Anyone have experience testing HTTP methods (like PUT, POST, etc) on a local node-solid-server using Postman? I need to improve on some HTTP handling and would like to use Postman to test and explore this part, but ain’t to familiar with how to set up the authentication part of it.
I have set up a simple local instance of NSS with self-signed certificates (running
lib/solid-test when I need to test the server), and have created some WebIDs (and PODs) using OIDC. I’m unable to find a method for authorization method for it on Postman’s documentation on Authorization, so I reckon it’s not supported…
Any help is appreciated
If I’m unable to handle it with Postman, I’ll probably just bootstrap a simple Solid app that handles it for me (using solid-auth-client or maybe a simple Fetch), but wanted to explore the possibility of using Postman first.
I haven’t done much of this, but when I was debugging my LDP emulation I used a plugin within Atom editor and it worked a treat.
Ok, so, I’ve played around with Postman, and here’s what I recommend for the moment:
Option 1 - Use a cookie
Easiest way to do it - open up Developer Tools / Web Console (the thing that has the Network tab) in your browser. Log in to whichever Solid server you’re testing, enter in your username & password, etc.
In the Network tab, find a POST to /login/password, look for the
set-cookie: connect.sid=s%3ApEnyYz3UWh..; Domain=whatever; Path=... header in the Response.
Now you can include that cookie with all your Postman requests. So, in Postman, switch to the Headers tab, and add
Cookie header, with value
connect.sid=s%3ApEnyYz3UWh.. (obviously substitute your own cookie value).
Option 2 - Use solid-auth-client
Though you can do the whole “register an app, then do a 3-legged OAuth2 flow” process in Postman, it’s way simpler to let solid-auth-client do it for you.
All that said, we should put on the roadmap to make a dev-friendly UI (kind of like Facebook’s Graph Explorer) that will let people register their sample apps, get tokens, etc.
@codenamedmitri I’m able to make HTTP request using Postman on a Solid server that has proper certificates using the approaches you mentioned, but on my local machine where I have self-signed certificates I’m failing. So just to double-check, were you successful with these methods on a local setup with self-signed certificates?
@megoth - I think I had to load up the local pod URL first, click through the usual ‘accept invalid certificate’ prompt, and then use Postman.
But yeah, certs are a perennial problem.
How to identify the user and password fields so the test framework can automate getting past this and sequentially get to the testing on an apps page?
Yeah, I tried that (accept invalid certificate), but still didn’t work =/
I’ll give it another go another day