I am a manual software test analyst, trying to learn API testing using SoapUI 5.7.2.
The site I test manually authenticates via Access Tokens, which is generated during Sign In and utilised by each request. A new Access Token is generated every time the user signs in.
In SoapUI this is my project structure:
GetToken sends a request in JSON and a response is returned in JSON, within the response is the access token
PropertyTransfer is used to transfer the value of accessToken from GetToken so that it can be used in CreateTask request.
CreateTask sends a request with task details in JSON, which is used to create a task, the response (also in JSON) is of the task that was created. The request also contains a Header called Authorization, the access token from GetToken is the value of the header prefixed with 'Bearer'
The problem I have is that I do not know how to configure PropertyTransfer to dynamically transfer the access token from GetToken response into the Authorization Header of CreateTask request. This should all work when TestCase1 is executed, the steps are executed in sequence and a task is created. This works if i manually paste the access token from GetToken into the Header of CreateTask and execute CreateTask (as shown).
I have tried to find out using ChatGPT what values I need to enter in PropertyTransfer.
ChatGPT has suggested I setup PropertyTransfer like so:
As shown in the screenshot above, the access token is successfully transferred to PT1
ChatGPT suggested I configure the Authorization Header in CreateTask like so:
but when I run TestCase1 I get the following raw response:
Full response:
HTTP/1.1 401 Unauthorized
Date: Fri, 22 Dec 2023 11:16:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache
Content-Language: en-GB
Expires: -1
Pragma: no-cache
WWW-Authenticate: Bearer
WWW-Authenticate: Bearer
Request-Context: appId=cid-v1:5e37811c-4b81-4fdd-9d58-f6faae2fd19f
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';img-src 'self' data:;frame-src 'self' eu-west-2.quicksight.aws.amazon.com locate3-web-ui-dev-webapp.azurewebsites.net;font-src 'self' data:;connect-src 'self' https://portertracdev.b2clogin.com https://sigr-pt-uks-tst-001.service.signalr.net ws://sigr-pt-uks-tst-001.service.signalr.net
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Correlation-ID: DCEt6dnR
X-Powered-By: ASP.NET
x-azure-ref: 20231222T111628Z-u0xykw10dt45b0d1b3z96h8nk400000006k000000000m7nn
X-Cache: CONFIG_NOCACHE
I discovered the process that is required, I am posting it here in case anyone else comes across a similar problem.
Select the project name from Target dropdown and the custom property from Property dropdown
Set the following syntax as the value for Authorization header in the request that the access token needs to be used in: