I am implementing some integration tests here between my mobile apk and the server API. I am using JAVA and Robotium for the UI tests. I need send some Json requests to the server and check if the behaviour on the app is correct after this change.
I have suggested create the jsons in a script and inside of the a step of the scenario (Given step) send this json to the server, but this would duplicate the effort when maintaining the scenario on server automation (Jmeter scripts) and mobile automation (Cucumber-JVM and Robotium).
Is anyone has an idea how I could implement integrated tests between the mobile app and the server API without duplicating the scenarios on both of the automations ?
I found a strategy to do the integration tests between the app and the server API, google suggests Hermetic tests:
http://googletesting.blogspot.co.uk/2012/10/hermetic-servers.html
http://googletesting.blogspot.co.uk/2015/03/android-ui-automated-testing.html
Some good points are:
- You are not mocking the server anymore
- You don't need to worry about to maintain the mock server and the test
- You are running without need a network connection
- The tests are more reliable
Related
I want to add WebAuthN as an option for multi factor authentication to an Angular & Spring application. I use the WebAuthN java-webauthn-server library from Yubico.
What is the best way to integration test my WebAuthN server, without a hardware client? Is there any software that can handle the cryptography in an automated test? I want to run these tests automatically in the CI/CD pipeline (GitLab).
In a best case scenario I want to be able to test the whole process, creating credentials as well as logging in. An alternative scenario could be that I use known credentials in the backend and only log in with these.
My API is REST/JSON based, with relying party, user, challenge, pubKey etc...
My integration tests are Java based (spring boot starter test)
I am mainly interested in how to integration test the server without the client side. Are there utility programs or libraries that can handle authenticators and return the correct data/json objects?
I have looked at Testing WebAuthn via REST tool, however, I am not interested in testing the specification, since I am using a library, I only want to ensure that I applied the library correctly to my code.
If you are only interested in testing the server side, you can write a simple webpage with buttons that exercise your endpoints and call navigator.credentials.(create|get). You can then instrument a browser using Selenium 4+, set up Virtual Authenticators, and run tests against that webpage. Take a look at the selenium tests for an example. The code to set up the authenticators looks like this in java:
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions();
options.setTransport(Transport.INTERNAL)
.setHasUserVerification(true)
.setIsUserVerified(true);
VirtualAuthenticator authenticator =
((HasVirtualAuthenticator) driver).addVirtualAuthenticator(options);
Pay attention to setting up the authenticator with the right settings to match your webauthn call. You should pick the right user verification support, resident keys support, and internal (i.e. platform) vs usb / nfc / ble (i.e. cross-platform) transport.
If you're using an older version of selenium, you'll have to manually define the commands yourself. The code should look like
browser.driver.getExecutor().defineCommand(
"AddVirtualAuthenticator", "POST", "/session/:sessionId/webauthn/authenticator");
// ...
Command addVirtualAuthCommand = new Command("AddVirtualAuthenticator");
addVirtualAuthCommand.setParameter("protocol", "ctap2");
addVirtualAuthCommand.setParameter("transport", "usb");
browser.driver.getExecutor().execute(addVirtualAuthCommand);
Running selenium tests might take a bit of work if you aren't already using it for integration testing. However, this implementation will very closely match reality. From the browser's perspective, the virtual authenticator is real hardware. The response from the authenticator will be processed by the browser as if it was real.
At the moment, only chromium based browsers support Virtual Authenticators.
I'm working on a project which receives json data via REST and after some processing sends them further. I.e. it has both HTTP-server and HTTP-client parts.
Now I'm told to add integration tests to them and was proposed to use Citrus framework. I see it has citrus-http module, but after setting all things up I do not feel very happy with it for I do not want write tests in XML (while it is required they should not be written in compiled code).
So I started to think about using JBehave, but I have no experience with testing http with it - and I could not find necessary examples at once. It seems I need to start http server, send some data with http client and check the result on the server. But are there any modules or JBehave-friendly framework for providing this "http" part - or I should create them from scratch?
You could use WireMock. It's a library that works really good with http requests. You could start your WireMock server in #BeforeStory and it will start recording and then shut it down in your #AfterStory in your steps class. You will have your response for your request stored in a file and it will be easy to work with.
Your assumption that Citrus only supports XML tests is wrong. Citrus also provides a Java DSL for writing tests. Here is an example:
#CitrusTest
public void testHttp() {
http().client("http://localhost:8080")
.post()
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.payload("name=Penny&age=20");
http().client("http://localhost:8080")
.response(HttpStatus.OK);
}
JBehave is a BDD (Behavior Driven Development) framework and has nothing to do with Http testing in particular. You can combine any Http test library with JBehave
I have a service that calls out to a third-party endpoint using java.net.URLConnection. As part of an integration test that uses this service I would like to use a fake endpoint of my own construction.
I have made a Spring MVC Controller that simulates that behaviour of the endpoint I require. (I know this endpoint works as expected as I included it in my web app's servlet config and hit it from a browser once started).
I am having trouble figuring out how I can get this fake endpoint available for my integration test.
Is there some feature of Spring-Test that would help me here?
Do I somehow need to start up a servlet at the beginning of my test?
