How To Handle OAuth in RestAssured Framework

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey hyerin this is mukesh atrani from done - a dimension calm today in this video we are going to talk about how we can handle or in rest assured framework so in this video we are going to talk about what exactly is or how we can create application which will allow us to do this or what protocol and once you understand this Roth protocol then we will see what dependencies we need to add in Abbeville project so that we can start working with the rest assured and other stuff and once you get that app we will see how we can get the API key ap a secret key access token and accent access token secret which is required as which is required for both 1.0 and once we get all the details we just need these four details and the final end point will write a quick program which will use what protocol in rest assured and finally we will verify the result so here in this video I am going to talk about one complete scenarios of one part I will complete and the rest part I will guide you how to compete so that will be assignment for you so Before we jump into how to handle work in rest assured let's talk about what exactly is Hoth so it's not authentication so if you talk about work it's more about the authorization protocol so this is the protocol which is widely used on the Internet when you have to authorize one person that whether this person should be able to access this particular service or application or not so this protocol mainly used for the authorization so what it does actually it will allow you to access particular resource based on the roles and responsibilities or the permissions I will say so let's talk about so you must have seen this kind of scenarios right where you want to create some account and it will ask you do you want to sign up with Facebook Google LinkedIn Twitter so when you say yes it will ask you to log in so you're not actually sharing their username password you are allowing one up occasion to read some of your details not every detail so you must have seen right when these apps ask they will ask you that we will only read these kind of informations so they're read few information and securely they will pass your information to the application so now let's say you want to log in to make metric so make my trip if you log in with Facebook Facebook will pass only few details like first name last name email address phone number and all they will not share everything like your friends contacts and number of friends which you have it will only pass certain details so what exactly you did you or you have given authority or authorization to Facebook that you pass my some information to make metric so this is what exactly we do in what so again both have both one and two so we will discuss one by one so the one which we are going to discuss is or not zero so what exactly it does it will not share your password it will allow it will pass two details like client ID secret app ID and secret so these are the encrypted information you will send to the application so I will show you through examples through demo so what we are going to do use I am going to show you one example of Twitter so if I open my Twitter at all so let's say I want to post something on Twitter so not later if you want to access okay you need to have the earth if you if you have like given all the credentials correctly then only you can interact with the Twitter so in order to demonstrate example you need to have minimum rest assured in your Eclipse if you don't have then don't worry I have already one video on this so just go and watch my previous video where we discussed how to set up a rest I showed in Eclipse now in order to work with auth and rest assured we also have to use one more library call scribe so when you use this library then only you will get the complete acess to earth and yes you need a developer account now let's say you want to access Facebook API or Twitter or LinkedIn or any other Google APs you need to have the dollar per axis or you need to create at least a app in their account and then only you can interact I will show you in a few minutes how to do it so once you have all the settings then I will show you how you can handle this worth interest sure so first of all what you need to do you need to enroll for the developer account so I'm going to show you how you can use OAuth with Twitter so everybody must have the Twitter account so once you're done with this video I will also give an assignment or you can say a task that you have to complete after this I will give you one overview okay so after this I will show you the first half second half you have to complete and let me know if you are not able to do it I will make a separate video and if you are able to do it just let me know in the comment section so what we have to do a first of all you have to enroll for the developer account so if you have the normal account just navigate to develop or Twitter comm and in case if you don't have developer account then no worry you just sign up for that account just fill some basic details your first name in all and they will also ask you why you need at all of your account so you just give some thing like I am just filling this form because I want to explore the Twitter API for my educational purpose don't say that I want to use for commercial purpose otherwise they will charge you so just tell them that you want for basic learning and you want to explore tutor API once you they will review your account within 24 hours you will get this email like your Twitter account has been approved and you will have the complete access to the developer account which I already have I have created few apps so what you need to do you just need to create an app here you assured and again you have to give lend a description around 200 characters so to save some time what I did I already created one half for you I will quickly show you so when you do first time you need to do just fill these details give any website detail you can give my blog address as well and that's all you need to do okay you can give this is not mandatory actually the only thing is mandatory is web URL description and a commune once you click on create it will create an app for you so this is just I created like two days before and we'll click on details and these are the details of my app which I created you can see I have given some app name description you are and all in this usage so now the main thing is the keys and the token in order