globus/globus-sdk-python

Test conversion follow-up

jaswilli opened this issue · 3 comments

jaswilli commented

Todos in follow up to #315.

Planned tests to add:

  • Check loading GCP ID from file with the local_endpoint module
    • Make sure this covers testing the windows variant (previously broken, #321)
  • Add unicode to a few response objects, make sure it comes through translations okay
  • Full successful login flow
  • Functional tests for RenewingAuthorizer usage
    • RefreshToken and ClientCredentials
    • Check 401s on first response and second response
    • Check with a client method with retry_401s=False
    • RenewingAuthorizer callout may fail (e.g. network error)
    • Ensure on_refresh callback is invoked
    • Propagate errors from malformed on_refresh callback
      • Does the Authorizer state change? Documenting this behavior would be a good add
sirosen commented

We should also look at #151 again. Those "untestable" things were one of the drivers of the conversion.

sirosen commented

I'm copying from #151 as a checkbox list, and I've closed it to consolidate. Some of these are not relevant anymore, some are.

  • Myproxy activation. Requires a stable endpoint with a myproxy login for SDK Tester. (may be deprecated at some point anyways)
  • Login-flow. Requires automating a browser and SDK Tester's login credentials being made public.
  • Code exchange. Requires login-flow or a non expiring test code.
  • Live openid JWT decoding. Requires login-flow, a non expiring id_token, or an auth resource other than code exchange that responds with an an id_token.
  • Dependent token grants. Requires a resource server client and scopes to be set up.
  • Managed endpoint resources. Requires SDK Tester to have privileges on a managed endpoint, which would give public access to privileges on a managed endpoint.

At a glance, I think we should focus on whatever gives us more code/conditional coverage, and that makes the last two -- managed endpoint tests and dependent token tests -- the most attractive. They're straightforward and "just need doing".
I'm not sure a login flow, JWT handling, code exchange, or activation are particularly useful to test. (Though some tests of the activation response might be wise, if we don't have those.)

sirosen commented

Just spotted this, stale issue. Most of this stuff was addressed sooner or later, and a lot has changed in the recent past in particular.