Is it possible to test this locally via a rest tool. I've created the backend to generate the challenge etc for Registration of new creds, but without the WebAuthn response I'm at a loss if I have created the correct way to digest the response object from WebAuthn.
If you're writing a FIDO2 / WebAuthn library, the FIDO Alliance does actually provide with a test suite that should be capable of generating tests: FIDO Alliance - Conformance SelfâValidation Testing (then clic on "registration" in the "FIDO2 Test Tools" section).
Note that the same FIDO Alliance proposes a non-mandatory standard way of exposing FIDO2 through a REST API: Transport Binding Profile
You can request FIDO conformance tools here
I believe we will choose FIDO2 if we now start implementing FIDO
See the screenshot below
If you want some data to test with
Related
I write a lot of apps that end up integrating with Google Drive for one reason or another. It's such a useful cloud based storage utility that it's got integrations all over the place.
So many of my integration tests are needing to call the actual Google API. Such a waste.
You can use Mockito to mock it, but that's a ton of work. And it's only for unit testing that has stubbed out mocks.
Has anyone made a mock HTTP web service that can mock the Google drive api?
I was hoping to find someone who created a Docker container that fires up a mock Google drive api that you can point the Google-drive-sdk to and have it work from a linux filesystem backend.
S3 has this. Example: https://hub.docker.com/r/lphoward/fake-s3/
I'm pretty sure no such docker container exists. Is there there anything in the makes at Google? Thanks for your time!
Here's what I have found:
For JAVA:
Please try checking HTTP Unit Testing. As mentioned in the documentation:
When writing unit tests using this HTTP framework, don't make requests to a real server. Instead, mock the HTTP transport and inject fake HTTP requests and responses. The pluggable HTTP transport layer of the Google HTTP Client Library for Java makes this flexible and simple to do.
Also, some useful testing utilities are included in the com.google.api.client.testing.http package (#Beta).
For Android:
If you're using Android Studio, the location of your test code depends on the type of test you are writing. Android Studio provides source code directories (source sets).
Local unit tests
Located at module-name/src/test/java/.
These are tests that run on your machine's local Java Virtual Machine (JVM). Use these tests to minimize execution time when your tests have no Android framework dependencies or when you can mock the Android framework dependencies.
At runtime, these tests are executed against a modified version of android.jar where all final modifiers have been stripped off. This lets you use popular mocking libraries, like Mockito.
You may want check this SO post and see if it helps.
For Python:
You may try Mocks.
The use of Mock objects is a standard testing methodology for Python and other object-oriented languages. This library defines Mock classes that simulate responses to API calls. You can use them to test how your code handles basic interactions with Google APIs.
You can use the HttpMock class which simulates the response to a single HTTP request.
Hope that helps!
For python, if you are brave, you could use vcrpy as gcsfs does. It records all requests and responses over HTTP into YAML files, which you can then test against, with complex matching (so that, for instance, etags and timestamps don't matter) and replacement rules (so that secure data isn't leaked into version control).
My project has gotten into web services lately, but our QA team has a request to be able to set up a clone client and clone web service so that they can issue a request from the clone client to the real web service and from the real client to the clone service to test the real pieces individually.
The clone client to real web service part is easy, I just wrap the generated client in a main() app that picks up data to send that the test team specifies. But the service part is confusing to me. How can I make a dummy service that just echoes out its requests to a log without affecting the real service? I want the real client to use the same generated client code, just point the soft-coded URL to the URL of the dummy.
If I define a new web service with identical names and signatures to the real service, can the real client hit the dummy with just a URL change? Or is it more complicated? Am I barking up the wrong tree?
Re: Making a dummy service
This would actually be called making a "mock" service or a web service "stub". You don't even technically have to code it - you can use tools. For example, SoapUI has the ability to import a WSDL and create a mock service. The have some other discussion of mock services as well - they can be used both to test the client application (or to simply develop it before the back-end resources are ready or available). To use a WSDL-based service stub you would simply change the endpoint of your client-under-test to the stub instance. SoapUI will show you (and let you configure) the stub's endpoint URL.
The trendy term for service mocking and stubbing is "service virtualization" (not to be confused with server virtualization as in virtual machines). Searches using this terminology will find you even more powerful (and expensive) tooling.
Re: Just a URL Change
Yep, for the most part. So long as the XML namespaces are the same and the WSDL is the same (minus endpoint URL) you should be fine. Since the WSDL acts as an interface contract, the stub MUST accept those same inputs and produce those same outputs. How it does so, of course, is up to you.
