How to auto generate a JWT using ReadyAPI 3.6.0

Question

I have a Spring Boot application which uses JWT for authorization. I have a basic understanding of OAuth and JWT but this application uses more things I'm not currently familiar with. So, in order to generate a JWT to use in this application, we execute a command similar to this:

java -jar jwt-bearer-token-acquirer-1.0.18.jar 
--legacyVerifierKeyEndpoint https://example.com/oauth/token_key 
--tokenEndpoint https://example.com/oauth/token
--issuer ABC123
--subject ABC123
--scope /myapp/myscope
--privateKeySignerFile C:\mykeyfile.jks
--jksKeyAlias ABC123
--jksKeyStorePassword myPassword
--jksKeyPassword myOtherPassword

Once we get a JWT with this command, we can make the API call and returns the expected results.

So now, I was requested to see how to auto generate JWT's using ReadyAPI so our validators can run tests without manually generating tokens. After reading a lot on their documentation here https://support.smartbear.com/readyapi/docs/requests/auth/types/oauth2/generate-jwt.html?sbsearch=auto%20generate%20token I am still not able to understand what to do.

I was able to add the key store information but I'm not sure where or how to tell ReadyAPI to generate a complete JWT since I don't know where to put things like the verifier key endpoint or the token endpoint.

I would greatly appreciate any help.

Thank you all in advance.

Answer 1

You said:

...this application uses more things I'm not currently familiar with.

so you will probably not be able to use the default ReadyAPI mechanism to generate your JWT.

1. start a testcase, and open the Setup tab.
2. In the setup you can use something like "command".execute() to run your command. See this SO Q&A for additional info. If you can get your developers to show you how to call your jwt-bearer-token-acquirer-1.0.18.jar from Java/Groovy, that would simplify this.
3. In the script store the JWT token in something like def token = "command".execute(). And store the token in a testcase property: testCase.setPropertyValue('token', token)
4. Start adding REST calls to your testcase. For each REST call you make you will have to Add custom headers: Authorization with value bearer ${#TestCase#token}. If you are feeling up to it, this can be simplified with custom Events.