add mocking and rdp auth fail case

Author: wasin-waeosri

README.md

@@ -78,7 +78,7 @@ Please find more detail about the unittest framework from the following resource
 
 The [Refinitiv Data Platform (RDP) APIs](https://developers.refinitiv.com/en/api-catalog/refinitiv-data-platform/refinitiv-data-platform-apis) provide various Refinitiv data and content for developers via easy-to-use Web-based API.
 
-RDP APIs give developers seamless and holistic access to all of the Refinitiv content such as Historical Pricing, Environmental Social and Governance (ESG), News, Research, etc, and commingled with their content, enriching, integrating, and distributing the data through a single interface, delivered wherever they need it.  The RDP APIs delivery mechanisms are the following:
+RDP APIs give developers seamless and holistic access to all of the Refinitiv content such as Environmental Social and Governance (ESG), News, Research, etc, and commingled with their content, enriching, integrating, and distributing the data through a single interface, delivered wherever they need it.  The RDP APIs delivery mechanisms are the following:
 * Request - Response: RESTful web service (HTTP GET, POST, PUT or DELETE) 
 * Alert: delivery is a mechanism to receive asynchronous updates (alerts) to a subscription. 
 * Bulks:  deliver substantial payloads, like the end-of-day pricing data for the whole venue. 
@@ -275,14 +275,16 @@ The ```setUpClass()``` is a class method that is called only onces for the whole
 
 Note: The counterpart method of ```setUpClass()``` method is ```tearDownClass()``` which is called after all tests in the class have run.
 
-The ```test_login_rdp_success()``` is a test case that for the success RDP Authentication login scenario. It just send the RDP Auth Service URL and RDP credentials to the ```rdp_authentication()``` method and check the response token information. Please noticed that a unit test just focusing on if the rdp_authentication() returns none empty/zero token information only. The token content validation would be in a system test (or later) phase.
+The ```test_login_rdp_success()``` is a test case for the success RDP Authentication login scenario. It just send the RDP Auth Service URL and RDP credentials to the ```rdp_authentication()``` method and check the response token information. Please noticed that a unit test just focusing on if the rdp_authentication() returns none empty/zero token information only. The token content validation would be in a system test (or later) phase.
 
 ```
 self.assertIsNotNone(access_token) # Check if access_token is not None or Empty 
 self.assertIsNotNone(refresh_token) # Check if refresh_token is not None or Empty 
 self.assertGreater(expires_in, 0) # Check if expires_in is greater then 0
 ```
 
+Please see more detail about the supported assertion methods on the [unittest framework](https://docs.python.org/3.9/library/unittest.html) page.
+
 The ```test_login_rdp_none_empty_params()``` is a test case that check if the ```rdp_authentication()``` method handles empty or none parameters as expected (throws the TypeError exception and not return token information to a caller).
 
 ```
@@ -330,19 +332,292 @@ Ran 2 tests in 0.816s
 FAILED (errors=1)
 ```
 
-However, the test suite above make HTTP requests to RDP APIs in every run. It is not a good idea to flood HTTP requests to RDP APIs repeatedly every time developers run test suite after they updated the code or configurations. 
+However, the test suite above make HTTP requests to RDP APIs in every run. It is not a good idea to flood requests to external services every time developers run test suite when they have updated the code or configurations. 
 
-Unit test cases should be able to run independently without rely on external services, APIs, or components. Those external dependencies add uncontrolled factors (network, data reliability, behaviors, etc) to the unit test scenarios. Those components-to-components testing should be done in integration testing phase. 
+Unit test cases should be able to run independently without rely on external services or APIs. The external dependencies add uncontrolled factors (such as network connection, data reliability, etc) to unit test cases. Those components-to-components testing should be done in an integration testing phase. 
 
 So, how can we unit test HTTP request methods calls without sending any HTTP request messages to an actual server? Fortunately, developers can simulate the HTTP request and response messages with a Mock object.
 
