Using JSON for dynamic session token handling

To provide an example of using JSON for dynamic session token handling, a script was recorded for testing a banking application. A new session token is required each time the script is played back. In the example, myToken is the name of the session token. Note that the name of the session token varies in each native application.

The script contains two steps: a step to login and a step to view the account transactions.

After recording the script and playing it back, it is apparent that the reply content is blank for many of the requests. Most of the requests include a personalized header. This header serves as a session token and needs to be dynamic so the script can run successfully.

While reviewing the playback results, the first POST action contains a myToken entry in the Reply Content.

When the HTTP action for the POST is opened, there is a myToken session token in the headers.

In reviewing other POST actions, myToken is present in their headers, also.

This header is repeated in the POST requests.

Example of the reply content

Open the POST request by clicking Script Script button in the timeline, then clicking the first HTTP action HTTP action.

Because the value of myToken changes each time the script is run, the value of myToken must be captured and inserted into the script wherever necessary.

POST example

To capture the token, select the HTTP action in the first step, then click More on the first POST action.

More button on HTTP request

Click the Reply Handler tab.

Reply handler

Enter the code to capture the token.

 var json = response.content;
alert (json);
var obj = JSON.parse(json);
token = obj["myToken"];
alert ("TOKEN : " + token);

For this example:

The first line captures the response and places it in variable json.

The third line parses the JSON response into the matched array obj.

And, finally, the fourth line captures the value of myToken and puts it in the variable token.

Reply handler example

To use the captured value, in each HTTP request and anywhere else that the header myToken is used, replace the original hard-coded value with the text `token`.

The text `token` uses backticks, not single quotation marks. The backticks indicate that the global variable defined in the reply handler is used.

Updated POST example

The value of myToken is captured and inserted in the script each time the script is run.