Karate Authentication only valid for the first request in scenario - karate

My issue is that I am authorized for the first request (Create article) but not for the 2nd request (getById) although the authorization itself has not changed. What am I doing wrong?
Feature: Test Article Endpoint
Background:
* url 'http://localhost:8080/webapp/api/v1'
* header AuthenticationToken = 'sys-test-api-token'
Scenario: create article, get article ById, update article & delete article
And request {name: 'TestArtikel', unitName: 'Stk.', articleNumber: '0001'}
Given path 'article'
When method post
Then status 201
And match response.id == '#notnull'
* def articleId = response.id
Given path 'article/id/:id'
And param id = articleId
When method get
Then status 200

For headers that "span" requests, use configure headers:
* configure headers = { AuthenticationToken: 'sys-test-api-token' }
And refer the docs: https://github.com/intuit/karate#configure-headers

Related

Getting Illegal character in query when doing a conditional GET with multiple parameters

Code:
Feature: GET API headers feature
Scenario: pass GetWatchList with headers
Given header x-apisignatures = '543aba07839'
And header ssotoken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ1bmlxdWUiOiJjYTM4MDAzZS0wYThiLTQ3YjktOWFjNS00YzMyN2MwNTUyMGYiLCJ1c2VyVHlwZSI6IlJJTHBlcnNvbiIsImF1dGhMZXZlbCI6IjIwIiwiZGV2aWNlSWQiOiJlZWIxOGRlOGRiNjE3MDg4MjViNTdjNGU5NDg1ZmFjYTU1MGE1OTBkY2Y1MjIzNzkyYzUwYjVhZWRjZGI5ZmUxNDQxZTFiMzhmZWI2NDFhZmUwNGI3NGY0NDA5OWMzZGQwZWI0OTRiZjgwMTYxOWYyNTAyNjI2YTJjZjdkMTZmZCIsImp0aSI6IjFmN2IwODkxLTJkMGUtNDBhZS04MWJiLWQwODVjY2NhOGYyZSIsImlhdCI6MTY2NDI3Njk0NH0.6Q7CPtQIN0uB1ZbVQBj5dshqioop3dJKEpla5DQS5K5qtRPw38SxTEJ1f1DJ_Ka_sgMp_fdh9EEABipTgtgMqg'
And header uniqueid = 'ca38003e-0a8b-47b9-9ac5-4c327c05520f'
And header x-page = 'Home'
When url 'https://jiocinemaqa-api.jio.ril.com/user/v1/watchlist?groups=[["Movie"],["Show"]]'
When method GET
Then status 200
* print response
Try this public API to test:
* url 'https://httpbin.org/anything'
* param groups = '[["Movie"],["Show"]]'
* method get
And you can verify in the response you see this:
"args": {
"groups": "[[\"Movie\"],[\"Show\"]]"
},
And also:
"url": "https://httpbin.org/anything?groups=[[\"Movie\"]%2C[\"Show\"]]"
This proves that Karate is sending the right thing. Keep in mind that your server may have a bug.

Karate - Trouble passing correct headers for authorization

I am have some problems passing in the correct headers for my graphql endpoints
The use case in Postman:
call requestToken endpoint to obtain sessionToken value
requestToken response contains Key Value " and Token Value.
For subsequent calls, I set postman headers as:
Key = X_SESSION_TOKEN Value = Token Value
The user case in Karate
1st feature 'requestToken.feature' successfully calls and stores key + tokenValue
2nd feature successfully defines and prints the token value
here is my 2nd request:
Feature: version
Background:
* url 'http://api-dev.markq.com:5000/'
* def myFeature = call read('requestToken.feature')
* def authToken = myFeature.sessionToken
* configure headers = { 'X_SESSION_TOKEN': authToken , 'Content-Type': 'application/json' }
Scenario: get version
Given path 'query'
Given text query =
"""
query {
version
}
"""
And request { query: '#(query)' }
When method POST
Then status 200
And print authToken
And print response
I am not sure I send the headers right. Its coming back 200, but I keep getting a error 'token malformed' in the response message
Any suggestions? New at this, thanks!
Honestly this is hard to answer, a LOT depends on the specific server.
EDIT: most likely it is this change needed, explained here: https://github.com/intuit/karate#embedded-expressions
* configure headers = { 'X_SESSION_TOKEN': '#(authToken)' , 'Content-Type': 'application/json' }
2 things from experience:
should it be X-SESSION-TOKEN
add an Accept: 'application/json' header
And try to hardcode the headers before attempting call etc.
Here is an example that works for me:
* url 'https://graphqlzero.almansi.me/api'
* text query =
"""
{
user(id: 1) {
posts {
data {
id
title
}
}
}
}
"""
* request { query: '#(query)' }
* method post
* status 200

how do I assert request payload value against response body

I am trying to assert request payload values into response body.
Scenario Outline: Check userIds
Given path '/api/test/'
And request {"userId": <users>,"age": "32"}
When method POST
Then status 201
And match response.userId == request.userId
Examples:
| userId |
|user1|
Try this:
And request {"userId": "#(userId)", "age": "32" }
And:
And match response.userId == userId
Please try to read the docs and examples carefully, you are missing some fundamentals.

pass parameters to after-feature karate

I discovered after-feature in karate which is very useful. But I didn't find how to pass parameters to after-feature from main feature. Ex: access token to delete a user account or a user_id.
Here is call of after-feature.feature in my main feature:
* configure afterFeature = function(){ karate.call('classpath: AfterFeature.feature'); }
Here is my AfterFeature.feature
Scenario:
* url 'XXX'
* path 'YYY'
* param foo = bar which should come from main feature
* header Authorization = 'Bearer ' + accessToken which should come from main feature
* method delete
* status 204
karate.call() can take parameters.
karate.call('classpath: AfterFeature.feature', { some: 'value' });

How to send the saved auth-token in another request?

Scenario: Verify that Authentication is done or not
Given url '***********'
Given path 'authenticate'
And form field username = 'admin_cs'
And form field password = '********'
When method post
Then status 200
And header tokenn = response.token
* def accessToken = response.token
* print accessToken
Scenario: Verify Get all Clients
Given url '************'
Given path 'users/usersAssignable'
* header x-auth-token = accessToken
When method get
Then status 200
* def response = response
* print response
Please combine the two Scenario-s into one. Or move the first one here into the Background. Please read this very carefully: https://github.com/intuit/karate#script-structure