SeUniVr / RestTestGen

A framework for automated black-box testing of RESTful APIs.
Apache License 2.0
38 stars 9 forks source link

Problems using JWT as authorization - ModuleNotFoundError: No module named 'requests' #23

Closed henning410 closed 4 months ago

henning410 commented 4 months ago

Hey again :) I try to fuzz some app where endpoints are secured with token. The token is valid for 60s. I created some script, which retrieves a valid token and prints the header: I tested this script before and after executing RestTestGen, this works.

import json
import requests

# Function to get the token from the login endpoint
def get_token():
    url = "http://localhost:3000/login"
    # Replace with your actual login credentials if required
    login_data = {
        "username": "john_doe",
        "password": "password1234"
    }
    response = requests.post(url, data=login_data)
    if response.status_code == 200 or response.status_code == 201:
        # Assuming the token is in the 'token' field of the JSON response
        return response.json().get("access_token")
    else:
        print(f"Failed to get token: {response.status_code} - {response.text}")
        return None

# Initialize the rtg_info dictionary
rtg_info = {
    "name": "Authorization",
    "value": "",
    "in": "header",
    "duration": 60
}

# Get the token from the login endpoint
token = get_token()
if token:
    # Update the rtg_info dictionary with the new token
    rtg_info["value"] = f"Bearer {token}"
    # Print the updated rtg_info dictionary as a JSON string
    print(json.dumps(rtg_info))
else:
    print("Could not retrieve the token.")

The script returns: {"name": "Authorization", "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjEsInVzZXJuYW1lIjoiam9obl9kb2UiLCJpYXQiOjE3MTgwMjUyNDgsImV4cCI6MTcxODAzMTI0OH0.GKQs4DJ9YeUmquoTMXdN2DP3DhneoZPyUa6DLt2avns", "in": "header", "duration": 60}

When executing RestTestGen, I receive:

13:20:34.247 [main] ERROR io.resttestgen.boot.AuthenticationInfo -     import requests
13:20:34.247 [main] ERROR io.resttestgen.boot.AuthenticationInfo - ModuleNotFoundError: No module named 'requests'
13:20:34.248 [main] ERROR io.resttestgen.boot.cli.App - An error occurred while starting RestTestGen. Please report it on GitHub.
henning410 commented 4 months ago

Fixed this by changing the Dockerfile to:


FROM gradle:7.6.2-jdk11-jammy
RUN apt-get update && apt-get install -y python3 python3-pip
WORKDIR /app
COPY requirements.txt /app/
RUN pip3 install --no-cache-dir -r requirements.txt
CMD gradle run