Are there any other solutions entirely?
It's a bad idea to use a Spring MVC controller as a fake endpoint. There is no way to simply have the controller available for the integration test and starting a servlet with just that controller alongside whatever you are testing requires a lot of configuration.
It is much better to use a mocking framework like MockServer (http://www.mock-server.com/) to create your fake endpoint. MockServer should be powerful enough to cover even complex responses from the fake endpoint, with relatively little setup.
Check out Spring MVC Test that was added to Spring in version 3.2.
Here are some tutorials: 1, 2, 3
First I think we should get the terminology right. There are two general groups of "fake" objects in testing (simplified): a mock, which returns predefined answers on predefined input and stubs which are a simplified version of the object the SUT (system under test) communicates with. While a mock basically does nothing than to provide a response, a stub might use a live algorithm, but not store it's results in a database or send them to customers via eMail for example. I am no expert in testing, but those two fake objects are rather to be used in unit and depending on their scope in acceptance tests.
So your sut communicates with a remote system during integration test. In my book this is the perfect time to actually test how your software integrates with other systems, so your software should be tested against a test version of the remote system. In case this is not possible (they might not have a test system) you are conceptually in some sort of trouble. You can shape your stub or mock only in a way you expect it to work, very much like the part of the software you have written to communicate with that remote service. This leaves out some important things you want to test with integration tests: Was the client side implemented correctly so that it will work with the live server. Do we have to develop work around as there are implementation errors on the server side? In which scale will the communication with the remote system affect our software's performance? Do our authentication credentials work? Does the authentication mechanism work? What are the technical and conceptual implications of this communication relationship no one has thought of so far? (Believe me, the latter will happen more often than you might expect!)
Generally speaking: What will happen if you do integration tests against a mock or a stub is that you test against your own understanding of how to implement the client and the server side of communication, and you do not test how your client works with the actual remote server or at least the best thing next to that, a test system. I can tell you from experience: never make assumptions on how a remote system should behave - test it. Even when talking of a JMS server: test it!
In case you are working for a company, testing against a provided test system is even more important: if you software works against a test system and you can prove it (selenium is a good helper here, as well as good logging, believe it or not) and your software does not work with a live version, you have a situation which I call "instablame": it is immediately obvious that it is not your fault the software isn't working. I myself hate fingerpointing to the bone, but most suits tend to ask "Who's fault was it?" even before "Can we fix that immediately?" and way before "How can we solve that problem?". And there is a special group of suits called lawyers, you know ... ;)
That being said: if you absolutely have to use those stubs during your integration tests, I would create an own project for them (let's say "MyProject-IT-Stubs" and build and run the latest version of MyProject-IT-Stubs before I run the IT of my main project. When using maven, you could create MyProject-IT-Stubs with war packaging, call it as a dependency during the pre-integration-test phase and fire up a jetty for this war in the same phase. Then your integration tests run, either successful or not and you can tear down the jetty in the post-integration-test phase.
The IMHO best way to organize your project with maven would be to have a project with three modules: MyProject,MyProject-IT-Stubs and MyProject-IT(declaring dependencies on MyProject and MyProject-IT-Stubs. This keeps your projects nice and tidy and the stubs do not pollute your project. You might want to think about organizing MyProject-IT-Stubs into modules as well, one for each remote system you have to talk to. As soon as you have test access, you can simply deactivate the according module in MyProject-IT-Stubs.
I am sure according options exist for InsertYourBuildToolHere.
How do I write integration test for an application that interacts with website ?
More specifically I have an application that interacts with Flickr website.During the OAuth authorization process flickr website display's the verifier code which the user has to copy and paste into my application. Now how do I automate this process so that I can test the application automatically.I am using swing for GUI.
Writing automation that depends on external services can be tricky. For something like this, I would advise you to set up a mock service, or some other way of using canned responses.
I've had success doing this a couple of ways:
Writing an external mock service, using something like bottle.py. This has the advantage of requiring little to no modification to your existing codebase, but obviously requires a bit of work to ensure that this external process is managed correctly as part of your test suite, especially if you are running tests in a CI environment.
Using dependency injection, you can write mock network components, and swap the real network components for your mock components for testing. I recommend this approach, but it will require a bit of modification to your codebase.
i'm looking for a test framework (preverably in Java) to create system tests.
The system i need to test is an ESB offering multiple http endpoint for receiving and pushing messages, a JMS Server and a JBoss-Application Server with a Database at the end.
I want to create test scenarios which defines incoming messages to the ESB, the response which should be send to the request and the expected values in the database.
The chain is:
http(ESB) -> JMS -> JBoss -> Database
but also:
Database -> JBoss -> JMS -> ESB(http)
The tests should be implemented as JUnit test or in a way that they can be fired by Hudson.
It would be nice, if it is also possible to test the exchanged JMS messages.
I used to work with a framework that fits the needs, but this was in a different company, and, it was self written and sometimes a pain in the a..
I know i'm not the only and first one who needs something like this =)
I implemented something similar using JUnit test. The project was maven-based and I ran it on Hudson. I used maven-surefire-plugin for test execution and maven-sql-plugin to set clean DB on each execution.
Hope it helps...