I am using Quarkus with quarkus-smallrye-jwt and I want to access the request headers from a custom subclass of JWTCallerPrincipalFactory as explained by https://quarkus.io/guides/security-jwt#custom-factories. Is there a way to do that?
I solved it by using an implementation of HttpAuthenticationMechanism which has access to the RoutingContext as described here https://quarkus.io/guides/security-customization#httpauthenticationmechanism-customization
Related
I am trying to implement digest authentication using async-http-client on top of swiftNIO. Therefore I use a class which uses the HTTPClientResponseDelegate protocol. In this class in the
func didReceiveHead(task: HTTPClient.Task<Response>, _ head: HTTPResponseHead) -> EventLoopFuture<Void> {
I parse the first server response and I generate the hash for the response. Now I have to construct the Authorization header with my hash, conforming to the digest authentication. But how can I send it to the server again from my class? Must I make a new HTTPClient.Request or I can make a response with an header directly from my class?
Perhaps somebody can give me a tip how to achieve this using swiftNIO and async-http-client.
Thanks
Arnold
I’m afraid that at the moment you do need to make a new request from your delegate. Currently there is no way to automatically send a new request.
I would like to know how to property transfer from one REST API to another REST API?
I worked on the property transfer with the JSON format, but I need to know how to transfer the one REST API response property and use it in the header?
let me explain this using the below scenario:
Admin get the User object by API
Save apiKey from the user object
Call the action on user behalf(By set Authorization Header to Basic with the user apiKey)
To accomplish these steps in soapUI You have to:
Define apiKey in Custom Properties in TestCase
Call resource that returns a User object
Save apiKey property to TestCase.apiKey via property transfer or Groovy Step
Reuse TestCase.apiKey in your nest REST Request step by expanding it via Basic ${=(testCase.getPropertyValue("apiKey")+":").bytes.encodeBase64()}
Hope that helps
Situation:
Using recording with Jmeter I have generated a list of api requests. The way my test object works is that when you login using UI it creates a key for the entire session (which also keeps on changing), however there is an option of having a static api key for a user that you can use for all requests when sending the api requests NOT using the UI of my software.
Problem:
I have a list of api requests that I want to test but I would like to overwrite only one variable in the header of all my api requests (i.e. adding the static api key).
Is there a way of overwriting only one variable in all (most of) the headers?
The Header Manager lets you add or override HTTP request headers.
Create a header manager at the top and enter the common value. This value will be send with all the headers.
For more information check the below link:-
https://www.blazemeter.com/blog/using-jmeters-http-header-manager
Hope this helps.
Add/Copy desired HTTP Header Manager above the Thread Group OR above Recording Controller and remove/disable all HTTP Header Manager inside request samplers, all request samplers will use the Main HTTP Header by default.
Cheers!
I am writing a REST API, which supports POST/GET/DELETE method for the same url.
For the DELETE method, the API needs extra parameters (details of the deletion). But the library I am using doesn't support request body for DELETE method, how can I do it?
If I put the parameter in URL like:
DELETE /API/Resource/id/parameter
Then I break the RESTyness.
Or I need to use another method POST/PUT, which is not RESTy, either.
Why is POST / PUT not RESTy? Take a look at the twitter REST API: You can destroy a status by POSTing to /statuses/id/destroy. That request does accept parameters. You could do something similar to this:
POST /API/Resource/id/destroy
I think that is RESTy enough.
I have one class that extends org.restlet.Application class.
Various requests are handled using this class, say:
/register
/login
/listitem
I perform all operations using POST request and manage all org.restlet.resource.ServerResource classes with annotation #Post("json").
My problem is if requests other than POST come into scenario I got an error like 405 Method Not Allowed.
So how to handle other requests without explicitly write code for each annotation?
I'm not sure to correctly understand your problem. When using Restlet, you need to explicitly define an annotated method for each HTTP method you want to support.
What do you exactly want to do?
Thierry