How to test Preemptive Authentication in Rest Assured

  

What is Preemptive Authentication?

In preemptive authentication, the client sends the credentials (username & password) in the very first request, rather than waiting for the server to challenge it (with a 401 unauthorized response).
This can improve performance by skipping an extra request-response cycle.


To use preemptive basic auth in Rest Assured:

  • Use .auth().preemptive().basic(username, password)
  • This sends the Authorization header directly with the GET request.
  • You can validate response data with assertions.



API to be tested:

https://postman-echo.com/basic-auth

This endpoint requires Basic Authentication

Username: "postman"

Password: "password"



Java Code using Rest Assured:

import io.restassured.RestAssured;
import io.restassured.response.Response;

import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;

public class PreemptiveAuthTest {

    public static void main(String[] args) {

        // Base URI
        RestAssured.baseURI = "https://postman-echo.com";

        // Preemptive Basic Auth GET Request
        given()
            .auth().preemptive().basic("postman", "password")
        .when()
            .get("/basic-auth")
        .then()
            .statusCode(200)
            .body("authenticated", equalTo(true))
            .log().all();
    }
}




Output:
{
  "authenticated": true
}


Explanation:


LinePurpose
.auth().preemptive().basic(...)Sends credentials proactively without waiting for a challenge
.get("/basic-auth")Executes the GET request
.statusCode(200)Asserts the response status is OK
.body("authenticated", equalTo(true))Asserts that authentication was successful
.log().all()Logs full response details to console




No comments:

How to test Basic Authentication by using Rest Assured

 

To use Basic Authentication in a GET API via Rest Assured, you need to include the username and password using .auth().basic(username, password) in your request.


What is Basic Authentication?

Basic Auth is an authentication method where:

  • The client sends the username and password encoded in Base64 in the request headers.

  • The format is:

Authorization: Basic Base64(username:password)




API to be tested:

https://postman-echo.com/basic-auth
It requires:

Username: postman

Password: password



Maven Dependency:

<dependency>
    <groupId>io.rest-assured</groupId>
    <artifactId>rest-assured</artifactId>
    <version>5.3.0</version>
    <scope>test</scope>
</dependency>




Full Java Code
import io.restassured.RestAssured;
import io.restassured.response.Response;

import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;

public class BasicAuthGetAPI {

    public static void main(String[] args) {
        // Set Base URI
        RestAssured.baseURI = "https://postman-echo.com";

        // Send GET request with basic auth
        Response response = given()
                .auth().basic("postman", "password") // Basic Auth
        .when()
                .get("/basic-auth") // GET Endpoint
        .then()
                .statusCode(200) // Check status code
                .body("authenticated", equalTo(true)) // Validate response body
                .extract().response();

        // Print the response
        System.out.println("Response:\n" + response.prettyPrint());
    }
}



Output:
{
  "authenticated": true
}






Code Explanation:


LinePurpose
.auth().basic("postman", "password")Adds Basic Auth credentials
.get("/basic-auth")Performs GET request
.statusCode(200)Asserts HTTP response is OK
.body("authenticated", equalTo(true))Asserts authenticated key is true

No comments:
Subscribe to: Posts (Atom)