Open 1jamesthompson1 opened 4 days ago
How can I simulate a login to then allow the testing of protected api?
Simulating a login is not easy (you could use UI simulation tools such as Selenium), and sometimes impossible by design (when the Identity Provider enforces multi-factor authentication).
In your case, you try to test some APIs. You shall consider manually test them once, and then reuse the test input and output via mocking.
I wanted to say I also was met with this problem recently and wasn't sure how to go about it, so anything you find I'd be interested to see!
I ended up with two versions of the app to test. I tested one with the auth in place and checked that the response was the beginning of the auth flow.
Then for endpoint tests I mocked the Auth
object with my own mocked Auth
class that used session info that I injected to build the similar user and access_token to the context.
Though the app I was testing is not critical or large so this method was enough to satisfy me.
Then for endpoint tests I mocked the
Auth
object with my own mockedAuth
class that used session info that I injected to build the similar user and access_token to the context.
Sounds interesting. If you can share your implementation, that would be helpful.
Also, keep in mind that you can mock an Auth
object and/or its context
for the login only, you won't be able to mock it with an access token to call other APIs. Those APIs would need a real token to access.
Firstly thanks for your project, it is making it much easier to setup a login then doing it through MSAL.
I am new to working with AZURE and trying to do basic login etc. I am trying to update my tests. How can I simulate a login to then allow the testing of protected api?
Curerntly they looks like: