We Keep Coding

Upgrade Karate from 1.1.0 to 1.2.0 Causing Issues Getting Okta Token

After upgrading Karate from 1.1.0 to 1.2.0 I have a error:
'io.netty.handler.codec.http.cookie.CookieHeaderNames$SameSite io.netty.handler.codec.http.cookie.DefaultCookie.sameSite()
Feature: Get Bearer Token from Okta
Scenario: Get access token for OAuth2 client credentials
Given url karate.properties['okta.server.url']
* form field grant_type = 'client_credentials'
* form field scope = scope
* header Authorization = call read('classpath:com/moo/g/karate/basic-auth.js') { username : '#(clientId)', password : '#(secret)' }
When method post
Then status 200
* def authToken = response.access_token
Debug console:
Gets 200 return then errors:
14:41:02.617 [main] DEBUG com.intuit.karate - response time in milliseconds: 758
1 < 200
1 < Date: Tue, 23 Aug 2022 19:41:02 GMT
1 < Server: nginx
1 < Content-Type: application/json
1 < x-okta-request-id: YwUtTpqpDjtZ6CYqc2sA8gAABvQ
1 < x-xss-protection: 0
1 < p3p: CP="HONK"
1 < content-security-policy: frame-ancestors 'self'
1 < x-rate-limit-limit: 2000
1 < x-rate-limit-remaining: 1994
1 < x-rate-limit-reset: 1661283689
1 < cache-control: no-cache, no-store
1 < pragma: no-cache
1 < expires: 0
1 < expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
1 < x-content-type-options: nosniff
1 < Strict-Transport-Security: max-age=315360000; includeSubDomains
1 < X-Robots-Tag: noindex,nofollow
1 < Keep-Alive: timeout=5, max=100
1 < Connection: Keep-Alive
1 < Transfer-Encoding: chunked
1 < Set-Cookie: JSESSIONID=26F3D925C7E7E003B5430ED9AFCEFCAA; Domain=login-preview.moo.com; Secure
{"token_type":"Bearer","expires_in":3600,"access_token":"eyJraWQiOiJjTl95TE9VWHYtdzA3REQ5OXZIQXNkWDlocnZQWG0wUmJQQnpLNElJbzB3IiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULjN5RG5WNnB5X0hTVWR1T2tiY01WZFNaNzNyRDJIWm1RalJKMUdQWWJHTVkiLCJpc3MiOiJodHRwczovL2xvZ2luLXByZXZpZXcubXV0dWFsb2ZvbWFoYS5jb20vb2F1dGgyL2F1c3B4M3c1aXdHZ0huTG9QMWQ2IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTY2MTI4MzY2MiwiZXhwIjoxNjYxMjg3MjYyLCJjaWQiOiIwb2EydHlmd3RlaWVRejBMQTFkNyIsInNjcCI6WyJkZWxldGUtZG9jdW1lbnQiLCJzcGVjaWFsLXJpc2stZG9jcyIsImFkZC1kb2N1bWVudCIsImdldC1kb2N1bWVudCIsInJwZC1kb2NzIiwiZ2V0LW1ldGFkYXRhIl0sInN1YiI6IjBvYTJ0eWZ3dGVpZVF6MExBMWQ3In0.JMMatbIe5N5wV0R2SKV8X_ifv_naRw16fbBEN0-WSvptim1xGcrtp7zNOurPJLLIGQlIJvRvpznBAinJqqSIOfAwe718BTfF4Ec98LlzYYXsn9HubJKedSAuM9KM51vjohkljYD9duZF2s4rtd3BZPkKE4WIZurtNb-1-F0a5LyjWdasBH7IIwK5oflDMb-Dxv7HIZck5FQkikWqQZwLTuKHOuKys1gUm3IDgQj6FSnJ6P-HfrOp1ahD4cb2RQJqKS4jQeY8Dv_Ne3sONiBbt8dqWnZGSCpwAOANwOaVUGzalOrk5At65I5ENQKL3PH4h3PdOOl21utME2LugUG8BA","scope":"delete-document special-risk-docs add-document get-document rpd-docs get-metadata"}
14:41:02.619 [main] ERROR com.intuit.karate - classpath:com/moo/g/karate/get-authorization-okta-token.feature:8
When method post
'io.netty.handler.codec.http.cookie.CookieHeaderNames$SameSite io.netty.handler.codec.http.cookie.DefaultCookie.sameSite()'
Not sure what next approach is, besides going back to 1.1.0.
Thanks in advance.
Sincerely
Todd

