-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtest.html
153 lines (141 loc) · 7.47 KB
/
test.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
<html>
<head>
<title>REST Authentication Tester</title>
<meta charset="UTF-8">
</head>
<body>
<div id="logMsgDiv"></div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<script type="text/javascript">
var $ = jQuery.noConflict();
// Disable async
$.ajaxSetup( { async: false } );
// Using Service Key f80ebc87-ad5c-4b29-9366-5359768df5a1 and administrator
// This is what happens when there you call the REST APIs without a service key and authorisation token
$.ajax( {
cache: false,
crossDomain: true,
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/demo-post-method/",
type: "POST",
success: function( jsonObj, textStatus, xhr ) {
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p style='color: red;'>If this is portion is executed, something must be wrong</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
var htmlContent = $( "#logMsgDiv" ).html( )
+ "<p style='color: red;'>This is what happens when there you call the REST APIs without a service key and authorisation token."
+ "<br />HTTP Status: " + xhr.status + ", Unauthorized access to demo-post-method</p>";
$( "#logMsgDiv" ).html( htmlContent );
}
} );
// Performing login with username2 and passwordForUser2
$.ajax( {
cache: false,
crossDomain: true,
headers: {
"service_key": "f80ebc87-ad5c-4b29-9366-5359768df5a1"
},
dataType: "json",
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/login/",
type: "POST",
data: {
"username": "administrator",
"password": "123456789"
},
success: function( jsonObj, textStatus, xhr ) {
sessionStorage.auth_token = jsonObj.auth_token;
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p>Perform Login. Gotten auth-token as: " + sessionStorage.auth_token + "</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
console.log( "HTTP Status: " + xhr.status );
console.log( "Error textStatus: " + textStatus );
console.log( "Error thrown: " + errorThrown );
}
} );
// After login, execute demoteGetMethod with the auth-token obtained
$.ajax( {
cache: false,
crossDomain: true,
headers: {
"service_key": "f80ebc87-ad5c-4b29-9366-5359768df5a1",
"auth_token": sessionStorage.auth_token
},
dataType: "json",
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/demo-get-method/",
type: "GET",
success: function( jsonObj, textStatus, xhr ) {
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p>After login, execute demoteGetMethod with the auth-token obtained. JSON Message: " + jsonObj.message + "</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
console.log( "HTTP Status: " + xhr.status );
console.log( "Error textStatus: " + textStatus );
console.log( "Error thrown: " + errorThrown );
}
} );
// Execute demoPostMethod with the auth-token obtained
$.ajax( {
cache: false,
crossDomain: true,
headers: {
"service_key": "f80ebc87-ad5c-4b29-9366-5359768df5a1",
"auth_token": sessionStorage.auth_token
},
dataType: "json",
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/demo-post-method/",
type: "POST",
success: function( jsonObj, textStatus, xhr ) {
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p>Execute demoPostMethod with the auth-token obtained. JSON message: " + jsonObj.message + "</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
console.log( "HTTP Status: " + xhr.status );
console.log( "Error textStatus: " + textStatus );
console.log( "Error thrown: " + errorThrown );
}
} );
// Let's logout after all the above. No content expected
$.ajax( {
cache: false,
crossDomain: true,
headers: {
"service_key": "f80ebc87-ad5c-4b29-9366-5359768df5a1",
"auth_token": sessionStorage.auth_token
},
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/logout/",
type: "POST",
success: function( jsonObj, textStatus, xhr ) {
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p>Let's logout after all the above. No content expected.</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
console.log( "HTTP Status: " + xhr.status );
console.log( "Error textStatus: " + textStatus );
console.log( "Error thrown: " + errorThrown );
}
} );
// This is what happens when someone reuses the authorisation token after a user had been logged out
$.ajax( {
cache: false,
crossDomain: true,
headers: {
"service_key": "f80ebc87-ad5c-4b29-9366-5359768df5a1",
"auth_token": sessionStorage.auth_token
},
url: "http://140.118.126.238:6680/REST/app/demo-business-resource/demo-get-method/",
type: "GET",
success: function( jsonObj, textStatus, xhr ) {
var htmlContent = $( "#logMsgDiv" ).html( ) + "<p style='color: red;'>If this is portion is executed, something must be wrong</p>";
$( "#logMsgDiv" ).html( htmlContent );
},
error: function( xhr, textStatus, errorThrown ) {
var htmlContent = $( "#logMsgDiv" ).html( )
+ "<p style='color: red;'>This is what happens when someone reuses the authorisation token after a user had been logged out"
+ "<br />HTTP Status: " + xhr.status + ", Unauthorized access to demo-get-method</p>";
$( "#logMsgDiv" ).html( htmlContent );
}
} );
</script>
</body>
</html>