This blog describes how to make POST calls containing CSRF tokens to Gateway using SoapUI.
The testcase contains 3 steps, and a property named CSRF,
Check field "Maintain HTTP session" under testcase options, this will make sure that the cookies set in the GET request are reused in the POST request,
1: Get CSRF
This will fetch the token via a GET request, add header "X-CSRF-Token" and value "Fetch"
2: Groovy Script
The script will take the token from the GET request and store it in the testcase "CSRF" property
''
def headerValue = testRunner.testCase.getTestStepByName("Get CSRF").httpRequest.response.responseHeaders["x-csrf-token"];
log.info( headerValue[0] );
testRunner.testCase.setPropertyValue( "CSRF", headerValue[0] );
''
3: POST
The actual request using the token, add header "X-CSRF-Token" with value "${#TestCase#CSRF}", set content type according to input data
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
10 | |
9 | |
5 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 |