sergio-eliot-rodriguez
commented
2 months ago New occurrence on this bug with Tracknow, which uses Session Auth. The access token is returned as the entire body of the response:
Open sergio-eliot-rodriguez opened 10 months ago
sergio-eliot-rodriguez
commented
2 months ago New occurrence on this bug with Tracknow, which uses Session Auth. The access token is returned as the entire body of the response:
Describe the bug The submit an app ui contains three options in the authorization strategy tab. None, API Keys, and OAuth. The OAuth option on its own handles different strategies requiring multi steps, where an authorization token is generated in intermediate steps, and used in a final step of a test request calling the target API.
The bug in question relates to a scenario where an authorization flow is setup via the OAuth option. This scenario usually falls into the authentication flow commonly referred to as Session Auth, or Basic+Bearer. In general, most applications using the Session Auth flow will return the authorization token in the response body, in an structured manner. However, we've found an instance where the authorization token is returned in body, with the token being the entire content of the payload. In this case, application can't be tested with the existing Submit an App UI implementation because there is no way yet to instruct it to extract the authorization token if it's the entire response payload, as the submit an app ui expects key/value pairs to do the extraction.
To Reproduce Steps to reproduce the behavior: Fill the submit an app UI with data from an application using Session Auth and returning the authorization token in response headers. You can look for Skkrible (already submitted, available for PD admin)
Expected behavior The submit an app UI should be able to extract the authorization token from the response body, even if the token is the entire response body content (and not only structured via key-value pairs)
Screenshots If applicable, add screenshots to help explain your problem.
Example of response body from Skkrible:
Desktop (please complete the following information): Windows 10 Edge 120.0.2210.121 (Compilación oficial) (64 bits)