PS - free extra advice - Don't code a dummy client. Use tools (I'll use SoapUI again as an example free tool) to make your web service testing more robust and repeatable. You can create test suites with sample SOAP requests, add assertions on how the service should behave, and best of all - your investment in time of creating a test project can be shared across team members, cutting down time to test setup and making sure testing is thorough and repeatable. If you code a client, every tester/user of the test client will have their own way of testing, response inspection will probably be manual, and you'll notice when your best QA tester goes on vacation because regressions slip into the web service product. Repeatable testing can nix this, and tool based automated functional testing is the bees knees. You're already on the right path by testing the pieces individually.
The idea is to call a method from a website(in php) to my application (in Grails). The application will serve data in json format.
The website and the application are hosted in two different servers. The website is on Yahoo and the application is on Rackspace.
Now, I want to create a web service in my Grails application which serves list of cities in json format.
City Class
class City {
String name
String code
}
How do i write the web service method?
Try the grails jaxrs plugin (https://github.com/krasserm/grails-jaxrs) which will do excactly what you want without any hassle.
Simply install it, create a Resource object with the introduced create-resource command and create and annotate the methods as you wish. all other things are managed by the plugin so you don't have to worry about Controller or UrlMapping...
You need only the annotation #Resource(uri='/cities') on your domain and call the url/cities.json (but, its'n RESTful)
You will want to use a few tools, first you will create a controller that deals with the requests and pushes them off to your service layer.
You can use URL Mappings to make it more RESTFul check out the doc that way all the http methods will be mapped to actions in your controller.
Also if you will be doing a fair bit of json I would recomend starting with the gson plugin it has a fuller feature set then the built in JSON support.
The link from the comment above is a great resource to read as well.
I have found that I most of the time want to support the accept header as well in which case you will need to update your config with the following code. See withFormat doc for more info.
grails.mime.use.accept.header = true
i need a webservice which listens to tfs (2010). The tfs will trigger an alert when build quality is changed. i want to process that SOAP message using a webservice. how do i create that? is there any template? i am a rookie in c# &.net...it would be much helpful if someone gives me a template...thx a lot
Instead of using this method for using WCF event handlers, I would actually use the new ISubscriber method. We additionally discuss how it works in Chapter 25 of our book, Professional Team Foundation Server 2010 by Wrox.
The open source project TFS Global Alerts implements just that. You can browse the code and use it as a template.
Web services generally make a request, get a response, and leave. They don't hang around listening.
TFS is capable of sending notifications. It's a fairly simple process. For starters, here is a how-to article that says:
TFS notifications are useful in sending alerts when a work item is changed, the build is completed, build property changed etc.
Edit: TFS offers several types of alerts, including email and SOAP, as explained in this posting on How To Subscribe to TFS Alerts which states:
Microsoft Team Foundation Server (TFS) contains a collection of services including version control, work item tracking, and the EventService service. EventService exposes a set of events that performs actions such as sending e-mail or a SOAP-based Web service call.
and a bit more
If you want to get notified for all new workitems, regardless of who
they get assigned to, you will want a custom subscription...First option is to create alert with the BisSubscribe tool ... the preferred message delivery type: EmailHtml, EmailPlaintext, or SOAP. Default is SOAP.
You can create a WCF service to receive these alerts. Please see "How to use WCF to subscribe to the TFS 2010 Event Service [rolling up hours]".
I am a novice in web services. I am totally new to testing web services.
A new project demands that I test the web services, and the customer is in favor of any open source tool.
What is the approach to testing web services?
Also Please suggest a tool(with minimal scripting) to test web services?
Check out SoapUI - one of the best web service test tools - plus it's free!!
They also have a "Pro" version which costs - you can do more stuff, like load testing etc., but the free version is quite good enough for most of your testing, I'd say!
Given a WSDL (online or stored as file), it'll create stubs for each method, which you can then use to create requests (as XML), fill in the blanks (the parameter values), and then you can send off your request to the web service and see what comes back as a response.
SoapUI also allows you to write scripted tests than can be run over and over again.
Excellent tool - can't praise it enough!
Marc
Additionally you could use Firefox Poster in order to test your web service by passing XML-packets manually.
Check it here:
FF Poster
SoapUI is a great tool to test SOAP webservices. It allows you to test a SOAP client or a SOAP server.
Another very useful tool is Fiddler. Fiddler isn't necessarily aimed at testing webservices (it's a HTTP debugger), but since SOAP webservices run over HTTP, you can use it to testing. Another very important advantage of using Fiddler is the fact that you can test REST webservices also.
You might want to consider robot framework. It is a generic, keyword-driven testing framework. There are libraries for testing REST and SOAP based web services. It can also be used to test web pages (via a selenium library), databases, and a whole lot more.
robotframework has a ton of built-in keywords, and there are additional libraries that do much more. You are also able to develop your own keywords in python, java, .NET languages, or any other language.