For our automated testing of our Drupal site, we are using Behat test scripts. On our local development machines we are using a self signed SSL certificate that is created by Acquia Devdesktop. Running the tests in the different browsers with Behat is no problem since you can trust the certificate in the browser itself. However for the REST interfaces where no browser is being opened it is a different story. Behat will not accept the self signed certificate since it is "unsecure".
When running the REST test this is the error we get:
cURL error 60: SSL certificate problem: self signed certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) (GuzzleHttp\Exception\RequestException)
With the testcase itself is nothing wrong because it worked before we enabled the SSL certificate. We tried to edit the configuration .yml file with the options from the documentation and other tickets but with no luck.
Is there a way to trust a self signed certificate for the REST interface tests? If you need more information please let me know.
Edit: Added the YML config and composer.json file
//composer.json
{
"require": {
"drupal/drupal-extension": "~3.0",
"emuse/behat-html-formatter": "dev-master",
"behatch/contexts": "*",
"guzzlehttp/guzzle": "dev-master",
"behat/mink-goutte-driver": "dev-master"
},
"config": {
"bin-dir": "bin/"
}
}
Note I removed my url from the yml file below.
default:
suites:
default:
contexts:
- FeatureContextDrupal
- behatch:browser
- Drupal\DrupalExtension\Context\MinkContext
- Drupal\DrupalExtension\Context\DrupalContext
- Drupal\DrupalExtension\Context\DrushContext
- Drupal\DrupalExtension\Context\MessageContext
- behatch:debug
- behatch:system
- behatch:json
- behatch:table
- behatch:rest
- behatch:xml
formatters:
html:
output_path: %paths.base%/build/html/behat
extensions:
Sanpi\Behatch\Extension: ~
emuse\BehatHTMLFormatter\BehatHTMLFormatterExtension:
name: html
Behat\MinkExtension:
goutte:
guzzle_parameters:
verify: false
ssl.certificate_authority: false
selenium2:
wd_host: http://localhost:4444/wd/hub
base_url: "https://myurl.devcloud.acquia-sites.com/"
Drupal\DrupalExtension:
blackbox: ~
api_driver: 'drupal'
drush:
alias: 'ns-test'
drupal:
drupal_root: '/var/www/html/utcfs.dev/docroot'
chrome:
extensions:
Behat\MinkExtension:
selenium2:
browser: chrome
capabilities: { "browser": "chrome", "browserName": "chrome", "version": "*", "browserVersion": "*" }
iexplore:
extensions:
Behat\MinkExtension:
selenium2:
browser: internet explorer
capabilities: { "browser": "internet explorer", "browserName": "internet explorer", "version": "*", "browserVersion": "*" }
Found my answer on GitHub:
For Behat3/MinkExtension2.2
extensions:
Behat\MinkExtension:
base_url: 'https://localhost'
sessions:
default:
goutte:
guzzle_parameters:
defaults:
verify: false
Lower versions (1.x)
extensions:
Behat\MinkExtension:
goutte:
guzzle_parameters:
verify: false
Related
I want to use an SSL certificate for the liveserver extension. It is self-signed, trusted, and verified to be working (added in apache).
However the extension does not want to start no matter what, unless https is disabled.
I am also using port 8080, but that does not matter. (Certificate is for "localhost")
How can I fix this?
{
"liveserver.settings.port": 8080,
"liveServer.settings.https": {
"enable": true, //set it true to enable the feature.
"cert": "/home/me/primary.crt", //full path of the certificate
"key": "/home/me/private.key", //full path of the private key
"passphrase": "1234"
}
}
I am automating some tests with Protractor but cannot figure out how to auto select a certificate for the website under test.
It seems that the AutoSelectCertificateForUrls option of Google Chrome should do the trick, but it does not seem to work, or I am not setting it correctly.
This is what I have in my conf file:
...
chromeOptions: {
prefs: {
AutoSelectCertificateForUrls: [
'{"pattern":"[*.]my.website.here","filter":{"ISSUER":{"CN":"My Issuer Here"}}}'
]
}
...
(obviously the website url pattern and cert issuer are anonymised)
I successfully installed API Platform, it works well with all my entities.
Now i'm trying to add JWT authentication whith LexikJWTAuthenticationBundle, but when i send the request for login i get :
No route found for "GET /api/login"
My request :
http://localhost:8000/api/login?username=john&password=doe
I'm using Symfony 4, here is my security.yaml :
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
entity_provider:
entity:
class: App\Entity\User
property: username
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: entity_provider
json_login:
check_path: /api/login
username_path: email
password_path: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
provider: entity_provider
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
I think the JWT bundle works well because when i try to access a resource, i get :
{"code":401,"message":"JWT Token not found"}
I think it's just a matter of routing, but as i'm quite a newbie to Symfony i don't know what to do...
