cancel
Showing results for 
Search instead for 
Did you mean: 

Read aws secrets from ReadyAPI

SOLVED
Highlighted
Occasional Contributor

Read aws secrets from ReadyAPI

Did anybody tried to read aws secrets from ReayAPI groovy code,

 

We have built java code to read secrets but the same not working from ReadyAPI groovy script

 

1. copied respective aws-java-sdk jar file to ReadyAPI installation folder(Getting error NoClassDefFoundError)

2.whatever working java code we built jar out the java project, copied jar to ReadyAPI installation location folder(Getting error NoClassDefFoundError)

 

If Anybody tried the same please suggest

Reference link for java code - https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/manage-credentials-using-aws-secre...

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Contributor

Re: Read aws secrets from ReadyAPI

I Think this is what you are looking for. You'll need an http test step to follow the groovy script to actually log into AWS and retrieve secret, accesskey and token info then another groovy script to simply pick up these values and store them for use with you aws user you'll need to define in the authorization manager, and of course you'll need to use that profile on all subsequent test steps making calls to the cloud.....BTW don't be surprised if your requests fail due to a bad signature being generated by readyApi, I've had tickets in for a long time :-). You can write your own code to generate a signature if you want to give that a try Let me know how this works out.

 

Groovy Script 1

// Import Required libraries
import java.util.concurrent.TimeUnit
import org.openqa.selenium.By
import org.openqa.selenium.WebDriver
import org.openqa.selenium.WebElement
import org.openqa.selenium.firefox.FirefoxBinary
import org.openqa.selenium.firefox.FirefoxDriver
import org.openqa.selenium.firefox.FirefoxDriverLogLevel
import org.openqa.selenium.firefox.FirefoxOptions
import org.openqa.selenium.support.ui.ExpectedConditions
import org.openqa.selenium.support.ui.WebDriverWait


// Define geckodriver path

System.setProperty("webdriver.gecko.driver","C:\\SoapUI\\Drivers\\geckodriver.exe")


// Define closures

def query_string_to_map = {
it.tokenize('&').collectEntries {
it.split('=', 2).collect { URLDecoder.decode(it, 'UTF-8') }
}
}

def map_to_query_string = {
it.collect { k, v -> "$k=${URLEncoder.encode(v.toString())}" }.join('&')
}

// Define vars

def username = context.expand( '${#Project#contactNameQaone}' ) // qaone@newforming.com
def password = context.expand( '${#Project#password}' ) // $56&pass
def clientId = context.expand( '${#Project#clientId}' )
def redirectUri = context.expand( '${#Project#redirectUri}' )
def signInTitle = context.expand( '${#Project#signInTitle}' )
def passwordInputId = context.expand( '${#Project#passwordInputId}' )
def submitButtonId = context.expand( '${#Project#submitButtonId}' )
def staySignedInButtonId = context.expand( '${#Project#staySignedInButtonId}' )
def authorizeUrl = context.expand( '${#Project#authorizeUrl}' )

// Builds the authorizeUrl if not yet defined

if (!authorizeUrl) {
String url = 'login.microsoftonline.com'
String path = 'common/oauth2/authorize'

def params = [
tenant : 'common',
nonce : 'nonce01234',
response_mode: 'query',
redirect_uri : redirectUri,
response_type: 'id_token code',
access_type : 'offline',
client_id : clientId
]

String query_string = map_to_query_string(params)
authorizeUrl = "https://${url}/${path}?${query_string}"
}

authorizeUrl += "&login_hint=${username}"
log.info('Getting authentication token')
log.info 'Authorize URL: ' + authorizeUrl

FirefoxBinary firefoxBinary = new FirefoxBinary()
//firefoxBinary.addCommandLineOptions("--headless")

FirefoxOptions firefoxOptions = new FirefoxOptions()
firefoxOptions.setLogLevel(FirefoxDriverLogLevel.INFO)
firefoxOptions.setBinary(firefoxBinary)

FirefoxDriver driver = new FirefoxDriver(firefoxOptions)
//driver.manage().timeouts().implicitlyWait(10, TimeUnit.SECONDS);
driver.get(authorizeUrl)

