Question

我正在尝试在使用OAUTH2身份验证的api上使用RequestsLibrary。

通过OAUTH2进行身份验证，并将凭据提供给/ v1 / authtoken端点。随后对APÍ的调用需要将令牌作为“承载”包含在http请求的“授权”标题中。

以下是测试用例。我得到的错误是： 401！= 200

凭证在jmeter中正常工作，并返回一个帐户列表。但是，我无法使RF脚本工作。任何帮助将不胜感激。

在剧本中，

登录到控制台${accessToken}会返回访问令牌：8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r ...
登录控制台${token}返回：Bearer 8ETFXTZOWQLrgsMj7c_KuCEeypdj-eO1r ...

*** Test Cases ***

Get authToken
    Create Session  hook    http://xxxx.azurewebsites.net  verify=${True}
    ${data}=      Create Dictionary     grant_type=client_credentials     client_id=yyy-zzzz     client_secret=xxxxxxxxxxxxxxx
    ${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
    ${resp}=    post request    hook    /v1/authtoken    data=${data}   headers=${headers}
    Should Be Equal As Strings  ${resp.status_code}     200
    Dictionary Should Contain Value     ${resp.json()}  bearer
    ${accessToken}=    evaluate    $resp.json().get("access_token")
    Log to Console        ${accessToken}
    ${Bearer}=      Set Variable   Bearer
    ${token}=       catenate    Bearer    ${accessToken}
    Log to Console     ${token}
    ${headers}=   Create Dictionary   Authorization=${token}
    ${resp1}=     get request       hook    /v1/integration/accounts  headers=${headers}
    Should Be Equal As Strings  ${resp1.status_code}    200
    #Log to Console   ${resp1.json()}

Answer 1

我正在使用OAuth 2.0身份验证以及我的salesforce自动化。

我的第一个答案是跳过基于客户端的身份验证并切换到基于用户名/密码的身份验证

      Get authToken by Password Authentication

RequestsLibrary.Create Session  hook    https://<url>/services/oauth2  verify=${True}
${data}=      Create Dictionary     grant_type=password     client_id=1abc    client_secret=2abc    username=test@test.com  password=keypass
${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
${resp}=        RequestsLibrary.Post Request    hook    /token    data=${data}   headers=${headers}
Should Be Equal As Strings  ${resp.status_code}     200
${accessToken}=    evaluate    $resp.json().get("access_token")
Log to Console        ${accessToken}

如果您使用基于客户端或基于Web的身份验证，则会有一个登录屏幕，用户将使用该屏幕输入用户名/密码来授权应用程序代表其发送请求。有关更多信息，请查看这些页面，因为它们主要讨论使用刷新令牌或完全跳过用户提示。

Answer 2

我正在使用的API不能被OAuth2跳过。所以我不得不继续进行OAuth2 在回答Sandeep的问题时，我也遇到了同样的问题。您可能需要在分配了Authorization = $ {token}之后创建会话，然后才能获取请求...。请一次尝试以下

Create Session  hook    http://xxxx.azurewebsites.net  verify=${True}
${data}=      Create Dictionary     grant_type=client_credentials     
client_id=yyy-zzzz     client_secret=xxxxxxxxxxxxxxx
${headers}=   Create Dictionary      Content-Type=application/x-www-form-urlencoded
${resp}=    post request    hook    /v1/authtoken    data=${data}   headers=${headers}
Should Be Equal As Strings  ${resp.status_code}     200
Dictionary Should Contain Value     ${resp.json()}  bearer
${accessToken}=    evaluate    $resp.json().get("access_token")
Log to Console        ${accessToken}
${Bearer}=      Set Variable   Bearer
${token}=       catenate    Bearer    ${accessToken}
Log to Console     ${token}
${headers}=   Create Dictionary   Authorization=${token}
RequestsLibrary.Create Session    hook1 /v1/integration/accounts    verify=${True}        
${resp}=  RequestsLibrary.Get Request  hook1    headers=${headers1}  
Should Be Equal As Strings    ${resp.status_code}    200

此外，它的帮助方式如下：

RequestsLibrary.Create Session    OA2    https://idp-t.xxxx.nu/    verify=${True}
${data}=     Create Dictionary    Token_Name=Bearer    grant_type=client_credentials    Client_Id=Puur.Client.35621957-cb82-4ecc-bce5-836c707d163c     Client_Secret=67edcc466ed80cacbd24a78d0de10b02    scope=Ecare.Puur.Service
${headers}=   Create Dictionary    Content-Type=application/x-www-form-urlencoded

${resp}=    RequestsLibrary.Post Request    OA2    identity/connect/token    data=${data}    headers=${headers}
BuiltIn.Log To Console    ${resp}
BuiltIn.Log To Console    ${resp.status_code}
Should Be Equal As Strings    ${resp.status_code}    200
Dictionary Should Contain Value    ${resp.json()}   Bearer
${accessToken}=    evaluate    $resp.json().get("access_token")
BuiltIn.Log to Console    ${accessToken}
${token}=    catenate    Bearer    ${accessToken}
BuiltIn.Log to Console    ${token}
${headers1}=  Create Dictionary    Authorization=${token} 

RequestsLibrary.Create Session    GT    https://sample-test-t.nu    verify=${True}        
${resp}=  RequestsLibrary.Get Request  GT    /api/teams    headers=${headers1}
Should Be Equal As Strings    ${resp.status_code}    200

希望有帮助！：）

Answer 3

I have added the new answer for this question.

RequestsLibrary.Create Session    OA2    <Your Server URL>    verify=${True}
${data}=     Create Dictionary    Token_Name=TestTokenname    grant_type=<grant type>    client_Id=<your Id>     Client_Secret=<Your client secret>    scope=<your scpe>
${headers}=   Create Dictionary    Content-Type=application/x-www-form-urlencoded

${resp}=    RequestsLibrary.Post Request    OA2    identity/connect/token    data=${data}    headers=${headers}
BuiltIn.Log To Console    ${resp}
BuiltIn.Log To Console    ${resp.status_code}
Should Be Equal As Strings    ${resp.status_code}    200
Dictionary Should Contain Value    ${resp.json()}   Testtokenname
${accessToken}=    evaluate    $resp.json().get("access_token")
BuiltIn.Log to Console    ${accessToken}
${token}=    catenate    Bearer    ${accessToken}
BuiltIn.Log to Console    ${token}
${headers1}=  Create Dictionary    Authorization=${token} 

RequestsLibrary.Create Session    GT    <Your Server URL>    verify=${True}        
${resp}=  RequestsLibrary.Get Request  GT    <Your API URL>    headers=${headers1}
Should Be Equal As Strings    ${resp.status_code}    200

使用OAUTH2授权请求标头的Robot Framework api测试

3 个答案: