Ask a Question
Log In / Sign Up
Resources
Ask a Question
Log In Sign Up

Security test using groovy script has an error.

SOLVED
Solved
kimyeo01
Visitor
‎11-04-2019 06:53 AM
‎11-04-2019 06:53 AM

Security test using groovy script has an error.

The application uses OAuth1.0.  For the scan, I have created the groovy scripts for each test case (every other endpoint). When I run through the groovy script, it was executed without any problem, and I can check the right response as below.

scanResult.png

 

 

responseUsingGroovy.png

 

However, when I send the request in the REST editor, the response shows an error "oauth_problem=nonce_used".
Even though the groovyscript was coded correctly, I don't think the SoapUI Pro scan can grap the groovy script code properly when I run the security scans. reponseFromRESTscan.png

 

 

The security scan report shows same response from above the reponse. 

 

scanResult.png

 

How can I resolve this issue in the SoupUI scan?

 

 

 

 

0 Kudos
1 REPLY 1
Nastya_Khovrina
SmartBear Alumni (Retired)
SmartBear Alumni (Retired)
‎11-06-2019 08:02 AM
‎11-06-2019 08:02 AM

Hi kimyeo01,

 

I've found the following explanation for the nonce_used error: 

"The nonce-timestamp combination has already been used"
Source: https://devdocs.magento.com/guides/v2.3/get-started/authentication/oauth-errors.html

So, it seems that you need to use a new value when you run the request again.

 

Also, I can recommend checking the ReadyAPI logs and logs from the server. 


Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: