rest - FitNesse RestFixture test fails to get access token -
i have rest application spring oauth2 authorization. test fitnesse restfixture test (i added token curl response , last get
operation works successfully):
| table:smartrics.rest.fitnesse.fixture.restfixture | http://10.76.243.103:8080 | | | /<root>/version | | | 2.2.1 | | setbody |grant_type=password&username=test&password=test123&scope=data+compute| | setheader |authorization : basic dgvzddo4yme5mjrjzs0wnthhltq3y2ytogq4mi02zwy1n2y4nzdinmq=| | setheader |content-type : application/x-www-form-urlencoded| | post | /<oauth-provider>/oauth/token | | | | | setheader |authorization : bearer fd947659-cf17-4ded-b2e8-698395c201df| | | /<root>/schemas | | | |
and failed access token on post
operation issue {"error":"unauthorized","error_description":"full authentication required access resource"}
:
| post | /<oauth-provider>/oauth/token | 401 | <responce> | {"error":"unauthorized","error_description":"full authentication required access resource"} |
where responce
is:
server : apache-coyote/1.1 x-content-type-options : nosniff x-xss-protection : 1; mode=block cache-control : no-cache, no-store, max-age=0, must-revalidate pragma : no-cache expires : 0 x-frame-options : deny cache-control : no-store pragma : no-cache www-authenticate : bearer realm="oauth", error="unauthorized", error_description="full authentication required access resource" content-type : application/json;charset=utf-8 transfer-encoding : chunked date : thu, 27 nov 2014 11:17:56 gmt
if perfrom same action curl
utility got access_token
successfully:
curl -x post -v -u test:8ba924ce-058a-47cf-8d82-6ef57f877b6d --data 'username =test&password=test123&grant_type=password&scope=data+compute' 'http://10.76.24 3.103:8080/parseq/oauth/token' -k * connect() 10.76.243.103 port 8080 (#0) * trying 10.76.243.103... * adding handle: conn: 0x4c3388 * adding handle: send: 0 * adding handle: recv: 0 * curl_addhandletopipeline: length: 1 * - conn 0 (0x4c3388) send_pipe: 1, recv_pipe: 0 * connected 10.76.243.103 (10.76.243.103) port 8080 (#0) * server auth using basic user 'test' > post /parseq/oauth/token http/1.1 > authorization: basic dgvzddo4yme5mjrjzs0wnthhltq3y2ytogq4mi02zwy1n2y4nzdinmq= > user-agent: curl/7.30.0 > host: 10.76.243.103:8080 > accept: */* > content-length: 69 > content-type: application/x-www-form-urlencoded > * upload sent off: 69 out of 69 bytes < http/1.1 200 ok * server apache-coyote/1.1 not blacklisted < server: apache-coyote/1.1 < x-content-type-options: nosniff < x-xss-protection: 1; mode=block < cache-control: no-cache, no-store, max-age=0, must-revalidate < pragma: no-cache < expires: 0 < x-frame-options: deny < cache-control: no-store < pragma: no-cache < content-type: application/json;charset=utf-8 < transfer-encoding: chunked < date: thu, 27 nov 2014 09:20:39 gmt < {"access_token":"fd947659-cf17-4ded-b2e8-698395c201df","token_type":"bearer","re fresh_token":"564aa6ca-0afa-4519-a907-e7027053bb35","expires_in":40317,"scope":" compute data"} * connection #0 host 10.76.243.103 left intact
can advice me how debug or fix it?
thanks in advance!
i launched tcpdump
check send curl
request (as descibed in use tcpdump monitor http traffic):
sudo tcpdump -a -s 0 'tcp port 8080 , (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
i launched on server machine.
i found curl
automatically added content-type
header:
08:55:30.504594 ip <my client dns name>.53655 > cherry.http-alt: flags [p.], seq 1801770313:1801770631, ack 3280862118, win 67, length 318 e..fe.@.q..q b r l.g....kd.i....p..c....post /<oauth provider>/oauth/token http/1.1 authorization: basic dgvzddo4yme5mjrjzs0wnthhltq3y2ytogq4mi02zwy1n2y4nzdinmq= user-agent: curl/7.30.0 host: 10.76.243.103:8080 accept: */* content-length: 69 content-type: application/x-www-form-urlencoded username=test&password=test123&grant_type=password&scope=data+compute 08:55:30.508697 ip cherry.http-alt > <my client dns name>.53655: flags [p.], seq 1:563, ack 318, win 237, length 562 e..zpb@.@... l.g b r........kd..p...*...http/1.1 200 ok server: apache-coyote/1.1 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 x-frame-options: deny cache-control: no-store pragma: no-cache content-type: application/json;charset=utf-8 transfer-encoding: chunked date: thu, 27 nov 2014 13:55:30 gmt ae {"access_token":"fd947659-cf17-4ded-b2e8-698395c201df","token_type":"bearer","refresh_token":"564aa6ca-0afa-4519-a907-e7027053bb35","expires_in":23826,"scope":"compute data"} 08:55:30.508937 ip cherry.http-alt > <my client dns name>.53655: flags [p.], seq 563:568, ack 318, win 237, length 5
also i've checked send fitnesse test:
08:33:36.598429 ip 10.76.243.55.39600 > cherry.http-alt: flags [p.], seq 102:347, ack 335, win 237, options [nop,nop,ts val 859086469 ecr 41658573], length 245 e..)..@.@... l.7 l.g........r.............. 34...{..post /<oauth provider>/oauth/token http/1.1 content-type: application/x-www-form-urlencoded user-agent: jakarta commons-httpclient/3.1 host: 10.76.243.103:8080 content-length: 69 grant_type=password&username=test&password=test123&scope=data+compute 08:33:36.599047 ip cherry.http-alt > 10.76.243.55.39600: flags [p.], seq 335:974, ack 347, win 235, options [nop,nop,ts val 41658578 ecr 859086469], length 639
and found authorization
header missed in request fitnesse. looks sequential using of setheader()
methods leads overwriting of headers. so, changed fitnesse test use setheaders()
method setup headers in 1 table row (as described in how can set headers dynamic value in restfixtureconfig rest fixture.default.headers):
| setbody |grant_type=password&username=test&password=test123&scope=data+compute| | setheaders |!-authorization: basic dgvzddo4yme5mjrjzs0wnthhltq3y2ytogq4mi02zwy1n2y4nzdinmq= content-type: application/x-www-form-urlencoded-!| | post | /parseq/oauth/token | 200 | | |
and works fine.
Comments
Post a Comment