Forum Discussion

AAB's avatar
AAB
Regular Contributor
5 years ago
Solved

ReadyAPI: Using automated Authorization from Auth Repository

Hi all (  TanyaYatskovska  Nastya_Khovrina   nmrao   ....)

 

I've tried to use Auhtorization OAuth 2.0 to set it in Auth Repository level to be able to use this in a different projects but the automations doesn't seem to work.

On Auth Repository I've added a OAuth 2.0 profile. The Get Access Token has an OAuth 2 Flow = Client Credentials Grant. Client identification and client secret are filled in, Access Token URL is pointing to our access token URL. When I click the 'Get Access Token" the token is generated successfully.

I've saved this.

I've created 2 environments (TA and INT) that I initiated with Authorization Profile AdminV2.0 as per created on Auth Repository. The environments are set on 'Inherit from parent' automatically when I select my profile.

But, when I close ReadyAPI at evening and re-open in the morning I notice that I've lost the token value as it only substains for 3000sec. Not a problem, though I would like to automate it to check on startup that the token is still valid.

So In the documentation on SmartBear I saw the automation code for webbased authentication. My URL is not really a webpage. I get response from our server by forward proxy in the form of a webpage. It's just a page with data. But the only 'login' that is necessary is not a password and login name but the token generated at Auth Report level.

Does someone know how to write that script that I can put in the [  Auth Repository > Profile created > Automation scripts ]    ?

 

Or isn't that the way to automate the token to use in all projects?

 

Thanks in advance for reading this, I hope I was a little clear...

Cheers, AAB

 

 

  • AAB, I believe the script you are looking is under "Calling the Automated Retreival Procedure".

     

    // Import the required classes
    import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade;
    import com.eviware.soapui.support.editor.inspectors.auth.TokenType;
    import com.eviware.soapui.model.support.ModelSupport;

    // Set up variables
    def project = ModelSupport.getModelItemProject(context.getModelItem());
    def authProfile = project.getAuthRepository().getEntry("OAuth 2");
    def oldToken = authProfile.getAccessToken();
    def tokenType = TokenType.ACCESS;

    // Create a facade object
    def oAuthFacade = new OltuOAuth2ClientFacade(tokenType);

    // Request an access token in headless mode
    oAuthFacade.requestAccessToken(authProfile, true, true);

    // Wait until the access token gets updated
    while(oldToken == authProfile.getAccessToken()) {
    }
    //The sleep method can be used instead of a while loop
    //sleep(3000);

    // Post the info to the log
    log.info("Set new token: " + authProfile.getAccessToken());

     

5 Replies

    • AAB's avatar
      AAB
      Regular Contributor

      New2API  thanks for your time, but no, that doesn't help as that script is for webpages with forms and a login name and password. I need to use tokens generated from OAuth2.

       

      Kind regards,

      AboveAndBeyond

      • New2API's avatar
        New2API
        Frequent Contributor

        AAB, I believe the script you are looking is under "Calling the Automated Retreival Procedure".

         

        // Import the required classes
        import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade;
        import com.eviware.soapui.support.editor.inspectors.auth.TokenType;
        import com.eviware.soapui.model.support.ModelSupport;

        // Set up variables
        def project = ModelSupport.getModelItemProject(context.getModelItem());
        def authProfile = project.getAuthRepository().getEntry("OAuth 2");
        def oldToken = authProfile.getAccessToken();
        def tokenType = TokenType.ACCESS;

        // Create a facade object
        def oAuthFacade = new OltuOAuth2ClientFacade(tokenType);

        // Request an access token in headless mode
        oAuthFacade.requestAccessToken(authProfile, true, true);

        // Wait until the access token gets updated
        while(oldToken == authProfile.getAccessToken()) {
        }
        //The sleep method can be used instead of a while loop
        //sleep(3000);

        // Post the info to the log
        log.info("Set new token: " + authProfile.getAccessToken());