Comments (13)
I can't think why it would support what you've attempted there. Could you send me the stub mapping and the full exception trace?
from wiremock.
I'm not currently trying to stub that request, I was trying to set an expectation. The problem is that the jetty server that wiremock uses doesn't have the ability to respond to requests with an authorization request in it. It doesn't throw an exception, jetty quietly responds with a 400.
One would have to setup the jetty server like this: (some scratch code I wrote into the WiremockServer)
+ if (options.username() != null && options.password() != null) {
+ Constraint constraint = new Constraint();
+ constraint.setRoles(new String[] { "admin" });
+ constraint.setName(Constraint.__BASIC_AUTH);
+ constraint.setAuthenticate(true);
+
+ ConstraintMapping constraintMapping = new ConstraintMapping();
+ constraintMapping.setConstraint(constraint);
+ constraintMapping.setPathSpec("/*");
+
+ HashUserRealm hashUserRealm = new HashUserRealm();
+ hashUserRealm.setName("AuthGroup");
+ hashUserRealm.put(options.username(), options.password());
+ hashUserRealm.addUserToRole(options.username(), "admin");
+
+ SecurityHandler securityHandler = new SecurityHandler();
+ securityHandler.setUserRealm(hashUserRealm);
+ securityHandler.setAuthenticator(new BasicAuthenticator());
+ securityHandler.setConstraintMappings(new ConstraintMapping[] { constraintMapping });
+
+ jettyServer.setUserRealms(new UserRealm[] { hashUserRealm });
+
+ jettyServer.addHandler(securityHandler);
+ }
I might take a stab at it this weekend. Any suggestions?
from wiremock.
OK, I see the problem. I'm not familiar with now Jetty attempts to process basic auth, but disabling it completely might be the simplest option (if that's possible), then you can just write stub/verify statements against auth headers as normal.
from wiremock.
+1
I'm also looking for a way to test HTTP(S) Basic Authentication for a Jersey Client:
ClientConfig clientConfig = new ClientConfig();
clientConfig.register(HttpAuthenticationFeature.basic(someUserName, somePassword));
Client client = ClientBuilder.newClient(clientConfig);
from wiremock.
If all you're wanting to do is check that the client sends an appropriate basic auth header, you could just verify the header directly e.g.
verify(getRequestedFor(urlEqualTo("/your-url"))
withHeader("Authorization", equalTo("Basic <base64 encoded user:pass>"))
from wiremock.
It would be nice if there was a more convenient way to do the authorization header verification.
from wiremock.
Ideally, it should support auth scheme negociation as described in ยง2 Basic Authentication with the API of http://www.baeldung.com/httpclient-4-basic-authentication
Even if in the end, it can only mock basic auth
from wiremock.
I'd certainly like to make this easier, although it's possible to do pre-emptive now in the 2.0 beta (and from there, mock out the whole interaction).
from wiremock.
I was able to add a test for basic auth using a custom transformer.
Has any thought been given to including some transformers with Wiremock?
(Or should someone start an extensions project?)
from wiremock.
@mrdanpsmith - I presume you mean a negotiated auth handshake via a transformer?
If so, it'd be great to get that as a PR. I like the idea of having it as an extension but in the core codebase so it can be activated just when needed.
from wiremock.
@tomakehurst - Yes, that is what I'm talking about.
It's good to know that you would consider adding that to the main project.
I'll see if I can find some time to put a PR together.
EDIT: It looks like you added something for this already in the 2.0-beta and you are not accepting PRs for 1.xx.
from wiremock.
Yes, there's pre-emptive basic auth in 2.x already, but not negotiated.
And yes, 1.x is frozen now.
from wiremock.
Closing this as it's inactive. I'd still be happy to accept an extension supporting negotiated auth.
from wiremock.
Related Issues (20)
- xPath helper doesn't return result when XPath expression returns a single string item
- wiremock-jetty12: NullPointerException within WireMockHandlerDispatchingServlet (similar to #1224) HOT 1
- Failing while building wiremock-jre8-standalone version 2.31.0 using ./gradlew build (wiremock-jre8-standalone:2.31.0)
- Running tests in parallel with Wiremock 3.0.0 triggers random timing/concurrency issues HOT 2
- @RegisterExtension + WireMockExtension: Timing & state issues when using "static" HOT 5
- EqualsToJson has bad performance for big json with common keys occuring often HOT 17
- Handlebars helper - join
- Init / shutdown hooks for extensions
- Update org.xmlutil:xmlunit-core to Version 2.10.0 HOT 2
- Introduce a GUI for open source HOT 1
- NPE on WireMockServer.getServeEvents when using a StubRequestFilter HOT 1
- Adding more jettyAcceptors seems to do nothing besides cause thread contention. HOT 1
- align new join handlebar helper with features present in the join provided in the library, but not covered yet
- Expose args in Options so extensions can read it
- Possible memory leak ? HOT 15
- Prevent creating multiple stub mappings with the same ID HOT 1
- Support virtual threads in Jetty server for standalone deploy
- Error when proxying to a host that is only accessible via IPv6 HOT 1
- Formatted dates not in UTC
- __files created by default since v3.6.0 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wiremock.