Question

我熟悉已放心，但现在我必须验证需要身份验证的POST API请求调用。开发人员提供了uid密钥和密钥，用于从服务器检索令牌，然后使用它确保POST API请求。我尝试了几个选项却没有成功。我应该使用oauth-signpost吗？任何帮助或指导真的很感激。感谢

information provided by dev
uid: xxxxxxxxxxxxxxxxx
secret: wwwwwwwwwwwwwww
POST /api/v1/gardners.json

{
"gardner":  {
  "email": "test@test.com",
  "name": "John Doe",
  "password": "12345678",
  "password_confirmation": "12345678",
  "phone": "555-555-5555",
  "status": "active",
  "address": "Street Name",
  "zipcode": "99999",
  "add_state": "CA",
  "city": "Los Angeles",
  "region_id": "2",
  "shirt_size": "S",
  "payment_info": "some info",
  "birthday": "date",
  "inactive_date": "datetime",
  "certification_date" : "datetime",
  "calendar_base_id" : 5,
  "rating" : 5
}}

Answer 1

我不熟悉Rest Assured如何做到这一点，但必须有一种身份验证机制。首先要弄清楚的是什么样的身份验证。它是基本的＆＃39;或者＆＃39;摘要＆＃39;？如果它只是基于标头值或cookie，那么您只需要使用正确的值设置标头值或cookie，并确保Rest Assured客户端在发出请求时使用这些值。

首先，您需要了解现有的身份验证，然后查看Rest Assured文档以了解如何执行此操作。

对我来说，我更喜欢在较低级别工作，我使用Apache HttpClient，它允许我配置与通信协议，身份验证，标头和cookie值相关的所有内容。

Answer 2

我使用Object来提供身份验证的详细信息。然后我使用该对象配置客户端构建器。

public class AuthenticationConfiguration {
  public enum AuthenticationType {
    Basic, Digest
  }

  private AuthenticationType authenticationType = AuthenticationType.Basic;

  public AuthenticationType getAuthenticationType() {
    return authenticationType;
  }

  private String userName;

  private String password;

  public AuthenticationConfiguration(final AuthenticationType authenticationType,
      final String userName, final String password) {

    this.authenticationType = authenticationType;
    this.userName = userName;
    this.password = password;
  }

  public String getUserName() {
    return userName;
  }

  public String getPassword() {
    return password;
  }

  public void setAuthenticationType(AuthenticationType authenticationType) {
    this.authenticationType = authenticationType;
  }

  public void setUserName(String userName) {
    this.userName = userName;
  }

  public void setPassword(String password) {
    this.password = password;
  }
}

// Create an HttpClient with the given custom dependencies and
// configuration.
final HttpClientBuilder clientBuilder = HttpClients.custom();

if (authenticationConfig != null) {
  // Use custom credentials provider if necessary.
  // See http://hc.apache.org/httpcomponents-client-4.4.x/tutorial/html/authentication.html
  final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();

  final UsernamePasswordCredentials creds =
      new UsernamePasswordCredentials(authenticationConfig.getUserName(),
          authenticationConfig.getPassword());

  credentialsProvider.setCredentials(AuthScope.ANY, creds);
  clientBuilder.setDefaultCredentialsProvider(credentialsProvider);

  final RegistryBuilder<AuthSchemeProvider> registryBuilder = RegistryBuilder.create();

  if (authenticationConfig.getAuthenticationType() == AuthenticationType.Basic) {
    registryBuilder.register(AuthSchemes.BASIC, new BasicSchemeFactory());
    requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC));

  } else if (authenticationConfig.getAuthenticationType() == AuthenticationType.Digest) {
    registryBuilder.register(AuthSchemes.DIGEST, new DigestSchemeFactory());
    requestConfigBuilder.setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.DIGEST));
  }

  clientBuilder.setDefaultAuthSchemeRegistry(registryBuilder.build());
}

如何使用uid密钥和密钥来检索令牌来实现Java Rest-Assured API身份验证？

2 个答案: