Bump dependencies

go.mod

@@ -6,6 +6,6 @@ require (
 	github.com/bool64/ctxd v0.1.4
 	github.com/google/uuid v1.2.0
 	github.com/nhatthm/go-clock v0.6.0
-	github.com/nhatthm/httpmock v0.5.3
+	github.com/nhatthm/httpmock v0.6.3
 	github.com/stretchr/testify v1.7.0
 )

go.sum

@@ -3,11 +3,13 @@ github.com/bool64/ctxd v0.1.4/go.mod h1:vbCBsEfD4TGXGTPEEQwjB4M5Ny2MC8r+9N2JSP3y
 github.com/bool64/dev v0.1.25/go.mod h1:cTHiTDNc8EewrQPy3p1obNilpMpdmlUesDkFTF2zRWU=
 github.com/bool64/dev v0.1.26 h1:9RppeANjTKsF0ZEROkgh0z8qKTvpNeVmKnz0uuCAkS4=
 github.com/bool64/dev v0.1.26/go.mod h1:cTHiTDNc8EewrQPy3p1obNilpMpdmlUesDkFTF2zRWU=
+github.com/bool64/shared v0.1.3 h1:gj7XZPYa1flQsCg3q9AIju+W2A1jaexK0fdFu2XtaG0=
 github.com/bool64/shared v0.1.3/go.mod h1:RF1p1Oi29ofgOvinBpetbF5mceOUP3kpMkvLbWOmtm0=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
@@ -23,43 +25,55 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
 github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/iancoleman/orderedmap v0.2.0 h1:sq1N/TFpYH++aViPcaKjys3bDClUEU7s5B+z6jq8pNA=
 github.com/iancoleman/orderedmap v0.2.0/go.mod h1:N0Wam8K1arqPXNWjMo21EXnBPOPp36vB07FNRdD2geA=
 github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
 github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
 github.com/nhatthm/go-clock v0.6.0 h1:R8I8slcnValPDdM4Cd3Tk3JSSDnZk3nPuLzzPFInYtU=
 github.com/nhatthm/go-clock v0.6.0/go.mod h1:KASu97ux5p0fpVsazI4sGJN+HlzeobKsvEtjaFQUXjc=
-github.com/nhatthm/httpmock v0.5.3 h1:ihqVs94sTcFQ4TErOO3+Jxd4HBoxeg6nVQ6r/MgcoP4=
-github.com/nhatthm/httpmock v0.5.3/go.mod h1:jaa6GEXYruoXaNF+QJ+zYCHqQ3RX150rKLnGw2Rjo3o=
+github.com/nhatthm/httpmock v0.6.3 h1:vt2vw2EUsPpyOMfCVrfZ+Rt9ZZVV+yBQiFn0Vd5ECoA=
+github.com/nhatthm/httpmock v0.6.3/go.mod h1:wE9KU1RZGYD0eLqy5bHieJkG4lU0kWauNyrqzj9Lx+U=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
+github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.15.2 h1:l77YT15o814C2qVL47NOyjV/6RbaP7kKdrvZnxQ3Org=
 github.com/onsi/ginkgo v1.15.2/go.mod h1:Dd6YFfwBW84ETqqtL0CPyPXillHgY6XhQH3uuCCTr/o=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/onsi/gomega v1.11.0 h1:+CqWgvj0OZycCaqclBD1pxKHAU+tOkHmQIWvDHq2aug=
 github.com/onsi/gomega v1.11.0/go.mod h1:azGKhqFUon9Vuj0YmTfLSmx0FUwqXYSTl5re8lQLTUg=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
+github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.3.0 h1:NGXK3lHquSN08v5vWalVI/L8XU9hdzE/G6xsrze47As=
 github.com/stretchr/objx v0.3.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/swaggest/assertjson v1.6.4 h1:SZy0H6Dyi+2Jn1PfKBFk+uwQ+3FcwtPthEpcpV84xTg=
 github.com/swaggest/assertjson v1.6.4/go.mod h1:HAXV18oavcbNHwN6wvfzYVrLuAoi3/mJ6sN0ZgNMX9U=
 github.com/swaggest/usecase v0.1.5 h1:xMDWXnYGysVaF2f3ZnmDsn2FlZ8fd3FJD+O+8wl4aNQ=
 github.com/swaggest/usecase v0.1.5/go.mod h1:uubX4ZbjQK1Bnl0xX9hOYpb/IUiSoVKk/yQImawbNMU=
 github.com/yosuke-furukawa/json5 v0.1.2-0.20201207051438-cf7bb3f354ff/go.mod h1:sw49aWDqNdRJ6DYUtIQiaA3xyj2IL9tjeNYmX2ixwcU=
+github.com/yudai/gojsondiff v1.0.0 h1:27cbfqXLVEJ1o8I6v3y9lg8Ydm53EKqHXAOMxEGlCOA=
 github.com/yudai/gojsondiff v1.0.0/go.mod h1:AY32+k2cwILAkW1fbgxQ5mUmMiZFgLIV+FBNExI05xg=
+github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 h1:BHyfKlQyqbsFN5p3IfnEUduWvb9is428/nNb5L3U01M=
 github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM=
+github.com/yudai/pp v2.0.1+incompatible h1:Q4//iY4pNF6yPLZIigmvcl7k/bPgrcTPIFIcmawg5bI=
 github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -71,6 +85,7 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb h1:eBmm0M9fYhWpKZLjQUUKka/LtIxf46G4fxeEz5KJr9U=
 golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -85,8 +100,10 @@ golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210112080510-489259a85091 h1:DMyOG0U+gKfu8JZzg2UQe9MeaC1X+xQWlAKcRnjxjCw=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@@ -105,10 +122,12 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=