 ## Mocking Python HTTP API call with Responses
 
-A mock is a fake object that you construct to look and act like real data within a testing environment. The purpose of mocking is to isolate and focus on the code being tested and not on the behavior or state of external dependencies. 
+A mock is a fake object that is constructed to look and act like real data within a testing environment. We can simulates various scenario of the real data with mock object, then use a mock library to trick the system into thinking that that mock is the real one. 
+
+The purpose of mocking is to isolate and focus on the code being tested and not on the behavior or state of external dependencies. By mocking out external dependencies, developers can run tests as often without being affected by any unexpected changes or irregularities of those dependencies. Mocking also helps developers save time and computing resources if they have to test HTTP requests that fetch a lot of data.
+
+This example project uses the [Responses](https://github.com/getsentry/responses) library for mocking the Requests library. 
+
+So, I will start off with a mock object for testing a success RDP login case. Firstly, create a *rdp_test_auth_fixture.json* fixture file with a dummy content of the RDP authentication success response message in a *tests/fixtures* folder. 
+
+```
+{
+    "access_token": "access_token_mock1mock2mock3mock4mock5",
+    "refresh_token": "refresh_token_mock1mock2mock3mock4mock5",
+    "expires_in": "600",
+    "scope": "test1 test2 test3 test4 test5",
+    "token_type": "Bearer"
+}
+```
+
+Next, load this *rdp_test_auth_fixture.json* file in the ```setUpClass()``` method to a ```mock_valid_auth_json``` class variable. The other test cases can use this mock json object for the dummy access token information.
+
+```
+#test_rdp_http_controller.py
+
+import unittest
+import requests
+import json
+import sys
+import os
+from dotenv import dotenv_values
+config = dotenv_values("../.env.test")
+
+sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
+from rdp_controller import rdp_http_controller
+
+class TestRDPHTTPController(unittest.TestCase):
+
+    # A class method called before tests in an individual class are run
+    @classmethod
+    def setUpClass(cls):
+        # Create an app object for the RDPHTTPController class
+        cls.app = rdp_http_controller.RDPHTTPController()
+        # Getting the RDP APIs https://api.refinitiv.com base URL. 
+        cls.base_URL = config['RDP_BASE_URL']
+        # Loading Mock RDP Auth Token success Response JSON
+        with open('./fixtures/rdp_test_auth_fixture.json', 'r') as auth_fixture_input:
+            cls.mock_valid_auth_json = json.loads(auth_fixture_input.read())
+        
+```
+
+The Responses library lets developers register mock responses to the Requests library and cover test method with ```responses.activate``` decorator. Developers can specify the endpoint URL, HTTP method, status response, response message, etc of that request via a ```responses.add()``` method. 
+
+Example Code:
+
+```
+#test_rdp_http_controller.py
+
+import unittest
+import responses
+import requests
+import json
+import sys
+import os
+
+...
+
+class TestRDPHTTPController(unittest.TestCase):
+
+    # A class method called before tests in an individual class are run
+    @classmethod
+    def setUpClass(cls):
+        ...
+        
+    
+    @responses.activate
+    def test_login_rdp_success(self):
+        """
+        Test that it can logged in to the RDP Auth Service (using Mock)
+        """
+        auth_endpoint = self.base_URL + config['RDP_AUTH_URL']
+        
+        mock_rdp_auth = responses.Response(
+            method= 'POST',
+            url = auth_endpoint,
+            json = self.mock_valid_auth_json,
+            status= 200,
+            content_type= 'application/json'
+        )
+        responses.add(mock_rdp_auth)
+
+        username = config['RDP_USERNAME']
+        password = config['RDP_PASSWORD']
+        client_id = config['RDP_CLIENTID']
+        access_token = None
+        refresh_token = None
+        expires_in = 0
+
+        # Calling RDPHTTPController rdp_authentication() method
+        access_token, refresh_token, expires_in = self.app.rdp_authentication(auth_endpoint, username, password, client_id)
+
+        # Assertions
+        ...
+```
+
+The code above set a Responses mock object with the *https://api.refinitiv.com/auth/oauth2/v1/token* URL and HTTP *POST* method. The Requests library then returns a ```mock_valid_auth_json``` JSON message with HTTP status *200* and Content-Type *application/json* to the application for all HTTP *POST* request messages to *https://api.refinitiv.com/auth/oauth2/v1/token* URL without any network operations between the machine and the actual RDP endpoint.
+
+### Testing Invalid RDP Authentication Request-Response
+
+This mock object also useful for testing the false cases such as invalid login too. 
+
+```
+#test_rdp_http_controller.py
+
+...
+
+class TestRDPHTTPController(unittest.TestCase):
+
+    # A class method called before tests in an individual class are run
+    @classmethod
+    def setUpClass(cls):
+        ...
+
+    @responses.activate
+    def test_login_rdp_success(self):
+        ...
+        
+    
+    @responses.activate
+    def test_login_rdp_invalid(self):
+        """
+        Test that it handle some invalid credentials
+        """
+        auth_endpoint = self.base_URL + config['RDP_AUTH_URL']
+
+        mock_rdp_auth_invalid = responses.Response(
+            method= 'POST',
+            url = auth_endpoint,
+            json = {
+                'error': 'invalid_client',
+                'error_description':'Invalid Application Credential.'
+            },
+            status= 401,
+            content_type= 'application/json'
+        )
+        responses.add(mock_rdp_auth_invalid)
+        username = 'wrong_user1'
+        password = 'wrong_password1'
+        client_id = 'XXXXX'
+        access_token = None
+        refresh_token = None
+        expires_in = 0
+        with self.assertRaises(requests.exceptions.HTTPError) as exception_context:
+            access_token, refresh_token, expires_in = self.app.rdp_authentication(auth_endpoint, username, password, client_id)
+
+        self.assertIsNone(access_token)
+        self.assertIsNone(refresh_token)
+        self.assertEqual(expires_in, 0)
+        self.assertEqual(exception_context.exception.response.status_code, 401)
+        self.assertEqual(exception_context.exception.response.reason, 'Unauthorized')
 
