Digest Authentication in Rest Assured is a more secure authentication mechanism than Basic Auth. It involves hashing credentials and using a server challenge-response mechanism, and Rest Assured supports it using the .auth().digest() method.
What is Digest Authentication?
Digest Authentication is an authentication scheme that:
Sends credentials in an encrypted form.
Uses a nonce (number used once) sent by the server.
Provides protection against man-in-the-middle attacks.
API Endpoint for Testing:
https://httpbin.org/digest-auth/auth/user/passwd
This endpoint expects:
Username:
userPassword:
passwd
Steps to Use Digest Auth in Rest Assured:
Maven dependencies:
<!-- Maven Dependency --> <dependency> <groupId>io.rest-assured</groupId> <artifactId>rest-assured</artifactId> <version>5.4.0</version> <scope>test</scope> </dependency>
Java Code: Digest Auth with Rest Assured
import io.restassured.RestAssured; import static io.restassured.RestAssured.*; import static org.hamcrest.Matchers.*; public class DigestAuthExample { public static void main(String[] args) { RestAssured.baseURI = "https://httpbin.org"; given() .auth() .digest("user", "passwd") // Digest Auth .when() .get("/digest-auth/auth/user/passwd") .then() .statusCode(200) .body("authenticated", equalTo(true)) .body("user", equalTo("user")) .log().all(); // Print full response } }
Output:
{ "authenticated": true, "user": "user" }
Code Explanation:
| Step | What it does |
|---|---|
| .auth().digest() | Enables Digest Authentication |
| .get("/digest-auth/auth/user/passwd") | Makes the authenticated GET request |
| .body(...).log().all() | Verifies the response and logs |
No comments:
Post a Comment