Reputation: 107
How to retrieve and add xsrf cookies to a REST client call?
I am using RESTAssured for my api testing. When I test the API login endpoint using Postman, I get cookies for anti-forgery which the Postman (and the browser) uses with every call when using the application.
To replicate this behavior for API testing, I can make the call to authenticate but RESTAssured does not retrieve the cookies sent by the server same way Postman does.
How do I go about retrieving the cookies for subsequent API calls?
I have so far tried Postman and RESTAssured but can be flexible on the API testing library.
httpReq = RestAssured.given().log().all();
httpReq.contentType(ContentType.URLENC.withCharset("UTF-8"));
httpReq.formParam("Email", email);
httpReq.formParam("Password", password);
httpReq.formParam("__RequestVerificationToken", substr);
Map<String, String> authCookies = response.getCookies();
When I debug and watch authCookies, it is missing the relevant anti-forgery tokens. Adding the authCookies to subsequent requests results in 401 Bad Request.
Upvotes: 0
Views: 922
Answers (1)
Reputation: 107
Thanks to Wilfred's comment about getDetailedCookies() method.
The xsrf tokens are generated with the first reponse, given the __RequestVerificationToken and can be used in all calls including the api call that authenticates users.
Once authenticated, use the cookies that include xsrf and session cookies everywhere.
Upvotes: 1
Related Questions
- How do I set a cookie on HttpClient's HttpRequestMessage
- How to add cookies to request in Restsharp?
- XSRF-TOKEN not added to cookies by Angular (Client side) when .NET core API returns a response with an XSRF-TOKEN
- Sending cookie in XHR response but it's not getting stored?
- How do I save cookies from RestResponse and pass them to the next RestRequest?
- Retrieving cookies from HttpResponse
- Sending cookie from client to web api
- Read cookie in WPF application
- How to set cookie in request header for REST service
- Reading a cookie from a WCF RESTful webservice