OATH2 Authentication - can "get ID Token" be automated in testing?

Question

I have oath2 authentication configured and have setup correct automation scripts. It works perfectly for setting up the access token. Furthermore, I can access this token within a groovy script by the following:

1) def authEntry = context.getCurrentStep().testCase.testSuite.project.getAuthRepository().getEntry("myProfile");

2) authEntry.getAccessToken()

The problem I have is that I also need the ID Token. So, for the above code, "authEntry.getIdToken()" will not return a value unless I go to the authorization tab on a rest test step and manually click on the "get ID Token" button.

Once I manually click on this button, the ID Token will be available in the authentication repository object for "myProfile", and calling "authEntry.getIdToken()" returns the expected value. From what I can tell, this is not automated.

Is there something I'm missing for automatically population of the authorization profile's ID Token attribute?

telong · Accepted Answer

Found a solution from SmartBear. &nbsp;Posting to help others. &nbsp;Here is the reply... worked perfectly for me. &nbsp;Put this code into a groovy step. &nbsp;I had to modify the profileName retrieval line but it worked exactly as-is otherwise.&nbsp;-------------- &nbsp;Begin Code snippet ----------------&nbsp;import com.eviware.soapui.support.editor.inspectors.auth.TokenTypeimport com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacadedef authContainer = testRunner.testCase.testSuite.project.OAuth2ProfileContainer// Get OAuth2 profile namedef profileName = context.expand( '${#Project#profileName}' )def authProfile = authContainer.getProfileByName(profileName)def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID)&nbsp; //TokenType.ID gets the ID tokenclientFacade.requestAccessToken(authProfile, true)def accessToken = authProfile.getAccessToken()------------------- &nbsp;End code snippet -----------------------&nbsp;Additionally, there is this for just the access token (From SmartBear):You can get the access token by using&nbsp; the Groovy script above and replacing def clientFacade = new OltuOAuth2ClientFacade(TokenType.ID) with def clientFacade = new OltuOAuth2ClientFacade(TokenType BEARER) to get the access token instead of the id token.&nbsp;&nbsp;

tanyayatskovska · Answer

Hi Telong,
&nbsp;
&nbsp;
As far as I know, you can set&nbsp;ID Token&nbsp;only manually via Ready! API's windows.
I suggest that you submit your&nbsp;request as a feature improvement idea here. Our Ready! API Product Owner monitors all submitted ideas, and he can consider implementing yours.

nmrao · Answer

How does the response look like?

generalerror · Answer

Hey there,&nbsp;telongCould you share the way you have fixed the&nbsp;the profileName retrieval line as I am in a similar spot.I am having some difficulties&nbsp;with figuring out on how to&nbsp;get a fresh token in each testcase as I have managed to configure a working OAuth 2 profile at project level in Auth Manager section. When running the same testcase after the token expired the requests just won't work.

z19942 · Answer

Where do i put this script?&nbsp;i am putting&nbsp;it in Automation and it is giving me a below error:
"The following script is invalid:import com.eviware.soapui.support.editor.inspectors.auth.TokenType import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade def authContainer = testRunner.testCase.testSuite.project.OAuth2ProfileContainer // Get OAuth2 profile name def profileName = context.expand( '${70}' ) def authProfile = authContainer.getProfileByName(profileName) def clientFacade = new OltuOAuth2ClientFacade(TokenType.BEARER) //TokenType.ID gets the ID token clientFacade.requestAccessToken(authProfile, true) def accessToken = authProfile.getAccessToken()Error:missing ; before statement (scriptToValidate#1)"
&nbsp;

subhad · Answer

I have fixed it in TestRunListener.berforeRun to check for validity of oauth token
code snippet below,
&nbsp;
//Get Token Statusdef oAuthProfile = project.getAuthRepository().getEntry("$authpr")//String oAuthProfile = testRunner.testCase.getTestStepByName("Groovy Script").getSelectedAuthprofile()def TokenStatus = oAuthProfile.accessTokenStatus.toString()log.info "Access Token Status is: $TokenStatus"//Get Access Token from the server if expiredif (TokenStatus != 'RETRIEVED_FROM_SERVER'){def oAuthClientFacade = new OltuOAuth2ClientFacade(TokenType.ACCESS)oAuthClientFacade.requestAccessToken(oAuthProfile, true)log.info "Access Token Status is "+ oAuthProfile.accessTokenStatus

Forum Discussion

OATH2 Authentication - can "get ID Token" be automated in testing?

8 Replies

Related Content

SoapUI OAuth 2.0, Get Access Token receive "The page could not be loaded?

"You need to authenticate to get the requested resource" useless error

Project Authentication

Contains assertion with option "Use Token as regular expression" not working

Getting Chrome autofill to work in Swagger UI "try it out" forms

Recent Discussions

Parameterising JDBC Connection Settings..Can you do it?

Test Runner - Report All in One File

GroovyScript Help - Repeating JSON Attributes Have Specific Value.....some of the time?

JDBC results are stored in the ReadyAPI project

MyFirstPlugin - button Project menu in Ready Api