Cats

All Tests / Test 5984

Test Id

Test 5984

Test Trace Id

c3d6982e-95af-42f5-8c1f-5cb6052632b4

Timestamp

Tue, 23 Jun 2026 21:38:59 GMT

Scenario

Send string fields encoded as numeric: field [idToken], fuzzed value [2], original [SWKAQMHNUDPYEDIVHJIYBTNAD]. This tests type validation and potential type coercion issues.

Expected Result

Should return 4XX

Result

error

Result Details

The following keywords were detected in the response which might suggest an error details leak: [unauthorized]

Contract Path

/api/auth/google

Fuzzer

NumericValuesInStringFields

Full Request Path

https://qa-api.puk3p.online/api/auth/google

Http Method

post

Request Details

Payload

{
  "idToken": 2
}

Request Details

Headers

[
  {
    "key": "Accept",
    "value": "application/json"
  },
  {
    "key": "Content-Type",
    "value": "application/json"
  },
  {
    "key": "User-Agent",
    "value": "cats/13.8.1-SNAPSHOT (Test 5984 - NumericValuesInStringFields)"
  },
  {
    "key": "X-Cats-Trace-Id",
    "value": "c3d6982e-95af-42f5-8c1f-5cb6052632b4"
  }
]

Request Details

cURL

curl  -X POST \
     -H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "User-Agent: cats/13.8.1-SNAPSHOT (Test 5984 - NumericValuesInStringFields)" \
-H "X-Cats-Trace-Id: c3d6982e-95af-42f5-8c1f-5cb6052632b4" \
 \
      -d '{"idToken":2}' \
      https://qa-api.puk3p.online/api/auth/google

Response

{
  "responseCode": 401,
  "httpMethod": "POST",
  "responseTimeInMs": "161",
  "numberOfWordsInResponse": "3",
  "numberOfLinesInResponse": "1",
  "contentLengthInBytes": "165",
  "jsonBody": {
    "timestamp": "2026-06-23T21:38:59.153342667Z",
    "status": 401,
    "error": "Unauthorized",
    "message": "Invalid Google token",
    "path": "/api/auth/google",
    "validationErrors": null
  },
  "headers": [
    {
      "key": "cache-control",
      "value": "no-cache, no-store, max-age=0, must-revalidate"
    },
    {
      "key": "content-type",
      "value": "application/json"
    },
    {
      "key": "date",
      "value": "Tue, 23 Jun 2026 21:38:59 GMT"
    },
    {
      "key": "expires",
      "value": "0"
    },
    {
      "key": "pragma",
      "value": "no-cache"
    },
    {
      "key": "server",
      "value": "nginx/1.24.0 (Ubuntu)"
    },
    {
      "key": "strict-transport-security",
      "value": "max-age=31536000 ; includeSubDomains"
    },
    {
      "key": "vary",
      "value": "Origin"
    },
    {
      "key": "x-content-type-options",
      "value": "nosniff"
    },
    {
      "key": "x-frame-options",
      "value": "DENY"
    },
    {
      "key": "x-xss-protection",
      "value": "0"
    }
  ],
  "responseContentType": "application/json"
}

CATS Replay

cats replay Test5984