Java Code Examples for io.restassured.response.Response#getCookie()
The following examples show how to use
io.restassured.response.Response#getCookie() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ImplicitFlowLiveTest.java From spring-security-oauth with MIT License | 6 votes |
private String obtainAccessToken(String clientId, String username, String password) { final String redirectUrl = "http://www.example.com"; final String authorizeUrl = AUTH_SERVER + "/oauth/authorize"; // user login Response response = RestAssured.given().formParams("username", username, "password", password).post(AUTH_SERVER + "/login"); final String cookieValue = response.getCookie("JSESSIONID"); // get access token final Map<String, String> params = new HashMap<String, String>(); params.put("response_type", "token"); params.put("client_id", clientId); params.put("redirect_uri", redirectUrl); response = RestAssured.given().cookie("JSESSIONID", cookieValue).formParams(params).post(authorizeUrl); final String location = response.getHeader(HttpHeaders.LOCATION); System.out.println("Location => " + location); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String accessToken = location.split("#|=|&")[2]; return accessToken; }
Example 2
Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 6 votes |
@Test public void requestWithCookieAndHeaderShouldSucceed() { Response response = initiateSession(); String sessionId = response.getCookie(SESSION_COOKIE_NAME); String token = response.getCookie(XSRF_COOKIE_NAME); givenRelaxedSSL() .cookie(SESSION_COOKIE_NAME, sessionId) .and() .cookie(XSRF_COOKIE_NAME, token) .and() .header(XSRF_HEADER_NAME, token) .expect() .statusCode(200) .when() .get(baseUrl + "/xsrf-protected-with-session"); }
Example 3
Source File: SessionLiveTest.java From tutorials with MIT License | 6 votes |
@Test public void givenAuthorizedUser_whenDeleteSession_thenUnauthorized() { // authorize User Response response = RestAssured.given().auth().preemptive().basic("user", "userPass").get(API_URI); assertEquals(HttpStatus.OK.value(), response.getStatusCode()); final String sessionCookie = response.getCookie("SESSION"); // check redis final Set<String> redisResult = jedis.keys("*"); assertTrue(redisResult.size() > 0); // login with cookie response = RestAssured.given().cookie("SESSION", sessionCookie).get(API_URI); assertEquals(HttpStatus.OK.value(), response.getStatusCode()); // empty redis jedis.flushAll(); // login with cookie again response = RestAssured.given().cookie("SESSION", sessionCookie).get(API_URI); assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatusCode()); }
Example 4
Source File: UserInfoEndpointLiveTest.java From tutorials with MIT License | 6 votes |
private String obtainAccessTokenUsingAuthorizationCodeFlow(String username, String password) { final String authServerUri = "http://localhost:8081/auth"; final String redirectUrl = "http://www.example.com/"; final String authorizeUrl = authServerUri + "/oauth/authorize?response_type=code&client_id=SampleClientId&redirect_uri=" + redirectUrl; final String tokenUrl = authServerUri + "/oauth/token"; // user login Response response = RestAssured.given().formParams("username", username, "password", password).post(authServerUri + "/login"); final String cookieValue = response.getCookie("JSESSIONID"); // get authorization code RestAssured.given().cookie("JSESSIONID", cookieValue).get(authorizeUrl); response = RestAssured.given().cookie("JSESSIONID", cookieValue).post(authorizeUrl); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String location = response.getHeader(HttpHeaders.LOCATION); final String code = location.substring(location.indexOf("code=") + 5); // get access token Map<String, String> params = new HashMap<String, String>(); params.put("grant_type", "authorization_code"); params.put("code", code); params.put("client_id", "SampleClientId"); params.put("redirect_uri", redirectUrl); response = RestAssured.given().auth().basic("SampleClientId", "secret").formParams(params).post(tokenUrl); return response.jsonPath().getString("access_token"); }
Example 5
Source File: ImplicitFlowLiveTest.java From spring-security-oauth with MIT License | 5 votes |
private String obtainAccessToken(String clientId, String username, String password) { String authorizeUrl = AUTH_SERVER + "/auth"; Map<String, String> loginParams = new HashMap<String, String>(); loginParams.put("grant_type", "implicit"); loginParams.put("client_id", clientId); loginParams.put("response_type", "token"); loginParams.put("redirect_uri", REDIRECT_URL); loginParams.put("scope", "read write"); // user login Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl); String cookieValue = response.getCookie("AUTH_SESSION_ID"); String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action"); // get access token Map<String, String> tokenParams = new HashMap<String, String>(); tokenParams.put("username", username); tokenParams.put("password", password); tokenParams.put("client_id", clientId); tokenParams.put("redirect_uri", REDIRECT_URL); response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(tokenParams) .post(authUrlWithCode); final String location = response.getHeader(HttpHeaders.LOCATION); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String accessToken = location.split("#|=|&")[4]; return accessToken; }
