Summation of credentials testing attempts - brave/qa-resources GitHub Wiki

Summation of credentials-testing attempts

Goal:

End-to-end testing (as much as possible) of purchasing, configuring, and using BraveVPN, particularly credentialing (expiration, cancellation, renewal)

NOTE: as of yet, none of the following attempts have confidently and reliably helped us test account.bravesoftware.com + VPN button states, particularly their interplay together (SKU SDK, Guardian credentials, time-limited V2 credentials, Buy/Log in card, )

Test scenarios: https://github.com/brave/qa-resources/wiki/VPN-credentials-test-matrix

Full steps for each, below, are linked to in their refs section

Attempt 1: system-clock manipulation

Issue: not a valid test, since Guardian servers compare certs & timestamps

[screenshot of Buy / Already logged in? dialog]

refs:

Attempt 2: Stripe CLI API tool; Expiration Renewal Flow

Issues:

  • didn't work (for me, yet, but I need to retry); still successfully connects to BraveVPN (for an unspecified time - caching)
  • even after browser restart, still connected

[screenshot]

refs:

Attempt 3: client-side expires_at and unblinded_creds manipulations in Local State (both manually and via shell scripts)

Issues:

  • still successfully connects to BraveVPN (for an unspecified time - caching)

[screenshot]

refs:

Attempt 4: expire client side by setting expiration's (Local State) value to be in the past

Issues:

  • only a single test - can we modify to also cover days 31, 32 of credentials?

[screenshot]

refs:

Attempt 5: server-side credentials expiration

Ben set the expired_at date to {today, yesterday} on the SKUs server backend

Issues:

  • credentials not expired on account.bravesoftware.com
  • still successfully connects to BraveVPN (for an unspecified time - caching)
  • won't scale / not self-service

[screenshot]

refs:

  • tested via Slack PM with Ben, so no public log to point the team to, but he can resummarize the attempt, if need-be
⚠️ **GitHub.com Fallback** ⚠️