使用OAUTH2授权请求标头的Robot Framework api测试-Java 学习之路

我试图在使用OAUTH2身份验证的api上使用RequestsLibrary .

通过OAUTH2进行身份验证，并将凭据提供给/ v1 / authtoken endpoints . 对APÍ的后续调用需要将令牌作为“承载”包含在http请求的“授权”头中 .

以下是测试用例 . 我得到的错误是：401！= 200

凭证在jmeter中正常工作，并返回一个帐户列表 . 但是，我无法使RF脚本工作 . 任何帮助将不胜感激 .

在脚本中，

登录到控制台 ${accessToken} 返回访问令牌：8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r ...
登录到控制台 ${token} 返回：Bearer 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r ...

*** Test Cases ***

Get authToken
    Create Session  hook    http://xxxx.azurewebsites.net  verify=${True}
    ${data}=      Create Dictionary     grant_type=client_credentials     client_id=yyy-zzzz     client_secret=xxxxxxxxxxxxxxx
    ${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
    ${resp}=    post request    hook    /v1/authtoken    data=${data}   headers=${headers}
    Should Be Equal As Strings  ${resp.status_code}     200
    Dictionary Should Contain Value     ${resp.json()}  bearer
    ${accessToken}=    evaluate    $resp.json().get("access_token")
    Log to Console        ${accessToken}
    ${Bearer}=      Set Variable   Bearer
    ${token}=       catenate    Bearer    ${accessToken}
    Log to Console     ${token}
    ${headers}=   Create Dictionary   Authorization=${token}
    ${resp1}=     get request       hook    /v1/integration/accounts  headers=${headers}
    Should Be Equal As Strings  ${resp1.status_code}    200
    #Log to Console   ${resp1.json()}

2 回答

1
我正在使用OAuth 2.0身份验证以及我的salesforce自动化 .

My first answer would be to skip client based authentication and switch to username/password based authentication
```
Get authToken by Password Authentication

RequestsLibrary.Create Session  hook    https://<url>/services/oauth2  verify=${True}
${data}=      Create Dictionary     grant_type=password     client_id=1abc    client_secret=2abc    username=test@test.com  password=keypass
${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
${resp}=        RequestsLibrary.Post Request    hook    /token    data=${data}   headers=${headers}
Should Be Equal As Strings  ${resp.status_code}     200
${accessToken}=    evaluate    $resp.json().get("access_token")
Log to Console        ${accessToken}
```
如果您使用基于客户端或基于Web的身份验证，则会有一个登录屏幕，用户将使用该屏幕输入用户名/密码来授权应用程序代表其发送请求 . 请查看这些页面以获取更多信息，因为它们主要讨论使用刷新令牌或完全跳过用户提示 .
- Why does Google OAuth2 re-ask user for permission when i send them to auth url again
- https://salesforce.stackexchange.com/questions/785/authenticate-3rd-party-application-with-oauth2
回复于 2024-04-29T20:59:24+08:00

我正在使用的API无法跳过OAuth2 . 所以我不得不继续使用OAuth2为了回应Sandeep的问题，我也遇到了同样的问题 . 在您获得请求之前，您可能必须在分配Authorization = $ 后创建会话....请尝试以下一次

Create Session  hook    http://xxxx.azurewebsites.net  verify=${True}
${data}=      Create Dictionary     grant_type=client_credentials     
client_id=yyy-zzzz     client_secret=xxxxxxxxxxxxxxx
${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
${resp}=    post request    hook    /v1/authtoken    data=${data}   headers=${headers}
Should Be Equal As Strings  ${resp.status_code}     200
Dictionary Should Contain Value     ${resp.json()}  bearer
${accessToken}=    evaluate    $resp.json().get("access_token")
Log to Console        ${accessToken}
${Bearer}=      Set Variable   Bearer
${token}=       catenate    Bearer    ${accessToken}
Log to Console     ${token}
${headers}=   Create Dictionary   Authorization=${token}
RequestsLibrary.Create Session    hook1 /v1/integration/accounts    verify=${True}        
${resp}=  RequestsLibrary.Get Request  hook1    headers=${headers1}  
Should Be Equal As Strings    ${resp.status_code}    200

另外，它的帮助方式如下：

RequestsLibrary.Create Session    OA2    https://idp-t.xxxx.nu/    verify=${True}
${data}=     Create Dictionary    Token_Name=Bearer    grant_type=client_credentials    Client_Id=Puur.Client.35621957-cb82-4ecc-bce5-836c707d163c     Client_Secret=67edcc466ed80cacbd24a78d0de10b02    scope=Ecare.Puur.Service
${headers}=   Create Dictionary    Content-Type=application/x-www-form-urlencoded

${resp}=    RequestsLibrary.Post Request    OA2    identity/connect/token    data=${data}    headers=${headers}
BuiltIn.Log To Console    ${resp}
BuiltIn.Log To Console    ${resp.status_code}
Should Be Equal As Strings    ${resp.status_code}    200
Dictionary Should Contain Value    ${resp.json()}   Bearer
${accessToken}=    evaluate    $resp.json().get("access_token")
BuiltIn.Log to Console    ${accessToken}
${token}=    catenate    Bearer    ${accessToken}
BuiltIn.Log to Console    ${token}
${headers1}=  Create Dictionary    Authorization=${token} 

RequestsLibrary.Create Session    GT    https://sample-test-t.nu    verify=${True}        
${resp}=  RequestsLibrary.Get Request  GT    /api/teams    headers=${headers1}
Should Be Equal As Strings    ${resp.status_code}    200

希望能帮助到你！ :)

回复于 2024-04-29T20:59:24+08:00

使用OAUTH2授权请求标头的Robot Framework api测试

2 回答

相关问题