I am trying to use the RequestsLibrary on an api thats using the OAUTH2 authentication.
Authentication is via OAUTH2 with credentials being supplied to the /v1/authtoken endpoint.
Subsequent calls to the APÍ need to have the token included as a ‘bearer’ in the ‘Authorization’ header of the http requests.
So below is the test case. The error I am getting is:
401 != 200
The credentials work ok in jmeter and a list of accounts is returned. However, I am not able to get the RF script work. Any help will be appreciated.
In the script,
Log to Console ${accessToken} returns the access token: 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r...
Log to Console ${token} returns: Bearer 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r...
*** Test Cases ***
Get authToken
Create Session hook http://xxxx.azurewebsites.net verify=${True}
${data}= Create Dictionary grant_type=client_credentials client_id=yyy-zzzz client_secret=xxxxxxxxxxxxxxx
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= post request hook /v1/authtoken data=${data} headers=${headers}
Should Be Equal As Strings ${resp.status_code} 200
Dictionary Should Contain Value ${resp.json()} bearer
${accessToken}= evaluate $resp.json().get("access_token")
Log to Console ${accessToken}
${Bearer}= Set Variable Bearer
${token}= catenate Bearer ${accessToken}
Log to Console ${token}
${headers}= Create Dictionary Authorization=${token}
${resp1}= get request hook /v1/integration/accounts headers=${headers}
Should Be Equal As Strings ${resp1.status_code} 200
#Log to Console ${resp1.json()}
I am using OAuth 2.0 authentication as well for my salesforce automation.
My first answer would be to skip client based authentication and switch to username/password based authentication
Get authToken by Password Authentication
RequestsLibrary.Create Session hook https://<url>/services/oauth2 verify=${True}
${data}= Create Dictionary grant_type=password client_id=1abc client_secret=2abc username=test#test.com password=keypass
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= RequestsLibrary.Post Request hook /token data=${data} headers=${headers}
Should Be Equal As Strings ${resp.status_code} 200
${accessToken}= evaluate $resp.json().get("access_token")
Log to Console ${accessToken}
If you are using client based or web based authentication, there will be a login screen that will be used by the user to enter their username/password to authorise the app to send requests on its behalf. Have a look at these pages for more information as they primarily discuss about using either refresh tokens or skipping the user prompt altogether.
Why does Google OAuth2 re-ask user for permission when i send them to auth url again
https://salesforce.stackexchange.com/questions/785/authenticate-3rd-party-application-with-oauth2
I have added the new answer for this question.
RequestsLibrary.Create Session OA2 <Your Server URL> verify=${True}
${data}= Create Dictionary Token_Name=TestTokenname grant_type=<grant type> client_Id=<your Id> Client_Secret=<Your client secret> scope=<your scpe>
${headers}= Create Dictionary Content-Type=application/x-www-form-urlencoded
${resp}= RequestsLibrary.Post Request OA2 identity/connect/token data=${data} headers=${headers}
BuiltIn.Log To Console ${resp}
BuiltIn.Log To Console ${resp.status_code}
Should Be Equal As Strings ${resp.status_code} 200
Dictionary Should Contain Value ${resp.json()} Testtokenname
${accessToken}= evaluate $resp.json().get("access_token")
BuiltIn.Log to Console ${accessToken}
${token}= catenate Bearer ${accessToken}
BuiltIn.Log to Console ${token}
${headers1}= Create Dictionary Authorization=${token}
RequestsLibrary.Create Session GT <Your Server URL> verify=${True}
${resp}= RequestsLibrary.Get Request GT <Your API URL> headers=${headers1}
Should Be Equal As Strings ${resp.status_code} 200
Related
Unable to send Custom headers for zap-api-scan.py, headers are declared in options.prop
I want to use zap to scan a rest API endpoint which requires Authorization & X-api-key header.
To specify the header, I have configured these in options.prop file.
But when I run
docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-weekly zap-api-scan.py -t <API URL> -f openapi -z "-configfile /zap/wrk/options.prop"
I feel prop file is not getting picked. I get 401 error, as my Authorization token is not picked up.