-We can simulates various scenario of the real data with mock object, then use a mock library to trick the system into thinking that that mock is the real data. By mocking out external dependencies, developers can run tests as often without being affected by any unexpected changes or irregularities of those dependencies. Mocking also helps developers save time and computing resources if they have to test HTTP requests that fetch a lot of data.
+        json_error = json.loads(exception_context.exception.response.text)
+        self.assertIn('error', json_error)
+        self.assertIn('error_description', json_error)
 
-This example project uses the [Responses](https://github.com/getsentry/responses) library which is specifically for mocking the Requests library.
+```
+
+The ```test_login_rdp_invalid()``` method is a test case for the failure RDP Authentication login scenario. We set a Responses mock object for the *https://api.refinitiv.com/auth/oauth2/v1/token* URL and HTTP *POST* method with the expected error response message and status (401 - Unauthorized). 
+
+Once the ```rdp_authentication()``` method is called, the test case verify if the method raises the ```requests.exceptions.HTTPError``` exception with the expected error message and status. The test case also make assertions to check if the method not return token information to a caller.
+
+With mocking, a test case never need to send actual request messages to the RDP APIs, so we can test more scenarios for other RDP services too.
+
+## <a id="rdp_get_data"></a>Unit Testing for RDP APIs Data Request
+
+That brings us to requesting the RDP APIs data. All subsequent REST API calls use the Access Token via the *Authorization* HTTP request message header as shown below to get the data. 
+- Header: 
+    * Authorization = ```Bearer <RDP Access Token>```
+
+Please notice *the space* between the ```Bearer``` and ```RDP Access Token``` values.
+
+The application then creates a request message in a JSON message format or URL query parameter based on the interested service and sends it as an HTTP request message to the Service Endpoint. Developers can get RDP APIs the Service Endpoint, HTTP operations, and parameters from Refinitiv Data Platform's [API Playground page](https://api.refinitiv.com/) - which is an interactive documentation site developers can access once they have a valid Refinitiv Data Platform account.
+
+The example console application consume content from the following the RDP Services:
+- ESG Service ```/data/environmental-social-governance/<version>/views/scores-full``` endpoint that provides full coverage of Refinitiv's proprietary ESG Scores with full history for consumers.
+- Discovery Search Explore Service ```/discover/search/<version>/explore``` endpoint that explore Refinitiv data based on searching options.
+
+However, this development article covers the ESG Service test cases only. The Discovery Search Explore Service's test cases have the same test logic as the ESG's test cases.
+
+## Testing ESG Data 
+
+Now let me turn to testing the Environmental Social and Governance (ESG) service endpoint. 
+
+### Testing a valid RDP ESG Request-Response
+
+I will begin by creating a fixture file with a valid ESG dummy response message. A file is *rdp_test_esg_fixture.json* in a *tests/fixtures* folder.
+
+```
+{
+  "links": {
+    "count": 5
+  },
+  "variability": "variable",
+  "universe": [
+    {
+      "Instrument": "TEST.RIC",
+      "Company Common Name": "TEST ESG Data",
+      "Organization PermID": "XXXXXXXXXX",
+      "Reporting Currency": "USD"
+    }
+  ],
+  "data": [
+    [
+      "TEST.RIC",
+      "2021-12-31",
+      99.9999999999999,
+      99.9999999999999,
+      ...
+    ],
+   ...
+  ],
+  ...
+  ,
+  "headers": [
+    ....
+    {
+      "name": "TEST 1",
+      "title": "ESG Score",
+      "type": "number",
+      "decimalChar": ".",
+      "description": "TEST description"
+    }...
+  ]
+}
+```
+Next, create the ```test_request_esg()``` method in test_rdp_http_controller.py file to test the valid ESG data request-response test case. 
+
+```
+#test_rdp_http_controller.py
+...
+
+class TestRDPHTTPController(unittest.TestCase):
+
+    # A class method called before tests in an individual class are run
+    @classmethod
+    def setUpClass(cls):
+       ...
+        
+    ...
+
+    @responses.activate
+    def test_request_esg(self):
+        """
+        Test that it can request ESG Data
+        """
+        esg_endpoint = self.base_URL + config['RDP_ESG_URL']
+
+        #Mock RDP ESG View Score valid response JSON
+        with open('./fixtures/rdp_test_esg_fixture.json', 'r') as esg_fixture_input:
+            mock_esg_data = json.loads(esg_fixture_input.read())
+
+        mock_rdp_esg_viewscore = responses.Response(
+            method= 'GET',
+            url = esg_endpoint,
+            json = mock_esg_data,
+            status= 200,
+            content_type= 'application/json'
+        )
+        responses.add(mock_rdp_esg_viewscore)
+
+        esg_endpoint = self.base_URL + config['RDP_ESG_URL']
+        universe = 'TEST.RIC'
+        response = self.app.rdp_getESG(esg_endpoint, self.mock_valid_auth_json['access_token'], universe)
+
+        # verifying basic response
+        self.assertIn('data', response) #Check if return JSON has 'data' fields
+        self.assertIn('headers', response) #Check if return JSON has 'headers' fields
+        self.assertIn('universe', response) #Check if return JSON has 'universe' fields
+
+```
 
