When i call a webservice which sends response with "Set-Cookie" header, soapui caches the cookies for subsequent calls. How do i clear these cookies on subsequent calls?
Or is there a way to "not-accept" cookies from the endpoints in the response?
I am using free Soap UI 4.5.0
Check out this post on eviware's forum one of the responses show how to clear cookies
I read the link from Abhishek in another answer to begin with, and found my answer on this link:
For anyone who is looking for answer, here is what i am using now:
Basically, you have to create a testcase with the requests that you want to run, and you will get a Script editor in TestSteps, where you can use the following groovy script.
import com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport
def myCookieStore = HttpClientSupport.getHttpClient().getCookieStore()
def myCookies = myCookieStore.getCookies()
// find the session cookie
def sessionCookie
myCookies.each {
// print all of them
log.info(it.name + " = " + it.value)
if (it.name == "JSESSIONID"){
sessionCookie = it
}
}
// if you want to update the cookie value
// sessionCookie.value = "new cookie value here..."
// deleting all cookies
myCookieStore.clear()
// to delete only specific
//if (sessionCookie != null) {
// sessionCookie.expiryDate = new Date()-1 // yesterday
// myCookieStore.clearExpired(new Date()-1)
//}
// check if the cookies are really removed
myCookies = myCookieStore.getCookies()
log.info("After Removing Session Cookie");
myCookies.each {
// print all of them
log.info(it.name + " = " + it.value)
}
// if you want to create your own cookie
//import org.apache.http.impl.Cookie.BasicClientCookie
//def myNewCookie = new BasicClientCookie("cookie_name", "cookie_value")
//myNewCookie.version = 1
//myNewCookie.domain = "qa.test"
//myCookieStore.addCookie(myNewCookie)
// or from another cookie
//def myNewCookie = new BasicClientCookie("cookie_name", interestingCookie.value)
Related
How do I parse a response cookie and sent back a specific value into a request header?
I'm making a request: it's sending back a token in a session cookie (token=longstrong). I need to grab that cookie, parse out token, and send back the value in a x-token: request header for following requests.
Paw is only giving me the option to send the cookie (raw).
How can I parse the response cookie to send back the value of $.token (json pseudo-code)?
A late reply, sorry!
This might help (from How do i pick specific cookies?):
Use a Custom dynamic value (right click on the field, and pick Extensions > Custom), instead, and use the following JavaScript code snippet:
function evaluate(context){
// Set here the cookies you'd like to return
var wantedCookies = ["datr", "reg_fb_ref"];
var regex = /^(\w+)\=([^;\s]+)/g;
// Request
// Uses here the current request, you can use getRequestByName("name of the request") instead
var request = context.getCurrentRequest();
// Get response cookies
var cookies = request.getLastExchange().getResponseHeaderByName("Set-Cookie").split(", ");
var filteredCookies = [];
for (var i in cookies) {
var cookie = cookies[i];
var match = regex.exec(cookie);
if (match && wantedCookies.indexOf(match[1]) >= 0) {
filteredCookies.push(match[0]);
}
}
return filteredCookies.join(",");
};
That basically parses manually the response cookies, and returns the ones you need.
This other question might help: Routes using cookie authentication from previous version of Paw no longer work on new version
I have two applications that are using WS Federation and I am working to migrate one of these applications over to .NET Core. These two applications need to be able to share cookies and this is where I am running into an issue on the .NET Core side.
This is a portion of my Startup.cs
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<Context>()
.AddDefaultTokenProviders();
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = new PathString("/Account/Login");
//LOGIN WORKS CORRECTLY WITH THE BELOW LINE COMMENTED
options.TicketDataFormat = new AuthTicketDataFormat();
options.Cookie.Name = "cookiename";
options.Cookie.Path = "/";
options.Cookie.Domain = "";
});
services.ConfigureExternalCookie(options => {
options.LoginPath = new PathString("/Account/Login");
//LOGIN WORKS CORRECTLY WITH THE BELOW LINE COMMENTED
options.TicketDataFormat = new AuthTicketDataFormat();
options.Cookie.Name = "cookiename";
options.Cookie.Path = "/";
options.Cookie.Domain = "";
});
services.AddAuthentication()
.AddWsFederation(options => {
// MetadataAddress represents the Active Directory instance used to authenticate users.
options.MetadataAddress = authentication.GetValue<string>("AdfsWsFedMetadataUri");
// Wtrealm is the app's identifier in the Active Directory instance.
// For ADFS, use the relying party's identifier, its WS-Federation Passive protocol URL:
options.Wtrealm = authentication.GetValue<string>("AdfsRelyingPartyIdentifier");
});
I am able to see that I do receive a cookie in the Network tab, but the issue I am having is that I am being put into an infinite loop because on my anonymous Callback endpoint I have the following:
var loginInfo = await this._signInManager.GetExternalLoginInfoAsync();
//loginInfo is always coming back as null
if (loginInfo == null) {
return RedirectToAction("Login");
}
It seems the issue is being caused by options.TicketDataFormat and creating a custom format for the cookie. The cookie seems to be created correctly with the ticketDataFormat, but getExternalLoginInfoAsync on signInManager is always returning null.
Any help or direction is greatly appreciated as I've been banging my head against the wall for a day trying to figure this out.
I am new to web based solutions. I am hitting a rest url using RestSharp library.