to work with OAuth you need these for details consumer API key consumer API secret API key and secret key again you also need a access token and access token secret so what exactly this will do it will give you the read and write permission you can regenerate and you can read revoke whenever you want so after this video definitely I will regenerate the token and the keys for you so that you cannot use it again so how you have to do just click on regenerate and it will generate a new keys for you and same goes with the tokens and if you see the permissions these are the permissions by default in case if you want to change the permission just quickly change from here so once everything is done just copy these details and that's so yet done so let me show you how to do it so this is my project I will open this and let's create a fresh package and this package name I will you go auth demo well let's give earth and just create a separate class and I will say Twitter demo you can take public static void main or destined G I will continue with testing G because I want to use it now so I will say public void let's say I want to make a so I will say post or tweet and let me just give this at the desk because I want to use the stingy and now yeah before I move into this let me show you my poem got XML as well and how you can get this so this is my poem dot XML file you need the rest assured I am using the latest one which is for dot 0 dot 0 and I'm using a scribe Java which is 2.5 dot 3 if you want I can show you so let me just create incognito mode just kill rest assured you will get their official documentation and just navigate here click on user guide and this is the complete user guide so just search for OAuth you can see they have been worth one and worth two so the one which you are going to use it now worth one or two also I will show in the next video how you can work with OAuth 2 so there clearly mentioned if you want to you if you want to use this auth you need to have the scribe so they have already given the dependency so just copy-paste this dependency in your format xml which i did just now and this is a as usual rest assured so if you want to search for MV and repository calm and just type a rest assured and many people are making mistake they are taking a rest assured from this package don't use it use which is coming from IO dot rest - assured I am using the latest one which is for dot 0 dot 0 you just needed to copy paste and that's what you need to do know why it is not important okay let's import so first of all we will say a rest assured dark given now what we need to do we need to provide or details right so for this you just have to say that I want to use what now this will return you authentication specification if you want to store in a variable then use that is also fine but I will continue with in the same statement and I will say I want to use auth so they haven't mentioned that you need to give worth one or two so if you are using the worth one just selector or if you have the token one then you have to go with auth 200 or so let me continue with OAuth 1.0 and you can see it is asking me for details so let me just comment it out right now and once you are done you need to make a call which API you want to hit and if this will hit the correct API you will get the proper response in a response variable and you are done and once you get the response if you let's say you want to see the response code just type RESP dot get response code or get status code it will give you the exact code if it is 200 means you are able to access Twitter now what exactly we are going to do now we are going to make a quit to the Twitter and first of all let me show you one more thing if you put mouse over in the o earth it is not giving you any Java dog so let's do one thing it is downloading some Java doc let it download and everything is coming now now put mouse over again on o earth so it will give the complete documentation ok so you can see it is asking consumer key consumer secret access token and secret token and if all works fine it will return you get specifications so I am directly going to use it and I am going to make a post call why a post call because if you see if I go to the Twitter API these are the API switch they already provided so I'm going to use one API called twit post where I will just put something on my Twitter wall if you just click on APA references and don't worry I will keep this link in the description so you can also explore all the APS which they have so you can see they have so many things searched - its filter real time codes and many more what we are going to use now post status update so you can see they already have given the URL response format will be Jason require authentication definitely yes and these are the parameters which you need to pass so if you see they have n number of parameters the but only one thing is mandatory con status what exactly you want to post on your wall so I'm going to use this API so and as they have mentioned it will take a post call so I will I already have taken it and I will paste it here now the parameter part as they mentioned we need to give a status so just put question mark status equal to let's say this is my quit wire API this is what I want to post correct now this is done I also have to provide these details so let me quickly just copy-paste these details so consumer reiki and if you think it is going a little lengthy you can break down into the next statement X is okay and we are done if you think again its let me just break it down now let's square cross verify it was asking first of all consumer key consumer secret X is token and yeah all things are done now finally we can make a twit so let's see I will simply do the right click and okay before I do it let's see what is the latest to it I have yeah this is something from X so let's right click and run s test and you test and if they're getting status code as 200 it means we are able to hit the API correctly and it is 200 and if I just come here I just have to refresh and you can see I'm able to interact Y with Twitter why are these worth and rest assured and if I want to delete if I click on this Twitter so you might do it I will get the ID this ID I can use when I have to delete or I have to read to it I have to do some extra with this to it so this is the Twitter ID which I can use but you can see how easy it was to interact with Twitter via OAuth not only Twitter use any application Google Facebook any other which allow you to log in and authenticate