Re: [rest-assured] Proper Oauth usage

676 views
Skip to first unread message

Johan Haleby

unread,
Oct 8, 2012, 2:28:12 AM10/8/12
to rest-a...@googlegroups.com
Hi, 

Rest Assured is using the signpost framework under the hood and you need to have it in the classpath (see here). If I'm not misstaken signpost only support OAuth 1.0a. Could that be the reason?

Regards,
/Johan 

On Mon, Oct 8, 2012 at 6:15 AM, Jason Lowder <jblo...@gmail.com> wrote:
Hello,

I had recently written a C# Rest test for the NetFlix API (which works) and just started to do the same in Java with Rest Assured.

I have the following code which returns an error "403 -  Forbidden" when running it, yet I know my Oauth tokens, keys etc are valid because my .Net app runs them just fine.

Is there something wrong with my usage here?

        RestAssured.baseURI = "http://api-public.netflix.com";
        RestAssured.port = 80;
        RestAssured.oauth(consumerKey, consumerSecret, accessToken, secretToken);
        
        Response myResponse = given().param("term", "star wars").get("catalog/titles/autocomplete");

Thanks,

Jason

Jason Lowder

unread,
Oct 8, 2012, 5:38:10 PM10/8/12
to rest-a...@googlegroups.com
Hi,

The Jar files are in my external library and part of the classpath.  From what I can tell they are using OAuth 1.0.

Is there anything else to look at?

Thanks,

Jason

Jason Lowder

unread,
Oct 8, 2012, 6:45:32 PM10/8/12
to rest-a...@googlegroups.com
Ok so it appears this does not work:

RestAssured.oauth(consumerKey, consumerSecret, accessToken, secretToken);

But this does:

Response myResponse = given().auth().oauth(consumerKey, consumerSecret, accessToken, secretToken).param("term", "star wars").get("/catalog/titles/autocomplete");

Why is this?  

Next, I noticed the response came back with encoding=gzip, which it normally doesn't.  In my .Net implementation it returns an XML response.  The content-type is application/xml.  Is there a configuration I can set to not request encoding?

Thanks,

Jason

Johan Haleby

unread,
Oct 9, 2012, 2:20:47 AM10/9/12
to rest-a...@googlegroups.com
Hm there's no reason why RestAssured.oauth(consumerKey, consumerSecret, accessToken, secretToken); shouldn't work. It must be a bug, I'll add it to the issue tracker. I'm planning to make a new release soon and if you're up for it a pull request would be great!

/Johan

Johan Haleby

unread,
Oct 9, 2012, 2:25:08 AM10/9/12
to rest-a...@googlegroups.com
And as a work-around if the latter statement works you can create try to create a filter that you later can configure statically (RestAssured.filters ) so you don't have to duplicate your code.

/Johan 

Jason Lowder

unread,
Oct 9, 2012, 10:50:30 AM10/9/12
to rest-a...@googlegroups.com
Hi Johan,

I just entered the Java world a couple days ago so some of this open source terminology is a bit confusing to me. :-)  How do I make a pull request?

Also, do you have any comment on the return content being gzip encrypted?  Either I'm leaving something out of a header or otherwise that was naturally included in .Net to prevent the encryption.  I didn't see anything in the docs that lead me to what I might need to do.

Thanks again,

Jason

Johan Haleby

unread,
Oct 10, 2012, 2:10:03 AM10/10/12
to rest-a...@googlegroups.com
Hi, 

A pull request is for Github and is described here :) I can't answer why you get a gzip response in when defining oauth statically. The reason may be that HTTP Builder always adds "gzip" to the header. This is something that I want to make configurable (of course) but I haven't had time to do so yet.. There's so much to do! :)

Regards,
/Johan
Reply all
Reply to author
Forward
0 new messages