There is indeed no means to test it without the permission being granted on your key.
However, creating a well-formed OAuth request for xAuth is the same as creating any well-formed OAuth request.
You can practice creating the correct OAuth signatures with the OAuth Tool available in your application management.
