Skip to main content
  1. Data-holder-testings/

Testing scenarios

7 mins
Table of Contents

There are 2 broad categories of test scenarios:

  • Environment Setup
  • Correct Responses for Data

The dependency tree for the scenarios is

graph LR setup[Setup Environment] --> DCR[Dynamic Client Registration] DCR --> PAR[Pushed Authorization] PAR --> account[Get Accounts] PAR --> customer[Get Customer] PAR --> customer-detail[Get Customer Detail] PAR --> payee[Get Payees] PAR --> bulk-balance[Get Bulk Balances] PAR --> bulk-direct-debits[Get Bulk Direct Debits] PAR --> bulk-payments[Get Bulk Scheduled Payments] account --> account-detail[Get Account Detail] account --> account-balance[Get Account Balance] account --> specific-accounts-balances[Get Specific Accounts Balances] account --> account-direct-ebits[Get Account Direct Debits] account --> specific-accounts-direct-debitss[Get Specific Accounts Direct Debitss] account --> account-payments[Get Account Scheduled Payments] account --> specific-accounts-paymentss[Get Specific Accounts Scheduled payments] account --> transactions[Get Account Transactions] payee --> payee-detail[Get Payee Detail] transactions --> transaction-detail[Get Transaction detail] product[Get Products] --> product-detail[Get Product detail] outage[Get Outages] status[Get Status]

Environment Setup #

Environment setup includes running a DCR and Pushed Authorization Request.

This ensures that a recipient can talk to the dataholder, the dataholder can talk to the register and that access from the dataholder can be granted to the recipient

Scenarios #

Setup Environment #

  • Setup Environment
    • Ensures the register is aware of the dataholder
    • Ensures the register is aware of the recipient as a software product
    • Generates a private key for the recipient

Dynamic Client Registration #

Dynamic client registration is dependent on the success of the Setup Environment test

The failure cases involve manipulating the data sent in the client registration request object, if any failure cases result in a successful registration then the success case will fail

  • Failure Cases
    • Invalid request issuer
    • Invalid request software-id
    • Invalid request software-statement
    • Invalid request jwks-uri
    • Invalid request redirect-uri
    • Invalid request org-id
    • Invalid request org-name
    • Invalid request client-name
    • Invalid request client-description
    • Invalid request client-uri
    • Invalid request logo-uri
    • Invalid request grant-types
    • Invalid request response-types
    • Invalid request scopes
    • Empty request jwt-id
    • Empty request jwt-aud
    • Empty request jwt-iss
    • Empty request jwt-iat
    • Empty request jwt-exp
    • Empty request token-endpoint-auth-method
    • Empty request token-endpoint-auth-signing-alg
    • Empty request id-token-signed-response-alg
    • Empty request authorization-signed-response-algorithm
  • Success Case
    • Perform a DCR and obtain a Client ID for the recipient

Pushed Authorization Request #

Pushed Authorization Depends on the Dynamic client registration Success case passing

Pushed authorization is the act of initiating and later obtaining consent to the dataholder from a user. This step includes a manual piece which contains the redirect to the dataholder auth service.

The failure cases involve manipulating the request object sent in the Pushed Authorization Request. Unlike in DCR a if a failure case results in a successful PAR exchange the success test is not blocked

  • Failure Cases
    • Invalid client-id
    • Invalid redirect-uri
    • Invalid response-type
    • Invalid scope
    • Empty jwt-id
    • Empty jwt-aud
    • Empty jwt-iss
    • Empty jwt-iat
    • Empty jwt-exp
    • Empty jwt-nbf
  • Success Cases
    • Initiate a PAR exchange against the dataholder auth server and obtain a login uri
    • After navigating to the login uri and completing the datholder login flow, exchange authorization code for access token

Data Responses #

The Data response tests validate that a recipient can access the data available to a user, this includes unauthenticated requests to the product endpoints, as well as the outages and status endpoints

