Log in
Log in
Log in
Book a Demo
Get Started
670.9K 485.3K 8.3K
Back to Repositories

Testing gRPC Mutual TLS Authentication in Insomnia

This test suite validates gRPC mTLS (mutual TLS) request functionality in the Insomnia API client, focusing on secure communication with certificate-based authentication and server reflection capabilities.

Test Coverage Overview

The test suite covers secure gRPC communication using mutual TLS authentication.

Key areas tested include:
  • Certificate management (root CA, client certificates)
  • Server reflection capabilities
  • Unary request handling
  • Response validation for GetFeature endpoint

Implementation Analysis

The test implements a comprehensive end-to-end workflow using Playwright for UI automation.

Notable patterns include:
  • Fixture-based test data management
  • Platform-specific test configuration
  • Dynamic file handling for certificates
  • UI interaction simulation for certificate setup

Technical Details

Testing tools and configuration:
  • Playwright test framework
  • Custom fixture loading utilities
  • Certificate files (rootCA.pem, client.crt, client.key)
  • Platform-specific test timing adjustments
  • TestID-based element selection

Best Practices Demonstrated

The test exhibits several quality testing practices.

Key highlights include:
  • Explicit wait handling for file chooser events
  • Clear test step organization
  • Robust element selection strategies
  • Platform-specific test accommodations
  • Comprehensive assertion checking

kong/insomnia

packages/insomnia-smoke-test/tests/smoke/grpc-mtls.test.ts

            
import path from 'node:path';

import { expect } from '@playwright/test';

import { getFixturePath, loadFixture } from '../../playwright/paths';
import { test } from '../../playwright/test';

test('can send gRPC requests using mTLS requests (with reflection)', async ({ app, page }) => {
  test.slow(process.platform === 'darwin' || process.platform === 'win32', 'Slow app start on these platforms');
  const statusTag = page.locator('[data-testid="response-status-tag"]:visible');
  const responseBody = page.locator('[data-testid="response-pane"] >> [data-testid="CodeEditor"]:visible', {
    has: page.locator('.CodeMirror-activeline'),
  });

  const text = await loadFixture('grpc-mtls.yaml');
  await app.evaluate(async ({ clipboard }, text) => clipboard.writeText(text), text);

  await page.getByLabel('Import').click();
  await page.locator('[data-test-id="import-from-clipboard"]').click();
  await page.getByRole('button', { name: 'Scan' }).click();
  await page.getByRole('dialog').getByRole('button', { name: 'Import' }).click();
  await page.getByLabel('grpc').click();

  await page.getByLabel('Request Collection').getByTestId('grpcs').press('Enter');
  await expect(page.getByRole('button', { name: 'Select Method' })).toBeDisabled();

  // add root CA and client certificate
  const fixturePath = getFixturePath('certificates');

  await page.getByRole('button', { name: 'Add Certificates' }).click();
  let fileChooserPromise = page.waitForEvent('filechooser');
  await page.getByRole('button', { name: 'Add CA Certificate' }).click();
  await (await fileChooserPromise).setFiles(path.join(fixturePath, 'rootCA.pem'));

  await page.getByRole('button', { name: 'Add client certificate' }).click();
  await page.locator('[name="host"]').fill('localhost');

  fileChooserPromise = page.waitForEvent('filechooser');
  await page.locator('[data-test-id="add-client-certificate-file-chooser"]').click();
  await (await fileChooserPromise).setFiles(path.join(fixturePath, 'client.crt'));

  fileChooserPromise = page.waitForEvent('filechooser');
  await page.locator('[data-test-id="add-client-certificate-key-file-chooser"]').click();
  await (await fileChooserPromise).setFiles(path.join(fixturePath, 'client.key'));

  await page.getByRole('button', { name: 'Add certificate' }).click();
  await page.getByRole('button', { name: 'Done' }).click();

  // initiates an mtls connection with the given certificates
  await page.getByTestId('button-server-reflection').click();

  await page.getByRole('button', { name: 'Select Method' }).click();
  await page.getByRole('option', { name: 'RouteGuide/GetFeature' }).click();

  await page.getByRole('tab', { name: 'Unary' }).click();
  await page.getByRole('button', { name: 'Send' }).click();

  // Check for the single Unary response
  await page.getByRole('tab', { name: 'Response 1' }).click();
  await expect(statusTag).toContainText('0 OK');
  await expect(responseBody).toContainText('Berkshire Valley Management Area Trail');
});