diff --git a/spec/requests/payments_controller_spec.rb b/spec/requests/payments_controller_spec.rb
new file mode 100644
index 0000000000..5201b53b86
--- /dev/null
+++ b/spec/requests/payments_controller_spec.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe "/payments/:id/authorize" do
+  let!(:user) { create(:user) }
+  let!(:order) { create(:order, user:) }
+  let!(:payment) { create(:payment, order:) }
+
+  describe "when user isn't logged in" do
+    it "redirects to the login page and set error flash msg" do
+      get authorize_payment_path(payment)
+      expect(response).to redirect_to(root_path(anchor: "/login", after_login: request.fullpath))
+      expect(flash[:error]).to eq I18n.t("spree.orders.edit.login_to_view_order")
+    end
+  end
+
+  describe "when user is logged in" do
+    before { sign_in user }
+
+    context "has cvv response message" do
+      before do
+        allow_any_instance_of(Spree::Payment).to receive(:cvv_response_message).and_return('http://example.com')
+      end
+
+      it "redirects to the CVV response URL" do
+        get authorize_payment_path(payment)
+        expect(response).to redirect_to('http://example.com')
+      end
+    end
+
+    context "doesn't have cvv response message" do
+      it "redirect to order URL" do
+        get authorize_payment_path(payment)
+        expect(response).to redirect_to(order_url(order))
+      end
+    end
+  end
+end