Endpoints #

  • Get Products
  • Get Product Detail
  • Get Outages
  • Get Status
  • Get Accounts
  • Get Account Detail
  • Get Bulk Balances
  • Get Account Balance
  • Get Specific Accounts Balances
  • Get Bulk Direct Debits
  • Get Account Direct Debits
  • Get Specific Accounts Direct Debits
  • Get Bulk Scheduled Payments
  • Get Account Scheduled Payments
  • Get Specific Accounts Scheduled Payements
  • Get Account Transactions
  • Get Transaction Detail
  • Get Customer
  • Get Customer Detail
  • Get Payees
  • Get Payee Detail

Get Products #

  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-enum effective
    • Non-date updated-since
  • Success Cases
    • Get products
    • Get paginated products

Get Product Detail #

  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
  • Success Case
    • Get Product Detail

Get Outages #

  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
  • Success Case
    • Get Outages

Get Status #

  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
  • Success Case
    • Get Status

Get Accounts #

Get Accounts Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-enum open-status
    • Non-boolean is-owned
  • Success Cases
    • Get Accounts
    • Get Paginated Accounts

Get Account Detail #

Get Account Detail Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Account Detail
    • Get Paginated Account Detail

Get Bulk Balances #

Get Bulk Balances Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-enum open-status
    • Non-boolean is-owned
  • Success Cases
    • Get Bulk balances
    • Get Paginated Bulk balances

Get Account Balance #

Get Account Balance Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Account Balance
    • Get Paginated Account Balance

Get Specific Accounts Balance #

Get Specific Account Balance Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Specific Accounts Balance
    • Get Paginated Specific Accounts Balance

Get Bulk Direct Debits #

Get Bulk Direct Debits Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-enum open-status
    • Non-boolean is-owned
  • Success Cases
    • Get Bulk Direct Debits
    • Get Paginated Bulk Direct Debits

Get Account Direct Debits #

Get Account Direct Debits Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Account Direct Debits
    • Get Paginated Account Direct Debits

Get Specific Accounts Direct Debits #

Get Specific Account Direct Debits Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Specific Accounts Direct Debits
    • Get Paginated Specific Accounts Direct Debits

Get Bulk Scheduled Payments #

Get Bulk Scheduled Payments Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-enum open-status
    • Non-boolean is-owned
  • Success Cases
    • Get Scheduled Payments
    • Get Paginated Scheduled Payments

Get Account Scheduled Payments #

Get Account Scheduled Payments Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Account Scheduled Payments
    • Get Paginated Account Scheduled Payments

Get Specific Accounts Scheduled Payments #

Get Specific Account Scheduled Payements Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Specific Accounts Scheduled Payments
    • Get Paginated Specific Accounts Scheduled Payments

Get Account Transactions #

Get Account Transactions Depends on the Get Accounts - Get Accounts Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-date oldest-time
    • Non-date newest-time
    • Non-decimal min-amount
    • Non-decimal max-amount
  • Success Cases
    • Get Account Transactions
    • Get Paginated Account Transactions

Get Transaction Detail #

Get Transation Detail Depends on the Get Account Transactions - Get Account Transactions Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Transaction Detail
    • Get Paginated Transaction Detail

Get Customer #

Get Customer Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Customer
    • Get Paginated Customer

Get Customer Detail #

Get Customer Detail Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Customer Detail
    • Get Paginated Customer Detail

Get Payees #

Get Payees Depends on the Pushed Authorization Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-integer page
    • Non-integer page-size
    • Pagesize too large
    • Non-date x-fapi-auth-date
    • Non-enum open-status
    • Non-boolean is-owned
  • Success Cases
    • Get Payees
    • Get Paginated Payees

Get Payee Detail #

Get Payee Detail Depends on the Get Payees - Get Payees Success case passing
  • Failure Cases
    • Empty version
    • Non-integer version
    • Non-integer min-version
    • Invalid version
    • Invalid min-version
    • Non-date x-fapi-auth-date
  • Success Cases
    • Get Payee Detail
    • Get Paginated Payee Detail