testing best practices
Hey folks,
Looking into Kinde the last days I am pretty confident I want to use it for my product.
Last thing I need to find out is how to properly integrate it in my ci cd pipeline.
AI sadly only responded with a very general ci cd reply.
Best,
Kalle
10 Replies
Hi,
Could you let me know specifically you would like help with?
How do I use kinde within my CI CD tests in the best way? (for integration tests)
Is the current best solution using the dev environment from kinde? Because that would lead to quite some MAUs because of automated tests
Maybe to add up to this: There are two things to test imo
1) test auth functions within services I deploy. Therefore I need a way to generate a JWT token with different parameters.
2) Test other functionalities e.g. if feature flags are integrated correctly, if the integration with the kinde API work as expected (e.g. to get user info)
Do you have any recommendation on that?
Any input on this? I'd love to start developing π
Hey!
What exactly are you trying to test in the CI/CD flow? Are you making like a Jenkins pipeline and securing routes?
Are you creating API routes that you want to authenticate with Kinde?
Or like a set up of scripts that would mimic an auth flow against your services through CI/CD?
What I want to do is a gitlab cicd pipeline. It should:
1) test if my service handles protected routes correctly depending on the roles/permissions within a token
2) I plan to use the user/organization endpoints from my backend as well. Therefore I need to check if this work (=if my backend calls the Kinde API correctly and if the changes within Kinde result from that as expected)
3) I want to use the feature flags from Kinde. Therefore I need to check if certain functionality is "blocked" for users without certain feature flags.
So I don't want to test the auth flow, but I somehow need to be able to test with tokens as if they would be generated from Kinde and I need to test against the Kinde API to.make sure the implementation is correct on my side. π
You'll need to create a m2m application here: https://kinde.com/docs/build/add-a-m2m-application-for-api-access/
Then grab use this access token, which you can get from this: https://kinde.com/docs/build/get-access-token-for-connecting-securely-to-kindes-api/
Afterwards, you can do straightforward tests for each individual endpoint as needed! Simple curl requests can be used to test it then validate the request credentials. You'll get an HTTP response back, which in turn can signal passing/etc.
For the feature flags, generate a new M2M token with different permissions and you can test against that.
If you reuse M2M tokens it won't count against your limit, but An M2M token is generated each time you call the /oauth2/token which does count towards the limit.
Kinde Docs
Add a machine to machine application - Build on Kinde - Help center
Our developer tools provide everything you need to get started with Kinde.
Kinde Docs
Get access token for connecting securely to Kindeβs API - Build on ...
Our developer tools provide everything you need to get started with Kinde.
So that is for 2) I think. Understood. Just use a token like on dev/product but in the CI.
But how do I get tokens for testing my backend with user requests?
How do I log in as a user within my CICD to get a new token for that user?
If I'd use only the oauth2 features of Kinde I'd try to use a mock server. But I think Kinde would really shine if I also use more of the user management+ feature flags etc.. But I also need a way to test that π
-----
Maybe it's easier to understand what I mean with a simple example: Let's say you have a simple backend which uses tokens from Kinde to auth/auth incoming requests from users and block/process them depending on the users permissions and maybe even feature flags as well as the active organization.
How would you recommend to do that in a CI/CD pipeline?
Got it, you're looking for CI/CD testing in gitlab for your Auth flows and are asking how to generate the user JWTs via cmd.
Let me reach out internally and get back to you on this.
Thank you π
Hey! Getting back on this:
There's no way to initially generate the JWT inside the CI/CD pipeline unfortunately. That requires a browser at this time.
What people have done is essentially generate the JWT externally, take it from the browser cookies, and then inject that JWT into the pipeline. Once it's inside, you can do the refresh_token commands to make it live indefinitely. Since the token is available, you can redefine and alter it's creds/access/feature flags/orgs as you wish then refresh it to test the methods.
I'll try to find an example of how people have implimented this, but I do know this was done before
Hey, thanks for the answer. Ok I'll do it like that. It just makes testing some stuff hard as I need to reset the user / org data so that it handles like a new user/org. But all doable π
Thanks again