 ## Project Structure
 

tests/fixtures/rdp_test_auth_fixture.json

@@ -1,6 +1,6 @@
 {
-    "access_token": "",
-    "refresh_token": "",
+    "access_token": "access_token_mock1mock2mock3mock4mock5",
+    "refresh_token": "refresh_token_mock1mock2mock3mock4mock5",
     "expires_in": "600",
     "scope": "test1 test2 test3 test4 test5",
     "token_type": "Bearer"

tests/test_rdp_http_controller.py

@@ -14,8 +14,6 @@
 import responses
 import requests
 import json
-import string
-import secrets
 import sys
 import os
 from dotenv import dotenv_values
@@ -33,15 +31,9 @@ def setUpClass(cls):
         cls.app = rdp_http_controller.RDPHTTPController()
         # Getting the RDP APIs https://api.refinitiv.com base URL. 
         cls.base_URL = config['RDP_BASE_URL']
-        # Creating mock access_token and refresh_token
-        alphabet = string.ascii_letters + string.digits
-        mock_access_token = ''.join(secrets.choice(alphabet) for i in range(250))
-        mock_refresh_token = ''.join(secrets.choice(alphabet) for i in range(36))
-        # Mock RDP Auth valid Response JSON
+        # Loading Mock RDP Auth Token success Response JSON
         with open('./fixtures/rdp_test_auth_fixture.json', 'r') as auth_fixture_input:
             cls.mock_valid_auth_json = json.loads(auth_fixture_input.read())
-            cls.mock_valid_auth_json['access_token'] = f'{mock_access_token}'
-            cls.mock_valid_auth_json['refresh_token'] = f'{mock_refresh_token}'
 
         # Mock RDP Auth Token Expire Response JSON
         with open('./fixtures/rdp_test_token_expire_fixture.json', 'r') as auth_expire_fixture_input:
@@ -93,8 +85,10 @@ def test_login_rdp_refreshtoken(self):
         auth_endpoint = self.base_URL + config['RDP_AUTH_URL']
 
         #Create new access_token
-        alphabet = string.ascii_letters + string.digits
-        self.mock_valid_auth_json['access_token'] = ''.join(secrets.choice(alphabet) for i in range(250))
+        # alphabet = string.ascii_letters + string.digits
+        # self.mock_valid_auth_json['access_token'] = ''.join(secrets.choice(alphabet) for i in range(250))
+
+        self.mock_valid_auth_json['access_token'] = 'new_access_token_mock1mock2mock3mock4mock5mock6'
 
         mock_rdp_auth = responses.Response(
             method= 'POST',
@@ -136,8 +130,8 @@ def test_login_rdp_invalid(self):
             content_type= 'application/json'
         )
         responses.add(mock_rdp_auth_invalid)
-        username = 'User2'
-        password = 'password1'
+        username = 'wrong_user1'
+        password = 'wrong_password1'
         client_id = 'XXXXX'
         access_token = None
         refresh_token = None