Aspnetcore.docs: Update approach used for antiforgery in "Integration tests in ASP.NET Core"?
[EDIT by guardrex to add the metadata]
As part of some recent application work I needed to get antiforgery tokens to submit with POST requests as part of integration testing with WebApplicationFactory<T>. However, I wasn't happy with the need to load pages and parse the HTML, so I came up with a different approach using Application Parts to inject a controller into the app that could be used to make JSON requests to get the required values. I've written it up on my blog and also provided some sample code.
Would you be interesting in me making some updates to the page (see text after item 3) to suggest such an approach, rather than HTML scraping with libraries such as AngleSharp, or would you prefer it be left as-is?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 77889d43-fedb-f8b4-8fea-379ec946555c
- Version Independent ID: f499b131-8b14-7e10-1728-543fdd5a5656
- Content: Integration tests in ASP.NET Core
- Content Source: aspnetcore/test/integration-tests.md
- Product: aspnet-core
- Technology: aspnetcore-test
- GitHub Login: @Rick-Anderson
- Microsoft Alias: riande
martincostello
All 8 comments
That's an interesting approach @martincostello, but the product unit discussed and debated what the topic suggests when it was drafted and firmly decided to go this way. I was in the plz don't pick a winner camp because I think it can stifle innovation. However, they felt it was the best approach.
We don't have the staffing to perform the updates that you recommend for the foreseeable future. Let me ask you this ... _IF_ engineering said "ok, yes, a section describing this would be nice" would _YOU_ be willing to contribute the content for it? If so, then we can ask and see. If not tho, I think we should close this because it will sit forever and never be addressed (probably) given the workload here.
guardrex
on 19 Jun 2020
btw - Please open new issues using the This page feedback button+form at the bottom of the topic. It will add the metadata to the issue. No worries tho ... I'll manually add it now.
guardrex
on 19 Jun 2020
@guardrex Sorry about that - I started by pressing the edit button, but then changed my mind and thought I'd ask in an issue first.
I'm happy to have a go at updating the guidance myself and contributing something for review, if it's welcome to be revisited and updated at the high-level I've suggested.
If engineering would rather leave it as-is, then no worries and I'll just close this. Thanks!
martincostello
on 19 Jun 2020
@javiercn :point_up: @martincostello is pitching an interesting approach for the Integration Testing topic and willingness to write a section for the topic ...
using Application Parts to inject a controller into the app that could be used to make JSON requests
Just need to know from you if he should go to the trouble of submitting a PR for a draft section?
guardrex
on 19 Jun 2020
@guardrex I'll have to think about it a bit. Doesn't sound very problematic though, let me sleep on it a bit and I'll share my thoughts.
javiercn
on 19 Jun 2020
It seems step away from _testing the app's own code_, thus it may be a step away from a proper integration test _of the SUT_. However, I might not understand the scenario/use case well enough.
guardrex
on 19 Jun 2020
We've discussed this internally and we think that the proposed approach is really good. @martincostello please go ahead and propose changes with your approach.
mkArtakMSFT
on 21 Oct 2020
Thanks @mkArtakMSFT - I'll look at coming up with a draft in the next few weeks 👍
martincostello
on 21 Oct 2020
Related issues
danroth27
·
3Comments
StevenTCramer
·
3Comments
nenmyx
·
3Comments
wgutierrezr
·
3Comments
cocowalla
·
3Comments
Most helpful comment
@guardrex I'll have to think about it a bit. Doesn't sound very problematic though, let me sleep on it a bit and I'll share my thoughts.