当前位置: 文江博客 话题详情

如何在空手道测试中使用签名来处理请求?

发布于 2025-01-25 23:39:55 字数 747 浏览 1 评论 0 原文

首先,感谢构建空手道,这对于测试API和UI非常有用。我们正在使用它来测试许多端点,但是我们想知道是否有一种方法或哪种方法是处理标题中请求的一部分的签名请求的最佳方法。

情况

  • 就我们

而在请求主体内容执行请求之前?

在这里,您可以看到请求的两个示例

样本1:

   * url 'https://dev.sample.com'
   * path '/api/user/getAll' 
   * header Content-Type = 'application/json'
   * header ApiKey = 'XXX' 
   * header Signature = 'YYY'
    And request {  }
    When method POST
    Then status 200

样本2:

   * url 'https://dev.sample.com'
   * path '/api/user/getAll' 
   * header Content-Type = 'application/json'
   * header ApiKey = 'XXX' 
   * header Signature = 'ZZZ'
    And request { name: 'John' }
    When method POST
    Then status 200

谢谢

原文

First of all, thanks for build karate it's a very useful for test API's and UI's. We are using it to test a lot of our endpoints but we would like to know if there is a way or which is the best approach to handle requests with signature as part of the request in the header.

In our case we have two headers:

  • ApiKey: this value is always the same
  • Signature: this value depends on the request body content

Is there any way to inject the signature value just before the request is executed based on the request body content?

Here you can see two samples of the requests

Sample 1:

   * url 'https://dev.sample.com'
   * path '/api/user/getAll' 
   * header Content-Type = 'application/json'
   * header ApiKey = 'XXX' 
   * header Signature = 'YYY'
    And request {  }
    When method POST
    Then status 200

Sample 2:

   * url 'https://dev.sample.com'
   * path '/api/user/getAll' 
   * header Content-Type = 'application/json'
   * header ApiKey = 'XXX' 
   * header Signature = 'ZZZ'
    And request { name: 'John' }
    When method POST
    Then status 200

Thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

音栖息无 2025-02-01 23:39:55

空手道有一个用于生成标头的“钩子”,但截至目前,它尚未“意识到”当前构建的请求主体 +标头: https://github.com/intuit/karate#configure-headers

我们在这里收到了类似的请求,并且正在考虑添加此功能:在在空手道DSL中进行休息之前,如何检索原始请求内容?

也许OAuth示例可能会为您提供案例的前进: https://stackoverflow.com/a/a/55055111/143475

可以随意提出增强请求版本(在您的帮助下进行测试)。我在想 - 如果您能够从标题JS函数中调用 bacarate.get('request')怎么办。

但是目前,您需要做的就是这样做:

* def body = { some: 'json' }
* karate.set('requestBody', body)
* url someUrl
* request body
* method post

header.js 函数中

function fn() {
  var body = karate.get('requestBody');
  var sign = Utils.sign(body);
  return { Signature: sign };  
}

编辑:这将在空手道1.0上实现: https://github.com/intuit/karate/karate/issues/1385

Karate has a "hook" for generating headers, but as of now it is not "aware" of the currently built request body + headers: https://github.com/intuit/karate#configure-headers

We got a similar request here, and are thinking of adding this capability: How to retrieve raw request contents before making a REST call in Karate DSL?

Maybe the OAuth examples will give you the way forward for your case for now: https://stackoverflow.com/a/55055111/143475

Feel free to raise an enhancement request, and we can get this in to the next version (with your help to test it). I'm thinking - what if you are able to call karate.get('request') from within the header JS function.

But for now all you need to do is do something like this:

* def body = { some: 'json' }
* karate.set('requestBody', body)
* url someUrl
* request body
* method post

And in the header.js function

function fn() {
  var body = karate.get('requestBody');
  var sign = Utils.sign(body);
  return { Signature: sign };  
}

EDIT: this will be implemented in Karate 1.0 onwards: https://github.com/intuit/karate/issues/1385

回复 原文
~没有更多了~

关于作者

清晰传感

暂无简介

文章
评论
28 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

十二

文章 0 评论 0

飞烟轻若梦

文章 0 评论 0

OPleyuhuo

文章 0 评论 0

wxb0109

文章 0 评论 0

旧城空念

文章 0 评论 0

-小熊_

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文