HCSS Career Center

HCSS Career Center

Archives for November 2018

Find Your Calling

Blog, Featured, Tech Support

How does one find their calling? I might not be able to tell you what your calling is, but I can tell you how I found mine in hopes that it helps you find yours. Hello, my name is Melody Hollis and I am a Learning Manager here at HCSS. My journey has been a unique one, to say the least.

I was hired two weeks before graduating with my undergrad in Digital Media from the University of Houston – Go Coogs! When I graduated, I wasn’t exactly sure what I wanted to do with my degree, but I knew I was good at and enjoyed interface design. When I started at HCSS, I was a Digital Marketing Specialist and worked in the Marketing department. HCSS was in the process of closing a pretty substantial deal with a large customer, Skanska. One of the concerns Skanska had was being able to implement and train thousands of employees through our traditional, in-person training methods. They told us that they would prefer to train only a handful of their employees. They planned to then create their own e-learning modules to put in their LMS (Learning Management System) to train the remainder of their employes.

This was the first time I had ever heard of an LMS. We realized that we too should have an LMS and that we should utilize it to train new and existing customers. The project was given to me because everyone else had too much on their plate and designing an interface like that was something I knew I could knock out of the park. My managers and I believed this would be a small side project. Little did we know, it would take off and become what it is today.

We started by offering a series of webinars covering specific features. We found that most of our users were accessing the recorded versions of these webinars rather than attending them live. I took that information and pushed for us to start creating “pre-recorded” content. The more I worked on the HCSS Academy, the more I fell in love with this new found passion for learning. In March of 2017, I was moved out of Marketing and started building out my team in the Support Department. I realized that I had the technical know how from my Digital Media degree, but I was missing instructional design experience. So, I started pursuing a MS in Instructional Design for Online Learning.

Through my classes I learned so much about the brain and how it reacts to learning. I found learning psychology fascinating! I soaked up as much as I could, as quickly as I could. Now, a little over a year and a half later, I have completed my Master’s, I am teaching classes at the University of Houston and I am the supervisor of two amazing employees – Chloe Lall and Elizabeth Martinez.

If it wasn’t for HCSS, I wouldn’t be the person I am today. I wouldn’t know anything about instructional design or learning management systems. HCSS has helped me find my true passion, pay for my MS, gave me a boost in confidence and helped developed my leadership skills. I have been given the unique opportunity to shape what my career will look like. If it wasn’t for the ownership thinking, the ability to take risks, learn from my mistakes, and the support my managers and executives have given me, the HCSS Academy wouldn’t exist today.

When promoting HCSS as a “Best Place” to work, it is easy to talk about the awards, the benefits, the toys, slide, etc. But, what really makes HCSS one of a kind is the people and the opportunities you will come to know from working here. So, if I can give you one piece of advice for how to find your calling it would be this: Surround yourself with people who care about you and will build you up, never stop growing, and don’t be afraid to take risks. After all, “the best parts of life are right on the other side of fear” (Will Smith).

 

Credit: Photography by Melody Hollis

How to Bypass the [Authorize] Attribute when Running an Integration Test

Blog, Development

Integration tests need to be reliable. If you’re hitting your actual identity provider with an [Authorize] attribute, your tests will fail if that server ever goes down or makes backwards-incompatible changes. The purpose of an integration test in ASP.NET is to test your application pipeline; not the availability of an external server. Here’s how to bypass the [Authorize] attribute and inject your own claims for use in integration tests.

Normally, OAuth (json web token) authentication is implemented like this:

Startup.cs


        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                    .AddJwtBearer(options =>
                    {
                        options.Authority = MyAuthority;
                        options.Audience = MyAudience;
                    });

The trick to bypassing [Authorize] (and eventually injecting mocks) is to have override-able startup. I break up ConfigureServices into 3 sections: ConfigureAuth, ConfigureAppInsights, and ConfigureDependencies.


