Check and retrieve OAuth Token at project startup
Howdie,
I'm a little bit blured into the documentation of SmartBear.
I need to use an Access Token for some of my Webservice projects that are configured according our FSP.
My Flow = Client Credentials Grant
I've been able to add the token manually for each REST Request, but I'm searching for a way to make a check on the beginning of the project. As the projects will be put on Jenkins and Jenkins doesn't look at anything (it's basically just grabbing the code and executing it) I should need a kind of groovy code or something that starts the listeners at the beginning of each projects to check if the Token is still valid. If not ask for a new one before executing the testcases.
So I've added an Event "SubmitListener.beforeSubmit" with the code that I've found online.
I've added this Event to all my projects but it doesn't seem to check if the Token is still valid.
Maybe this code isn't usefull for this?
// Import the required classes
import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade
import com.eviware.soapui.support.editor.inspectors.auth.TokenType
import com.eviware.soapui.model.support.ModelSupport
def authProfileName = "FODBOSA_PDC"
if(!submit.getRequest().getAuthType().asBoolean()){
return // stop if the auth type is null, for example jdbc requests
}else if(submit.getRequest().getActiveAuthProfile() == null){
return // stop if the auth profile is null
}else if(authProfileName == submit.getRequest().getActiveAuthProfile().getName()){
// Set up variables
def project = ModelSupport.getModelItemProject(context.getModelItem())
def authProfile = project.getAuthRepository().getEntry(authProfileName)
def oldToken = authProfile.getAccessToken()
def tokenType = TokenType.ACCESS
// Create a facade object
def oAuthFacade = new OltuOAuth2ClientFacade(tokenType)
// Request an access token in headless mode
oAuthFacade.requestAccessToken(authProfile, true, true)
// Wait until the access token gets updated
//while(oldToken == authProfile.getAccessToken()) {}
//The sleep method can be used instead of a while loop
//sleep(3000)
for(int i = 0; i<=3000; i++){
if(oldToken != authProfile.getAccessToken()){
break
}
sleep(1)
}
// Post the info to the log
log.info("Set new token: " + authProfile.getAccessToken())
}
Documentation about OAuth on SmartBear talks about ".... uses JavaScript to simulate user actions against the webpage" . Do I really need to understand it like a 'browser that opens a webpage' action? because if we're talking API's I don't see where this fit in?
Then the documentation talks about an 'Authorization' and a 'Consent code' followed by an eventually "Calling the Automated Retrieval Procedure". I don't see how this is relevant for API's, how I can adapt/use this for my case. Well ... that is, the last part could be usefull as there is a Listener in it, but then again the code is talking about a login name and password.....
I've also read the implementation with Jenkins, but I doubt that the coding there will be used to check/retrieve new Tokens.
Is there someone who already have tried to automate the Token retrieval?
thanks in advance for your time reading all this :-)
Is there anything in the error log after you send a request from one of you tests cases? I copied that script and after I updated the profile name my token in auth manager was updated when I sent a request.
Also the token name in the script does not match the token in the screen shot. Are these just from different projects?
Side note:
If you have multiple tokens for the same project take a look at this post. That script will update all the tokens for the current project. You may have to modify the scope of the "project" variable depending on what type of event you select.
