Skip to main content

Few popular authentications in Rest Assured

There are many types of authentication or some people prefer to call it authentication protocols in Rest Assured but few popular ones are:
Basic Authentication, OAuth 1 and OAuth 2
The basic authentication requires the users to send user id and a password like:
Response response =
given()
.auth()
.basic("username", "password")
.when()
.get("http://localhost:9090/sample/id/900");

In the case of OAuth 1.0, we need to send a Consumer Key, Secret, Access Token and Token Secret to access a secured resource:
Response response =
given()
.contentType("application/JSON")
 .auth()
 .oauth(consumerKey, consumerSecret, accessToken, tokenSecret)
 .formParam("paramKey", "paramValue").
 .when()
.post("http://localhost:9090/sample/id/880");

In the case of OAuth 2.0, the access token is required to access a secured resource:
First, you need to extract access token using authorization URL with the help of ClientId, ClientSecret, grant_type, and scope of the request like:
Response response =
given()
.auth()
.basic(clientId, clientSecret)
.formParam("grant_type", "client_credentials")
.formParam("scope", scope)
.when()
.post(/sample/id/900);

JSONObject jsonObj = new JSONObject(response.getBody().asString());
String accessToken = jsonObj.get("access_token").toString();

OR using ClientId, ClientSecret, username, password, and scope of the request like:
Response response =
given()
.auth()
.basic(clientId, clientSecret)  
.formParam("grant_type", "password")
.formParam("username", username)
.formParam("password", password)
.formParam("scope", scope)
.when()
 .post(/sample/id/900);

JSONObject jsonObj = new JSONObject(response.getBody().asString());
String accessToken = jsonObj.get("access_token").toString();

Then you can consume that accessToken in oauth2 like:
Response response =
given()
.auth()
.oauth2(accessToken
.contentType("application/json")
.body(JSONString)
.when()
.post("/sample/id/890");
Note* In order to use OAuth1 and OAuth2 for query parameter signing, you need to add Scribe dependency (scribejava-apis) in your pom.xml along with rest Assured (io.rest-assured) dependency especially if you are using an older version of REST Assured i.e. <2.5.0

Comments

Post a Comment

Popular posts from this blog

How to Unzip files in Selenium (Java)?

1) Using Java (Lengthy way) : Create a utility and use it:>> import java.io.BufferedOutputStream; import org.openqa.selenium.io.Zip; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream;   public class UnzipUtil {     private static final int BUFFER_SIZE = 4096;     public void unzip (String zipFilePath, String destDirectory) throws IOException {         File destDir = new File(destDirectory);         if (!destDir.exists()) {             destDir.mkdir();         }         ZipInputStream zipIn = new ZipInputStream(new FileInputStream(zipFilePath));         ZipEntry entry = zipIn.getNextEntry();         // to iterates over entries in the zip folder         while (entry != null) {             String filePath = destDirectory + File.separator + entry.getName();             if (!entry.isDirectory()) {                 extractFile (zipIn, filePath);            
Post a Comment
Read more

The use of Verbose attribute in testNG or POM.xml (maven-surefire-plugin)

At times, we see some weird behavior in your testNG execution and feel that the information displayed is insufficient and would like to see more details. At other times, the output on the console is too verbose and we may want to only see the errors. This is where a verbose attribute can help you- it is used to define the amount of logging to be performed on the console. The verbosity level is 0 to 10, where 10 is most detailed. Once you set it to 10, you'll see that console output will contain information regarding the tests, methods, and listeners, etc. <suite name="Suite" thread-count="5" verbose="10"> Note* You can specify -1 and this will put TestNG in debug mode. The default level is 0. Alternatively, you can set the verbose level through attribute in "maven-surefire-plugin" in pom.xml, as shown in the image. #testNG #automationTesting #verbose # #testAutomation
Post a Comment
Read more

Encode/Decode the variable/response using Postman itself

We get a lot of use cases where we may have to implement Base64 encoding and/or decoding while building our APIs. And, if you are wondering if it is possible to encode/decode the variable/response using Postman itself or how to encode/decode the token or password in postman and save it in a variable? To Base64 encode/decode, the quickest way is to use JavaScript methods btoa, atob: atob - It turns base64-encoded ASCII data back to binary. btoa - It turns binary data to base64-encoded ASCII. Sample code : var responseBody = pm.response.json(); var parsedPwd = JSON.parse(atob(responseBody.password)); // presuming password is in the payload pm.collectionVariables.set("password", parsedPwd);
Post a Comment
Read more