Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Flickr OAuth module and testing

by CountZero (Bishop)
on May 21, 2015 at 06:25 UTC ( [id://1127305]=perlquestion: print w/replies, xml ) Need Help??

CountZero has asked for the wisdom of the Perl Monks concerning the following question:

Dear Brothers and Sisters in Perl!

I have written (the basics of) a module to perform OAuth authentication on Flickr. There are already a few modules that can do this but they all use the old API and I wanted to write one that is more up-to-date.

Anyhow, it basically works (except for a few hickups), so I thought it might be a candidate for CPAN.

However, as this module is all about OAuth authentication, any tests I write will have to contact the Flickr server and ... authenticate. Putting IDs and passwords in the module doesn't seem a good thing to do. The only way out of this seems to open a "dummy" account on Flickr and using that. That will protect my personal account but will allow anyone to put anything on Flickr under an account I have opened.

Anyone has a better solution?

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

My blog: Imperial Deltronics

Replies are listed 'Best First'.
Re: Flickr OAuth module and testing
by boftx (Deacon) on May 21, 2015 at 08:30 UTC

    Following up on what the esteemed Anonymous Monk wrote, I would suggest looking at Test::MockModule. I often run into the same situation and find that if I structure my code right I can mock calls to LWP, etc. and return known values so I can see how my code handles auth failures and various return codes.

    Basically, you want to mock any method call that is outside your module that depends on a given resource already existing. Tedious, sometimes, but it can give you confidence that your code will handle what is thrown at you. I presume that you are really interested in your code dealing with various return values so being able to supply known good and bad results is what you want for testing.

    I recall seeing a couple of modules designed specifically for mocking HTTP calls, try doing a CPAN search for Test::Mock and see what turns up.

    You must always remember that the primary goal is to drain the swamp even when you are hip-deep in alligators.
      My module operates on a very basic level and does not really deal itself with failures and return codes. It just "manages" the OAuth protocol by
      1. crafting the messages based upon the IDs and secret codes provided, as well as tags, filenames, ... etc; and
      2. "carrying" these specially crafted messages to the Flickr OAUth-equipped server and obtaining a result code, JSON message or XML result (as the case may be)

      It is then up to the user to validate this reply.

      I think I can refactor my module into "crafting" subs and "transport" subs and test the "crafting" subs to see they conform to the OAuth standards en then test the "transport" layer only in case the user has provided his IDs and secret codes through some ENV-variables.

      CountZero

      A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

      My blog: Imperial Deltronics
Re: Flickr OAuth module and testing
by Anonymous Monk on May 21, 2015 at 06:50 UTC

    Anyone has a better solution?

    There are a few options :) 1) launch a local oath server against which to authenticate

    2) mock the server calls (fake them)

    3) skip tests unless the user specifies (thus gives permission) the following vars/args: $ENV{PERL_YOURDISTNAME_OAUTH_USER} and $ENV{PERL_YOURDISTNAME_OAUTH_PASSWORD} (or equivalent perl Makefile.PL PERL_YOURDISTNAME_OAUTH_PASSWORD=...

    4) prompt of ExtUtils::MakeMaker the user if not $ENV{AUTOMATED_TESTING}

    Those are really your only options, unless flickr has an account specifically setup for testing environment, then you'd prompt the user to run network tests

      Options 1 and 2 are probably more complicated to set up than my small module is worth.

      Option 3 or 4 is something I'll explore.

      CountZero

      A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

      My blog: Imperial Deltronics

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://1127305]
Approved by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (4)
As of 2024-03-29 12:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found