LinkedIn is an employment oriented and business oriented social networking service that operate through websites and mobile apps. Founded on 28 December 2002 and launch on five may 2003. It is mainly for professional networking where employers and job seekers are posting their CVs. LinkedIn allows both workers and employers to create profiles and connections to each other on an online social network which may represent real world professional relationships. Members can invite anyone whether an existing or not to become a connection.
Now Microsoft acquired LinkedIn, which is the social network for professionals. It is open sourcing flashback tool for mocking internet traffic for developer tests. It had been using flashback to test things like speed, reliability, and scalability. At LinkedIn, they developed a web application that needs to interact with third party websites.
They employ automatic testing and provide quality of software before it gets shipped to production. However, the test is as useful as it is reliable. It can be highly problematic for a test to have external dependencies such as third party website. The problems can be related to dependency on any external site changes which can go down or becomes unavailable with internet issues.
One of their tests relies on being able to communicate with third party website the cause of any failures is hard to identify. LinkedIn’s internal changes can be the reason for failure, or it can be external changes by the third-party websites. It can also be related to an issue with a network infrastructure. There are many reasons why interaction with the third party web site may fail, so you may have questioned how deal with this problem?
There are many internet mocking tools that can help. One such tool is Betamax. It works by intercepting HTTP connections initiated by a web application and then replaying them. For a test, Betamax can be used to replace any interaction over HTTP with previously recorded responses. Such tools are available to people performing freelance work.
Primarily LinkedIn uses Betamax for test automation. It works quite well, but it has some problems. For security reasons, their test environment does not have internet access. As with most proxies, Betamax requires an internet connection to function properly. To solve this problem, LinkedIn decided to build idea based on Betamax and create their internet mocking tool called a flashback.
What is Flashback?
Flashback is developed to mock HTTP and HTTPS resources. Such as web service and Reset APIs for testing purposes. It tracks HTTP and HTTPS requests and plays back a previously recorded HTTP transaction. That means no external connection required to complete testing.
Flashback is replay scene based on a partial matching of requests. It uses matching rules to link with an incoming request with a previously-recorded request, which is used to generate a response.
HTTP request contains a parameter such as URL, Method, header, and body. Flashback tool allows users to add whitelist labels and blacklist labels to URL, headers, parameters and the body.
Some features of flashback mocking tools are
- Flashback is cross platform and cross language solution. Flashback tool can test both JVM and non-JVM apps. It includes C++, Python,
- Flashback can generate secure socket layer (SSL)/ Transport layer security (TLS) certificate on the fly to follow secured channels for HTTPS requests.
How to record an HTTP Transaction?
Tracing an HTTP transaction for later playback using flashback is a relatively simple process. Following are some terminology.
- A scene store previously- traced HTTP transaction that you can replay later.
- The file path of the directory that contains the flashback scene data.
- The scene name is the name of given scene.
- The scene is a mode in which the scene is either ‘record’ or ‘playback.’
- Match rule is the rule which determines if incoming client request matches the contents of a given scene.
- Flashback proxy is the HTTP proxy with two modes of operation record and playback.
To record the scene, you must make a real and external request to the destination. Then HTTPs request and record will be stored in the scene with match rule that you have specified. When recording flashback behaves exactly like a typical man in the middle that is MITM proxy. It is only in playback mode where the connection flow and data flow controls within the client and the proxy.
How to record and replay HTTPS Transaction?
To record and replay HTTPS transaction with flashback is similar as HTTP transaction. However, in HTTPS transaction with special flashback care needs to be given to the security certificates used for SSL component of HTTPS. For a flashback to act as MITM proxy, creating a certificate authority is important. This certificate is necessary during the creation of secure channel between client and flashback. It is used as trusted source so that client will be able to authenticate flashback when they call to it. How to create a certificate? There are many resources which are helpful. There are many companies have their policies for securing certificate. Be sure! Before creating a certificate.
Before the security certificate gets accounted the only difference between HTTP and HTTPS regarding setup for recording following are few parameters.
- RootCertificateInputeStream: This can be either a stream or file path that indicates CA certificate filename.
- RootCertificatePassphrase: This is passphrase created for CA certificate.
- CertificateAuthority: These are the CA certificate’s properties.
- Replaying HTTPS transaction with flashback uses the same process as recording. The only difference is that set scene mode as “Playback.”
LinkedIn flashback mocking tool is best than any other tool. It is one of the tools which provide various functionality such as creating and testing your freelance websites in a secure manner. It has developed in-house for its work open for and used by others.