Unplanned
Last Updated: 20 Feb 2017 15:13 by ADMIN
Wesley
Created on: 16 Feb 2017 13:52
Type: Feature Request
1
test studio
I try using OAuth2.0 and fill in all required data (client & secret)

1. I can't set the grant type to password
2. the request just ignores my entries and keeps using Basic with whatever you think is my password since there is not even a posibility to edit the test variables

3. update request places a Basic authorization tag instead of the OAuth2 I filled in

for an alpha version this would be ok, but for a Beta this should have been tested before release
1 comment
ADMIN
Oleg
Posted on: 20 Feb 2017 15:10
Hello Wesley,

Thanks for reaching out. 

1. Would you please clarify what do you mean by "can't set the grant type to password"? By design you should add your client_id and client_secret in the respective "Client Id" and "Client Secret" fields. All other attributes of your request (including grant_type, username, password, etc.) should be added to the "Body Content" form below. So in order to set the grant type to password, you just need to add an entry to "Body Content" with key "grant_type" and value "password".

There is a sample screenshot of similar setup in our documentation here: http://docs.telerik.com/teststudio-apis/features/steps/http-request

Also, there is a working example in our demo project (http://docs.telerik.com/teststudio-apis/getting-started/sample-project ). You can create the demo project and take a look at the "Authenticate User" test (inside the "Authorization" folder).

2. Also, would you clarify how does the request ignore your entries? The way the authorization works is to always base64 encode your client_id and client_secret and add the value to a Basic Authorization header. The rest of the values that you add in the "Body Content" form should appear as form parameters in the request body.

3. "Update request" is supposed to place a Basic authorization tag in the Authorization header because that is the expected way (in most cases) to send the encoded client_id and client_secret. Once you get your access token in the response, you can store it in a variable and use it further in all of your requests in an Authorization header (like "Authorization": "Bearer {{your-token}}").

I hope this helps. Please let me know if you have further feedback or questions.