Handling JWT bearer token from ADFS

I'm testing a web application API that do authentication against an ADFS server with X509 certificates. In order to run tests with Karate, I currently use a small .NET application that negotiates the JWT for SSO using my installed certificate. I then get the bearer token header line from Fiddler and manually put it into my Karate tests.

There's an example on how to use oauth with form fields here, and I'm looking for the equivalent version when using certificates.

Is there a clever way of getting the bearer token without manually sniffing and injecting it into the tests?


Solution 1:

Certificate support made it into 0.7.0 and you can find examples here: https://github.com/intuit/karate/tree/master/karate-demo/src/test/java/ssl

Hope that gets you on your way, else you may need to dig into this long thread on SSL / Cert support in Karate and perhaps add a feature request: https://github.com/intuit/karate/issues/281

One idea is if you can modify your .NET program to run as a command-line app and return the token or save it to a file, you could invoke it from Karate using Java interop, and the Runtime.getRuntime().exec(command) - you should be able to find material on the net on how to do this.

EDIT: you can use curl ! https://stackoverflow.com/a/64352676/143475