mikekistler
commented
2 years ago @ramkrivas I can share my method for providing authentication tokens to RESTler. I'm running RESTler on Azure services, and I can use the Azure CLI to get a fresh access token. I put this command in a getToken.sh script and then specify that on the --token_refresh_command argument to RESTler. Here's what my script looks like:
#!/bin/bash
find . -name 'token.json' -depth 1 -mtime -1h | grep . &> /dev/null || az account get-access-token > token.json
token=$(jq -r '.accessToken' token.json)
echo "{'user1':{}, 'user2':{}}"
echo "Authorization: bearer ${token}"
echo "Authorization: shadow_unit_test_token"So if you have a way to get a token for your service, you can just replace that part and you should be good to go.
Description
Dear Team, I have below doubts.
QUS 1 : How to integrate getting API access token and refresh ? Any sample script available for getting access token ? Our is a JWT bearer token. I tried search in your guides and entire source code. There is sample code or example available for access token scenario. can you please share if you have any reference script ?
QUS 2: I read in the guide that fuzzing dictionary should be customised based on our need. How intense this customization in real time scenario, the reason I am asking is, there are many fuzzable characters available in FuzzDB for a string datatype. Should we include all combinations in the fuzzing dictionary for a better result ? Your opinion ?
Thanks in advance for your answer !.