
+              it 'does not find an integration' do
+                expect(notify_service).to receive(:execute).with('some token', nil)
 
-                  make_request
-                end
+                make_request
               end
             end
           end
 
-          context 'when inextractable' do
-            it 'passes nil for a non-bearer token' do
-              request.headers['HTTP_AUTHORIZATION'] = 'some token'
+          context 'without integration parameters specified' do
+            let_it_be(:integration) { create(:alert_management_http_integration, :legacy, project: project) }
 
-              expect(notify_service).to receive(:execute).with(nil, nil)
+            it 'extracts and finds the legacy integration' do
+              expect(notify_service).to receive(:execute).with('some token', integration)
 
               make_request
             end
           end
         end
+      end
 
-        context 'when missing' do
-          it 'passes nil' do
-            expect(notify_service).to receive(:execute).with(nil, nil)
-
-            make_request
+      context 'with bearer token' do
+        context 'when set' do
+          before do
+            request.headers.merge(build_token_auth_header('some token'))
           end
+
+          it_behaves_like 'a working token'
+        end
+      end
+
+      context 'with basic auth token' do
+        before do
+          request.headers.merge basic_auth_header(nil, 'some token')
+        end
+
+        it_behaves_like 'a working token'
+      end
+
+      context 'when inextractable token' do
+        it 'passes nil for a non-bearer token' do
+          request.headers['HTTP_AUTHORIZATION'] = 'some token'
+
+          expect(notify_service).to receive(:execute).with(nil, nil)
+
+          make_request
+        end
+      end
+
+      context 'when missing token' do
+        it 'passes nil' do
+          expect(notify_service).to receive(:execute).with(nil, nil)
+
+          make_request
         end
       end
     end
 
-    context 'generic alert payload' do
+    context 'with generic alert payload' do
       it_behaves_like 'process alert payload', Projects::Alerting::NotifyService do
         let(:payload) { { title: 'Alert title' } }
       end
     end
 
-    context 'Prometheus alert payload' do
+    context 'with Prometheus alert payload' do
       include PrometheusHelpers
 
       it_behaves_like 'process alert payload', Projects::Prometheus::Alerts::NotifyService do