Java Code Examples for io.restassured.response.Response#getCookie()
The following examples show how to use
io.restassured.response.Response#getCookie() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ImplicitFlowLiveTest.java From spring-security-oauth with MIT License | 6 votes |
|
private String obtainAccessToken(String clientId, String username, String password) {
final String redirectUrl = "http://www.example.com";
final String authorizeUrl = AUTH_SERVER + "/oauth/authorize";
// user login
Response response = RestAssured.given().formParams("username", username, "password", password).post(AUTH_SERVER + "/login");
final String cookieValue = response.getCookie("JSESSIONID");
// get access token
final Map<String, String> params = new HashMap<String, String>();
params.put("response_type", "token");
params.put("client_id", clientId);
params.put("redirect_uri", redirectUrl);
response = RestAssured.given().cookie("JSESSIONID", cookieValue).formParams(params).post(authorizeUrl);
final String location = response.getHeader(HttpHeaders.LOCATION);
System.out.println("Location => " + location);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String accessToken = location.split("#|=|&")[2];
return accessToken;
}
Example 2
| Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 6 votes |
|
@Test
public void requestWithCookieAndHeaderShouldSucceed() {
Response response = initiateSession();
String sessionId = response.getCookie(SESSION_COOKIE_NAME);
String token = response.getCookie(XSRF_COOKIE_NAME);
givenRelaxedSSL()
.cookie(SESSION_COOKIE_NAME, sessionId)
.and()
.cookie(XSRF_COOKIE_NAME, token)
.and()
.header(XSRF_HEADER_NAME, token)
.expect()
.statusCode(200)
.when()
.get(baseUrl + "/xsrf-protected-with-session");
}
Example 3
| Source File: SessionLiveTest.java From tutorials with MIT License | 6 votes |
|
@Test
public void givenAuthorizedUser_whenDeleteSession_thenUnauthorized() {
// authorize User
Response response = RestAssured.given().auth().preemptive().basic("user", "userPass").get(API_URI);
assertEquals(HttpStatus.OK.value(), response.getStatusCode());
final String sessionCookie = response.getCookie("SESSION");
// check redis
final Set<String> redisResult = jedis.keys("*");
assertTrue(redisResult.size() > 0);
// login with cookie
response = RestAssured.given().cookie("SESSION", sessionCookie).get(API_URI);
assertEquals(HttpStatus.OK.value(), response.getStatusCode());
// empty redis
jedis.flushAll();
// login with cookie again
response = RestAssured.given().cookie("SESSION", sessionCookie).get(API_URI);
assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatusCode());
}
Example 4
| Source File: UserInfoEndpointLiveTest.java From tutorials with MIT License | 6 votes |
|
private String obtainAccessTokenUsingAuthorizationCodeFlow(String username, String password) {
final String authServerUri = "http://localhost:8081/auth";
final String redirectUrl = "http://www.example.com/";
final String authorizeUrl = authServerUri + "/oauth/authorize?response_type=code&client_id=SampleClientId&redirect_uri=" + redirectUrl;
final String tokenUrl = authServerUri + "/oauth/token";
// user login
Response response = RestAssured.given().formParams("username", username, "password", password).post(authServerUri + "/login");
final String cookieValue = response.getCookie("JSESSIONID");
// get authorization code
RestAssured.given().cookie("JSESSIONID", cookieValue).get(authorizeUrl);
response = RestAssured.given().cookie("JSESSIONID", cookieValue).post(authorizeUrl);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String location = response.getHeader(HttpHeaders.LOCATION);
final String code = location.substring(location.indexOf("code=") + 5);
// get access token
Map<String, String> params = new HashMap<String, String>();
params.put("grant_type", "authorization_code");
params.put("code", code);
params.put("client_id", "SampleClientId");
params.put("redirect_uri", redirectUrl);
response = RestAssured.given().auth().basic("SampleClientId", "secret").formParams(params).post(tokenUrl);
return response.jsonPath().getString("access_token");
}
Example 5
| Source File: ImplicitFlowLiveTest.java From spring-security-oauth with MIT License | 5 votes |
|
private String obtainAccessToken(String clientId, String username, String password) {
String authorizeUrl = AUTH_SERVER + "/auth";
Map<String, String> loginParams = new HashMap<String, String>();
loginParams.put("grant_type", "implicit");
loginParams.put("client_id", clientId);
loginParams.put("response_type", "token");
loginParams.put("redirect_uri", REDIRECT_URL);
loginParams.put("scope", "read write");
// user login
Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl);
String cookieValue = response.getCookie("AUTH_SESSION_ID");
String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action");
// get access token
Map<String, String> tokenParams = new HashMap<String, String>();
