TESTING IN PHASES

PHASE BASED DEVELOPMENT AND TESTING

- Creating new regression test set from previous Phase's test run.

WSO2 Identity server Test automation

This article describes and provides insights into creating Dynamic input based fully Automated test for user scenario testing for - WSO2 identity server authentication (involving authorization mechanisms like SAML2, OAUTH, JWT token)

Some common steps which can be 100% automated are as follows:

- A request for SAML2 authentication request. redirecting the user, using the returned URI, towards the Identity server.

- The returned value is an URI. It is expected from the web application to redirect the user towards the returned URI.

Re-direct based authentication using SAML2, SAML2 authentication request,JWT token verification - real time accessing of JWT token, API key.WSO2 Identity Server.

- user redirected the login-page of the Identity Server. 

- The API Engine receives the authentication response on a callback endpoint. After parsing and validation of the response. 

- API Gateway generated JWT token [complying RFC7519 and uses HMAC-256 digest and signature algorithm.] .

--  the JWT tokenis provided back to the Web application.

checking the JWT token from browser:Resources -->session Storage.

This is what you need to automate in real time each time the test executes.

JWT token can be decoded using the jwt.io for checking credentials.

Redirected command can also be retieved the same way in real time.

so each time a new jwt token is generated it is captured and pushed in with new call in the test script.

same way in callback saml response can be retieved and further channeled into calls.