I am running a Bearer authentication on Graphql server, it's working on Postman and it's not working on Karate framework.
Scenario: Check authorisation
Given text query =
"""
config { name value }
"""
And request { query: '#(query)' }
And header 'Authorization' = 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
And cookie foo = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
When method Post
Then status 200
Then print error
Execution Logs:
16:28:03.390 [main] INFO com.intuit.karate - [print] Authorization Cookie: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaWctcWE1LXRydC1lcGF4LmJzZ2cuY28udWsiLCJzdWIiOiI1MjY1YmNiNS03NDlmLTQyMGMtOTczOC1kYTA5ZDA0MWU5ZGYiLCJlcGF4RGF0YSI6eyJyb2xlIjoiUEFYIiwic2VjdG9yIjoiN2NlYWViZmItNTIwYS00ODVkLTgzOTItOWFjOGI4ZDQ5NTNiIn0sImlhdCI6MTY1Njg0NTg4MywiZXhwIjoxNjU2OTMyMjgzfQ.3xinKBMKvFRaLH4kRqBLSALAm6K-QqFF9jD5nTlxa3I
16:28:03.418 [main] DEBUG com.intuit.karate - request:
2 > POST https://baseUrl/air-server/graphql
2 > Content-Type: application/json; charset=UTF-8
2 > Accept: */*
2 > Connection: keep-alive
2 > 'Authorization': Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaWctcWE1LXRydC1lcGF4LmJzZ2cuY28udWsiLCJzdWIiOiI1MjY1YmNiNS03NDlmLTQyMGMtOTczOC1kYTA5ZDA0MWU5ZGYiLCJlcGF4RGF0YSI6eyJyb2xlIjoiUEFYIiwic2VjdG9yIjoiN2NlYWViZmItNTIwYS00ODVkLTgzOTItOWFjOGI4ZDQ5NTNiIn0sImlhdCI6MTY1Njg0NTg4MywiZXhwIjoxNjU2OTMyMjgzfQ.3xinKBMKvFRaLH4kRqBLSALAm6K-QqFF9jD5nTlxa3I
2 > 'Cookie': epax_jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaWctcWE1LXRydC1lcGF4LmJzZ2cuY28udWsiLCJzdWIiOiI1MjY1YmNiNS03NDlmLTQyMGMtOTczOC1kYTA5ZDA0MWU5ZGYiLCJlcGF4RGF0YSI6eyJyb2xlIjoiUEFYIiwic2VjdG9yIjoiN2NlYWViZmItNTIwYS00ODVkLTgzOTItOWFjOGI4ZDQ5NTNiIn0sImlhdCI6MTY1Njg0NTg4MywiZXhwIjoxNjU2OTMyMjgzfQ.3xinKBMKvFRaLH4kRqBLSALAm6K-QqFF9jD5nTlxa3I
2 > Cookie: epax_jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaWctcWE1LXRydC1lcGF4LmJzZ2cuY28udWsiLCJzdWIiOiI1MjY1YmNiNS03NDlmLTQyMGMtOTczOC1kYTA5ZDA0MWU5ZGYiLCJlcGF4RGF0YSI6eyJyb2xlIjoiUEFYIiwic2VjdG9yIjoiN2NlYWViZmItNTIwYS00ODVkLTgzOTItOWFjOGI4ZDQ5NTNiIn0sImlhdCI6MTY1Njg0NTg4MywiZXhwIjoxNjU2OTMyMjgzfQ.3xinKBMKvFRaLH4kRqBLSALAm6K-QqFF9jD5nTlxa3I
2 > Content-Length: 33
2 > Host: baseUrl
2 > User-Agent: Apache-HttpClient/4.5.13 (Java/15.0.2)
2 > Accept-Encoding: gzip,deflate
{"query":"config { name value }"}
16:28:04.064 [main] DEBUG com.intuit.karate - response time in milliseconds: 645
2 < 400
2 < Date: Sun, 03 Jul 2022 10:58:03 GMT
2 < Content-Type: application/json
2 < Transfer-Encoding: chunked
2 < Connection: keep-alive
2 < X-Powered-By: Express
2 < Access-Control-Allow-Origin: *
{"errors":[{"message":"Context creation failed: Unauthorized","extensions":{"code":"UNAUTHENTICATED"}}]}
16:28:04.065 [main] ERROR com.intuit.karate - src/test/java/gss/users/users.feature:27
Then status 200
status code was: 400, expected: 200, response time in milliseconds: 645, url: https://baseUrl/air-server/graphql, response:
{"errors":[{"message":"Context creation failed: Unauthorized","extensions":{"code":"UNAUTHENTICATED"}}]}
src/test/java/gss/users/users.feature:27
status code was: 400, expected: 200, response time in milliseconds: 645, url: https://baseUrl/air-server/graphql, response:
{"errors":[{"message":"Context creation failed: Unauthorized","extensions":{"code":"UNAUTHENTICATED"}}]}
Please use headers instead of header and cookie separately and send all headers at once. Sometimes Karate fails when these were sent separately.
hardcode tokens to check if its working.