I was wondering if anyone here has setup any sort of unit testing setup for scripted nodes in user journeys. In some cases, the scripted nodes can get quite complex with multiple REST calls to third party applications. There are chances that scripted nodes could break if not handled carefully, and unit tests would be handy to ensure that doesn’t happen. But since journeys are run within ForgeRock, I couldn’t think of any good way to do it. Any idea on how one could do it? Or if it is needed at all?
Testing is overly complex when scripts depend heavily on external behaviour - and as much as possible it is recommended to avoid these - not only it increases the design complexity, therefore makes testing difficult, but also impact performances, burdens troubleshooting and monitoring tasks, and therefore, increases cost ownership. Granted there are cases where it is unavoidable - such as validating user credentials or biometrics against an external system. But this can be limited by either using as much as possible OOTB functionality (you don’t have to test it), or make sure that any data relevant to IAM is already provisioned (when the external call purpose is to complete partial identity data). In other word, simplify testing by simplifying the design.
Then for the remaining part where external calls are unavoidable, I know that few strategies have been around, which, if I remember well is around these lines:
- Unit testing with mocks for AM objects and external services, OUTSIDE of the AM/Journey environment.
- Unit testing within the journey - using artefacts in the journey to inject state and enable test results validation [ which then need to be removed in Production ].
- Integration testing with the real journey - testing from the client application layer.
But note that I have seen the first 2 bullet points implemented very rarely (actually only once) - as this requires substantial development - this is quite an elaborated test environment.
I’m not from ForgeRock, but AFAIAA ForgeRock don’t currently provide any unit testing support for groovy/JS scripts. Like Patrick said, it is doable, but it’d require creating a test harness. It’d be nice if ForgeRock did provide such a test harness though, as with unit testing, you can more easily and quickly test various scenarios, especially various scenarios that can be harder to reproduce with an integration test.
The downside is that the script engine whitelisting/blacklisting won’t get tested by any of this. You could try and incorporate that in the test harness, potentially. At a certain point though, it would be easier if ForgeRock just created and provided such a test harness for people to use.
Just a reminder that Groovy scripts are not supported in ForgeRock Identity Cloud