RestAssured oAuth2 http 状态码 401 [英] RestAssured oAuth2 http status code 401

问题描述

我正在尝试使用 RestAssured 库和 Spring MVC REST oAuth2 安全端点实现集成测试.

I'm trying to implement integration test using RestAssured library and Spring MVC REST oAuth2 secured endpoint.

这是我的测试:

@Test
public void testCreateDecision() throws Exception {
    File createDecisionJsonFile = ResourceUtils.getFile(getClass().getResource("/json/decisions/create-decision.json"));

    // @formatter:off
    final String createDecisionRequest = FileUtils.readFileToString(createDecisionJsonFile)
            .replace("{{name}}", "Test decision name")
            .replace("{{description}}", "Test decision description");
    // @formatter:on

    String accessToken = getAccessToken("user", "user");

    // @formatter:off
    given()
        .auth()
        .oauth2(accessToken, OAuthSignature.HEADER)
        .body(createDecisionRequest)
        .contentType("application/json; charset=UTF-8")
    .when()
        .post(format("http://localhost:%d/api/v1.0/decisions/create", port))
    .then()
        .statusCode(200)
        .contentType(ContentType.JSON)
        .body("id", notNullValue())
        .body("createDate", notNullValue());
    // @formatter:on

}

accessToken 有效，但我不断收到 401 http 代码.我的代码可能有什么问题?

The accessToken is valid but I'm continuously getting 401 http code. What could be wrong with my code ?

推荐答案

我知道这是一个旧帖子，但只是想记录下来以防其他人需要答案.我能够使用以下格式实现:

I know this is an old post, but just wanted to document this in case someone else needed the answer. I was able to implement using the following format:

首先检索令牌(在我的情况下，我没有存储用户令牌，只是在每次测试之前获取它们)

First retrieve the token (in my case I did not store user tokens, jut got them before each test)

// we need to get the oauth token before we can perform the request
private void authenticateUser(String username, String password) {

    String response =
            given()
                .parameters("username", username, "password", password, 
                           "grant_type", "password", "scope", "read write", 
                           "client_id", "clientapp", "client_secret", "123456")
                .auth()
                .preemptive()
                .basic("clientapp","123456")
            .when()
                .post("/oauth/token")
                .asString();

    JsonPath jsonPath = new JsonPath(response);
    accessToken = jsonPath.getString("access_token");
}

他们在测试中使用了检索到的令牌:

And them on the test I used the retrieved token:

@Test
public void testGetUserDefaultUserOwner() {


    authenticateUser(testData.user1.getLogin(), "1");

    User user = 
        given()
            .auth().oauth2(accessToken)
            .contentType(ContentType.JSON)
            .accept(ContentType.JSON)
        .expect()
            .log().all()
            .statusCode(HttpStatus.OK.value())
        .when()
            .get(USER_RESOURCE, testData.user1.getId())
            .as(User.class);

    assertThat(user).isEqualTo(testData.user1);
}   

我使用 Restassured 和 AssertJ 进行测试，使用 SpringBoot 和 OAuth2 进行 Rest API.

I am using Restassured and AssertJ for the tests, and SpringBoot with OAuth2 for the Rest APIs.

这篇关于RestAssured oAuth2 http 状态码 401的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！