Example 6
Source File: AuthorizationServerLiveTest.java From spring-security-oauth with MIT License | 5 votes |
private String obtainAccessToken() { final String redirectUrl = "http://localhost:8082/jwt-client/login/oauth2/code/custom"; final String authorizeUrl = "http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/auth?response_type=code&client_id=jwtClient&scope=read&redirect_uri=" + redirectUrl; final String tokenUrl = "http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/token"; // obtain authentication url with custom codes Response response = RestAssured.given().redirects().follow(false).get(authorizeUrl); String authSessionId = response.getCookie("AUTH_SESSION_ID"); String kcPostAuthenticationUrl = response.asString().split("action=\"")[1].split("\"")[0].replace("&", "&"); // obtain authentication code and state response = RestAssured.given().redirects().follow(false).cookie("AUTH_SESSION_ID", authSessionId) .formParams("username", "john@test.com", "password", "123", "credentialId", "") .post(kcPostAuthenticationUrl); assertThat(HttpStatus.FOUND.value()).isEqualTo(response.getStatusCode()); // extract authorization code String location = response.getHeader(HttpHeaders.LOCATION); String code = location.split("code=")[1].split("&")[0]; // get access token Map<String, String> params = new HashMap<String, String>(); params.put("grant_type", "authorization_code"); params.put("code", code); params.put("client_id", "jwtClient"); params.put("redirect_uri", redirectUrl); params.put("client_secret", "jwtClientSecret"); response = RestAssured.given().formParams(params).post(tokenUrl); return response.jsonPath().getString("access_token"); }
Example 7
Source File: ResourceServerLiveTest.java From spring-security-oauth with MIT License | 5 votes |
private String obtainAccessToken(String scopes) { // obtain authentication url with custom codes Response response = RestAssured.given() .redirects() .follow(false) .get(String.format(authorizeUrlPattern, scopes)); String authSessionId = response.getCookie("AUTH_SESSION_ID"); String kcPostAuthenticationUrl = response.asString() .split("action=\"")[1].split("\"")[0].replace("&", "&"); // obtain authentication code and state response = RestAssured.given() .redirects() .follow(false) .cookie("AUTH_SESSION_ID", authSessionId) .formParams("username", "john@test.com", "password", "123", "credentialId", "") .post(kcPostAuthenticationUrl); assertThat(HttpStatus.FOUND.value()).isEqualTo(response.getStatusCode()); // extract authorization code String location = response.getHeader(HttpHeaders.LOCATION); String code = location.split("code=")[1].split("&")[0]; // get access token Map<String, String> params = new HashMap<String, String>(); params.put("grant_type", "authorization_code"); params.put("code", code); params.put("client_id", "jwtClient"); params.put("redirect_uri", redirectUrl); params.put("client_secret", "jwtClientSecret"); response = RestAssured.given() .formParams(params) .post(tokenUrl); return response.jsonPath() .getString("access_token"); }
Example 8
Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 5 votes |
private String obtainAccessTokenWithAuthorizationCode(String clientId, String username, String password) { final String redirectUrl = "http://www.example.com"; final String authorizeUrl = AUTH_SERVER + "/oauth/authorize?response_type=code&client_id=" + clientId + "&redirect_uri=" + redirectUrl; final String tokenUrl = AUTH_SERVER + "/oauth/token"; // user login Response response = RestAssured.given().formParams("username", username, "password", password).post(AUTH_SERVER + "/login"); final String cookieValue = response.getCookie("JSESSIONID"); // get authorization code System.out.println(RestAssured.given().cookie("JSESSIONID", cookieValue).get(authorizeUrl).asString()); Map<String, String> params = new HashMap<String, String>(); params.put("user_oauth_approval", "true"); params.put("authorize", "Authorize"); params.put("scope.read", "true"); params.put("scope.foo", "true"); response = RestAssured.given().cookie("JSESSIONID", cookieValue).formParams(params).post(authorizeUrl); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String location = response.getHeader(HttpHeaders.LOCATION); final String code = location.substring(location.indexOf("code=") + 5); // get access token params = new HashMap<String, String>(); params.put("grant_type", "authorization_code"); params.put("code", code); params.put("client_id", clientId); params.put("redirect_uri", redirectUrl); response = RestAssured.given().auth().basic(clientId, "secret").formParams(params).post(tokenUrl); return response.jsonPath().getString("access_token"); }
