Unable to specify round brackets for Odata URL in Karate - api

I'm trying to create the path for the Odata URL in Karate.
The path looks like: '/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results'
It seems like Karate can't read special characters like round brackets () and ' '. And it cuts the url after opu/odata/srt/ZQ_SRV/ZQ_BI_Q001 right before the round brackets starts. And the rest of the url (OPT_1='0013076036',OPT_To='0013076036')/Results looks like a text.
I've tried to use %28 for ( and 29% for ) and %27 for ' but it didn't help.
P.S.When running the same url in Postman the call went successfully
Running the test url:
Background:
* url "https://httpbin.org/anything/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results"
Scenario: test check
* method get

Try building the url fully by hand and don't use param or path:
* url "http://myhost/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results"
If that still doesn't work, it is likely your server does not handle encoded URL-s correctly which could be a bug: https://stackoverflow.com/a/54477346/143475
EDIT: just try these 2 lines to prove there is nothing wrong with Karate / or see this simpler example: https://stackoverflow.com/a/67068873/143475
* url "https://httpbin.org/anything/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results"
* method get
This is the result:
Running com.intuit.karate.junit4.dev.TestRunner
23:11:06.404 [main] DEBUG com.intuit.karate - request:
1 > GET https://httpbin.org/anything/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results
1 > Accept-Encoding: gzip,deflate
1 > Connection: Keep-Alive
1 > Host: httpbin.org
1 > User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_231)
23:11:08.154 [main] DEBUG com.intuit.karate - response time in milliseconds: 1745.46
1 < 200
1 < Access-Control-Allow-Credentials: true
1 < Access-Control-Allow-Origin: *
1 < Connection: keep-alive
1 < Content-Type: application/json
1 < Date: Wed, 22 Jan 2020 17:41:07 GMT
1 < Referrer-Policy: no-referrer-when-downgrade
1 < Server: nginx
1 < X-Content-Type-Options: nosniff
1 < X-Frame-Options: DENY
1 < X-XSS-Protection: 1; mode=block
{
"args": {},
"data": "",
"files": {},
"form": {},
"headers": {
"Accept-Encoding": "gzip,deflate",
"Host": "httpbin.org",
"User-Agent": "Apache-HttpClient/4.5.5 (Java/1.8.0_231)"
},
"json": null,
"method": "GET",
"origin": "49.206.14.183, 49.206.14.183",
"url": "https://httpbin.org/anything/opu/odata/srt/ZQ_SRV/ZQ_BI_Q001(OPT_1='0013076036',OPT_To='0013076036')/Results"
}

Resolved issue by putting * method get instead of When method GET
Then status 200

Related

How to provide parameter along with empty square brackets as param in GET method?

I have faced a problem with providing param into GET method.
I have the next URL
https://test.com/api/v1/account/?include[]=tickers&include[]=holdings&include[]=views
How to provide parameter along with empty square brackets as param in GET method in my example?
I saw https://github.com/karatelabs/karate/blob/master/karate-demo/src/test/java/demo/search/dynamic-params.feature , but didnt find my solution(
If you see Karate encoding it as %5B%5D that is actually the correct behavior: https://stackoverflow.com/a/59977660/143475
You can actually try this on httpbin.org and see for yourself that the server is able to decode it correctly. If your server cannot, it is most likely a bug.
* url 'https://httpbin.org/anything'
* param include[] = 'tickers'
* method get
See server response:
1 > GET https://httpbin.org/anything?include%5B%5D=tickers
1 > Host: httpbin.org
1 > Connection: Keep-Alive
1 > User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.6)
1 > Accept-Encoding: gzip,deflate
17:17:10.925 [main] DEBUG com.intuit.karate - response time in milliseconds: 1528
1 < 200
1 < Date: Tue, 07 Feb 2023 11:47:10 GMT
1 < Content-Type: application/json
1 < Content-Length: 436
1 < Connection: keep-alive
1 < Server: gunicorn/19.9.0
1 < Access-Control-Allow-Origin: *
1 < Access-Control-Allow-Credentials: true
{
"args": {
"include[]": "tickers"
},
"data": "",
"files": {},
"form": {},
"headers": {
"Accept-Encoding": "gzip,deflate",
"Host": "httpbin.org",
"User-Agent": "Apache-HttpClient/4.5.14 (Java/17.0.6)",
"X-Amzn-Trace-Id": "Root=1-63e23a3e-4004ea8e65dba95003ec150e"
},
"json": null,
"method": "GET",
"url": "https://httpbin.org/anything?include[]=tickers"
}
That said you can move everything to the URL:
* url `https://httpbin.org/anything?include[]=tickers`
* method get
And if you still need to parameterize things, you can, see: https://stackoverflow.com/a/75061809/143475

