Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass Authorization Token/Cookie Headers. #7

Open
siddhantrawal opened this issue Jun 12, 2023 · 1 comment
Open

Pass Authorization Token/Cookie Headers. #7

siddhantrawal opened this issue Jun 12, 2023 · 1 comment
Labels
documentation Improvements or additions to documentation question Further information is requested

Comments

@siddhantrawal
Copy link

Not all the test cases mentioned in the documentation are present in the generated report like the ones starting with scopes and related to OAuth.

Is there any way to check if the information provided inside the info.json and auth.json is correct and was used successfully to run appropriate test cases?

Can the dev environment be tested using an authorization token with cookies as headers? I need to run it like a simple curl command curl -X GET [API_LINK] -H "Authorization: Bearer [token]" --cookie "Name=Value"
@heinezen
Copy link
Collaborator

Hey thanks for checking out the tool!

Not all the test cases mentioned in the documentation are present in the generated report like the ones starting with scopes and related to OAuth.

The report always contains all generated tests, even if they failed, were aborted or were skipped. If you don't see the IDs for the test cases you are interested in (like scopes.TestTokenRequestScopeOmit), then they were not generated. You could also test if any results are produced for a specific test case by naming it via the --test-cases parameter in the CLI prompt (see here).

Is there any way to check if the information provided inside the info.json and auth.json is correct and was used successfully to run appropriate test cases?

I assume with "correct" you mean that they are used by the tool? You should see that in the log file starting with a message like Starting: Loading service configuration.. Created auth parameters are logged and should appear in log messages with their ID (if they have one).

Generators will always use any auth parameters they can find, so as long as your configs can be parsed, they should be used to generate test cases.

Can the dev environment be tested using an authorization token with cookies as headers? I need to run it like a simple curl command curl -X GET [API_LINK] -H "Authorization: Bearer [token]" --cookie "Name=Value"

I guess you mean that you want to add an additional header Cookie: Name=Value to the requests (in addition to Authorization)? There is an option to add custom headers to every request, but I don't think it is accessible via the CLI. Custom headers for specific requests are supported when using your own run config where you can pass the header values in the kwargs field of the request_info. I think something like

"kwargs" : {
    "cookies": {
        "YourName": "YourValue"
    }
}

would also do the trick. The kwargs are arguments passed to the requests library which will format the cookies for you. The only downside is that you have write the run manually and can't rely on a generator.

@heinezen heinezen added documentation Improvements or additions to documentation question Further information is requested labels Jun 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@heinezen @siddhantrawal