pkg/testkit/auth.go

@@ -6,6 +6,7 @@ import (
 	"net/url"
 
 	"github.com/google/uuid"
+	"github.com/nhatthm/httpmock"
 
 	"github.com/nhatthm/n26api/internal/api"
 )
@@ -23,21 +24,27 @@ func expectAuthPasswordLogin(s *Server, username, password string, deviceID uuid
 func expectMFAChallenge(s *Server) *Request {
 	return s.ExpectWithBasicAuth(http.MethodPost, "/api/mfa/challenge").
 		WithHeader("device-token", s.DeviceID().String()).
-		WithBody(`{"challengeType":"oob","mfaToken":"{{MFAToken}}"}`)
+		WithBody(func() httpmock.Matcher {
+			return httpmock.Exactf(`{"challengeType":"oob","mfaToken":%q}`, s.mfaToken)
+		})
 }
 
 func expectConfirmLogin(s *Server) *Request {
 	return s.ExpectWithBasicAuth(http.MethodPost, "/oauth/token").
 		WithHeader("device-token", s.DeviceID().String()).
 		WithHeader("Content-Type", "application/x-www-form-urlencoded").
-		WithBody("grant_type=mfa_oob&mfaToken={{MFAToken}}")
+		WithBody(func() httpmock.Matcher {
+			return httpmock.Exactf("grant_type=mfa_oob&mfaToken=%s", s.mfaToken)
+		})
 }
 
 func expectRefreshToken(s *Server) *Request {
 	return s.ExpectWithBasicAuth(http.MethodPost, "/oauth/token").
 		WithHeader("device-token", s.DeviceID().String()).
 		WithHeader("Content-Type", "application/x-www-form-urlencoded").
-		WithBody("grant_type=refresh_token&refresh_token={{RefreshToken}}")
+		WithBody(func() httpmock.Matcher {
+			return httpmock.Exactf("grant_type=refresh_token&refresh_token=%s", s.refreshToken)
+		})
 }
 
 func returnToken(s *Server) func(_ *http.Request) ([]byte, error) {
@@ -119,7 +126,7 @@ func WithAuthPasswordLoginSuccess(username, password string, deviceID uuid.UUID)
 	return func(s *Server) {
 		expectAuthPasswordLogin(s, username, password, deviceID).
 			ReturnCode(http.StatusForbidden).
-			Handler(func(r *http.Request) ([]byte, error) {
+			WithHandler(func(r *http.Request) ([]byte, error) {
 				mfaToken := uuid.New()
 
 				s.WithMFAToken(mfaToken)
@@ -216,7 +223,7 @@ func WithAuthConfirmLoginSuccess() ServerOption {
 	return func(s *Server) {
 		expectConfirmLogin(s).
 			ReturnCode(http.StatusOK).
-			Handler(returnToken(s))
+			WithHandler(returnToken(s))
 	}
 }
 
