Created
March 5, 2014 23:25
-
-
Save nanotechz9l/9378928 to your computer and use it in GitHub Desktop.
This script automatically tests a REST API web service with/without user credentials via user supplied input.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'net/http'; require 'open-uri'; require 'base64'; require 'rainbow'; #require 'nokogiri' | |
# This script automatically tests a REST API web service with/without user credentials via user supplied input. | |
def banner() | |
print """ | |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
_____ ____ | |
<----,\ -- ) | |
<--==\\ -/ Web Test v0.0.1 Locked, stocked, and 100% bacon.... <////~ | |
<--==\\/ | |
.-~~~~-.Y|\\_ by Rick Flores @nanotechz9l | |
@_/ / 66\_ 0xnanoquetz9l[--at--]gmail.com | |
| \ \ _('') | |
\ /-| ||'--' Automation station! | |
\_\ \_\\_\ | |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
""" | |
end | |
banner() | |
prompt = 'web_test: ' | |
# ARGVs | |
url, xml_user, user, pass = ARGV[0..3] | |
puts "I can test a web service automatically for you. Before we start, I need to ask you a few questions."#.foreground(:cyan).bright | |
puts "What URL would you like me to test? Please include the port number as shown below."#.foreground(:red).bright | |
puts "Example: http://localhost:9944/security/sessions\n\n"#.foreground(:red).bright | |
print prompt | |
url = STDIN.gets.chomp() | |
# Rest API Server | |
uri = URI.parse(url) | |
req = Net::HTTP.new(uri.hostname, uri.port) | |
# HTTP Body data | |
puts "\n\nWhat XML PropertyList username would like to test (example: admin, test, unknown...)?"#.foreground(:red).bright | |
print prompt | |
xml_user = STDIN.gets.chomp() | |
# Username | |
puts "\n\n(USERNAME) for #{url}?"#.foreground(:red).bright | |
print prompt | |
user = STDIN.gets.chomp() | |
# Password | |
puts "\n\n(PASSWORD) for #{url}?\n\n"#.foreground(:red).bright | |
print prompt | |
pass = STDIN.gets.chomp() | |
# Start test: | |
puts "Starting test on : #{url}\n" | |
puts "Sci:propval using : #{xml_user}\n" | |
puts "Logging in with Username : #{user}\n" | |
puts "Logging in with Password : #{pass}\n\n" | |
# XML PropertyList | |
xml_data = %{<?xml version="1.0" encoding="UTF-8"?> | |
<sci:data xmlns:sci="http://www.t3rm.com/" object="t3rm.PropertyList.1"> | |
<sci:proplist> | |
<sci:propval name="username">#{xml_user}</sci:propval> | |
</sci:proplist> | |
</sci:data>} | |
# Header: Creds to get an X-Pilot-Session | |
# Refactored: | |
#user_and_pass = "#{user}" + ':' + "#{pass}" | |
#base64user_and_pass = Base64.encode64(user_and_pass) | |
base64user_and_pass = Base64.encode64("#{ user }:#{ pass }") | |
# Refactor notes: user, pass and url are already strings, so sticking them inside a string and interpolating their values is a waste of CPU. | |
# As developers we need to be aware of our data-types. | |
# POST method | |
res = req.post( | |
uri.path, | |
xml_data, | |
{ | |
'Content-Type' => 'text/xml', | |
'Content-Length' => xml_data.length.to_s, | |
'Authorization' => "Basic #{base64user_and_pass}", | |
"Connection" => "keep-alive", | |
'User-Agent' => 'Happy New Year from TAO NSA!' | |
} | |
) | |
#puts "Parsing XML output!" | |
puts res.body |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment