如何在JMeter中进行OAuth 2.0身份验证? [英] How to do a OAuth 2.0 authentication in JMeter?
问题描述
我正在尝试对一些需要进行身份验证(OAuth 2.0)的API进行功能测试,并在JMeter中对此进行仿真.
I'm trying to Functional test a few APIs that need to be authenticated (OAuth 2.0) and simulate this in JMeter.
我正在尝试对Azure云的OAuth服务进行身份验证.有没有人能够成功创建JMeter HTTP请求以针对OAuth 2.0进行身份验证?
I'm trying to authenticate the OAuth service for Azure cloud. Has anyone out there been able to successfully create JMeter HTTP requests to authenticate against OAuth 2.0?
推荐答案
基本上,您需要添加 HTTP标头管理器,以发送值为Bearer ${ACCESS_TOKEN}的Authorization标头,以进行经过身份验证的OAuth API调用.
Basically you need to add HTTP Header Manager to send Authorization header with the value of Bearer ${ACCESS_TOKEN} in order to make authenticated OAuth API calls.
可以通过两种主要方式获取访问令牌:
Access token can be obtained in 2 major ways:
- Get it somehow (ask for it, capture it using sniffer tool and application which you need to simulate, etc), but be aware that OAuth access tokens have limited life span (1 hour by default, this applies to point 2 as well)
Implement OAuth2 flow in your test, i.e. :
- 进行身份验证(提供客户端ID和租户ID)
- 授权(使用客户端ID和上一步中的代码)
- 获取访问令牌(提供上一步的授权代码,第一步的代码和客户端ID
关于实现选项2-它需要3个单独的JMeter采样器(或者,您也可以通过
In regards to implementing option 2 - it will require 3 separate JMeter samplers (or alternatively you can get the access token programmatically via JSR223 Sampler)
参考:
- Microsoft Azure REST API + OAuth 2.0
- AzureAD/azure-activedirectory-library-for-java
- How to Run Performance Tests on OAuth Secured Apps with JMeter
这篇关于如何在JMeter中进行OAuth 2.0身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