@@ -252,7 +259,7 @@ func WithAuthRefreshTokenSuccess() ServerOption {
 	return func(s *Server) {
 		expectRefreshToken(s).
 			ReturnCode(http.StatusOK).
-			Handler(returnToken(s))
+			WithHandler(returnToken(s))
 	}
 }
 

pkg/testkit/mock_test.go

@@ -103,7 +103,9 @@ func TestMockEmptyServer(t *testing.T) {
 					s.WithMFAToken(mfaToken)
 					s.WithRefreshToken(refreshToken)
 					s.ExpectWithBasicAuth(http.MethodGet, "/").
-						WithBody("MFA Token: {{MFAToken}}\nRefresh Token: {{RefreshToken}}").
+						WithBody(func() httpmock.Matcher {
+							return httpmock.Exactf("MFA Token: %s\nRefresh Token: %s", s.MFAToken().String(), s.RefreshToken())
+						}).
 						Return(`{}`)
 				},
 			),

pkg/testkit/server.go

@@ -3,13 +3,10 @@ package testkit
 import (
 	"fmt"
 	"net/http"
-	"strings"
 	"sync"
 
 	"github.com/google/uuid"
 	"github.com/nhatthm/httpmock"
-	"github.com/stretchr/testify/assert"
-
 	"github.com/nhatthm/n26api/pkg/auth"
 	"github.com/nhatthm/n26api/pkg/util"
 )
@@ -136,58 +133,62 @@ func (s *Server) RefreshToken() auth.Token {
 }
 
 // ExpectWithBasicAuth expects a request with Basic Authorization.
-func (s *Server) ExpectWithBasicAuth(method, requestURI string) *Request {
-	return s.Expect(method, requestURI).
-		WithHeader("Authorization", s.BasicAuthorization())
+func (s *Server) ExpectWithBasicAuth(method string, requestURI interface{}) *Request {
+	return s.Server.Expect(method, requestURI).
+		WithHeader("Authorization", func() httpmock.Matcher {
+			return httpmock.Exact(s.BasicAuthorization())
+		})
 }
 
 // Expect expects a request with Bearer Authorization.
 //
 //    Server.Expect(http.MethodGet, "/path").
-func (s *Server) Expect(method, requestURI string) *Request {
+func (s *Server) Expect(method string, requestURI interface{}) *Request {
 	return s.Server.Expect(method, requestURI).
-		WithHeader("Authorization", "Bearer {{accessToken}}")
+		WithHeader("Authorization", func() httpmock.Matcher {
+			return httpmock.Exactf("Bearer %s", s.accessToken)
+		})
 }
 
 // ExpectGet expects a request with Bearer Authorization.
 //
 //   Server.ExpectGet("/path")
-func (s *Server) ExpectGet(requestURI string) *Request {
+func (s *Server) ExpectGet(requestURI interface{}) *Request {
 	return s.Expect(http.MethodGet, requestURI)
 }
 
 // ExpectHead expects a request with Bearer Authorization.
 //
 //   Server.ExpectHead("/path")
-func (s *Server) ExpectHead(requestURI string) *Request {
+func (s *Server) ExpectHead(requestURI interface{}) *Request {
 	return s.Expect(http.MethodHead, requestURI)
 }
 
 // ExpectPost expects a request with Bearer Authorization.
 //
 //   Server.ExpectPost("/path")
-func (s *Server) ExpectPost(requestURI string) *Request {
+func (s *Server) ExpectPost(requestURI interface{}) *Request {
 	return s.Expect(http.MethodPost, requestURI)
 }
 
 // ExpectPut expects a request with Bearer Authorization.
 //
 //   Server.ExpectPut("/path")
-func (s *Server) ExpectPut(requestURI string) *Request {
+func (s *Server) ExpectPut(requestURI interface{}) *Request {
 	return s.Expect(http.MethodPut, requestURI)
 }
 
 // ExpectPatch expects a request with Bearer Authorization.
 //
 //   Server.ExpectPatch("/path")
-func (s *Server) ExpectPatch(requestURI string) *Request {
+func (s *Server) ExpectPatch(requestURI interface{}) *Request {
 	return s.Expect(http.MethodPatch, requestURI)
 }
 
