Forum Discussion

telong's avatar
telong
New Contributor
9 years ago

OATH2 Authentication - can "get ID Token" be automated in testing?

I have oath2 authentication configured and have setup correct automation scripts. It works perfectly for setting up the access token.  Furthermore, I can access this token within a groovy script by the following:

 

1) def authEntry = context.getCurrentStep().testCase.testSuite.project.getAuthRepository().getEntry("myProfile");

 

2) authEntry.getAccessToken()

 

The problem I have is that I also need the ID Token.  So, for the above code, "authEntry.getIdToken()" will not return a value unless I go to the authorization tab on a rest test step and manually click on the "get ID Token" button.  

 

Once I manually click on this button, the ID Token will be available in the authentication repository object for "myProfile", and calling "authEntry.getIdToken()" returns the expected value.  From what I can tell, this is not automated. 

 

Is there something I'm missing for automatically population of the authorization profile's ID Token attribute?

  • Found a solution from SmartBear.  Posting to help others.  Here is the reply... worked perfectly for me.  Put this code into a groovy step.  I had to modify the profileName retrieval line but it worked exactly as-is otherwise.

     

    --------------  Begin Code snippet ----------------

     

    import com.eviware.soapui.support.editor.inspectors.auth.TokenType
    import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade

    def authContainer = testRunner.testCase.testSuite.project.OAuth2ProfileContainer
    // Get OAuth2 profile name
    def profileName = context.expand( '${#Project#profileName}' )
    def authProfile = authContainer.getProfileByName(profileName)

    def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID)  //TokenType.ID gets the ID token
    clientFacade.requestAccessToken(authProfile, true)
    def accessToken = authProfile.getAccessToken()

    -------------------  End code snippet -----------------------

     

    Additionally, there is this for just the access token (From SmartBear):

    You can get the access token by using  the Groovy script above and replacing def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID) with def clientFacade = new OltuOAuth2ClientFacade(TokenType BEARER) to get the access token instead of the id token.

     

     

  • telong's avatar
    telong
    New Contributor

    Found a solution from SmartBear.  Posting to help others.  Here is the reply... worked perfectly for me.  Put this code into a groovy step.  I had to modify the profileName retrieval line but it worked exactly as-is otherwise.

     

    --------------  Begin Code snippet ----------------

     

    import com.eviware.soapui.support.editor.inspectors.auth.TokenType
    import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade

    def authContainer = testRunner.testCase.testSuite.project.OAuth2ProfileContainer
    // Get OAuth2 profile name
    def profileName = context.expand( '${#Project#profileName}' )
    def authProfile = authContainer.getProfileByName(profileName)

    def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID)  //TokenType.ID gets the ID token
    clientFacade.requestAccessToken(authProfile, true)
    def accessToken = authProfile.getAccessToken()

    -------------------  End code snippet -----------------------

     

    Additionally, there is this for just the access token (From SmartBear):

    You can get the access token by using  the Groovy script above and replacing def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID) with def clientFacade = new OltuOAuth2ClientFacade(TokenType BEARER) to get the access token instead of the id token.

     

     

    • generalError's avatar
      generalError
      Regular Visitor

      Hey there, telong

      Could you share the way you have fixed the the profileName retrieval line as I am in a similar spot.

      I am having some difficulties with figuring out on how to get a fresh token in each testcase as I have managed to configure a working OAuth 2 profile at project level in Auth Manager section.

      When running the same testcase after the token expired the requests just won't work.

      • subhaD's avatar
        subhaD
        Contributor

        I have fixed it in TestRunListener.berforeRun to check for validity of oauth token

        code snippet below,

         

        //Get Token Status
        def oAuthProfile = project.getAuthRepository().getEntry("$authpr")
        //String oAuthProfile = testRunner.testCase.getTestStepByName("Groovy Script").getSelectedAuthprofile()
        def TokenStatus = oAuthProfile.accessTokenStatus.toString()
        log.info "Access Token Status is: $TokenStatus"
        //Get Access Token from the server if expired
        if (TokenStatus != 'RETRIEVED_FROM_SERVER'){
        def oAuthClientFacade = new OltuOAuth2ClientFacade(TokenType.ACCESS)
        oAuthClientFacade.requestAccessToken(oAuthProfile, true)
        log.info "Access Token Status is "+ oAuthProfile.accessTokenStatus

    • Z19942's avatar
      Z19942
      Occasional Contributor

      Where do i put this script? 
      i am putting it in Automation and it is giving me a below error:

      "The following script is invalid:
      import com.eviware.soapui.support.editor.inspectors.auth.TokenType import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade def authContainer = testRunner.testCase.testSuite.project.OAuth2ProfileContainer // Get OAuth2 profile name def profileName = context.expand( '${70}' ) def authProfile = authContainer.getProfileByName(profileName) def clientFacade = new OltuOAuth2ClientFacade(TokenType.BEARER) //TokenType.ID gets the ID token clientFacade.requestAccessToken(authProfile, true) def accessToken = authProfile.getAccessToken()

      Error:
      missing ; before statement (scriptToValidate#1)"

       

  • TanyaYatskovska's avatar
    TanyaYatskovska
    SmartBear Alumni (Retired)

    Hi Telong,

     

     

    As far as I know, you can set ID Token only manually via Ready! API's windows.

    I suggest that you submit your request as a feature improvement idea here. Our Ready! API Product Owner monitors all submitted ideas, and he can consider implementing yours.