cancel
Showing results for 
Search instead for 
Did you mean: 

Security test using groovy script has an error.

SOLVED
Highlighted
Visitor

Security test using groovy script has an error.

The application uses OAuth1.0.  For the scan, I have created the groovy scripts for each test case (every other endpoint). When I run through the groovy script, it was executed without any problem, and I can check the right response as below.

scanResult.png

 

 

responseUsingGroovy.png

 

However, when I send the request in the REST editor, the response shows an error "oauth_problem=nonce_used".
Even though the groovyscript was coded correctly, I don't think the SoapUI Pro scan can grap the groovy script code properly when I run the security scans. reponseFromRESTscan.png

 

 

The security scan report shows same response from above the reponse. 

 

scanResult.png

 

How can I resolve this issue in the SoupUI scan?

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Moderator

Re: Security test using groovy script has an error.

Hi kimyeo01,

 

I've found the following explanation for the nonce_used error: 

"The nonce-timestamp combination has already been used"
Source: https://devdocs.magento.com/guides/v2.3/get-started/authentication/oauth-errors.html

So, it seems that you need to use a new value when you run the request again.

 

Also, I can recommend checking the ReadyAPI logs and logs from the server. 



Learn SmartBear products in a fun and easy way and prove your knowledge!
>>Participate in the TechCorner Challenge today

View solution in original post

1 REPLY 1
Highlighted
Moderator

Re: Security test using groovy script has an error.

Hi kimyeo01,

 

I've found the following explanation for the nonce_used error: 

"The nonce-timestamp combination has already been used"
Source: https://devdocs.magento.com/guides/v2.3/get-started/authentication/oauth-errors.html

So, it seems that you need to use a new value when you run the request again.

 

Also, I can recommend checking the ReadyAPI logs and logs from the server. 



Learn SmartBear products in a fun and easy way and prove your knowledge!
>>Participate in the TechCorner Challenge today

View solution in original post

New Here?
Join us and watch the welcome video:
Announcements
TechCorner Leaderboard
Compete with community members in the TechCorner Challenge and get into the Leaderboard!

Rank Participant Points Earned
1 msiadak 12
2 nmrao 8
3 HimanshuTayal 3
Top Kudoed Authors