WebDriverWait wait = new WebDriverWait(driver, 30)
wait.until(ExpectedConditions.titleIs(signInTitle))

WebElement passwordInput = driver.findElement(By.id(passwordInputId))
passwordInput.sendKeys(password)

WebElement submitButton = driver.findElement(By.id(submitButtonId))

submitButton.click()
sleep (2000)

if (driver.findElements(By.id(staySignedInButtonId)).size() > 0) {
log.debug('Clicking "Yes" on "Stay Signed in?" prompt')
driver.findElement(By.id(staySignedInButtonId)).click()
}
//
String redirect_url = driver.getCurrentUrl()
log.info 'Redirect URL: ' + redirect_url

driver.quit()

def query_map = query_string_to_map(new URL(redirect_url.replace('#', '?')).query)

String id_token = query_map.id_token
String code = query_map.code

log.info 'idToken: ' + id_token
log.info 'code: ' + code

testRunner.testCase.setPropertyValue( "idToken", id_token )
testRunner.testCase.setPropertyValue( "code", code )

 

 

Groovy Script 2

/// Import AWS credentials from HTTP POST
import java.lang.*;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;

 

def accessKeyId = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'accessKeyId\']}' )
def secretAccessKeyId = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'secretAccessKey\']}' )
def sessionToken = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'sessionToken\']}' )
def signatureScope = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'signatureScope\']}' )
def expiration = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'expiration\']}' )
def serviceName = context.expand( '${#TestCase#serviceName}' )


testRunner.testCase.setPropertyValue( "accessKeyId", accessKeyId )
testRunner.testCase.setPropertyValue( "secretAccessKeyId", secretAccessKeyId )
testRunner.testCase.setPropertyValue( "sessionToken", sessionToken )
testRunner.testCase.setPropertyValue( "signatureScope", signatureScope )
testRunner.testCase.setPropertyValue( "serviceName", serviceName )

View solution in original post

4 REPLIES 4
Highlighted
Community Hero

Re: Read aws secrets from ReadyAPI

In which directory of installation the files are copied? Is the tool Restarted after copying the files?
And the list of files?
What groovy script did you try?


Regards,
Rao.
Highlighted
Community Manager

Re: Read aws secrets from ReadyAPI

Thank you Rao!

 

Hi @ArunS , the Community needs more information from you to be able to try and provide a solution. Thank you.


Sonya Mihaljova
Community and Education Specialist

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
Highlighted
Contributor

Re: Read aws secrets from ReadyAPI

I Think this is what you are looking for. You'll need an http test step to follow the groovy script to actually log into AWS and retrieve secret, accesskey and token info then another groovy script to simply pick up these values and store them for use with you aws user you'll need to define in the authorization manager, and of course you'll need to use that profile on all subsequent test steps making calls to the cloud.....BTW don't be surprised if your requests fail due to a bad signature being generated by readyApi, I've had tickets in for a long time :-). You can write your own code to generate a signature if you want to give that a try Let me know how this works out.

 

Groovy Script 1

// Import Required libraries
import java.util.concurrent.TimeUnit
import org.openqa.selenium.By
import org.openqa.selenium.WebDriver
import org.openqa.selenium.WebElement
import org.openqa.selenium.firefox.FirefoxBinary
import org.openqa.selenium.firefox.FirefoxDriver
import org.openqa.selenium.firefox.FirefoxDriverLogLevel
import org.openqa.selenium.firefox.FirefoxOptions
import org.openqa.selenium.support.ui.ExpectedConditions
import org.openqa.selenium.support.ui.WebDriverWait


// Define geckodriver path

System.setProperty("webdriver.gecko.driver","C:\\SoapUI\\Drivers\\geckodriver.exe")


// Define closures

def query_string_to_map = {
it.tokenize('&').collectEntries {
it.split('=', 2).collect { URLDecoder.decode(it, 'UTF-8') }
}
}

def map_to_query_string = {
it.collect { k, v -> "$k=${URLEncoder.encode(v.toString())}" }.join('&')
}

