How to Handle Authentication in Rest Assured | Basic,Digest,Form OAuth1 OAuth2 (LIVE Demo)

How to Handle Authentication in Rest Assured | Basic,Digest,Form OAuth1 OAuth2 (LIVE Demo) | Day18

Рет қаралды 38,004

Күн бұрын

In this video, We are going to learn How to handle the Authentication in RestAssured, in the demo part I have covered the Authentication like Basic, Digest, Form and OAuth1, OAuth2 step by step.
✅ Must Read - scrolltest.com...
For OAuth Token - api.imgur.com/...
🚀 All 30 Days Task - scrolltest.com...
📌 Join 30 Days Challenge Updates - scrolltest.com...
🎓 Free Automation MasterClass - thetestingacad...
📚 REST API testing with Python - masterapitesti...
✅ What is Authentication?
Authentication is a process of presenting your credentials like username, password or another secret key to the system and the system to validate your credentials or you.
In the API terms Authentication is used to protect the content over web mean only a valid user with valid credentials can access that API endpoint.
These credentials tell the system about who you are. Which enables the system to ensures and confirms a user’s identity
✅What is Basic Authentication
Basic access authentication is a method for an HTTP user agent (e.g. a web browser) to provide a username and password when making a request. In the example, we will use the postman internal URL to create Basic Auth example -[postman-echo.c...](postman-echo.c...)
✅What is Digest Authentication
Digest Auth is another authentication method used by most of the websites. In the Digest access authentication is one of the agreed-upon methods a web server can use to negotiate credentials, such as username or password, with a user’s web browser. In the Digest Auth. method username and password are sent over the web after applying some hash functions, Therefore which makes it more secure over network.
e.g HA1 = MD5(username:realm:password)HA2 = MD5(method:digestURI)response = MD5(HA1:nonce:HA2)
✅OAuth 1.0 & 2.0:-
They are the way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords. When you perform the OAuth most of the time you have to get the Access token from the website after submitting the details like consumer key etc. So to make OAuth 1.0 request you need to pass the Consumer key, Secret and Access Token, Token Secret.
Source
- scrolltest.com...
- swagger.io/doc...
✅ What is REST Assured?
REST Assured is a Java library that provides a domain-specific language (DSL) for writing powerful, maintainable tests for RESTful APIs. ... I'll be using real-world code examples you can copy, run, and reuse directly in your own test automation effort
🌍 Test Automation -
bit.ly/learnau...
💌 API Testing -
www.learnapite...
🎙 Cypress Tutorial with LIVE Projects -
cypresstutoria...
📝 REST API testing with Python -
masterapitesti...
#restassured #restassuredtutorial #apitesting #api #automationtesting #manualtesting #testautomation #thetestingacademy #scrolltest

Пікірлер: 39

@tejassingh3419 3 жыл бұрын

Thanks a lot, I was searching google on how to use basic auth in rest assured, After watching this part finally I got a response. Thank you so much Pramod :)

@TheTestingAcademy 3 жыл бұрын

Thanks for the awesome feedback

@purshiiyer2057 3 жыл бұрын

How to automate the Rest API with authentication like adding key & value using REST Assured.

@svetlanamazhaykina6918 8 ай бұрын

Thanks for your work, Pramod! Well done!

@TheTestingAcademy 8 ай бұрын

Thanks

@tanushrimukherjee2762 Жыл бұрын

But for me in Postman it shows no tokens available and configure New token which has multiple fields to fill, Where can i get this info? Will it be part of API doc in project?

@priteshkhambekar 2 жыл бұрын

In my project we have bearer authentication and token is regenerating / changing continuously so how we can handle this in automation?

@vigneshvenkatraman9134 3 жыл бұрын

Hi Team, Thanks for the video. I have a client certificate to add for authentication using Settings>Add certificates> enter URL,HOST,PEM file, KEY file and Passphrase in POSTMAN. Want to know how to authenticate using Rest Assured. Thanks in advance.

@purshiiyer2057 3 жыл бұрын

In Postman we will add the Api/url & authentication in header section then we will select type as GET, when we click on send we will get data from server. Similarly how can do this process through automation using Rest Assured.

