5

I'm trying to use REST assured to test my login/logout feature. Is it possible to have a REST assured test that posts to login then posts to logout? If not, how can I test it properly?

mattklamp
  • 293
  • 4
  • 13

4 Answers4

4

Just send two post() with one assert()/expect() :

import org.junit.Assert;
import org.junit.Test;

import static org.hamcrest.Matchers.*;
import static com.jayway.restassured.RestAssured.*;

@Test
public void loginAndLogout(){
    final String login = randomLogin();
    // First post to login()
    given()
    .queryParam("login", login)
    .queryParam("password", randomPassword())
    .when().post("/login/");    

    // Second post to logout() with an assert
    expect().statusCode(200)
    .given()
    .when().post("/logout/");   
}
vaugham
  • 1,821
  • 1
  • 19
  • 38
  • In between each post, if you want to verify response then that is also possible.. i.e. after `post()` you can have `then().body("param1", "value1,", "param2", "value2", ...);` – Paresh Apr 12 '15 at 06:39
1

You can try 

expect().statusCode(HttpStatus.SC_OK)
    .given()
    .parameters("user", user, "password", URL)
    .cookie("cookie_name", "cookie_value")
    .post("/someURL");

Also there is a rest-assured auth call.

See the documentation or the examples

mihai.ciorobea
  • 741
  • 5
  • 12
0

Also you try this:

Create your JSON file with xyzjson name and keep your post payload data in that file and use below code.

Response rep  = given()
                  .headers
                  .(headers)
                  .accept(contentType.json)
                  .body (xyzjson)
                .when()
                  .post(someURL);

Assert.assertTrue(rep.StatusCode() == HttpStatus.SC_Ok);
Raduan Santos
  • 1,023
  • 1
  • 21
  • 45
Nitin mahapure
  • 1
  • 1
0

Does your login api call result in some sort of authentication token that is reused in subsequent requests? If so, I see these as separate rest assured calls to test it fully.

(Login Focus)

  1. Issue a RestAssured call to the /login api. Save the returned authentication token.
  2. Using the saved token, issue a RestAssured call to another api in your system that requires the authentication in step one. This confirms the authentication token works.

(Logout Focus)

  1. Issue a RestAssured call to the /logout api using the saved token.
  2. Repeat step two and confirm this request now fails as the login token is no longer valid after step three.
Dave Gordon
  • 216
  • 3
  • 5