[英]Rest assured testing - API request 401 bad request
I have a problem with sending API request via postman or Java lib "io.restassured". 我通过邮递员或Java库“ io.restassured”发送API请求时遇到问题。 When I do the same action on UI the request returns correct response, but when I try the same thing via postman or java code I get:
当我在UI上执行相同的操作时,请求返回正确的响应,但是当我通过邮递员或java代码尝试相同的操作时,我得到:
401 Bad request
Your browser sent an invalid request.401错误的要求
你的浏览器发送了一个无效的请求。
The java code Java代码
public static void main(String[] args) {
String requestUrl = "exampleBaseUrl/app/reports/api/rest/v1/graphs?context=shipper&reports_type=freights";
Response response = RestAssured.given().relaxedHTTPSValidation().header("x-csrf-token", "18ea65e740eb0ddddadf0ef435d92564").
when().
get(requestUrl);
}
I assume something is wrong with the authentication, because in dev tools i can see a Get request for CSRF_token, and it looks like this: 我认为身份验证有问题,因为在开发工具中,我可以看到对CSRF_token的Get请求,它看起来像这样:
the endpoint for the token: 令牌的端点:
/login?get_csrf_token
and for this request I get following response: 对于此请求,我得到以下响应:
{"csrf_token":"18ea65e740eb0ddddadf0ef435d92564"}
I am not sure how to solve this, I have also tried to get the token via java code by sending a get request to the token's endpoint /login?get_csrf_token
and this one gets my a HTML response with empty username and password input. 我不确定如何解决此问题,我还尝试通过将get请求发送到令牌的端点
/login?get_csrf_token
来通过Java代码获取令牌,而这得到了我的HTML响应,其中包含空的用户名和密码输入。
Error 401 means your request isn't authorized. 错误401表示您的请求未被授权。
For authorization, usually while logging in you are given a token, which you will have to keep in your cache/local-memory and whenever you communicate with the server you have to add that in your request header (for your own introduction to the server) 为了获得授权,通常在登录时会给您一个令牌,您必须将该令牌保存在高速缓存/本地内存中,并且每当与服务器通信时,都必须在请求标头中添加该令牌(用于您自己对服务器的介绍) )
It seems like in your case you can get a token from /login?get_csrf_token
after logging in. Note that you don't need authorization for a login service. 在您看来,您可以在
/login?get_csrf_token
后从/login?get_csrf_token
获取令牌。请注意,您不需要登录服务的授权。
Now, after getting token from the server, how to add it as a request header? 现在,从服务器获取令牌后,如何将其添加为请求标头? See REST Assured Documentation
请参阅REST保证文档
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.