i am verifying a provider pact of OTP service, it has Basic Auth username and password and a header in the request as "Authorization" : "abc"

Question

Code:

@TestTarget
    public final Target target = new HttpTarget("https", "digital-dev.mashreq.com/api/otp-service/api/v1/otp", 8080, "/generate");
    private static ConfigurableWebApplicationContext application;


    @TargetRequestFilter
    public void exampleRequestFilter (HttpRequest request) throws UnsupportedEncodingException {
        // Authorization header Base64 encoded...
        request.addHeader("Authorization", "Basic " + base64StringOf("OtpUser", "otp@123"));
        request.addHeader("Content-Type", "application/json");
        request.addHeader("Authorization", "Basic T3RwVXNlcjpvdHBAMTIz");

    }

    private String base64StringOf(String username, String password) {
        return Base64.getEncoder().encodeToString((username + ":" + password).getBytes());
    }

Console:

java.lang.AssertionError: 
0 - Expected a header 'Authorization' but was missing
1 - assert expectedStatus == actualStatus
           |              |  |
           200            |  404
                          false

I think I am doing it wrong but still cannot find the solution.

Answer 1

There are two problems:

1. You provider is not returning a header with the key Authorization
2. The provider is responding with a 404

For (1), are you expecting the OTP to be returned in the Authorization header or is this a mistake? Is the OTP returned as a body item or a header? (it would seem strange to return another Authorization header IMO).

For (2), this could be due to an incorrect setup of your provider. Perhaps

You are also posting two Authorization headers - this seems strange.

FWIW I was able to just hit this API now, but it failed with a 404 saying that no message was found:

{"timestamp":"2020-02-09T11:28:39.411+0000","status":404,"error":"Not Found","message":"No message available","path":"/api/v1/otp:8080"}%                                                                                                                                                                                   

1. Just a courtesy to ensure that you didn't mean to post valid credentials to this site
2. Perhaps there needs to be a Provider State setup for the OTP to work?