// Define vars

def username = context.expand( '${#Project#contactNameQaone}' ) // qaone@newforming.com
def password = context.expand( '${#Project#password}' ) // $56&pass
def clientId = context.expand( '${#Project#clientId}' )
def redirectUri = context.expand( '${#Project#redirectUri}' )
def signInTitle = context.expand( '${#Project#signInTitle}' )
def passwordInputId = context.expand( '${#Project#passwordInputId}' )
def submitButtonId = context.expand( '${#Project#submitButtonId}' )
def staySignedInButtonId = context.expand( '${#Project#staySignedInButtonId}' )
def authorizeUrl = context.expand( '${#Project#authorizeUrl}' )

// Builds the authorizeUrl if not yet defined

if (!authorizeUrl) {
String url = 'login.microsoftonline.com'
String path = 'common/oauth2/authorize'

def params = [
tenant : 'common',
nonce : 'nonce01234',
response_mode: 'query',
redirect_uri : redirectUri,
response_type: 'id_token code',
access_type : 'offline',
client_id : clientId
]

String query_string = map_to_query_string(params)
authorizeUrl = "https://${url}/${path}?${query_string}"
}

authorizeUrl += "&login_hint=${username}"
log.info('Getting authentication token')
log.info 'Authorize URL: ' + authorizeUrl

FirefoxBinary firefoxBinary = new FirefoxBinary()
//firefoxBinary.addCommandLineOptions("--headless")

FirefoxOptions firefoxOptions = new FirefoxOptions()
firefoxOptions.setLogLevel(FirefoxDriverLogLevel.INFO)
firefoxOptions.setBinary(firefoxBinary)

FirefoxDriver driver = new FirefoxDriver(firefoxOptions)
//driver.manage().timeouts().implicitlyWait(10, TimeUnit.SECONDS);
driver.get(authorizeUrl)

WebDriverWait wait = new WebDriverWait(driver, 30)
wait.until(ExpectedConditions.titleIs(signInTitle))

WebElement passwordInput = driver.findElement(By.id(passwordInputId))
passwordInput.sendKeys(password)

WebElement submitButton = driver.findElement(By.id(submitButtonId))

submitButton.click()
sleep (2000)

if (driver.findElements(By.id(staySignedInButtonId)).size() > 0) {
log.debug('Clicking "Yes" on "Stay Signed in?" prompt')
driver.findElement(By.id(staySignedInButtonId)).click()
}
//
String redirect_url = driver.getCurrentUrl()
log.info 'Redirect URL: ' + redirect_url

driver.quit()

def query_map = query_string_to_map(new URL(redirect_url.replace('#', '?')).query)

String id_token = query_map.id_token
String code = query_map.code

log.info 'idToken: ' + id_token
log.info 'code: ' + code

testRunner.testCase.setPropertyValue( "idToken", id_token )
testRunner.testCase.setPropertyValue( "code", code )

 

 

Groovy Script 2

/// Import AWS credentials from HTTP POST
import java.lang.*;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;

 

def accessKeyId = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'accessKeyId\']}' )
def secretAccessKeyId = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'secretAccessKey\']}' )
def sessionToken = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'sessionToken\']}' )
def signatureScope = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'signatureScope\']}' )
def expiration = context.expand( '${HTTP Retrieve AWS Credentials#Response#$[\'expiration\']}' )
def serviceName = context.expand( '${#TestCase#serviceName}' )


testRunner.testCase.setPropertyValue( "accessKeyId", accessKeyId )
testRunner.testCase.setPropertyValue( "secretAccessKeyId", secretAccessKeyId )
testRunner.testCase.setPropertyValue( "sessionToken", sessionToken )
testRunner.testCase.setPropertyValue( "signatureScope", signatureScope )
testRunner.testCase.setPropertyValue( "serviceName", serviceName )

View solution in original post

Highlighted
Community Manager

Re: Read aws secrets from ReadyAPI

Thank you sprice090161 !

 

@ArunS Is this still an ongoing issue for you? Please let us know if this suggestion works.


Sonya Mihaljova
Community and Education Specialist

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
New Here?
Join us and watch the welcome video:
Announcements
Top Kudoed Authors