I already tried to change patterns, check path...
Any hint ?
EDIT : i added this in routes.yaml :
api_login_check:
path: /api/login
Now i have :
Unable to find the controller for path "/api/login". The route is wrongly configured.
More details from the logs :
WARNING
09:40:52
request Unable to look for the controller as the "_controller" parameter is missing.
ERROR
09:40:53
request Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "Unable to find the controller for path "/api/login". The route is wrongly configured."
Check this link https://github.com/symfony/symfony-docs/pull/7081/files#diff-7f5c7908922a550bda01ab86f19f3938R119
You have to send your request to http://localhost:8000/api/login with a json body like this
{"username": "john","password": "doe"}
Also I recommend to read this "How to Build a JSON Authentication Endpoint" https://symfony.com/doc/current/security/json_login_setup.html
Thanks
Thanks lvillarino, i already tried that without success but i think i made other mistake then... I tried again as i was quite sure that was the good direction and now it works !
This is my final configuration, maybe it will help someone...
FYI, i'm using email/password as credentials.
security.yaml
providers:
entity_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: entity_provider
json_login:
check_path: /api/login
username_path: email
password_path: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
main:
pattern: ^/
provider: entity_provider
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
encoders:
App\Entity\User:
algorithm: bcrypt
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
routes.yaml
api_login_check:
path: /api/login
I tried to login to my api using Postman using this url :
http://localhost:8000/api/login
On the headers section i have :
Accept : application/json
Content-type: application/json
And on the body section (raw) :
{
"email":"john#doe.fr",
"password":"mypass"
}
The token is successfully generated and functional, it is accepted as Bearer in further api calls.
More information : i had problems with private and public keys generated using PuttyGen on windows, i always had bad credentials when using the generated token. I had to generate them on a linux environment using openssl, and now it works.
Last information : i installed LexikJWTAuthenticationBundle with composer, i used the passphrase generated in .env file to generate the keys, as it's not very well explained in the installation process.
I have two projects, one with documentation and one as the actual app.
When I access http://localhost:3000/docs my webpack setup is redirecting me to another server which is on http://localhost:4000 and where the documentation lives.
The redirect is happening but when it tries to load dependencies (.js, .css) the request is made on the original port (3000) and not the port 4000.
How can I redirect the server requests for the second website?
My webpack setup:
proxy: {
"/docs/**": {
target: "http://localhost:8080",
pathRewrite: { "^/docs": "" },
changeOrigin: true,
secure: false,
}
}
I'm trying to access ejabberd rest api without authentication but always get a 403 Forbidden response with this body :
{
"status": "error",
"code": 32,
"message": "AccessRules: Account does not have the right to perform the operation."
}
I cannot get an OK response on /api/status endpoint which is a command that all users from 127.0.0.1 should be able to use (see "public commands" section under api_permissions in ejabberd.yml).
Here's the request details (via Insomnia REST client):
> POST /api/status HTTP/1.1
> User-Agent: insomnia/5.1.0
> Host: localhost:5280
> Accept: */*
> Accept-Encoding: deflate, gzip
> Content-Type: application/json
> Content-Length: 2
| {}
Ejabberd version is 17.04, installed from a downloaded deb package and running on Debian 8.8 (jessie) x86_64 as ejabberd user.
Post install, I simply added the host "localhost", registered a new user "admin" for localhost and added it to the ACLs.
The only changes I made into ejabberd.yml :
hosts:
- "localhost"
acl:
admin:
user:
- "admin": "localhost"
Otherwise, I can access the webadmin interface which works fine...
What can I do in order to have a 200 OK response ?
Ok I found the solution. Like the message said it was a permission issue.
Here's the default configuration :
api_permissions:
## ...
"public commands":
who:
- ip: "127.0.0.1/8"
what:
- "status"
- "connected_users_number"
This does not allow to access to status or connected_users_number commands with or without authentication (I triple-checked).
For a no authentication usage, use -all :
"public commands":
who:
## This allows to use both commands without having to authenticate
- all
what:
- "status"
- "connected_users_number"
If you want to require a valid user (with basic authentication), replace - all by - access: local.
"public commands":
who:
## This allows to use both commands with basic authentication for local users
- access: local
what:
- "status"
- "connected_users_number"