The best thing to do is follow this process: https://github.com/karatelabs/karate/wiki/How-to-Submit-an-Issue
Note that there were many RC versions released to get this kind of feedback earlier.

I am on version 1.3 and issue has cleared.

How to get the right ACCESS_TOKEN in YouTube APIv3?

Working with YouTube Data API v3
I want to get Access token using this tutorial: https://developers.google.com/youtube/v3/guides/auth/server-side-web-apps
[[CODE]] :
4%2F0AdQt8qiarZnP_RFvafYA-ABLABLA*UpZ6YlB1_Byzrvqfm9iRthXll6F6TfG_f-cGw
[[CLIENT_ID]] :
27501137863BLABLA*sd2918n2gqqclurlegm6j2.apps.googleusercontent.com
[[CLIENT_SECRET]] :
GOCSPX-T0lF1yVLJ*BLABLAGgfL7qvcwB5p
I send a POST request:
screenshot: https://i.imgur.com/9DzF4aK.png
I get a 400 error, What's wrong?:
Status: 400
Pragma: no-cache
Date: Thu, 11 Aug 2022 18:14:44 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Content-Type: application/json; charset=utf-8
Vary: X-Origin
Vary: Referer
Server: scaffolding on HTTPServer2
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
{
"error": "redirect_uri_mismatch",
"error_description": "Bad Request"
}```

Your endpoint is wrong to start with its https://oauth2.googleapis.com/token Thats why you are getting a 404
POST /token HTTP/1.1
Host: oauth2.googleapis.com
Content-Type: application/x-www-form-urlencoded
code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=your_client_id&
client_secret=your_client_secret&
redirect_uri=https%3A//oauth2.example.com/code&
grant_type=authorization_code
You may want to try watching this Understanding Google OAuth 2.0 with curl or this How to set up Oauth2 in PostMan. although im not sure if what you are using is postman or not.

Scrapy+Splash returning wrong headers

When using Splash with Scrapy the headers are returned from the Splash server instead of the website Splash renders.
response.headers returns:
{b'Server': [b'TwistedWeb/19.7.0'], b'Date': [b'Sun, 11 Jul 2021 07:31:32 GMT'], b'Content-Type': [b'text/html; charset=utf-8']}
And I'm trying to get the headers of the actual website:
Connection: Keep-Alive
Content-Length: 5
Content-Type: text/html
Date: Sun, 11 Jul 2021 07:05:49 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Cache: HIT
How can I get the headers of the website instead of the Splash server?

I got it to work with this:
splash_lua_script = """
function main(splash, args)
assert(splash:go(args.url))
assert(splash:wait(0.5))
local entries = splash:history()
local last_response = entries[#entries].response
return {
html = splash:html(),
headers = last_response.headers
}
end
"""
And then refer it to response.headers with Scrapy.

How to correctly handle multiple Set-Cookie headers in Hyper?