tokenParams.put("username", username);
tokenParams.put("password", password);
tokenParams.put("client_id", clientId);
tokenParams.put("redirect_uri", REDIRECT_URL);
response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(tokenParams)
.post(authUrlWithCode);
final String location = response.getHeader(HttpHeaders.LOCATION);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String accessToken = location.split("#|=|&")[4];
return accessToken;
}
Example 6
| Source File: AuthorizationServerLiveTest.java From spring-security-oauth with MIT License | 5 votes |
|
private String obtainAccessToken() {
final String redirectUrl = "http://localhost:8082/jwt-client/login/oauth2/code/custom";
final String authorizeUrl = "http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/auth?response_type=code&client_id=jwtClient&scope=read&redirect_uri="
+ redirectUrl;
final String tokenUrl = "http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/token";
// obtain authentication url with custom codes
Response response = RestAssured.given().redirects().follow(false).get(authorizeUrl);
String authSessionId = response.getCookie("AUTH_SESSION_ID");
String kcPostAuthenticationUrl = response.asString().split("action=\"")[1].split("\"")[0].replace("&", "&");
// obtain authentication code and state
response = RestAssured.given().redirects().follow(false).cookie("AUTH_SESSION_ID", authSessionId)
.formParams("username", "[email protected]", "password", "123", "credentialId", "")
.post(kcPostAuthenticationUrl);
assertThat(HttpStatus.FOUND.value()).isEqualTo(response.getStatusCode());
// extract authorization code
String location = response.getHeader(HttpHeaders.LOCATION);
String code = location.split("code=")[1].split("&")[0];
// get access token
Map<String, String> params = new HashMap<String, String>();
params.put("grant_type", "authorization_code");
params.put("code", code);
params.put("client_id", "jwtClient");
params.put("redirect_uri", redirectUrl);
params.put("client_secret", "jwtClientSecret");
response = RestAssured.given().formParams(params).post(tokenUrl);
return response.jsonPath().getString("access_token");
}
Example 7
| Source File: ResourceServerLiveTest.java From spring-security-oauth with MIT License | 5 votes |
|
private String obtainAccessToken(String scopes) {
// obtain authentication url with custom codes
Response response = RestAssured.given()
.redirects()
.follow(false)
.get(String.format(authorizeUrlPattern, scopes));
String authSessionId = response.getCookie("AUTH_SESSION_ID");
String kcPostAuthenticationUrl = response.asString()
.split("action=\"")[1].split("\"")[0].replace("&", "&");
// obtain authentication code and state
response = RestAssured.given()
.redirects()
.follow(false)
.cookie("AUTH_SESSION_ID", authSessionId)
.formParams("username", "[email protected]", "password", "123", "credentialId", "")
.post(kcPostAuthenticationUrl);
assertThat(HttpStatus.FOUND.value()).isEqualTo(response.getStatusCode());
// extract authorization code
String location = response.getHeader(HttpHeaders.LOCATION);
String code = location.split("code=")[1].split("&")[0];
// get access token
Map<String, String> params = new HashMap<String, String>();
params.put("grant_type", "authorization_code");
params.put("code", code);
params.put("client_id", "jwtClient");
params.put("redirect_uri", redirectUrl);
params.put("client_secret", "jwtClientSecret");
response = RestAssured.given()
.formParams(params)
.post(tokenUrl);
return response.jsonPath()
.getString("access_token");
}
Example 8
| Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 5 votes |
|
private String obtainAccessTokenWithAuthorizationCode(String clientId, String username, String password) {
final String redirectUrl = "http://www.example.com";
final String authorizeUrl = AUTH_SERVER + "/oauth/authorize?response_type=code&client_id=" + clientId + "&redirect_uri=" + redirectUrl;
final String tokenUrl = AUTH_SERVER + "/oauth/token";
// user login
Response response = RestAssured.given().formParams("username", username, "password", password).post(AUTH_SERVER + "/login");
final String cookieValue = response.getCookie("JSESSIONID");
// get authorization code
System.out.println(RestAssured.given().cookie("JSESSIONID", cookieValue).get(authorizeUrl).asString());
Map<String, String> params = new HashMap<String, String>();
params.put("user_oauth_approval", "true");
params.put("authorize", "Authorize");
params.put("scope.read", "true");
params.put("scope.foo", "true");
response = RestAssured.given().cookie("JSESSIONID", cookieValue).formParams(params).post(authorizeUrl);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String location = response.getHeader(HttpHeaders.LOCATION);
final String code = location.substring(location.indexOf("code=") + 5);
// get access token
params = new HashMap<String, String>();
params.put("grant_type", "authorization_code");
params.put("code", code);
