<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi Shoubhik,</p>
<p>I think both kinds of test have their place. If we want to verify
that our code does what we want it to do (tests as specification),
it makes a lot of sense to test very specific interactions. Since
OAuth is basically a sequence of requests to our server, there
really isn't a need to "mock" anything: it's just a sequence of
http requests where we need to check the proper responses. I would
want this test to work without needing anything outside my local
machine, so that I can work when I'm offline.<br>
</p>
<p>However, in the wild, many things may go wrong: it might be as
stupid as a corporate firewall filtering out some headers from
requests. Also, our test might not accurately represent the
behaviour of Github OAuth in every detail. Having that safety net
seems valuable to me. It may be hard to cover every use case in
these tests. We may want to start with covering 1-2 basic flows
and add more as regression tests as we go along.<br>
</p>
<p>What I think is important for productivity is that I can run all
the local tests while I am developing in a simple way. </p>
<p>just my 0.02€<br>
</p>
<p>/Thomas<br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 10/12/2016 05:55 PM, Shoubhik Bose
wrote:<br>
</div>
<blockquote
cite="mid:CANSWONnqrsuw1L7P56ayX_zL01jRbqUR5NzkuorsA0HJ21B4rg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>
<div>
<div>Hi folks,<br>
<br>
</div>
This is an extension to a discussion we were having
about what would be the apt approach to write tests
for Github authentication on the alm core ( backend
).<br>
<br>
</div>
We've written a bunch of tests which checks if our
code does the Github OAuth flow correctly.<br>
<br>
</div>
However the alternate school of thought is:<br>
<br>
</div>
Should we have a 'mock' Github OAuth provider to also test
our code, since conventionally tests should not be
depending on external systems.<br>
<br>
</div>
On the flip-side, if test failures are not caught with a
real Github OAuth provider we might ending up chasing bugs
in production.<br>
<br>
</div>
Let me know your thoughts.<br>
<br>
<br>
- <br>
</div>
Shoubhik <br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
almighty-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:almighty-public@redhat.com">almighty-public@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/almighty-public">https://www.redhat.com/mailman/listinfo/almighty-public</a>
</pre>
</blockquote>
<br>
</body>
</html>