Automated Testing Using Sandbox & Django


Curious how others are doing automated unit testing of their apps which make use of Dwolla.

I’ve got a Django app, which uses their built-in testing framework. The problem I’m running into is with refreshing the access token. Django test databases are deleted after each test run. Obviously, if I refresh a token, the refreshed token gets lost.

Many thanks!

(Stephen Ausman) #2

Hey Rob,

I don’t have any Django apps, but for my Rails apps I create fake tokens in my test database (using fixtures or factories) then I mock the Dwolla API with WebMock. There’s probably some similar stuff for Django/Python.

(Chris O'donnell) #3

Hey Stephen,

Rails 5 + Rspec
Also using rails and trying to approach this problem, so with using fixtures to mock the token, how does that work with hitting the sandbox app? When creating fresh test you would have to actually hit the api, and then what mock if from that point on.

(Stephen Ausman) #4

Hey @ChrisCPO,

If you use something like WebMock you don’t actually have to hit the API. You would just have to mock the request and could include something like:

token_data = create(:token)
stub_request(:get, "")
  .with(headers: {'Authorization' => "Bearer #{token_data.access_token}"})

in your tests. Let me know if you have any questions.

(Chris O'donnell) #5

cool I have experience with vcr but not so much with webmock thought it is straight forward enough. Do you mock the body of the request, so your larger integration tests run successfully.

(Stephen Ausman) #6

Yeah you could, I think it just depends on how detailed you want to get. WebMock will intercept all network requests and if one does not match a stubbed request it will raise an exception and show you the request that didn’t match any stubs as well as the stubs you currently have set up.

I am not too familiar with VCR, but in that case I believe you would have to hit the API once which will create a cassette file that will be used on subsequent runs to mock the requests for you. If you’re building an application using our Access API you can avoid going through the 3-legged OAuth flow to get a token by using an application token which can be created programmatically.

(Chris O'donnell) #7

so as a rails app I need to be able to move money from one users bank account to another users bank account when ever I choose. Would the access-api be better suited for this? As of right now I do not need any Oauth, I thought it was Simply done for increased security. How often does the application/client token expire? Is this something we choose or you guys set?

Thanks for all the help by the way.