I build a script where I can automate a payment process.
All endpoints have an authentication process where a variable must be generated at the time of execution:
Signature = BASE64 (HASH (url_path + salt + timestamp + access_key + secret_key + body_string))
The application being tested provides a code that converted to keyword generates all authentication data, and is functional for GET methods where body_string = ', for cases where the request carries Body, this must be sent as String to be converted to hash, but by doing this procedure the signature does not match and throws authentication error.
- body_string is a valid JSON string (relevant to requests that contain a body). If the body is empty, it must be empty in the request and in the signature calculation, and not empty curly braces {}.
Attempts have been made:
1. Define the string body, replace the body variables with the values, call the authentication CT, update the body request with the values by matching the request body with the authentication hash body, and call the method:
**def** body ='{"business_vat_id":"123456789","email":"user@email.com","ewallet":"${ewallet}","invoice_prefix":"JD-","metadata":{"merchant_defined":true},"name":"User Name","phone_number":"+14155559993"}'
**def** binding = [('ewallet') : ewallet]
**def** engine = **new** groovy.text.SimpleTemplateEngine()
**def** template = engine.createTemplate(body).make(binding).toString()
GlobalVariable.*bodyString* = template
println GlobalVariable.*bodyString*
WebUI.*callTestCase*(*findTestCase*('TC001-Generacion variables de autenticacion'), [:], FailureHandling.***STOP_ON_FAILURE*** )
String body1 = template
ro.setBodyContent(**new** HttpTextBodyContent(body1))
response = WS.sendRequest(*findTestObject*('Post_customer_Rapyd - Copy', [('access_key') : GlobalVariable.*accesKey* , ('salt') : GlobalVariable.*salt*
, ('signature') : GlobalVariable.*signature* , ('timestamp') : GlobalVariable.*timestamp* ]))
2. Get the body request from the object repository, replace the variables with the values, set the body request on the object, call the authentication TC and then send the request.
RequestObject ro = (*findTestObject*('Post_customer_Rapyd - Copy'))
println ro.getBodyContent()
**def** body = ro.~~getHttpBody~~()
println body
**def** binding = [('ewallet') : ewallet]
**def** engine = **new** groovy.text.SimpleTemplateEngine()
**def** template = engine.createTemplate(body).make(binding).toString()
println template
ro.setBodyContent(**new** HttpTextBodyContent(template))
GlobalVariable.*bodyString* = (template).replaceAll("\\s","")
println GlobalVariable.*bodyString*
WebUI.*callTestCase*(*findTestCase*('TC001-Generacion variables de autenticacion'), [:], FailureHandling.***STOP_ON_FAILURE*** )
response = WS.sendRequest(*findTestObject*('Post_customer_Rapyd - Copy (1)', [('access_key') : GlobalVariable.*accesKey* , ('salt') : GlobalVariable.*salt*
, ('signature') : GlobalVariable.*signature* , ('timestamp') : GlobalVariable.*timestamp* ]))
In both cases an authentication error is thrown, I assume that the body request does not match the string body used in the authentication.