RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
Hi all.
I am very new to RESTler but have run into a problem that which neither documentation, videos or AI have been able to resolve. It is about automatic inferring dependency between endpoints, like a login and the token it provides.
In my swagger.json I have these paths
"/Login": {
"post": {
"tags": [
"Person"
],
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"type": "string"
}
}
}
}
}
}
},
"/Person/{allowed}": {
"post": {
"tags": [
"Person"
],
"parameters": [
{
"name": "allowed",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Person"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/Person"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/Person"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"text/plain": {
"schema": {
"type": "integer",
"format": "int32"
}
},
"application/json": {
"schema": {
"type": "integer",
"format": "int32"
}
},
"text/json": {
"schema": {
"type": "integer",
"format": "int32"
}
}
}
}
}
}
As far as I have been able to read and been told (mainly by Bing AI), this setup should automatically create a dependency between the 2 endpoints, so before calling Person/{allowed}, it would call /Login and use the response as the value for {allowed}. But it always ends up calling Person first and use "fuzzstring" as value for {allowed}.
Anyone have some good pointers?
Description
Hi all. I am very new to RESTler but have run into a problem that which neither documentation, videos or AI have been able to resolve. It is about automatic inferring dependency between endpoints, like a login and the token it provides. In my swagger.json I have these paths "/Login": { "post": { "tags": [ "Person" ], "responses": { "200": { "description": "Success", "content": { "text/plain": { "schema": { "type": "string" } } } } } } }, "/Person/{allowed}": { "post": { "tags": [ "Person" ], "parameters": [ { "name": "allowed", "in": "path", "required": true, "schema": { "type": "string" } } ], "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Person" } }, "text/json": { "schema": { "$ref": "#/components/schemas/Person" } }, "application/*+json": { "schema": { "$ref": "#/components/schemas/Person" } } } }, "responses": { "200": { "description": "Success", "content": { "text/plain": { "schema": { "type": "integer", "format": "int32" } }, "application/json": { "schema": { "type": "integer", "format": "int32" } }, "text/json": { "schema": { "type": "integer", "format": "int32" } } } } } } As far as I have been able to read and been told (mainly by Bing AI), this setup should automatically create a dependency between the 2 endpoints, so before calling Person/{allowed}, it would call /Login and use the response as the value for {allowed}. But it always ends up calling Person first and use "fuzzstring" as value for {allowed}. Anyone have some good pointers?