Below is how my options.prop file looks
replacer.full_list(0).description=Authorization
replacer.full_list(0).enabled=true replacer.full_list(0).matchtype=REQ_HEADER
replacer.full_list(0).matchstr=Authorization
replacer.full_list(0).regex=false
replacer.full_list(0).replacement=<Token>
replacer.full_list(1).description=x-api-key
replacer.full_list(1).enabled=true
replacer.full_list(1).matchtype=REQ_HEADER
replacer.full_list(1).matchstr=x-api-key
replacer.full_list(1).regex=false
replacer.full_list(1).replacement=<Value>
I have enabled jwt auth on my dev vault instance
vault auth enable jwt
Success! Enabled jwt auth method at: jwt/
However, when I try to configure the jwks_url for the jwt auth I get the following error
➜ vault write auth/jwt/config jwks_url="<jwks_url>"
Error writing data to auth/jwt/config: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/auth/jwt/config
Code: 400. Errors:
* error checking jwks URL: fetching keys oidc: get keys failed: 400 Bad Request Accept header is missing
Any idea what might I be doing wrong?
I'm trying to achieve the authentication for office 365 accounts by using oauth 2.0 ,
i'm using PublicClientApplication and InteractiveRequestParameters method for acquiring access token and in result successfully received access token ,refresh token and id token but when i am using access_token to connect to imap, i am getting error as authentication failure, can anyone please help me out what am i missing here.
have given all the required permissions from azure portal.
here is my code through which i am trying to connect to server
store.connect("outlook.office365.com", "my_email_id, access_token); //here store is imap
properties i have set are:
properties.put("mail.smtp.port", "587");
properties.setProperty("mail.imap.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
properties.setProperty("mail.imap.socketFactory.fallback", "false");
properties.setProperty("mail.imap.port", "993");
properties.setProperty("mail.imap.socketFactory.port", "993");
properties.put("incomingHost", "outlook.office365.com");
properties.put("mail.imap.ssl.enable", "true");
properties.put("mail.smtp.starttls.enable", "true");
properties.put("outgoingHost", "smtp.office365.com");
properties.setProperty("mail.imaps.ssl.trust", "*");
Note: when i am providing password instead of access_token , i am successfully able to login but failure while using access_token.
Thank you !!
You cannot use your access token in place of a password. IMAP requires that your client use SASL XOAUTH2 to authenticate. Details can be found here.
For example, the SASL XOAUTH2 format to access test#contoso.onmicrosoft.com with access token EwBAAl3BAAUFFpUAo7J3Ve0bjLBWZWCclRC3EoAA is:
base64("user=test#contoso.onmicrosoft.com^Aauth=Bearer EwBAAl3BAAUFFpUAo7J3Ve0bjLBWZWCclRC3EoAA^A^A")
After base64 encoding, this translates to the following string. Note that line breaks are inserted for readability.
dXNlcj10ZXN0QGNvbnRvc28ub25taWNyb3NvZnQuY29tAWF1dGg9QmVhcmVy
IEV3QkFBbDNCQUFVRkZwVUFvN0ozVmUwYmpMQldaV0NjbFJDM0VvQUEBAQ==
Clio API v4 returns ForbiddenError for every request.
For example this request works without problem:
GET /api/v2/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
And this request doesn't work:
GET /api/v4/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
This is the error returned with status 403:
{"error":{"type":"ForbiddenError","message":"User is forbidden from taking that action"}}
The same happens with any other request.
I was having the exact same problem. Here's a response from Clio, which resolved my issue.
We have recently made a change that requires all Bulk Action requests include bearer tokens in order to be successful. If you are making requests without including bearer tokens, they will fail.
Hope this helps.
I've found the solution.
The problem happened because the Bearer token has been received for application registered with APIv2 and/or in wrong domain (Europe instead of USA).
That means when I approved user I approved it against wrong application.
I Need API to stop the running application, after some search I've found this API
http://apidocs.cloudfoundry.org/263/apps/updating_an_app.html
if I want to test it with postman how can I obtain token and where should I put it inside postman ?
Edit
i've tried like following with postman
Put
https://[api]/v2/apps/211c82e2-7316-45b6-9ae6-1df4dzz74772/stop
Header
Authorization : bearer <token>
"Content-Type":"application/x-www-form-urlencoded"
I got error:
{
"description": "Unknown request",
"error_code": "CF-NotFound",
"code": 10000
}
Any idea?
To get the token you can run cf oauth-token from the CLI.
You can use that token in Postman by adding an 'Authorization' HTTP header.
E.g.
Authorization: bearer token_you_got_by_running_cf_oauth-token