Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set username dynamically from previous request #1868

Closed
apparentorder opened this issue Aug 26, 2023 · 3 comments
Closed

Set username dynamically from previous request #1868

apparentorder opened this issue Aug 26, 2023 · 3 comments
Labels
enhancement New feature or request

Comments

@apparentorder
Copy link
Contributor

Problem to solve

As follow-up to #1844 (thanks!) –

I'd like to perform SigV4 signed requests with tokens / temporary credentials. This usually involves two steps:

  1. Request to get the credentials / token (e.g. from AWS STS or Cognito Identity Pool)
  2. Actual request(s), signed with the credentials retrieved in step 1

Currently I'd have to do this as two hurl calls in a wrapper script.

Proposal

This would be easy to achieve if username/password could be set from variables, for example

POST request#1
[Captures]
session_access_key_id: jsonpath "$.foo"
session_secret_key: jsonpath "$.bar"

POST request#2
[Options]
username: {{session_access_key_id}}
password: {{session_secret_key}}
aws-sigv4: aws:amz:foo:bar

I imagine this could be implemented easily (I could try to come up with a PR), but I don't fully grasp potential side effects on [BasicAuth] yet (see also #898).

This would also allow to set username/password from HURL_foo environment variables, which improves security (no credentials in the shell history and in system-wide process list).

What would be great additionally: If variables persisted across hurlfiles, so that I could use hurl --test login.hurl request1.hurl request2.hurl, as maintaining a large number of tests in one hurlfile feels cumbersome (might be worth a separate issue).

@apparentorder apparentorder added the enhancement New feature or request label Aug 26, 2023
@fabricereix
Copy link
Collaborator

Supporting dynamic field name for the [BasicAuth] section (as described in #1877) will probably be a good solution.

@apparentorder
Copy link
Contributor Author

That would be great. It would feel a bit off for SigV4, because it's not actually Basic Auth, but that could be documented accordingly.

@jcamiel
Copy link
Collaborator

jcamiel commented Dec 21, 2023

Hi @apparentorder the feature has been merged in #2012

Now this file is supported:

POST https://foo.com
[Options]
variable: user=bob
variable: secret=foo
[BasicAuth]
{{user}}: {{secret}}
HTTP 200

@jcamiel jcamiel closed this as completed Dec 21, 2023
@jcamiel jcamiel linked a pull request Dec 21, 2023 that will close this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants