In this bite-sized blog post we look at how to add Cognito to your integration tests flow, making for true black box testing.
We love integration tests here at Lumigo. We see them as a major part of our CI/CD process, and we believe that they play a pivotal role in serverless testing.
One of the test scenarios that we have here is creating an event in our system and then executing an API REST query to retrieve the event details. It’s pure black box testing. Our REST interface sits behind API-GW and is authenticated by Cognito.
If you’ve ever tried to create users in Cognito programmatically, you know that it’s hard. This is because setting the initial password is not enough, the developer needs to change it manually 😨, but manual and automation do not go together.
The following article will cover:
So before digging into the details, let’s first define our test scenario:
One of the hardest things about using Cognito is to create a user with a predefined password, without the need to change it after first login (FORCE_CHANGE_PASSWORD account status).
Luckily, there is a nice Python package called warrant which gives us the ability to play directly with Cognito in Python. Let’s use it to create our user and define its password.
Let’s quickly go over it
After creating the user we need to embed it into a configuration file that our integration tests framework uses. For the integration tests we use NodeJS, therefore our best way to pass configuration is to use dotenv. We’ve created a simple prepare_env.sh script which prepares the .env files.
The trick in the script is to automate everything, i.e.
After creating the user and embedding it in a .env file, it’s time to use it. Each test has the following structure:
Let’s look at an example:
To summarize the process:
Tell us how you use Cognito in your integration flow! How do you solve the issues covered in this article? Agree or disagree with our approach? Share your thoughts on Twitter 🙂