spring-boothttppostmanrest-assuredinsomnia

No valid crumbs for Rest Assured request against localhost


I have this for my rest assured code, which tests against my running app on localhost:

public class FunctionalIT {
@Test
    void createInvestment() {
        Investment investment = Investment.builder()
                        .ownerId(UUID.randomUUID())
                        .amount(BigDecimal.valueOf(1000))
                        .creationDate(LocalDate.now())
                        .build();

        RestAssured.given()
                .contentType(ContentType.JSON)
                .body(investment)
                .baseUri("http://localhost:8080")
                .when()
                .post("/api/investments")
                .then()
                .statusCode(201);
    }
}

However, I get a 403 error

francislainycampos/.m2/repository/org/slf4j/slf4j-api/2.0.12/slf4j-api-2.0.12.jar com.intellij.rt.junit.JUnitStarter -ideVersion5 -junit5 com.francislainy.coderockinvestment.functionaltests.FunctionalIT,createInvestment
Request method: POST
Request URI:    http://localhost:8080/api/investments
Proxy:          <none>
Request params: <none>
Query params:   <none>
Form params:    <none>
Path params:    <none>
Headers:        Accept=*/*
                Content-Type=application/json
Cookies:        <none>
Multiparts:     <none>
Body:
{
    "id": null,
    "ownerId": "5d63e45a-5bf6-45cb-9bd8-c803b8d12c90",
    "creationDate": [
        2024,
        4,
        9
    ],
    "amount": 1000,
    "expectedBalance": null
}
HTTP/1.1 403 Forbidden
X-Content-Type-Options: nosniff
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html;charset=iso-8859-1
Content-Length: 555
Server: Jetty(10.0.15)

<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
    <title>Error 403 No valid crumb was included in the request</title>
  </head>
  <body>
    <h2>HTTP ERROR 403 No valid crumb was included in the request</h2>
    <table>
      <tr>
        <th colspan="1" rowspan="1">URI:</th>
        <td colspan="1" rowspan="1">/api/investments</td>
      </tr>
      <tr>
        <th colspan="1" rowspan="1">STATUS:</th>
        <td colspan="1" rowspan="1">403</td>
      </tr>
      <tr>
        <th colspan="1" rowspan="1">MESSAGE:</th>
        <td colspan="1" rowspan="1">No valid crumb was included in the request</td>
      </tr>
      <tr>
        <th colspan="1" rowspan="1">SERVLET:</th>
        <td colspan="1" rowspan="1">Stapler</td>
      </tr>
    </table>
    <hr/>
    <a shape="rect" href="https://eclipse.org/jetty">Powered by Jetty:// 10.0.15</a>
    <hr/>
  </body>
</html>

This is just a simple request to localhost. I’m not using spring security and my app is very simple, with just a normal controller and service class.

@RestController
@RequestMapping("/api/investments")
@RequiredArgsConstructor
public class AppController {

    private final AppServiceImpl appService;

    @PostMapping
    public ResponseEntity<Object> createInvestment(@Valid @RequestBody Investment investment) {
        return new ResponseEntity<>(appService.createInvestment(investment), HttpStatus.CREATED);
    }

The request works on Postman and my Mac terminal, but fails with the same 403 error against Insomnia and Rest Assured.

This is the full app and test on Github:

https://github.com/francislainy/coderock-investment-backend-challenge/blob/master/src/test/java/com/francislainy/coderockinvestment/functionaltests/FunctionalIT.java

enter image description here

Thank you.


Solution

  • The issue is fixed now and it seems to do with Jenkins intercepting the requests to the 8080 port somehow, which I was only able to find out when I tried a get request against Firefox, since Chrome, Edge and Safari were all still able to bypass the issue and give me a proper response, similar to how postman was also doing. So I'm now pointing my application against port 8081.

    enter image description here

    enter image description here