We have began working on our payment service and all was going well with the test nonces that Braintree supply
We've been using fake-valid-nonce all over the place for our transactions however, we now need to implement 3dsecure which has 0 test nonces meaning all of our tests fail with a Gateway Rejected: three_d_secure error.
Has anyone had any experience with heavy unit testing of Braintree?
Thanks
I must concur with Joe on this,
I am participating to develop the Braintree library for Golang: https://github.com/lionelbarrow/braintree-go
We are having issues with the exact same problem. There is no pre-defined nonces that will work through 3ds secure validation.
If we create payment methods using the cards provided in the sentinel document: https://developers.braintreepayments.com/files/Centinel.IntegrationGuide.ConsumerAuthentication_TestCases_v1_18_0_20160823.pdf
and create a nonce from the server for one of those cards, the nonce obviously does not contain any 3ds information.
During our automated integration tests we do not have access to a client-side SDK and cannot run the "required" threeDSecure.verifyCard() (this is only available through JS code)
We are thus stuck without any means to automatic tests.
This is a serious issue as the server should always verify those fields on a transaction by itself without relying on data coming from the client
I asked the Braintree support for help on this case. Their only answer at the moment is that we should do manual testing and go through the whole client side workflow of validating a 3ds card.
I reminded them we are in 2018 and that requiring developers to manually test all integration test cases each time they commit something is not a sane way to develop.
I also reminded them that we are talking about security features that are touching client payment methods and should be tested automatically and thoroughly for obvious reasons.
I also pointed out that at least in their own python SDK they have integration tests (that work only on their own infrastructure) that test 3d secure:
https://github.com/braintree/braintree_python/blob/bdc95168f46b4c3ad3904fd56e5f8e15e04e9935/tests/test_helper.py#L297
This means someone on their teams is thinking about tests and is trying to do something. This something is not enough for us out there unfortunately.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With