RestAssured oAuth2 http 状态代码 401
RestAssured oAuth2 http status code 401
我正在尝试使用 RestAssured 库和 Spring MVC REST oAuth2 安全端点实施集成测试。
这是我的测试:
@Test
public void testCreateDecision() throws Exception {
File createDecisionJsonFile = ResourceUtils.getFile(getClass().getResource("/json/decisions/create-decision.json"));
// @formatter:off
final String createDecisionRequest = FileUtils.readFileToString(createDecisionJsonFile)
.replace("{{name}}", "Test decision name")
.replace("{{description}}", "Test decision description");
// @formatter:on
String accessToken = getAccessToken("user", "user");
// @formatter:off
given()
.auth()
.oauth2(accessToken, OAuthSignature.HEADER)
.body(createDecisionRequest)
.contentType("application/json; charset=UTF-8")
.when()
.post(format("http://localhost:%d/api/v1.0/decisions/create", port))
.then()
.statusCode(200)
.contentType(ContentType.JSON)
.body("id", notNullValue())
.body("createDate", notNullValue());
// @formatter:on
}
accessToken 有效,但我不断收到 401 http 代码。
我的代码可能有什么问题?
我已经使用 OAuth2RestTemplate 重新实现了我的测试:
ResourceOwnerPasswordResourceDetails resourceDetails = new ResourceOwnerPasswordResourceDetails();
resourceDetails.setUsername("user");
resourceDetails.setPassword("user");
resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
resourceDetails.setClientId("clientapp");
resourceDetails.setClientSecret("123456");
resourceDetails.setGrantType("password");
resourceDetails.setScope(asList("read", "write"));
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
auth2RestTemplate.setMessageConverters(asList(new MappingJackson2HttpMessageConverter()));
Assert.assertNotNull(auth2RestTemplate.getAccessToken());
DecisionRequest decisionRequest = new DecisionRequest(name, description, parentDecisionId);
auth2RestTemplate.postForObject(format("http://localhost:%d/api/v1.0/decisions/create", port), decisionRequest, Decision.class);
我知道这是一个旧的 post,但只是想记录下来以防其他人需要答案。
我能够使用以下格式实施:
首先检索令牌(在我的例子中,我没有存储用户令牌,只是在每次测试之前得到它们)
// we need to get the oauth token before we can perform the request
private void authenticateUser(String username, String password) {
String response =
given()
.parameters("username", username, "password", password,
"grant_type", "password", "scope", "read write",
"client_id", "clientapp", "client_secret", "123456")
.auth()
.preemptive()
.basic("clientapp","123456")
.when()
.post("/oauth/token")
.asString();
JsonPath jsonPath = new JsonPath(response);
accessToken = jsonPath.getString("access_token");
}
他们在测试中使用了检索到的令牌:
@Test
public void testGetUserDefaultUserOwner() {
authenticateUser(testData.user1.getLogin(), "1");
User user =
given()
.auth().oauth2(accessToken)
.contentType(ContentType.JSON)
.accept(ContentType.JSON)
.expect()
.log().all()
.statusCode(HttpStatus.OK.value())
.when()
.get(USER_RESOURCE, testData.user1.getId())
.as(User.class);
assertThat(user).isEqualTo(testData.user1);
}
我在测试中使用 Restassured 和 AssertJ,在 Rest API 中使用带有 OAuth2 的 SpringBoot。
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://example.com/404/index.html">here</a>.</p>
</body></html>
我正在尝试使用 RestAssured 库和 Spring MVC REST oAuth2 安全端点实施集成测试。
这是我的测试:
@Test
public void testCreateDecision() throws Exception {
File createDecisionJsonFile = ResourceUtils.getFile(getClass().getResource("/json/decisions/create-decision.json"));
// @formatter:off
final String createDecisionRequest = FileUtils.readFileToString(createDecisionJsonFile)
.replace("{{name}}", "Test decision name")
.replace("{{description}}", "Test decision description");
// @formatter:on
String accessToken = getAccessToken("user", "user");
// @formatter:off
given()
.auth()
.oauth2(accessToken, OAuthSignature.HEADER)
.body(createDecisionRequest)
.contentType("application/json; charset=UTF-8")
.when()
.post(format("http://localhost:%d/api/v1.0/decisions/create", port))
.then()
.statusCode(200)
.contentType(ContentType.JSON)
.body("id", notNullValue())
.body("createDate", notNullValue());
// @formatter:on
}
accessToken 有效,但我不断收到 401 http 代码。 我的代码可能有什么问题?
我已经使用 OAuth2RestTemplate 重新实现了我的测试:
ResourceOwnerPasswordResourceDetails resourceDetails = new ResourceOwnerPasswordResourceDetails();
resourceDetails.setUsername("user");
resourceDetails.setPassword("user");
resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
resourceDetails.setClientId("clientapp");
resourceDetails.setClientSecret("123456");
resourceDetails.setGrantType("password");
resourceDetails.setScope(asList("read", "write"));
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
auth2RestTemplate.setMessageConverters(asList(new MappingJackson2HttpMessageConverter()));
Assert.assertNotNull(auth2RestTemplate.getAccessToken());
DecisionRequest decisionRequest = new DecisionRequest(name, description, parentDecisionId);
auth2RestTemplate.postForObject(format("http://localhost:%d/api/v1.0/decisions/create", port), decisionRequest, Decision.class);
我知道这是一个旧的 post,但只是想记录下来以防其他人需要答案。 我能够使用以下格式实施:
首先检索令牌(在我的例子中,我没有存储用户令牌,只是在每次测试之前得到它们)
// we need to get the oauth token before we can perform the request
private void authenticateUser(String username, String password) {
String response =
given()
.parameters("username", username, "password", password,
"grant_type", "password", "scope", "read write",
"client_id", "clientapp", "client_secret", "123456")
.auth()
.preemptive()
.basic("clientapp","123456")
.when()
.post("/oauth/token")
.asString();
JsonPath jsonPath = new JsonPath(response);
accessToken = jsonPath.getString("access_token");
}
他们在测试中使用了检索到的令牌:
@Test
public void testGetUserDefaultUserOwner() {
authenticateUser(testData.user1.getLogin(), "1");
User user =
given()
.auth().oauth2(accessToken)
.contentType(ContentType.JSON)
.accept(ContentType.JSON)
.expect()
.log().all()
.statusCode(HttpStatus.OK.value())
.when()
.get(USER_RESOURCE, testData.user1.getId())
.as(User.class);
assertThat(user).isEqualTo(testData.user1);
}
我在测试中使用 Restassured 和 AssertJ,在 Rest API 中使用带有 OAuth2 的 SpringBoot。
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://example.com/404/index.html">here</a>.</p>
</body></html>