I'm interested in integration testing and I'd like to write a small suite as a proposal. This suite would run against an API server with a live (test) database, i.e., no mocking, and would issue requests to APIs and verify the results.
A major stumbling point for me is how this suite (which is a non-interactive client) could authenticate as a test user. Currently Postmile only alows users to authenticate using Yahoo!, Facebook and Twitter and these require a browser and user interaction, if I'm not mistaken.
Would it be appropriate to introduce a new system of authentication, for test only? Or maybe there is some shortcut for authentication that I'm not seeing at this moment.
Sounds like a great idea. The way to implement it is to add a highly privileged client (like postmile.web) which can request access tokens on behalf of a user using the extension OAuth 2 grant type http://ns.postmile.net/id. Take a look at how the web server authenticates with the API server when a user logs in. Let me know if you need more help.
Thanks for the pointers. I'll look into it.
Progress report: I wrote a script to create a test client object in the client collection.
For now it's only a copy of the web client object.
Now I'm able to get a token from the live API server as a test client. Maybe this won't be so hard as I thought... :) Most of the code is already in place in the web client.
When it's stable, I'm happy to include it in a test directory.
I haven't been able to work on this for a few days but I plan to get back to it RSN.