31.07.2019 23:22:44
Probleem REST Assured authenticationiga
Äkki keegi on kasutanud ja oskab palun aidata?
@Test
public void testLoginPreemptiveBasicHV()
{
RestAssured.baseURI = "https://www.hinnavaatlus.ee";
RequestSpecification auth = given().auth().preemptive().basic("xxxxusername", "xxxxpassword"); // given().auth().basic("xxxxusername", "xxxxpassword"); ei toimi samuti
assertFalse("Assert that body doesn`t contain text 'logi sisse....'", responseBody.print().contains("logi sisse, et näha oma privaatsõnumeid"));
}
Tulemus:
java.lang.AssertionError: Assert that body doesn`t contain text 'logi sisse....'
at org.junit.Assert.fail(Assert.java:88)
at org.junit.Assert.assertTrue(Assert.java:41)
at org.junit.Assert.assertFalse(Assert.java:64)
at RestAssuredAuth.testLoginBasicHV(RestAssuredAuth.java:60)
Ehk ei saa seda sisselogimist päris paljude lehekülgede peal tööle, aga mingi Jenkinsi demo saidiga see Preemptive Basic authentication muidu töötas küll. _________________ ...
Apart from these basic configurations, REST Assured ships with functionality to:
detect or indicate a CSRF token field in the webpage
use additional form fields in the request
log information about the authentication process
Normally, the form indicates the endpoint that it’ll call with its action attribute, and each input field corresponds with a form parameter sent in the request.
If the login form is simple enough and follows these rules, then we can rely on REST Assured to figure out these values for us:
This is not an optimal approach, anyway, since REST Assured needs to perform an additional request and parse the HTML response to find the fields.
We also have to keep in mind that the process can still fail, for example, if the webpage is complex, or if the service is configured with a context path that is not included in the action attribute.
Therefore, a better solution is to provide the configuration ourselves, indicating explicitly the three required fields:
java.lang.AssertionError: Assert that body doesn't contain text 'logi sisse....'
at org.junit.Assert.fail(Assert.java:88)
at org.junit.Assert.assertTrue(Assert.java:41)
at org.junit.Assert.assertFalse(Assert.java:64)
at RestAssuredAuth.testLoginFormHV(RestAssuredAuth.java:75)
...
Kuna "Form params" juures pole "_sso_csrf" väärtust näha, siis tõenäoliselt seal vormil olevat CSRF välja automaatselt ei tuvastatud, vaid pead selle välja nime eraldi ette andma.
S.t proovi nt
new FormAuthConfig("/site/login/", "username", "password").withLoggingEnabled().withCsrfFieldName("_sso_csrf")
sa ei või postitada uusi teemasid siia foorumisse sa ei või vastata selle foorumi teemadele sa ei või muuta oma postitusi selles foorumis sa ei või kustutada oma postitusi selles foorumis sa ei või vastata küsitlustele selles foorumis sa ei saa lisada manuseid selles foorumis sa võid manuseid alla laadida selles foorumis
Hinnavaatlus ei vastuta foorumis tehtud postituste eest.