 // ExpectDelete expects a request with Bearer Authorization.
 //
 //   Server.ExpectDelete("/path")
-func (s *Server) ExpectDelete(requestURI string) *Request {
+func (s *Server) ExpectDelete(requestURI interface{}) *Request {
 	return s.Expect(http.MethodDelete, requestURI)
 }
 
@@ -203,21 +204,5 @@ func NewServer(t TestingT) *Server {
 			"Content-Type": "application/json",
 		})
 
-	s.WithRequestMatcher(
-		httpmock.SequentialRequestMatcher(
-			httpmock.WithBodyMatcher(func(t TestingT, expected, body []byte) bool {
-				replaced := strings.ReplaceAll(string(expected), "{{MFAToken}}", s.mfaToken.String())
-				replaced = strings.ReplaceAll(replaced, "{{RefreshToken}}", string(s.refreshToken))
-
-				return assert.Equal(t, []byte(replaced), body)
-			}),
-			httpmock.WithHeaderMatcher(func(t TestingT, expected, header string) bool {
-				replaced := strings.ReplaceAll(expected, "{{accessToken}}", string(s.accessToken))
-
-				return assert.Equal(t, replaced, header)
-			}),
-		),
-	)
-
 	return s
 }

pkg/testkit/server_test.go

@@ -1,6 +1,7 @@
 package testkit
 
 import (
+	"fmt"
 	"net/http"
 	"testing"
 
@@ -114,33 +115,44 @@ func TestServer_ExpectWithBasicAuth(t *testing.T) {
 	}
 
 	assert.Equal(t, http.MethodGet, s.ExpectedRequests[0].Method)
-	assert.Equal(t, "/", s.ExpectedRequests[0].RequestURI)
-	assert.Equal(t, expectedHeaders, s.ExpectedRequests[0].RequestHeader)
+	assert.Equal(t, httpmock.Exact("/"), s.ExpectedRequests[0].RequestURI)
+
+	for key, matcher := range s.ExpectedRequests[0].RequestHeader {
+		assert.True(t, matcher.Match(expectedHeaders[key]))
+	}
 
 	s.ResetExpectations()
 }
 
 func TestServer_Expect(t *testing.T) {
 	t.Parallel()
 
+	accessToken := uuid.New()
+
 	s := MockEmptyServer(func(s *Server) {
+		s.WithAccessToken(accessToken)
 		s.Expect(http.MethodGet, "/")
 	})(t)
 
 	expectedHeaders := httpmock.Header{
-		"Authorization": "Bearer {{accessToken}}",
+		"Authorization": fmt.Sprintf("Bearer %s", accessToken),
 	}
 
 	assert.Equal(t, http.MethodGet, s.ExpectedRequests[0].Method)
-	assert.Equal(t, "/", s.ExpectedRequests[0].RequestURI)
-	assert.Equal(t, expectedHeaders, s.ExpectedRequests[0].RequestHeader)
+	assert.Equal(t, httpmock.Exact("/"), s.ExpectedRequests[0].RequestURI)
+
+	for key, matcher := range s.ExpectedRequests[0].RequestHeader {
+		assert.True(t, matcher.Match(expectedHeaders[key]))
+	}
 
 	s.ResetExpectations()
 }
 
 func TestServer_ExpectAliases(t *testing.T) {
 	t.Parallel()
 
+	accessToken := uuid.New()
+
 	testCases := []struct {
 		scenario       string
 		mockServer     func(s *Server)
@@ -196,14 +208,18 @@ func TestServer_ExpectAliases(t *testing.T) {
 			t.Parallel()
 
 			s := MockEmptyServer(tc.mockServer)(t)
+			s.WithAccessToken(accessToken)
 
 			expectedHeaders := httpmock.Header{
-				"Authorization": "Bearer {{accessToken}}",
+				"Authorization": fmt.Sprintf("Bearer %s", accessToken),
 			}
 
 			assert.Equal(t, tc.expectedMethod, s.ExpectedRequests[0].Method)
-			assert.Equal(t, "/", s.ExpectedRequests[0].RequestURI)
-			assert.Equal(t, expectedHeaders, s.ExpectedRequests[0].RequestHeader)
+			assert.Equal(t, httpmock.Exact("/"), s.ExpectedRequests[0].RequestURI)
+
+			for key, matcher := range s.ExpectedRequests[0].RequestHeader {
+				assert.True(t, matcher.Match(expectedHeaders[key]))
+			}
 
 			s.ResetExpectations()
 		})