I have FastAPI project which does the following:
Register users(unauthenticated)
CRUD operations on user resources(authenticated)
What I want to do:
Develop an automated testing framework to unit test all the APIs
Run that on a devops platform like jenkins regularly
Run it locally before deployment
Some specific doubts I have:
For testing, should I use the OpenAPI generated client sdk or the FastAPI client or use the python requests module?
Authentication should happen only once and reuse the JWT token or fresh authentication for each API test ?
Should I use the same pydantic modules for dev and testing or re-write them to ensure that no issues were introduced in case of updated models ?
How to do proper unit testing when one API requires result from multiple other APIs?
Use the built-in TestClient
Use a fixture and let pytest sort it out for you; if it's too slow to reauthenticate each time, change the scope of the fixture to a larger scope (i.e. class, module, session, etc.). You can also use FastAPI's dependency_overrides to let your tests run with static authentication configured (so that you can skip actually authenticating in most of your tests).
You should test what you use in your application. Nothing specific written for your tests, except if necessary to make your application testable in a better way.
The only "proper" thing is that your API has been tested to work as you expect it to work. Do multiple API calls if necessary, but move them into fixtures to get composable sets of dependencies for tests (i.e. the result of the fixture can be cached and re-used for all tests in a test class if necessary). If you have tests that depend on a customer being created, create a fixture that creates a customer and use that fixture in the tests where a created customer is necessary.
Related
I'm using Django with DRF as just an API--it doesn't serve any FE assets of any kind. I know the Django testing suite is built on the Python native unittest library and plan on using it for unit testing.
When it comes to integration testing, is it sufficient or should something like Behave be used?
If unittest is sufficient, should it be used in conjunction with some kind of faker?
If you want to test the API contract, you need:
to read the relevant documentation
have a way to generate models you need. My advice is to use factory-boy.
This setup will test your urlconfs, views, serializers and to some extent your models, without the need for real server and without the need to mock API responses.
Let's say I have a frontend application written in Angular and a backend application written in Django and Django Rest Framework. I created unit tests for backend application (with pytest) and I'm about to create some functional tests for the frontend application. The thing is that the frontend app needs access to the backend app in order to work correctly. I can write some mocks to handle that, but I am not sure if this is the best way to do that.
My question is, what is the best way to handle that? Should I use a single git repo for both applications or maybe a better way is to use two repositories, but then how to handle the tests for frontend application?
I was also thinking about using selenium with pytest, but then I would have to use a single repository. I am a little bit confused and would really use some good advice. Thanks!
Unit tests as the name suggests is testing separate units of the code in isolation. Meaning that it does not have to depend on any other part, else, you wouldn't know if the test is failing for that particular unit or the units it depends on.
As a result, all tests should mock the request to the backend and return valid responses (or invalid, if you're testing for error handling). The same applies to any other external service that the unit depends on.
I see WebTestCase and Symfony come up a lot...I have some unit tests in PHPUnit already but really need higher level tests...I do not need anything fancy like Selenium (the UI is done in ExtJS but this could change entirely to Polymer in the future) I just need to post data and check the JSON results.
Can this be done via PHPUnit or do I need to bring in Symfony and it's WebTestCase?
Testing RESTful web services using PHPUnit
Note: I am actually looking to test the services -- no mocked objects desired -- I need to login when the test suite is first run -- store the SESSION ID and go through each test...
I have achieved success in writing PHP functional tests using Guzzle.
It allows you to perform HTTP requests like this:
$client = new GuzzleHttp\Client();
$response = $client->get('http://guzzlephp.org');
And the $client will maintain the PHPSESSIONID across requests, allowing you to perform authenticated requests by logging in and then performing requests with the same client.
We are using securesocial module for authentication in Play 2 application.
I have two questions concerning this module.
Firstly, is there an easy way to disable the authorization checking in out development environment, preferably w/o commenting all #SecureSocial.SecuredAction annotations.
Secondly, what is the preferred way to unit test methods that use securesocial in Java? For example I have a call to ctx().args.get(SecureSocial.USER_KEY); in controller for getting the identity. If I would want to unit test this method, how can I mock out this identity? Or maybe secure social has some utility classes that can help unit testing?
We decided to create method getUser in our controller and then in unit-tests we are using http://www.javassist.org/ library to remove securesocial annotations and also to change return value of getUser to some mock that is created in test classes.
My web app is a Google OpenID consumer (with Attribute Exchange and OAuth Extension) and I need to write some unit test for it [edit: to test the unit that is responsible to interact with google].
The problem is that default OpenID login procedure needs user interaction (entering user/pass) which is not possible in unit test.
Do you have any idea how can I solve this problem and unit test my OpenID consumer app?
(I prefer not to run my own OpenID provider.)
You need to use a remote controlled browser for this. Selenium was made for this use case.
(indeed they are called functional tests then).
Search on Google for the best way to integrate selenium tests into your web framework.
If I understand you want to test your all application and not just "unit test" it.
The actual test framework depends on the technology your application is using. For example there are many UI and web automation tools that can do what you want.
You should also unit test your core functionality or at least write several integration tests that work against an actual Openid provider but instead of running the entire application just test the functionality of the class (if you're using language that has classes) to make sure it can get the b.
I would also write a couple of unit tests that call a fake provider to test how your code behaves in case of error, connection problems and plain vanilla responses.