Fief
Replies: 2 comments 2 replies
-
|
There was an API for that at some point, but I removed it to be a features only for Admin Dashboard. I could re-add it if it's really needed. That said, I'm not sure you need to run a full Fief server during your tests. Have you considered to just override the dependency and make it return the different cases you need to test? That's the # app.py
current_user_castles_read = auth.current_user(permissions=["castles:read"])
@app.get("/protected")
async def protected(
user: FiefUserInfo = Depends(current_user_castles_read),
):
...# test_app.py
async def test_protected():
app.dependency_overrides[current_user_castles_read] = lambda: {
"sub": "aeeb8bfa-e8f4-4724-9427-c3d5af66190e",
"email": "[email protected]",
"tenant_id": "c91ecb7f-359c-4244-8385-51ecd6c0d06b",
"fields": {
"first_name": "Anne",
"last_name": "De Bretagne"
}
}
client = TestClient(app)
response = client.get("/protected")The only drawback with this approach is that you have to set the dependency in a variable instead of declaring directly in the endpoint parameters so you can reference it in |
Beta Was this translation helpful? Give feedback.
-
|
First of all, thank you very much for pointing out to the However, this is another approach for testing web services, with its pro and contras, white box vs. black box. In my case, I am trying to replicate production setup in test environment as close as possible, in order to test not only service code, but also deployment settings and interaction with Fief. My tests run outside of the docker and interact with the service purely via HTTP, so I have no access to the Yes, re-enabling the feature for creating access tokens via Admin API together with provisioning initial Admin API KEY via environment variable (https://github.com/orgs/fief-dev/projects/1?pane=issue&itemId=16702293) would completely fill the gap for automated test setup and allow starting Fief instance from scratch. Further setup will happen in test preparation code, which will be visible in code reviews, instead of binary database files. Right now, the workaround would probably be to:
|
Beta Was this translation helpful? Give feedback.
-
|
I thought so 😉 I'll add to the roadmap to re-add the access token API. Thank you also for reminding me about the Admin API key environment variable! |
Beta Was this translation helpful? Give feedback.
-
|
Those features are now available in |
Beta Was this translation helpful? Give feedback.
-
Hello,
I am using Fief for my service, (based on FastAPI), offering REST API only, no Web UI. REST API has access control with several user roles and permissions.
I want to test access control features of my service in an automated way, by ramping up a fresh Fief instance, setting it up, connecting my service to that Fief instance, running tests by sending requests to my service and shutting both down.
To achieve this, I took the Fief's SQLite db with only a single Admin API Key created, put Fief code and the database in a docker to have a reproducible Fief's state. Further setup (creation of permissions, roles and users) happens before test execution via Admin REST API.
To call REST API of my service on behalf of an authenticated user, I need an access token for that user.
Unfortunately, I don't see a way how to create a user access token other than via Fief's Web UI, which is not suitable for automated testing. What do you think about adding this possibility to Admin REST API?
Another option would be a possibility to create access tokens without expiration time, so they could be hard-coded in tests.
Beta Was this translation helpful? Give feedback.
All reactions