LinkedIn today has contributed Flashback, its internal Internet mocking tool, to open source. Flashback is a proxy server that enables users to capture, store and replay Internet transactions, so no Internet connection is required to test connections.
“We wanted to make tests as automated as possible; we want to make it ‘not the test’s fault’” if it fails, said Yabin Kang, a software engineering manager at LinkedIn NYC who developed Flashback with software engineers Shangshang Feng and Dan Vinegrad. “It isn’t dependent on third-party services to perform a test.”
In a blog post announcing the news, the engineers wrote that “a test is only as useful as it is reliable. With that in mind, it can be highly problematic for a test to have external dependencies, for instance on a third-party website. These external sites may change without notice, suffer from downtime, or otherwise become temporarily inaccessible, as the Internet is not 100 percent reliable. If one of our tests relies on being able to communicate with a third-party website, the cause of any failures is hard to pinpoint. A failure could be due to an internal change at LinkedIn, an external change made by the maintainers of the third-party website, or an issue with the network infrastructure. As you can imagine, there are many reasons why interactions with a third-party website may fail.”
Kang said LinkedIn first tried to solve the problem using Betamax, software for Internet transaction record and replay, but that required Internet access, and Kang explained that LinkedIn keeps its test environment isolated. Flashback sits between LinkedIn and third-party services such as YouTube (if users want to display videos in a LinkedIn post) to ensure the initial test is reliable. Instead, Kang said, “After the first YouTube request, I’ll record the response. And the next time we test, we’ll grab content from the local cache or data store, rather than going back to YouTube,” where the site might be unavailable, thwarting test completion.
One area in which Flashback is particularly useful is in authorization. OAuth requires a unique value every time a user tries to gain access, making verification of authorization values difficult. Flashback, according to the blog post, creates its own match rules to enable testing of requests with varying time data, signatures, tokens and more.
Flashback can test both JVM and non-JVM applications, as well as generate SSL/TLS certificates to emulate secure channels, according to the blog. Further, it allows users to change match rules on the fly, to test requests with different responses. “Being able to change the match rule dynamically allows us to test complicated scenarios. For example, we have a use case that requires us to test HTTP calls to both public and private resources of Twitter. For public resources, the HTTP requests are constant, so we can use the ‘MatchAll’ rule. However, for private resources, we need to sign requests with an OAuth consumer secret and an OAuth access token. These requests contain a lot of parameters that have unpredictable values, so the static ‘MatchAll’ rule wouldn’t work,” the engineers wrote.
Going forward, the team wants to support non-HTTP protocols, such as FTP or JDBC, and improve the Flashback setup API for non-Java language support.
Flashback is available under BSD license and is hosted here.