Upgrade Karate from 1.1.0 to 1.2.0 Causing Issues Getting Okta Token

After upgrading Karate from 1.1.0 to 1.2.0 I have a error:
'io.netty.handler.codec.http.cookie.CookieHeaderNames$SameSite io.netty.handler.codec.http.cookie.DefaultCookie.sameSite()
Feature: Get Bearer Token from Okta
Scenario: Get access token for OAuth2 client credentials
Given url karate.properties['okta.server.url']
* form field grant_type = 'client_credentials'
* form field scope = scope
* header Authorization = call read('classpath:com/moo/g/karate/basic-auth.js') { username : '#(clientId)', password : '#(secret)' }
When method post
Then status 200
* def authToken = response.access_token
Debug console:
Gets 200 return then errors:
14:41:02.617 [main] DEBUG com.intuit.karate - response time in milliseconds: 758
1 < 200
1 < Date: Tue, 23 Aug 2022 19:41:02 GMT
1 < Server: nginx
1 < Content-Type: application/json
1 < x-okta-request-id: YwUtTpqpDjtZ6CYqc2sA8gAABvQ
1 < x-xss-protection: 0
1 < p3p: CP="HONK"
1 < content-security-policy: frame-ancestors 'self'
1 < x-rate-limit-limit: 2000
1 < x-rate-limit-remaining: 1994
1 < x-rate-limit-reset: 1661283689
1 < cache-control: no-cache, no-store
1 < pragma: no-cache
1 < expires: 0
1 < expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
1 < x-content-type-options: nosniff
1 < Strict-Transport-Security: max-age=315360000; includeSubDomains
1 < X-Robots-Tag: noindex,nofollow
1 < Keep-Alive: timeout=5, max=100
1 < Connection: Keep-Alive
1 < Transfer-Encoding: chunked
1 < Set-Cookie: JSESSIONID=26F3D925C7E7E003B5430ED9AFCEFCAA; Domain=login-preview.moo.com; Secure
{"token_type":"Bearer","expires_in":3600,"access_token":"eyJraWQiOiJjTl95TE9VWHYtdzA3REQ5OXZIQXNkWDlocnZQWG0wUmJQQnpLNElJbzB3IiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULjN5RG5WNnB5X0hTVWR1T2tiY01WZFNaNzNyRDJIWm1RalJKMUdQWWJHTVkiLCJpc3MiOiJodHRwczovL2xvZ2luLXByZXZpZXcubXV0dWFsb2ZvbWFoYS5jb20vb2F1dGgyL2F1c3B4M3c1aXdHZ0huTG9QMWQ2IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTY2MTI4MzY2MiwiZXhwIjoxNjYxMjg3MjYyLCJjaWQiOiIwb2EydHlmd3RlaWVRejBMQTFkNyIsInNjcCI6WyJkZWxldGUtZG9jdW1lbnQiLCJzcGVjaWFsLXJpc2stZG9jcyIsImFkZC1kb2N1bWVudCIsImdldC1kb2N1bWVudCIsInJwZC1kb2NzIiwiZ2V0LW1ldGFkYXRhIl0sInN1YiI6IjBvYTJ0eWZ3dGVpZVF6MExBMWQ3In0.JMMatbIe5N5wV0R2SKV8X_ifv_naRw16fbBEN0-WSvptim1xGcrtp7zNOurPJLLIGQlIJvRvpznBAinJqqSIOfAwe718BTfF4Ec98LlzYYXsn9HubJKedSAuM9KM51vjohkljYD9duZF2s4rtd3BZPkKE4WIZurtNb-1-F0a5LyjWdasBH7IIwK5oflDMb-Dxv7HIZck5FQkikWqQZwLTuKHOuKys1gUm3IDgQj6FSnJ6P-HfrOp1ahD4cb2RQJqKS4jQeY8Dv_Ne3sONiBbt8dqWnZGSCpwAOANwOaVUGzalOrk5At65I5ENQKL3PH4h3PdOOl21utME2LugUG8BA","scope":"delete-document special-risk-docs add-document get-document rpd-docs get-metadata"}
14:41:02.619 [main] ERROR com.intuit.karate - classpath:com/moo/g/karate/get-authorization-okta-token.feature:8
When method post
'io.netty.handler.codec.http.cookie.CookieHeaderNames$SameSite io.netty.handler.codec.http.cookie.DefaultCookie.sameSite()'
Not sure what next approach is, besides going back to 1.1.0.
Thanks in advance.
Sincerely
Todd
The best thing to do is follow this process: https://github.com/karatelabs/karate/wiki/How-to-Submit-an-Issue
Note that there were many RC versions released to get this kind of feedback earlier.
I am on version 1.3 and issue has cleared.

