klaypigeon
7 years agoOccasional Contributor
Extract CSRF/XSRF from response cookie to pass as header
Hi, I am having a hard time locating an answer to this. I keep getting info about passing cookies around. Essentially my authentication response contains a cookie:
Set-Cookie: [XSRF-TOKEN="WtY3ztIh...
- 7 years ago
I have a solution to the problem stated. This is the Groovy that allows me access to the CookieStore. I have it set up now so the X-XSRF-TOKEN header is getting created from the associated cookie value.
Unfortunately the subsequent request is still failing with a 401. I'm out of ideas and the vendor is unlikely to help me with SoapUI issues since it works fine using Python requests package. I will update if I get it working.
Make sure you have 'Maintain HTTP Session' checked.
Create a new Property in your TestCase and assign it an arbitrary value. (mine is XSRF)
Insert a Groovy script similar
// Thanks to user Kristoffer for his find
// https://community.smartbear.com/t5/SoapUI-Pro/preserving-cookies/td-p/41244
final httpStatePropertyName = com.eviware.soapui.model.testsuite.TestRunContext.HTTP_STATE_PROPERTY;
final httpContext = context.getProperty(httpStatePropertyName);
final cookieStore = httpContext.getAttribute("http.cookie-store");
// Get cookies from store
def cookies = cookieStore.getCookies();
def xsrfToken;
cookies.each {
if (it.name == "XSRF-TOKEN"){
s = it.value;
//Strip quotes, tried with and without this
xsrfToken = s.replace("\"", "");
//Assign TestCase Property
testRunner.testCase.setPropertyValue( "XSRF", xsrfToken );
}
}This value is assigned by creating a Header in my next request and assigning it the property value.
X-XSRF-TOKEN = ${#TestCase#XSRF}