如何使用uid密钥和密钥检索令牌来实现Java Rest-Assured API身份验证?
我熟悉rest-assured,但现在我必须验证需要身份验证的POST-API请求调用。开发人员提供uid密钥和secret密钥从服务器检索令牌,然后使用rest-assured将其用于POST-API请求。 我尝试了两种选择,但都没有成功。我应该使用oauth路标吗?非常感谢您的帮助或指导。谢谢如何使用uid密钥和密钥检索令牌来实现Java Rest-Assured API身份验证?,java,api,rest,token,rest-assured,Java,Api,Rest,Token,Rest Assured,我熟悉rest-assured,但现在我必须验证需要身份验证的POST-API请求调用。开发人员提供uid密钥和secret密钥从服务器检索令牌,然后使用rest-assured将其用于POST-API请求。 我尝试了两种选择,但都没有成功。我应该使用oauth路标吗?非常感谢您的帮助或指导。谢谢 information provided by dev uid: xxxxxxxxxxxxxxxxx secret: wwwwwwwwwwwwwww POST /api/v1/gardners.jso
information provided by dev
uid: xxxxxxxxxxxxxxxxx
secret: wwwwwwwwwwwwwww
POST /api/v1/gardners.json
{
"gardner": {
"email": "test@test.com",
"name": "John Doe",
"password": "12345678",
"password_confirmation": "12345678",
"phone": "555-555-5555",
"status": "active",
"address": "Street Name",
"zipcode": "99999",
"add_state": "CA",
"city": "Los Angeles",
"region_id": "2",
"shirt_size": "S",
"payment_info": "some info",
"birthday": "date",
"inactive_date": "datetime",
"certification_date" : "datetime",
"calendar_base_id" : 5,
"rating" : 5
}}
我不知道Rest Assured是如何做到这一点的,但必须有一种身份验证机制。首先要了解的是什么样的身份验证已经到位。是“基本”还是“摘要”?如果只是基于头值或cookie,那么您只需要使用正确的值设置头值或cookie,并确保Rest Assured客户端在发出请求时使用这些值 首先,您需要了解现有的身份验证,然后查看Rest Assured文档了解如何做到这一点
对我来说,我更喜欢在较低的级别上工作,我使用Apache HttpClient,它允许我配置与通信协议、身份验证以及头和cookie值有关的所有内容。我使用一个对象来提供身份验证的详细信息。然后我使用该对象来配置客户端生成器
public class AuthenticationConfiguration {
public enum AuthenticationType {
Basic, Digest
}
private AuthenticationType authenticationType = AuthenticationType.Basic;
public AuthenticationType getAuthenticationType() {
return authenticationType;
}
private String userName;
private String password;
public AuthenticationConfiguration(final AuthenticationType authenticationType,
final String userName, final String password) {
this.authenticationType = authenticationType;
this.userName = userName;
this.password = password;
}
public String getUserName() {
return userName;
}
public String getPassword() {
return password;
}
public void setAuthenticationType(AuthenticationType authenticationType) {
this.authenticationType = authenticationType;
}
public void setUserName(String userName) {
this.userName = userName;
}
public void setPassword(String password) {
this.password = password;
}
}
// Create an HttpClient with the given custom dependencies and
// configuration.
final HttpClientBuilder clientBuilder = HttpClients.custom();
if (authenticationConfig != null) {
// Use custom credentials provider if necessary.
// See http://hc.apache.org/httpcomponents-client-4.4.x/tutorial/html/authentication.html
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
final UsernamePasswordCredentials creds =
new UsernamePasswordCredentials(authenticationConfig.getUserName(),
authenticationConfig.getPassword());
credentialsProvider.setCredentials(AuthScope.ANY, creds);
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
final RegistryBuilder<AuthSchemeProvider> registryBuilder = RegistryBuilder.create();
if (authenticationConfig.getAuthenticationType() == AuthenticationType.Basic) {
registryBuilder.register(AuthSchemes.BASIC, new BasicSchemeFactory());
requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC));
} else if (authenticationConfig.getAuthenticationType() == AuthenticationType.Digest) {
registryBuilder.register(AuthSchemes.DIGEST, new DigestSchemeFactory());
requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.DIGEST));
}
clientBuilder.setDefaultAuthSchemeRegistry(registryBuilder.build());
}
公共类身份验证配置{
公共枚举身份验证类型{
基础,摘要
}
私有AuthenticationType AuthenticationType=AuthenticationType.Basic;
公共身份验证类型getAuthenticationType(){
返回authenticationType;
}
私有字符串用户名;
私有字符串密码;
公共AuthenticationConfiguration(最终AuthenticationType AuthenticationType,
最终字符串用户名、最终字符串密码){
this.authenticationType=authenticationType;
this.userName=用户名;
this.password=密码;
}
公共字符串getUserName(){
返回用户名;
}
公共字符串getPassword(){
返回密码;
}
public void setAuthenticationType(AuthenticationType AuthenticationType){
this.authenticationType=authenticationType;
}
public void setUserName(字符串用户名){
this.userName=用户名;
}
public void setPassword(字符串密码){
this.password=密码;
}
}
//使用给定的自定义依赖项和
//配置。
最终HttpClientBuilder clientBuilder=HttpClients.custom();
如果(authenticationConfig!=null){
//如有必要,请使用自定义凭据提供程序。
//看http://hc.apache.org/httpcomponents-client-4.4.x/tutorial/html/authentication.html
最终凭证提供程序凭证提供程序=新的基本凭证提供程序();
最终用户名密码凭据凭据凭据=
新用户名密码凭据(authenticationConfig.getUserName(),
authenticationConfig.getPassword());
credentialsProvider.setCredentials(AuthScope.ANY,creds);
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
最终RegistryBuilder RegistryBuilder=RegistryBuilder.create();
如果(authenticationConfig.getAuthenticationType()==AuthenticationType.Basic){
registryBuilder.register(AuthSchemes.BASIC,new BasicSchemeFactory());
requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC));
}else if(authenticationConfig.getAuthenticationType()==AuthenticationType.Digest){
registeryBuilder.register(AuthSchemes.DIGEST,new-DigestSchemeFactory());
requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.DIGEST));
}
setDefaultAuthSchemeRegistry(registryBuilder.build());
}
非常感谢Martin!!