How to set OAuth realm in RestAssured

狂风中的少年 提交于 2020-07-22 08:55:10

问题


I am using RestAssured library for automating NetSuite Restlets. This Restlets are using OAuth 1.0 for authentication. Apart from consumer key, consumer secret, access token and token secret, I need to set advanced fields like REALM. But I couldn't find any way to set that in RestAssured.

RequestSpecification request = new RequestSpecBuilder()
                    .addHeader("Content-Type", ContentType.JSON.toString())
                    .setBaseUri(url).build()
                    .auth().oauth(
                          netsuiteConfig.getNetsuiteConsumerKey(),
                          netsuiteConfig.getNetsuiteConsumerSecret(),
                          netsuiteConfig.getNetsuiteTokenId(),
                          netsuiteConfig.getNetsuiteTokenSecret()
                     );

Here is the api call using Postman


回答1:


RestAssured does not support this. Create OAuth 1.0 string using some library (I have used com.github.seratch:signedrequest4j) and set Authorization header in RestAssured RequestSpecification.

OAuthConsumer consumer = new OAuthConsumer(consumerKey, consumerSecret);
OAuthAccessToken accessToken = new OAuthAccessToken(tokenId, tokenSecret);

OAuthRealm realm = new OAuthRealm(myRealm);
SignedRequest request = 
                   SignedRequestFactory.create(realm, consumer, accessToken);
request.readQueryStringAndAddToSignatureBaseString(url);
request.setHeader("Content-Type", "application/json");

String oAuthNonce = String.valueOf((new SecureRandom()).nextLong());
Long oAuthTimestamp = System.currentTimeMillis() / 1000L;
String signature = request.getSignature(url,
                   HttpMethod.POST, oAuthNonce, oAuthTimestamp);

String authorizationHeader = request
             .getAuthorizationHeader(signature, oAuthNonce, oAuthTimestamp);



回答2:


I was using the library mentioned in the previous answer but then I realised I needed to use PATCH requests which wasn't supported.

I started using the google oauth client instead and after days of trying, finally got this example working:

val signer = OAuthHmacSigner()
signer.clientSharedSecret = CONSUMER_SECRET
signer.tokenSharedSecret = TOKEN_SECRET

val oauthParameters = OAuthParameters()
oauthParameters.consumerKey = CONSUMER_KEY
oauthParameters.token = ACCESS_TOKEN
oauthParameters.signer = signer
val genericUrl = GenericUrl("https://{ACC_ID}.suitetalk.api.netsuite.com/path/to/endpoint")
oauthParameters.version = "1.0"
oauthParameters.computeNonce()
oauthParameters.computeTimestamp()
oauthParameters.computeSignature("GET", genericUrl)

oauthParameters.realm = REALM
val authHeader = oauthParameters.authorizationHeader

RestAssured.with()
        .log().all()
        .header("Authorization", authHeader)
        .urlEncodingEnabled(false)
        .request(Method.GET, genericUrl.toString())
        .then()
        .statusCode(200)

urlEncoding is set to false for urls with query params that are already encoded. For example: {url}/invoice?q=internalid%20IS%2012

I hope it helps someone in the future!



来源:https://stackoverflow.com/questions/58887080/how-to-set-oauth-realm-in-restassured

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!