While writing a unit test for a functionality today, I ran into a dilemma. For a given API test, T, should I choose to cover
code for request parsing, routing, and preparation, or should I choose to make it orthogonal to those concerns?
Choice A) Start a server at a free port and send a HTTP request to it from a HTTP client
Choice B) Call the function with manually created HTTP objects and avoid going through HTTP
For the first choice, running the test will also test the code that configures parsing rules and more importantly, some
logic used to authenticate the request. What can be bad about that?
The downside is that if the authentication layer changes, then every unit test that is written this way will fail -
since the test depends on the old authentication mechanism. On a small project with a few APIs, this is no big deal. On a
large projet with doznes of APIs, this will surely become unscalable.
The answer then, is to use Choice B for unit tests in general, plus one single additional test written using Choice A.