Improve our approach for testing auth (part 2) - basicAuth #9983
Conversation
Change auth tests to include all shields of the base class. The code is formated to be used in more general cases and increases code reuseability.
We already test all existing classes, no need for a dummy
Add getBadgeExampleCall to extract the first OpenAPI example then reformat it for service invoke function.
Add the testAuth function which tests auth of a service (badge) using a provided dummy response.
Add all auth methods used to testAuth to be generic and used by all services. Add helper functions to make testAuth more readable
Use apiHeaderKey & bearerHeaderKey as function params rather then extracting them with regex from function strings. Those options are now part of an options object param joined with the contentType that replaces header. header was originaly added for setting content type of the reply, so it makes more sense to directly set the content type
Before this commit the QueryStringAuth would only work for the key of stackexchange. This commit makes the testAuth function generic and allows passing user and pass keys.
Might set wrong header for jwt login request. This commit fixes that.
Some services might have more then one authOrigin. This commit makes sure we test for redundent authOrigins as well as support requests to them if needed.
Prior to this change, JwtAuth testing would lead to erros due to the absence of a specified login endpoint, Nock would be dumplicated for both login and non login hosts and indicate a missing request. This commit enforces the requirement for a new jwtLoginEndpoint argument when testing JwtAuth. The argument seperates the endpoint nock scope from the behavior of the request nock.
Some classes can change the auth based on badge inputs. This parameter allows the flexability of overriding the default auth for testing those cases.
Some tests might require non default config for cases where these are set. This allows creating tests for those cases.
Splits testAuth example params into path and query params. Introduce paramType to getBadgeExampleCall
Refactor to add auth static properties. for better integration with testAuth. Refactor bitbucketpullrequest for testAuth
jNullj
force-pushed
the
feat/9493/improve-auth-testing
branch
from
1dca6ff
to
b9d51d1
Compare
jNullj
force-pushed
the
feat/9493/improve-auth-testing
branch
from
100e7dc
to
c6079c5
Compare
Enhance reliability by throwing a TypeError when a service key definition is missing. It's common for a key to be missing and might require the developer that writes tests to provide a fake on that fits the examples used. Key changes: - Added a check for missing service key definitions in getServiceClassAuthOrigin. - Throws a TypeError with a clear message if the key is not found. - Guides devs to use an override if needed which is often.
Addresses a scenario where generateFakeConfig/testAuth would fail for classes using auth.userKey without auth.passKey. Ensures proper handling of user-specific authentication even if a password key is not present. Throws a TypeError only when both fakeKey and fakeUser are missing. Better fit for AuthHelper behivor.
Added for services without openApi examples. Dev can use example override to add example inputs in those cases.
jNullj
force-pushed
the
feat/9493/improve-auth-testing
branch
from
c6079c5
to
8b8bf19
Compare
Some services might have more then one request to auth with the server for the same shield. This commit adds support for those requests in testAuth using the new multipleRequests option.
Missing return for async mocha tests caused the tests to run async and throw errors of one test in another. This commit makes sure all testAuth tests return a promise to mocha for it to await.
jNullj
force-pushed
the
feat/9493/improve-auth-testing
branch
from
6a74894
to
1b425aa
Compare
|
This PR is larger then i anticipated, next time i will break down to groups of 1-2 services. |
|
Yeah - this one looks like a bit of a beast. Just to set expectations, I'm going to be away on holiday all next week so I may not get to reviewing this for a while - we'll see how it goes. It is on my radar though. Thanks for your continued help with this project :) |
|
Hi. Sorry it has taken a while to get back to this. To start with, I've just been looking at the changes to Here's a question for you: I'm not sure I have all the answers, but if every service (or nearly every) service we want to test means we have to add some new optional param to the test helper function to test it, I think that is telling us that we're zeroing in on the wrong abstraction here. |
For scale, in this PR i updated tests of 8 services to use Some insight:
Should we focus on another iteration where we try to reduce some options i mentioned above or should we focus more on new ways to tackle the larger issue? Its hard to tell if we will see many more options used in the tests not yet converted or not before attempting to add those tests. |
This PR is follow-up for #9681 and helps to reach the goal of #9493
This PR will include refactor of all basicAuth services:
Additional changes to authTest:
4d57607 - Add exampleOverride
f156762 - Add authOverride
cd6c65b - Add configOverrid
cf34fae - Split invoke params into path and query
a713669 - Improve error handling, Throw error when service auth key is missing
99a01e1 - Handle case of userKey without passKey
74554d7 - Add option to ignore openApi example in testAuth
8c38355 - Handle auth.defaultToEmptyStringForUser
57163eb - Add support for multiple requests in service