I have some code that uses an API to push some data to a remote third-party service.
In actual use, it needs OAuth-generated credentials to push to this API endpoint. That's all working, when the user pushes the 'export' button, we redirect them through the OAuth flow, they come back, we've got a token, we push the data (probably in a bg job, which has it's own potential problems, but that's not the focus of this question), great.
But how do I write an automated test for this functionality? I don't have the OAuth credentials at test time, and I don't know if there's any good way to get them.
I could actually web scrape to fake a user login to real third-party service, but that seems ugly. I could skip the actual "prove it really pushes test", and just test that the request I'm going to send looks right, but I'd love to have an automated test proving that it really does succesfully push, in case the third party changes things. I would probably record it with "vcr" to avoid the slow network requests each time, but that's not the issue either (unless it is because it'll make things even harder...)
In this case, the third-party API uses OAuth 1.0a, if that matters.
Any ideas or solutions? Is this a thing?