My code is as follows:
var cleint = new RestClient("http://REST_URL");
cleint.Authenticator = new HttpBasicAuthenticator("username", "password");
var request = new RestRequest();
request.Method = Method.GET;
request.Resource = "0.json";
IRestResponse response = cleint.Execute(request);
if (response != null && ((response.StatusCode == HttpStatusCode.OK) &&
(response.ResponseStatus == ResponseStatus.Completed)))
{
// var arr = JsonConvert.DeserializeObject<JArray> (response.Content);
}
The url returns a json file, when I hit it manually. But I want to use a C# console application to get the json file and save it to the disk. I am getting an unauthorized response when I run the above mentioned code:
response.ResponseStatus= "Unauthorized"
This is all it needed..
client.Authenticator = new NtlmAuthenticator();
So if your IIS settings have Windows Authentication set as enabled, this is what you are going to need, Http Basic authentication is not enough to by pass the server security
I am working in a Windows Phone 8 PCL project. I am using a 3rd party REST API and I need to use a few HttpOnly cookies originated by the API. It seems like getting/accessing the HttpOnly cookies from HttpClientHandler's CookieContainer is not possible unless you use reflection or some other backdoor.
I need to get these cookies and send them in subsequent requests otherwise I am not going to be able to work with this API - how can I accomplish this? Here is what my current request code looks like:
Thanks in advance.
//Some request
HttpRequestMessage request = new HttpRequestMessage();
HttpClientHandler handler = new HttpClientHandler();
//Cycle through the cookie store and add existing cookies for the susbsequent request
foreach (KeyValuePair<string, Cookie> cookie in CookieManager.Instance.Cookies)
{
handler.CookieContainer.Add(request.RequestUri, new Cookie(cookie.Value.Name, cookie.Value.Value));
}
//Send the request asynchronously
HttpResponseMessage response = await httpClient.SendAsync(request);
response.EnsureSuccessStatusCode();
//Parse all returned cookies and place in cookie store
foreach (Cookie clientcookie in handler.CookieContainer.GetCookies(request.RequestUri))
{
if (!CookieManager.Instance.Cookies.ContainsKey(clientcookie.Name))
CookieManager.Instance.Cookies.Add(clientcookie.Name, clientcookie);
else
CookieManager.Instance.Cookies[clientcookie.Name] = clientcookie;
}
HttpClient httpClient = new HttpClient(handler);
The HttpOnly cookie is inside the CookieContainer, it's only that is not exposed. If you set the same instance of that CookieContainer to the next request it will set the hidden cookie there (as long as the request is made to the same site the cookie specifies).
That solution will work until you need to serialize and deserialize the CookieContainer because you are restoring state. Once you do that you lose the HttpOnly cookies hidden inside the CookieContainer. So, a more permanent solution would be using Sockets directly for that request, read the raw request as a string, extract the cookie and set it to the next requests. Here's the code for using Sockets in Windows Phone 8:
public async Task<string> Send(Uri requestUri, string request)
{
var socket = new StreamSocket();
var hostname = new HostName(requestUri.Host);
await socket.ConnectAsync(hostname, requestUri.Port.ToString());
var writer = new DataWriter(socket.OutputStream);
writer.WriteString(request);
await writer.StoreAsync();
var reader = new DataReader(socket.InputStream)
{
InputStreamOptions = InputStreamOptions.Partial
};
var count = await reader.LoadAsync(512);
if (count > 0)
return reader.ReadString(count);
return null;
}
There is also a second possibility - to manually go through response headers, grab and then parse Set-Cookie headers using a bunch of custom code.
It looks something like that, when you are going to match and save a single PHPSESSID cookie (assume LatestResponse is your HttpResponseMessage containing website response):
if (LatestResponse.Headers.ToString().IndexOf("Set-Cookie:") != -1) try
{
string sid = LatestResponse.Headers.ToString();
sid = sid.Substring(sid.IndexOf("Set-Cookie:"), 128);
if (sid.IndexOf("PHPSESSID=") != -1)
{
settings.Values["SessionID"] = SessionID = sid.Substring(sid.IndexOf("PHPSESSID=") + 10, sid.IndexOf(';') - sid.IndexOf("PHPSESSID=") - 10);
handler.CookieContainer.Add(new Uri("http://example.com", UriKind.Absolute), new System.Net.Cookie("PHPSESSID", SessionID));
}
} catch (Exception e) {
// your exception handling
}
Note this code inserts the cookie to CookieContainer for that object's life unless manually deleted. If you want to include it in a new object, just pull the right setting value and add it to your new container.
I'm using HTTPWebRequest/HTTPWebResponse to interact with the site (www.lockerz.com). So, I authenticate on the site:
HttpWebRequest webRequest = (HttpWebRequest) HttpWebRequest.Create("http://www.lockerz.com/auth/login");
byte[] bytes = Encoding.ASCII.GetBytes("handle=" + textBoxEmail.Text + "&password=" + textBoxPassword.Text);
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.Method = "POST";
webRequest.ContentLength = bytes.Length;
Stream os = webRequest.GetRequestStream();
os.Write(bytes, 0, bytes.Length);
Then I get the response:
HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse();
I'm watching the requests\responses using Charles and it says that in the response there must be cookies, but when I try to make a list of the cookies I get it says that there are no cookies!
foreach(Cookie c in webResponse.Cookies) {
writeToLog("Cookie Name: " + c.Name + " Value: " + c.Value);
cc.Add(c);
}
I've tried adding a CookieContainer but it doesn't work anyway.
This may apply here, I have had this problem with sessions, so I will assume the same for cookies.
You are making a call to: http://www.lockerz.com/auth/login. But if a person goes to a page without the "www." part of the url, then their cookies won't survive being sent to the "www." site, because they are different sites (as far as the cookies are concerned).
I would just make the request to "/auth/login", that way, it won't matter what the user has as the url in their browser.
Hope this works.