Contributions
Re: Authorization with OAuth2.0 implicit grant: Delete cookie/log out
Thanks for the reply Nastya. It is nice to knowthat this behavior will be changed in the future. Right now my temporary solution is to have a 1 sec lifetime on the cookies and a groovy script step that sleeps for 1 sec whenever I need to change a user profile. This is not ideal because now my tests are slow and I need to have a special version of the identity server thatsets cookies with 1 sec lifetime. I am not sure this matters but I am using the open source SoapUI so I guess I meant to post this in another forum..(SMARTBEAR COMMUNITY : OPEN SOURCE TOOLS : SOAPUI OPEN SOURCE) Also just to make 100% sure we are on the same page(which it actually seems like to me): I am not manually fetching the token with a groovy script myself but I am using the SoapUI authorization feature for the implicit flow with an automation script for the login.7 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.7KViews0likes1CommentAuthorization with OAuth2.0 implicit grant: Delete cookie/log out
So I am doing authorization with OAuth2.0 implicit flow. With one profile it works really well. But now I am creating api access tests where I need to use another user profile. So naturally Icreate another profile and everything works perfectly except that SoapUI seems to send a cookie, belonging to the first profile, to the identity server. The identity server then "thinks" I am already logged in so it doesn't ask for username+password and gives me another token belonging to the first profile. So I have been trying to clear all thecookies with a groovy script but I have not been able to access them. It seems to me that these specific cookies are not accessable by groovy, could that be true? Any solutions?7 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.8KViews0likes3Comments