Example 9
Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 5 votes |
@Test public void requestWithCookieOnlyShouldFail() { Response response = initiateSession(); String sessionId = response.getCookie(SESSION_COOKIE_NAME); String token = response.getCookie(XSRF_COOKIE_NAME); givenRelaxedSSL() .cookie(SESSION_COOKIE_NAME, sessionId) .and() .cookie(XSRF_COOKIE_NAME, token) .expect() .statusCode(403) .when() .get(baseUrl + "/xsrf-protected-with-session"); }
Example 10
Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 5 votes |
@Test public void requestWithHeaderOnlyShouldFail() { Response response = initiateSession(); String sessionId = response.getCookie(SESSION_COOKIE_NAME); String token = response.getCookie(XSRF_COOKIE_NAME); givenRelaxedSSL() .cookie(SESSION_COOKIE_NAME, sessionId) .and() .header(XSRF_HEADER_NAME, token) .expect() .statusCode(403) .when() .get(baseUrl + "/xsrf-protected-with-session"); }
Example 11
Source File: AppControllerIntegrationTest.java From tutorials with MIT License | 5 votes |
@Test public void whenCallingWelcomeEndpoint_thenCorrect() { get(uri + "/welcome").then() .assertThat() .header("sessionId", notNullValue()) .cookie("token", notNullValue()); Response response = get(uri + "/welcome"); String headerName = response.getHeader("sessionId"); String cookieValue = response.getCookie("token"); assertThat(headerName).isNotBlank(); assertThat(cookieValue).isNotBlank(); }
Example 12
Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 4 votes |
private String obtainAccessTokenWithAuthorizationCode(String username, String password) { String authorizeUrl = AUTH_SERVER + "/auth"; String tokenUrl = AUTH_SERVER + "/token"; Map<String, String> loginParams = new HashMap<String, String>(); loginParams.put("client_id", CLIENT_ID); loginParams.put("response_type", "code"); loginParams.put("redirect_uri", REDIRECT_URL); loginParams.put("scope", "read write"); // user login Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl); String cookieValue = response.getCookie("AUTH_SESSION_ID"); String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action"); // get code Map<String, String> codeParams = new HashMap<String, String>(); codeParams.put("username", username); codeParams.put("password", password); response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(codeParams) .post(authUrlWithCode); final String location = response.getHeader(HttpHeaders.LOCATION); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String code = location.split("#|=|&")[3]; //get access token Map<String, String> tokenParams = new HashMap<String, String>(); tokenParams.put("grant_type", "authorization_code"); tokenParams.put("client_id", CLIENT_ID); tokenParams.put("client_secret", CLIENT_SECRET); tokenParams.put("redirect_uri", REDIRECT_URL); tokenParams.put("code", code); response = RestAssured.given().formParams(tokenParams) .post(tokenUrl); return response.jsonPath().getString("access_token"); }
Example 13
Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 4 votes |
private String obtainAccessTokenWithAuthorizationCode(String username, String password) { String authorizeUrl = AUTH_SERVER + "/auth"; String tokenUrl = AUTH_SERVER + "/token"; Map<String, String> loginParams = new HashMap<String, String>(); loginParams.put("client_id", CLIENT_ID); loginParams.put("response_type", "code"); loginParams.put("redirect_uri", REDIRECT_URL); loginParams.put("scope", "read write"); // user login Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl); String cookieValue = response.getCookie("AUTH_SESSION_ID"); String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action"); // get code Map<String, String> codeParams = new HashMap<String, String>(); codeParams.put("username", username); codeParams.put("password", password); response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(codeParams) .post(authUrlWithCode); final String location = response.getHeader(HttpHeaders.LOCATION); assertEquals(HttpStatus.FOUND.value(), response.getStatusCode()); final String code = location.split("#|=|&")[3]; //get access token Map<String, String> tokenParams = new HashMap<String, String>(); tokenParams.put("grant_type", "authorization_code"); tokenParams.put("client_id", CLIENT_ID); tokenParams.put("client_secret", CLIENT_SECRET); tokenParams.put("redirect_uri", REDIRECT_URL); tokenParams.put("code", code); response = RestAssured.given().formParams(tokenParams) .post(tokenUrl); return response.jsonPath().getString("access_token"); }