@TheTestingAcademy 3 жыл бұрын

Check out the other tutorials I have done it the same

@Neharika.telikepally 3 жыл бұрын

@@TheTestingAcademy Can you share the link, I didn't get your video for hmac authentication in API Selenium C#

@sreevallikodavati8898 3 жыл бұрын

@@TheTestingAcademy Could you please provide the link

@bhagyalakshmibandaruj2712 3 жыл бұрын

Thanks for sharing this, awesome explanation

@TheTestingAcademy 3 жыл бұрын

Glad it was helpful!

@tanushrimukherjee2762 Жыл бұрын

Truly amazing 🙂

@testingxperts2600 3 жыл бұрын

Great video ....can you please let me know how swagger is used in schema validation

@TheTestingAcademy 3 жыл бұрын

Will upload soon

@rohitmisra9008 2 жыл бұрын

How to automate authentication in rest assured api

@RajKumar-ij5rr 4 жыл бұрын

Hi Pramod..How WebDriver driver = new ChromeDriver() achieves Run time polymorphism can you explain?

@sankalppatel4131 3 жыл бұрын

hello sir i need your urgent help will you please send me code on how i build user authention system using rest api

@mb_madhuri 3 жыл бұрын

Well explained !

@TheTestingAcademy 3 жыл бұрын

Glad you liked it and please share it with your friends.

@vaishalilahudkar2795 3 жыл бұрын

Hi sir, I have query , can you plz explain why we use return method

@TheTestingAcademy 3 жыл бұрын

www.tutorialspoint.com/importance-of-return-type-in-java#:~:text=A%20return%20statement%20causes%20the,void%20type(returns%20nothing).

@vipintekade6400 Жыл бұрын

I am unable to create account imgur .

@kunu1232 3 жыл бұрын

Hi Pramod, I was provided .pem and .key file to upload in postman -which is working fine. But when I am trying to do over Rest assured M getting error. I have converted the .pem and .key to .p12 file. From .p12 i have creates .jks file using keytool. Followed some of the explanations available in Internet.Still unable to success.Can you please help. Thanking you in advance.

@TheTestingAcademy 3 жыл бұрын

Hi guru, never tried it, I will pass, have you tried any stack overflow link?

@anils1993 3 жыл бұрын

Thank you.

@TheTestingAcademy 3 жыл бұрын

You're welcome!

@anils1993 3 жыл бұрын

@@TheTestingAcademy Thank you I got job and by watching your videos.Its helped me lot.

@sravanikambhampati1491 3 жыл бұрын

What is this Authorization callback URL while creating app in imgur?

@TheTestingAcademy 3 жыл бұрын

Check in description

@kranthikiran1798 4 жыл бұрын

If the explanation is step by step even if it is pre documented that would be more better instead of saying what is what so that viewers can also try on their own

@TheTestingAcademy 4 жыл бұрын

You can learn more at scrolltest.com/rest/explained Most of the Authentication's types are self explanatory in Rest Assured. -------------------------------- Basic Authentication given().auth() .basic("user1", "user1Pass") .when() -------------------------------- Digest Authentication given().auth() .digest("user1", "user1Pass") .when() -------------------------------- Preemptive Authentication given().auth() .preemptive() .basic("user1", "user1Pass") .when() -------------------------------- Form Authentication given().auth() .form("user1", "user1Pass") .when() -------------------------------- OAuth 2.0 given().auth() .oauth2(accessToken) .when()

@akashissfun 4 ай бұрын

When you realise it is NOT pronounced im-gur but image-er... basically.

@pradeepkumar123ful 4 жыл бұрын

StackOverflow explanation Not understandable.

@TheTestingAcademy 4 жыл бұрын

In non-pre-emptive authentication Client makes a request without authentication Server responds with 401 and a header like: WWW-Authenticate: Basic realm="Default Realm" Client makes a second request with a header like: Authorization: Basic dXNlcjpwYXNz Server authenticates the user and response with 200 In case of pre-emptive authentication Client makes a request with a header like: Authorization: Basic dXNlcjpwYXNz Server authenticates the user and response with 200 In preemptive, We will send the basic authentication response even before the server gives an unauthorized response in certain situations, thus reducing the overhead of making the connection Read more - hc.apache.org/httpclient-3.x/authentication.html stackoverflow.com/questions/7482523/preemptive-authentication-why i hope this helps.