via OAuth they will definitely have this app created and you can use it ok so this was about the response code but if I have to verify let's say I had that a twit now I also want to get that Twitter ID or the to it ID how can I do that so first of all let me delete this because if I do it again it will say duplicate so I have deleted this manually now let me do one thing apart from the status code let me also put rest dot get body because definitely server will send me the complete response so I will take it take it as a string and I want to print it this time so let's run it run Esther stingy test and again if I just once I get the response I will just quickly refresh okay this is also done but this time if I just see I got the body as well and this body is quite lengthy and it is not in a readable format so if you want to see oh you can see in the Jason viewer I already have just a second Jason view if you want to see the actual Jason how it is looking in the actual response coming so just go to the side Jason viewer dot stack dot hu and copy paste when you click on viewer this is the Jason which is coming from the tutor and if you just see you just go back to entities okay we directly have the ID so this is the ID which is giving that wrote ID if you want to cross verify just notice last three numbers one three double zero okay this is not the one it should be 1 3 4 6 okay so this is 1 3 4 6 which is ID STR so if you want to capture this how you can capture we can capture by Jason path now let me also make a small change so the response which is coming actually to suggestion file but when you are seeing it's coming as a complete lengthy string so I can keep it one very very very easy and very important command called Jason path so whatever body is coming from the response from the server I'm converting into Jason path and I am going to use one matter called prettify so what exactly does it will give you everything and a standard Jason path format or Jason government so prettify will simply okay it's not giving description just put it here it will download the Java dog and again if you put the mouse world get the JSON in verified string now if you try to do it you will see a proper format so again let me delete this and let me hit it again okay so can you see the output now it's very clear it's coming in a proper format and now we don't need any Jason B word so if you again see it's coming as the IDS here our task is to capture this so that we can also get the twit ID so that is what we are going to do next next because based on this output I will give you a task or you can say assignment which you can try so whatever response we are getting anyways first of all we will convert this as adjacent path so the response code say rest dot decent path so when you say I need the Jason path if you put mouse over it will return you Jason path object so I will say Jason path and I will just create an object now what you want I need ID STR so it will try to find this ID STR if it exists it will return you that value so in our case it should return as this for 896 now definitely when I run next time it will give me the new ID so I will say twit ID so I will print it and I will say to it my twit ID is to tidy very easy so whatever ID is coming it will print and let me just say like this is my second quit via API and this time I will not elite it okay perfect it is giving all the details like my location my name everything it is giving it is also giving display URL many other details which is not required for us now the main thing was this 9 3 7 6 which I guess we got it right my twitter ID is this any fun to cross where if I just go back to Twitter and you can see this is my second put this cross verify number is nine three seven six this is also perfectly fine now we are able to make all the calls it's up to you which API want to call how many times you want to call and how you want to play with it it's up to you so what is my main target now can you see this API call destroy what it does it will delete the TWiT which you have done okay so let's say you want to delete a specific Twitter so you can see they have given that whenever you make this call okay it will delete your to it so this is nothing but the Twitter ID which we got from here right so if you just make this if you just capture this ID and append here and just make up simple post called it should delete your Twitter all your Twitter which you have done so this is what you need to try it is just you have to change the URL everything will remain same till here it will remain same only thing is the end point you have to change and whatever aldi we are getting from here you need to pass it here in this and the next task so just try it out if you're not able to it let me know in the comment section I will make a dedicated video on the different API of Twitter like how to get all the twit in the last 24 hours everything they have given here it is just we need to see which Twitter API you want to call that's all so it was quite easy and if you want to try with other as well then you can go with Facebook in Facebook also you have to create our Facebook Developer account which anyways you will have such as search for Facebook developer okay so you will create an app in this app it will ask you what apps from Facebook you want to accessories you can select any app and again it will generate these four details which you can use okay so I will wait to your task and I will also create next video on what one it is after earth 2.0 which is quite impressive because we're there we'll talk about access tokens here we are talking about the sacred keys and other keys there we are talking talking about the access tokens so I will show you how you can get the access token at runtime as well thank you so much guys for watching this video we really like this video please share with your friends colleagues those who are into automation and please subscribe to my channel because I will be uploading many videos on the rest assured and the different automation stuff and if you have any doubt related to auto machine then please mail be my email is Mukesh go to any order to learn - animation calm stay in touch and I will see in the next video have a nice day bye bye

Info

Channel: Mukesh otwani

Views: 26,076

Rating: undefined out of 5

Keywords: How To Handle OAuth in RestAssured Framework, API Testing, Rest Assured, API Automation, Web Services Testing

Id: lyQmRjBwMeg

Channel Id: undefined

Length: 26min 2sec (1562 seconds)

Published: Thu Aug 29 2019