Karate api test is converting # to %40 while making a post call

I have written an api test using karate framework. While doing a post call it's converting the value of email field from TEST#ABC.COM to TEST%40ABC.COM.
Here are few lines from log
1 > Content-Type: application/x-www-form-urlencoded; charset=UTF-8
1 > User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_221)
email=TEST%40ABC.COM&checkDigit=&brandName=
This is correct as per the HTTP spec: https://stackoverflow.com/a/53638335/143475
You can see for yourself, try this:
* url 'http://httpbin.org'
* path 'anything'
* form field username = 'john#smith.com'
* form field password = 'secret'
* method post
Result:
1 > Accept-Encoding: gzip,deflate
1 > Connection: Keep-Alive
1 > Content-Length: 41
1 > Content-Type: application/x-www-form-urlencoded; charset=UTF-8
1 > Host: httpbin.org
1 > User-Agent: Apache-HttpClient/4.5.12 (Java/1.8.0_231)
username=john%40smith.com&password=secret
But when you see the response, you can see the server handled it correctly, look at the form in the JSON:
1 < 200
1 < Access-Control-Allow-Credentials: true
1 < Access-Control-Allow-Origin: *
1 < Connection: keep-alive
1 < Content-Length: 555
1 < Content-Type: application/json
1 < Date: Tue, 07 Apr 2020 13:11:58 GMT
1 < Server: gunicorn/19.9.0
{
"args": {},
"data": "",
"files": {},
"form": {
"password": "secret",
"username": "john#smith.com"
},
"headers": {
"Accept-Encoding": "gzip,deflate",
"Content-Length": "41",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Host": "httpbin.org",
"User-Agent": "Apache-HttpClient/4.5.12 (Java/1.8.0_231)",
"X-Amzn-Trace-Id": "Root=1-5e8c7c1e-affe121cae9f4b20399b0884"
},
"json": null,
"method": "POST",
"origin": "49.206.10.30",
"url": "http://httpbin.org/anything"
}

XML File upload in karate using Multipart field and getting 415 unsupported media type [duplicate]

This question already has an answer here:
Passing JSON request starting with the character [ gives the error: invalid request format with GET operation [duplicate]
(1 answer)
Closed 2 years ago.
I am trying to upload XML file using multipart field along with the specified content Type as application/x-www-form-urlencoded but boundary getting appended in the request automatically and i am getting 415 unsupported media type in response:
Request:
1 > Accept: application/json
1 > Accept-Encoding: gzip,deflate
1 > Authorization: Bearer Pr3wkHwNDDfPh4Ik4IPLhGDcK1zt
1 > Connection: Keep-Alive
1 > Content-Length: 6739
1 > Content-Type: application/x-www-form-urlencoded; boundary=eeErrSgIwFHJn3_hjEi_-Q8_DHkKIo
1 > Host: api-sandbox.apiboitest.com
1 > User-Agent: Apache-HttpClient/4.5.9 (Java/1.8.0_144)
1 > client_id: jYXMYDGq0uTZee5peZpzwR
1 > client_secret:
1 > request_method: POST
1 > x-fapi-financial-id: 1234
1 > x-idempotency-key: qwe3456
1 > x-jws-signature: qqqqq
--eeErrSgIwFHJn3_hjEi_-Q8_DHkKIo
Content-Disposition: form-data; name="myFile"
Content-Type: application/xml; charset=UTF-8
Content-Transfer-Encoding: 8bit
``````````````````````````````````````````````
and Code:
``````````````````````
And multipart field myFile = read('classpath:path')
And multipart field message = 'File'
When method request_method
Then status 200
``````````````````````
while in postman it works fine.
This is my best guess. This is a url-encoded form NOT a file-upload. The rest is up to you:
* url 'http://api-sandbox.boicloudtest.net/1/api/open-banking/v3.0/pisp/file-payment-consents/4a90e5cb-8450-4743-8cc9-d655d0d615d2/file'
* header x-fapi-financial-id = '0015800000jfQ9aAAE'
* header x-jws-signature = 'ey'
* header x-idempotency-key = 'ghty66'
* form field FileParam = read('FilePayments.xml')
* method post

Hide passwords in logs

The following code :
Background:
* url "https://www.google.fr"
Scenario: hide password
Given path "login"
And form field username = 'john'
And form field password = 'secret'
When method post
Then status 200
Gives the following output :
10:38:34.710 request:
1 > POST https://www.google.fr/login
1 > Accept-Encoding: gzip,deflate
1 > Connection: Keep-Alive
1 > Content-Length: 29
1 > Content-Type: application/x-www-form-urlencoded; charset=UTF-8
1 > Host: www.google.fr
1 > User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_191)
username=john&password=secret
Is there a way to hide the password here, while keeping the logs at the DEBUG level? If that means also hiding the username, that's not a problem.
This may need to be a feature request if * configure report = { showLog: false } does not do it already.