It is extremely common in Modern Day Applications to rely on external authentication systems such as OAuth, Google SSO, Facebook Sign to ensure reliable user authentication of the applications they are building.
But the above line is true mostly with applications which are LIVE, or in other words, for applications which are deployed in production. What gets ignored most of the time is the attention to pre-production environments such as Dev, QA, and user acceptance testing (UAT). These environments are mostly unarmed for any user authentication hence not fully qualifying for “end-to-end” testing.
Adding to this worry is that different flavours of the same application are available for Web, Mobile & Native platforms. When none of the variants are tested with authentication as the focus (again, in pre-prod environments), it gets left up to developers to unit test when they integrate with the External Auth Systems.
While many argue things like:
- “I pay for the auth service”, or
- “Is that not what I pay them for?”, or
- “I integrate with them; hence I assume its secure”
I suggest - it's very important to test your application’s behaviour when they interact with external systems, even when you paid for it. Virtualization makes this possible!
Tools like ServiceV Pro make virtualization super easy to build & host virtual services on your own PC, Private / Public Cloud.
In the context of this post, you can virtualize and host a user authentication service & then integrate this service with all your app variants, be it mobile, web, and/or desktop. Your unit tests are more robust, and your functional testers can focus on end-to-end tests rather than worry about the services which are unavailable to them. On top of that, you can extend your tests to understand performance of your application for real user load.
Let's walk through how you would set up a virtualized environment using ServiceV Pro.
Tools for Configuring Virtual Services:
ServiceV Pro (ReadyAPI) To design Virtual Service(s)
VirtServer To Host the Virtual Service(s)
MySQL Opensource Database to hold user info
We build 2 services.
1. POST method – UserCreation
User sends a JSON request to the service with unique email & password. Additional info such as first name, last name.
The service responds with a JSON response & tag ID_Created.
ID_Created – true [ if the email id does not exist in the system]
– false[ if the email id is a duplicate ]
2. POST method – Auth
User sends a JSON request with email & password.
"Authentication" : true
The Service responds with Authentication tag
Authentication – true [ values match the database hence authenticated]
– false [ incorrect username password]
Want to learn more about service virtualization?
The example above highlights one great use case of service virtualization, but there are dozens more. Check out our latest guide, Service Virtualization 101: A Guide to the Benefits and Use Cases of Virtualization that Help Your Team Deliver Quality Applications, Faster.
And if you're ready to get started with a virtualization tool right now, you can try ServiceV Pro free for 14 days.
I love talking technology & code, I can keep doing that all day. While I am tempted to paste the code I wrote in ServiceV pro here, I will hold myself from doing that to avoid making this post long & boring. However if you need the project file to host the above setup just send me an email and I will share the Git repo with you.
Embrace virtualization! It helps.