search

aviaviavi / curl-runnings

A declarative test framework for quickly and easily writing integration tests against JSON APIs.
MIT License
158 stars 13 forks source link

Bearer token authentication #69

Open burk opened 3 years ago

burk commented 3 years ago

Nice library!

Have you considered adding support for bearer token authentication and/or other authentication methods? In my use-case I need to call /login with some known values, which returns a token that I need to send as a header for all the following requests.

aviaviavi commented 3 years ago

Thanks @burk!

Bearer auth can definitely be added. I haven't needed it myself which is the only reason it's not there yet. :) We have support for basic auth now, as can be seen in https://github.com/aviaviavi/curl-runnings/blob/master/examples/auth.yaml now. Bearer auth would have a similar interface.

Until this gets implemented, you should still be able to use curl-runnings for your use-case, by setting the header manually. Something like:

headers:  "Authorization: Bearer $<RESPONSES[some_index].path.to.token>"

will work, though definitely less ergonomic. The pretty printer is also smart enough to redact your actual auth headers when it logs the request, so you won't be writing anything sensitive to logs.

I myself am a bit swamped with my own work for the next few weeks but will look into getting something implemented when I can. If anyone reading would like to contribute the change, I am happy to help!

burk commented 3 years ago

Oh, I didn't explore the docs enough to find that option! That should work perfectly for me, thanks!