Authorization

Testlum has a unique <auth> command - allowing instant authorization by a system user within a test script.

In the integration.xml settings you have the option to choose an authorization strategy within <api> command!

After selecting an authorization strategy for <api> integration in the integration.xml file, by opening the <auth> tag in the test script, authorization will be performed in relation to the selected strategy.

The <auth> tag is mainly used for REST - API - testing - as it allows you to perform many requests within yourself, under a specific system user.

<auth comment="Test case for auth command"

      apiAlias="ALIAS"

      credentials="jwt_user.json" - name of the file with credentials

      loginEndpoint="/api/v1/customer/login">

    <http comment="Get all stores in system" alias="SHOPIZER">

        <get endpoint="/api/v1/auth/customers/profile">

            <response code="200" file="expected_2.json"/>

        </get>

    </http>

</auth>

• apiAlias - API interaction alias
• credentials - Authorization data file
• loginEndpoint - Authorization endpoint used
  • where jwt_user.json the name of the file that contains the necessary data for authorization (This file should store in data folder)
  • closing the command means logging out this user within the test script

Credential file example:

{

  "password": "password",

  "username": "username"

}

The interaction of the command and the HTTP request simplifies REST API testing. For example, when performing many checks inside the system (private), you will not need to pass the authorization token each time, since we will act already under an authorized user inside the tag.

This function makes it easy to test functionality with complex logic and a high level of privacy, since

<auth> will allow you to instantly switch from one user of the system to another inside the test script, which will allow the tester to effectively test functionality with a complex system of permissions and rights for users systems in a short time.