Add Oauth 2 JWT token support #54
Conversation
|
According to travis the build is succeeded: https://travis-ci.org/imbo/behat-api-extension but github is waiting for the status. |
|
I noticed. Tried to re-run the Travis-build, but it didn't help. |
|
So can this be merged? |
I will try to look through it later today to see if I can merge it. |
|
Currently it's only possible to match a JWT that is in the first level of the JSON response. If the response contains for instance: {
"some": {
"nested": {
"object": {
"with": {
"jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ"
}
}
}
}
}It would be great if one could m atch this as well, also values in numericallly indexed arrays. Perhaps use a notation like |
|
It would be nice to be able to use the Then we could do something like this: Then the response body contains a JWT identified by "some JWT reference":
"""
{
"header": {
"alg": "HS256",
"typ": "JWT"
},
"claims": {
"sub": "some subject",
"iss": "some issuer"
},
"secret": "some secret"
}
"""
And the response body contains JSON:
"""
{
"some": {
"object": {
"with": {
"value": "@jwt(some JWT reference)"
}
}
}
}
"""The two steps can then be used together to be able to match JWTs placed anywhere in the body. Does this sound OK @Zwartpet? |
|
Sounds good to me, i'm not able to update the code in the upcoming days though. Probably after the weekend. |
|
I can push to your branch though, so I can hack together something tonight. |
|
Then I'll keep an eye on my inbox to see you're implementation ;) |
To use the jwt custom matcher function the matcher instance must be given a set of tokens it can match against. This step can be used to configure the matcher before using another step to match the actual JWTs present in the response body.
|
Looks good, is there anything else need to be done? |
Added a method to test JWT tokens