params.put("client_id", clientId);
params.put("redirect_uri", redirectUrl);
response = RestAssured.given().auth().basic(clientId, "secret").formParams(params).post(tokenUrl);
return response.jsonPath().getString("access_token");
}
Example 9
| Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 5 votes |
|
@Test
public void requestWithCookieOnlyShouldFail() {
Response response = initiateSession();
String sessionId = response.getCookie(SESSION_COOKIE_NAME);
String token = response.getCookie(XSRF_COOKIE_NAME);
givenRelaxedSSL()
.cookie(SESSION_COOKIE_NAME, sessionId)
.and()
.cookie(XSRF_COOKIE_NAME, token)
.expect()
.statusCode(403)
.when()
.get(baseUrl + "/xsrf-protected-with-session");
}
Example 10
| Source File: XsrfIT.java From seed with Mozilla Public License 2.0 | 5 votes |
|
@Test
public void requestWithHeaderOnlyShouldFail() {
Response response = initiateSession();
String sessionId = response.getCookie(SESSION_COOKIE_NAME);
String token = response.getCookie(XSRF_COOKIE_NAME);
givenRelaxedSSL()
.cookie(SESSION_COOKIE_NAME, sessionId)
.and()
.header(XSRF_HEADER_NAME, token)
.expect()
.statusCode(403)
.when()
.get(baseUrl + "/xsrf-protected-with-session");
}
Example 11
| Source File: AppControllerIntegrationTest.java From tutorials with MIT License | 5 votes |
|
@Test
public void whenCallingWelcomeEndpoint_thenCorrect() {
get(uri + "/welcome").then()
.assertThat()
.header("sessionId", notNullValue())
.cookie("token", notNullValue());
Response response = get(uri + "/welcome");
String headerName = response.getHeader("sessionId");
String cookieValue = response.getCookie("token");
assertThat(headerName).isNotBlank();
assertThat(cookieValue).isNotBlank();
}
Example 12
| Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 4 votes |
|
private String obtainAccessTokenWithAuthorizationCode(String username, String password) {
String authorizeUrl = AUTH_SERVER + "/auth";
String tokenUrl = AUTH_SERVER + "/token";
Map<String, String> loginParams = new HashMap<String, String>();
loginParams.put("client_id", CLIENT_ID);
loginParams.put("response_type", "code");
loginParams.put("redirect_uri", REDIRECT_URL);
loginParams.put("scope", "read write");
// user login
Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl);
String cookieValue = response.getCookie("AUTH_SESSION_ID");
String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action");
// get code
Map<String, String> codeParams = new HashMap<String, String>();
codeParams.put("username", username);
codeParams.put("password", password);
response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(codeParams)
.post(authUrlWithCode);
final String location = response.getHeader(HttpHeaders.LOCATION);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String code = location.split("#|=|&")[3];
//get access token
Map<String, String> tokenParams = new HashMap<String, String>();
tokenParams.put("grant_type", "authorization_code");
tokenParams.put("client_id", CLIENT_ID);
tokenParams.put("client_secret", CLIENT_SECRET);
tokenParams.put("redirect_uri", REDIRECT_URL);
tokenParams.put("code", code);
response = RestAssured.given().formParams(tokenParams)
.post(tokenUrl);
return response.jsonPath().getString("access_token");
}
Example 13
| Source File: AuthorizationCodeLiveTest.java From spring-security-oauth with MIT License | 4 votes |
|
private String obtainAccessTokenWithAuthorizationCode(String username, String password) {
String authorizeUrl = AUTH_SERVER + "/auth";
String tokenUrl = AUTH_SERVER + "/token";
Map<String, String> loginParams = new HashMap<String, String>();
loginParams.put("client_id", CLIENT_ID);
loginParams.put("response_type", "code");
loginParams.put("redirect_uri", REDIRECT_URL);
loginParams.put("scope", "read write");
// user login
Response response = RestAssured.given().formParams(loginParams).get(authorizeUrl);
String cookieValue = response.getCookie("AUTH_SESSION_ID");
String authUrlWithCode = response.htmlPath().getString("'**'.find{node -> node.name()=='form'}*.@action");
// get code
Map<String, String> codeParams = new HashMap<String, String>();
codeParams.put("username", username);
codeParams.put("password", password);
response = RestAssured.given().cookie("AUTH_SESSION_ID", cookieValue).formParams(codeParams)
.post(authUrlWithCode);
final String location = response.getHeader(HttpHeaders.LOCATION);
assertEquals(HttpStatus.FOUND.value(), response.getStatusCode());
final String code = location.split("#|=|&")[3];
//get access token
Map<String, String> tokenParams = new HashMap<String, String>();
tokenParams.put("grant_type", "authorization_code");
tokenParams.put("client_id", CLIENT_ID);
tokenParams.put("client_secret", CLIENT_SECRET);
tokenParams.put("redirect_uri", REDIRECT_URL);
tokenParams.put("code", code);
response = RestAssured.given().formParams(tokenParams)
.post(tokenUrl);
return response.jsonPath().getString("access_token");
}