I'm using Hyper to send HTTP requests, but when multiple cookies are included in the response, Hyper will combine them to one which then fails the parsing procedure.
For example, here's a simple PHP script
<?php
setcookie("hello", "world");
setcookie("foo", "bar");
Response using curl:
$ curl -sLD - http://local.example.com/test.php
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2016 09:24:04 GMT
Server: Apache/2.4.25 (Unix) PHP/7.0.14
X-Powered-By: PHP/7.0.14
Set-Cookie: hello=world
Set-Cookie: foo=bar
Content-Length: 0
Content-Type: text/html; charset=UTF-8
However for the following Rust code:
let client = Client::new();
let response = client.get("http://local.example.com/test.php")
.send()
.unwrap();
println!("{:?}", response);
for header in response.headers.iter() {
println!("{}: {}", header.name(), header.value_string());
}
...the output will be:
Response { status: Ok, headers: Headers { Date: Sat, 24 Dec 2016 09:31:54 GMT, Server: Apache/2.4.25 (Unix) PHP/7.0.14, X-Powered-By: PHP/7.0.14, Set-Cookie: hello=worldfoo=bar, Content-Length: 0, Content-Type: text/html; charset=UTF-8, }, version: Http11, url: "http://local.example.com/test.php", status_raw: RawStatus(200, "OK"), message: Http11Message { is_proxied: false, method: None, stream: Wrapper { obj: Some(Reading(SizedReader(remaining=0))) } } }
Date: Sat, 24 Dec 2016 09:31:54 GMT
Server: Apache/2.4.25 (Unix) PHP/7.0.14
X-Powered-By: PHP/7.0.14
Set-Cookie: hello=worldfoo=bar
Content-Length: 0
Content-Type: text/html; charset=UTF-8
This seems to be really weird to me. I used Wireshark to capture the response and there're two Set-Cookie headers in it. I also checked the Hyper documentation but got no clue...
I noticed Hyper internally uses a VecMap<HeaderName, Item> to store the headers. So they concatenate the them to one? Then how should I divide them into individual cookies afterwards?

I think that Hyper prefers to keep the cookies together in order to make it easier do some extra stuff with them, like checking a cryptographic signature with CookieJar (cf. this implementation outline).
Another reason might be to keep the API simple. Headers in Hyper are indexed by type and you can only get a single instance of that type with Headers::get.
In Hyper, you'd usually access a header by using a corresponding type. In this case the type is SetCookie. For example:
if let Some (&SetCookie (ref cookies)) = response.headers.get() {
for cookie in cookies.iter() {
println! ("Got a cookie. Name: {}. Value: {}.", cookie.name, cookie.value);
}
}
Accessing the raw header value of Set-Cookie makes less sense, because then you'll have to reimplement a proper parsing of quotes and cookie attributes (cf. RFC 6265, 4.1).
P.S. Note that in Hyper 10 the cookie is no longer parsed, because the crate that was used for the parsing triggers the openssl dependency hell.

Testing with gmail account

I try to test schema integration with rails application. I used my personal Gmail account to configure SMTP :
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
address: 'smtp.gmail.com',
port: 587,
domain: 'gmail.com',
user_name: 'XXXX#gmail.com',
password: 'XXXX',
authentication: 'plain',
enable_starttls_auto: true
}
I test to send it to my own account. But it's seems that doesn't work..
I test with example code from :
PS : The mail pass validation
Thank you
EDIT : Header of my mail
Return-Path: <XXX#gmail.com>
Received: from gmail.com (84-74-24-22.dclient.hispeed.ch. [84.74.24.22])
by mx.google.com with ESMTPSA id m8sm9364668eeg.11.2014.04.23.13.34.35
for <XXX#gmail.com>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 23 Apr 2014 13:34:35 -0700 (PDT)
Date: Wed, 23 Apr 2014 22:34:34 +0200
From: XXX#gmail.com
To: XXX#gmail.com
Message-ID: <535823da92e7c_3d223ffc2442dbe093598#WS-39.local.mail>
Subject: =?UTF-8?Q?Merci_d'avoir_command=C3=A9_!?=
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="--==_mimepart_535823da916a1_3d223ffc2442dbe0934a9";
charset=UTF-8
Content-Transfer-Encoding: 7bit