Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.3k views
in Technique[技术] by (71.8m points)

karate - Handling JWT bearer token from ADFS

I'm testing a web application API that do authentication against an ADFS server with X509 certificates. In order to run tests with Karate, I currently use a small .NET application that negotiates the JWT for SSO using my installed certificate. I then get the bearer token header line from Fiddler and manually put it into my Karate tests.

There's an example on how to use oauth with form fields here, and I'm looking for the equivalent version when using certificates.

Is there a clever way of getting the bearer token without manually sniffing and injecting it into the tests?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Certificate support made it into 0.7.0 and you can find examples here: https://github.com/intuit/karate/tree/master/karate-demo/src/test/java/ssl

Hope that gets you on your way, else you may need to dig into this long thread on SSL / Cert support in Karate and perhaps add a feature request: https://github.com/intuit/karate/issues/281

One idea is if you can modify your .NET program to run as a command-line app and return the token or save it to a file, you could invoke it from Karate using Java interop, and the Runtime.getRuntime().exec(command) - you should be able to find material on the net on how to do this.

EDIT: you can use curl ! https://stackoverflow.com/a/64352676/143475


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...