Hi I am tried to login to a google OAuth sys for an integration test. It was running fine locally, but was blocked while I am running in CircleCI.
The guess is Google somehow detect it as a bot and disabled it.
Here is the screenshot:
(not sure if it is related https://9to5google.com/2019/04/18/google-block-man-in-the-middle/)
Could you spin up a local OAuth server and use that for your integration test? Involving Google production systems here is likely to make your build very brittle.
I don’t believe we can do this, since our system is tightly integrated with another, adjacent system that needs to verify the valid token before allowing access to our system. So unless I’m missing something (or not understanding something, which is very possible), that’s not going to be an option.
It appears that Google may be blocking any attempts to login within an lxc/docker container to prevent MITM attacks, so without a way to circumvent this, I’m not sure what else we can do.
That is an engineering “smell” that I would address, personally. Perhaps each of these systems can be set up in a test mode that allows the verification to be skipped when running the integration tests?
Also, when you are doing the individual builds, you can set up a local OAuth server to show that each system works with OAuth in the way you expect.