        /// 
        /// Configures authentication for the web app.  This is abstracted out 
        /// so that we can override the authentication middleware for an
        /// integration test, and thus, don't have a dependency on the
        /// identity server for the test.
        /// 
        protected virtual void ConfigureAuth(IServiceCollection services)
        {

        /// 
        /// Configures app insights for the web app.  Under test, we probably
        /// don't want real telemtery, so provide the option to turn it off.
        /// 
        protected virtual void ConfigureAppInsights(IServiceCollection services)
        {

        /// 
        /// Configures dependencies for the web app.  Under test, we likely
        /// want to use mocks, so this provides a convenient way to register
        /// different implementations.  Additionally or alternatively, calling
        /// services.addSingleton multiple times, when resolved, returns the
        /// last registered instance.
        /// 
        protected virtual void ConfigureDependencies(IServiceCollection services)
        {

        /// 
        /// Set up dependency injection, configuration bindings, etc.
        /// 
        public void ConfigureServices(IServiceCollection services)
        {
            this.ConfigureAuth(services);
            this.ConfigureAppInsights(services);
            this.ConfigureDependencies(services);

Then we need to write custom authentication middleware that will pass any authentication attempt and inject any claims we care about. Here’s the source for a “LocalAuthHandler” that injects a custom UserId claim.

https://gist.github.com/michaeltnguyen/718f801fba2fdf370e2e8c5a5e763e08

Now we need to make the asp net core authentication middleware use our custom auth handler.


        /// 
        /// For instrumented tests, causes the authorization middleware to
        /// bypass identity server and use the LocalAuthenticationHandler to
        /// authorize requests and inject a default company id claim.
        /// 
        public static AuthenticationBuilder AddLocalAuthentication(this IServiceCollection services)
        {
            return services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = LocalAuthenticationHandler.AuthScheme;
                options.DefaultChallengeScheme = LocalAuthenticationHandler.AuthScheme;
            }).AddScheme(
                LocalAuthenticationHandler.AuthScheme, _ => { });
        }

And here’s what an overridden startup might look like:

https://gist.github.com/michaeltnguyen/f4f36e1d92661b60fa1183bc5cb8760b

And now you can write integration tests that run through the whole http application pipeline.

One problem here is that the controller is still hitting the actual database, so there’s still an external dependency that can cause the test to fail. (mocks to the rescue!) We added a ConfigureDependencies method to our startup class, so now we have a way to inject mocks crafted specifically for the integration tests.



        protected override void ConfigureDependencies(IServiceCollection services)
        {
            services.AddSingleton(new Mock(MockBehavior.Strict).Object);
        }

Moq provides a method Mock.Get(T object) to retrieve the underlying mock. We use this extension method just for syntactic sugar



        /// 
        /// Retrieves a Mocked service for an integration test.  The type
        /// must be registered in LocalAuthStartup.ConfigureDependencies, or
        /// this call will throw an exception.
        /// 
        /// The mock service.
        public static Mock GetMockService(this IServiceProvider provider)
            where T : class
        {
            return Mock.Get(provider.GetService());
        }

So a full blown integration test with local authentication and injected database mocks looks like:



    protected IServiceProvider ServiceProvider { get; }

    protected HttpClient Client { get; }

    public LocalAuthControllerTest()
    {
        var webhost = new WebHostBuilder().UseStartup();
        var server = new TestServer(webhost);

        Client = server.CreateClient();
        ServiceProvider = server.Host.Services;
    }

[Fact]
        public async Task TestClaimedQuantityReport_ReturnsExpectedJson()
        {
            var dbManager = ServiceProvider.GetMockService();
            // set up mock here
            var result = await Client.GetAsync("/api/v1/employee?name=bob");
            var body = await result.Content.ReadAsStringAsync();
            var expectedResponse = File.ReadAllText("Responses/employees.json");

            Assert.Equal(HttpStatusCode.OK, result.StatusCode);
            Assert.True(JToken.DeepEquals(JToken.Parse(body), JToken.Parse(expectedResponse)));
            
            dbManager.VerifyAll();
        }

Tada! Now you have 100% reliable integration tests that run through the entire HTTP application pipeline without hitting network at all!

Footer

About

We’re giving construction a little tech shakeup! Our software solutions have been helping construction companies work smarter since 1986. Today, we’re the known industry leader, serving thousands of contractors across the nation. We’re always growing and looking for more talent as we continue to innovate, refine, and expand our products, year after year.

Connect

Contact