Problems with refresh OAuth2 token

Question

For our service we are using OAuth2 for authorization.
I have defined an OAuth2 profile in the Auth Manager.
When I click the Get Access Token button manually everything works as expected: a new token is fetched and all my tests pass.
When the token expires I am expecting ReadyAPI to automatically fetch a new token. However, this does not happen. What am I doing wrong?

siking · Accepted Answer

I seem to remember I had already dealt with this sometime in the past. Oh right: 5 years ago! It's a shame this shortcoming still exists in ReadyAPI. 😞
&nbsp;
Yki Here is a slightly improved(?) version on that script:
&nbsp;
// Name: 'Forced token update'
// Event: 'SubmitListener.beforeSubmit'
// Target: '${=submit.request.authType.asBoolean()}' filters only test steps that have Authorization as an option

// https://support.smartbear.com/readyapi/docs/requests/auth/types/oauth2/automate/index.html#on-request
import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade
import com.eviware.soapui.support.editor.inspectors.auth.TokenType
import com.eviware.soapui.model.support.ModelSupport
import com.eviware.soapui.config.AccessTokenStatusConfig

def project = ModelSupport.getModelItemProject(context.getModelItem())

def authProfile = project.authRepository.getEntry("!YOUR AUTH PROFILE NAME!")

if(authProfile.accessTokenStatus != AccessTokenStatusConfig.RETRIEVED_FROM_SERVER) {
	
	def oAuthFacade = new OltuOAuth2ClientFacade(TokenType.ACCESS)
	
	oAuthFacade.requestAccessToken(authProfile, true, true)
	
	// Access token retrieval may take time.
	def stopLoop = 0	// loop counter to prevent infinite loops in case of problems
	while(authProfile.accessTokenStatus != AccessTokenStatusConfig.RETRIEVED_FROM_SERVER &amp;&amp; stopLoop++ &lt; 6)
		sleep(5)
	
	log.info("Set new token: ${authProfile.accessToken}")
}
&nbsp;

smcclay · Answer

This is a slightly updated version of the script that can be put&nbsp;into the Automation for the auth profile and will only renew when expired:&nbsp;&nbsp;// Import the required classes
import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade;
import com.eviware.soapui.support.editor.inspectors.auth.TokenType;
import com.eviware.soapui.model.support.ModelSupport;

// Set up variables
def project = ModelSupport.getModelItemProject(context.getModelItem());
def stepProfile = context.getCurrentStep().getHttpRequest().getSelectedAuthProfile()
def authProfile = project.getAuthRepository().getEntry(stepProfile);
def oldToken = authProfile.getAccessToken();
def tokenType = TokenType.ACCESS;

// Create a facade object
def oAuthFacade = new OltuOAuth2ClientFacade(tokenType);

// Request an access token in headless mode
oAuthFacade.requestAccessToken(authProfile, true, true);

// Wait until the access token gets updated
for(int i = 0; i&lt;=3000; i++){
	if(oldToken != authProfile.getAccessToken()){
		break
	}
	sleep(1)
}&nbsp;I would suggest this is a work-around for a ReadyAPI bug as we should be able to set this type of token to renew automatically.&nbsp;Regards,--Stephen

yki · Answer

my ex-colleague&nbsp; wrote following script as a Event : SubmitListenerBeforeSubmit:&nbsp;&nbsp;&nbsp;It is not working completely as it should (it requests a new token with every request, but so far I had no problems with it)&nbsp;// Import the required classes
import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade
import com.eviware.soapui.support.editor.inspectors.auth.TokenType
import com.eviware.soapui.model.support.ModelSupport

def authProfileName = "INT_Profile_Name"

if(!submit.getRequest().getAuthType().asBoolean()){
    return // stop if the auth type is null, for example jdbc requests
}else if(submit.getRequest().getActiveAuthProfile() == null){
    return // stop if the auth profile is null
}else if(authProfileName == submit.getRequest().getActiveAuthProfile().getName()){

// Set up variables
    def project = ModelSupport.getModelItemProject(context.getModelItem())
    def authProfile = project.getAuthRepository().getEntry(authProfileName)
    def oldToken = authProfile.getAccessToken()
    def tokenType = TokenType.ACCESS

// Create a facade object
    def oAuthFacade = new OltuOAuth2ClientFacade(tokenType)

// Request an access token in headless mode
    oAuthFacade.requestAccessToken(authProfile, true, true)

// Wait until the access token gets updated
    //while(oldToken == authProfile.getAccessToken()) {}

//The sleep method can be used instead of a while loop
    //sleep(3000)

for(int i = 0; i&lt;=3000; i++){
        if(oldToken != authProfile.getAccessToken()){
            break
        }
        sleep(1)
    }

// Post the info to the log
    log.info("Set new token: " + authProfile.getAccessToken())
}&nbsp;

sharon19_in · Answer

Im using the free version, since there is no auth manager what options do we have to manage the auto refresh&nbsp; ?

nmrao · Answer

sharon19_in&nbsp;
You may create a new post in Open Source forum with the details.

nmrao · Answer

Does the authentication server provides refresh token when you get the token? If not, then ReadyAPI may not automatically refresh it when the token expires.
&nbsp;
Was it working earlier and started facing this now? what changes?

Forum Discussion

Problems with refresh OAuth2 token

11 Replies

Related Content

Oauth2 bearer

Name mapping refresh problem

Kafka topic using OAuth2 authentication

Refresh method does not refresh the page

Command refresh in PostgreSQL with TestExecute

Recent Discussions

GroovyScript Help - Repeating JSON Attributes Have Specific Value.....some of the time?

Parameterising JDBC Connection Settings..Can you do it?

JDBC results are stored in the ReadyAPI project

MyFirstPlugin - button Project menu in Ready Api

Azure Git Integration?