No results for

Powered byAlgolia

HTTP Authentication

Scripting examples on how to use different authentication or authorization methods in your load test.

Basic authentication

basic-auth.js
1import encoding from 'k6/encoding';
2import http from 'k6/http';
3import { check } from 'k6';
4
5const username = 'user';
6const password = 'passwd';
7
8export default function () {
9 const credentials = `${username}:${password}`;
10
11 // Passing username and password as part of the URL will
12 // allow us to authenticate using HTTP Basic Auth.
13 const url = `https://${credentials}@httpbin.test.k6.io/basic-auth/${username}/${password}`;
14
15 let res = http.get(url);
16
17 // Verify response
18 check(res, {
19 'status is 200': (r) => r.status === 200,
20 'is authenticated': (r) => r.json().authenticated === true,
21 'is correct user': (r) => r.json().user === username,
22 });
23
24 // Alternatively you can create the header yourself to authenticate
25 // using HTTP Basic Auth
26 const encodedCredentials = encoding.b64encode(credentials);
27 const options = {
28 headers: {
29 Authorization: `Basic ${encodedCredentials}`,
30 },
31 };
32
33 res = http.get(`https://httpbin.test.k6.io/basic-auth/${username}/${password}`, options);
34
35 // Verify response (checking the echoed data from the httpbin.test.k6.io
36 // basic auth test API endpoint)
37 check(res, {
38 'status is 200': (r) => r.status === 200,
39 'is authenticated': (r) => r.json().authenticated === true,
40 'is correct user': (r) => r.json().user === username,
41 });
42}

Digest authentication

digest-auth.js
1import http from 'k6/http';
2import { check } from 'k6';
3
4const username = 'user';
5const password = 'passwd';
6
7export default function () {
8 // Passing username and password as part of URL plus the auth option will
9 // authenticate using HTTP Digest authentication.
10 const credentials = `${username}:${password}`;
11 const res = http.get(
12 `https://${credentials}@httpbin.test.k6.io/digest-auth/auth/${username}/${password}`,
13 { auth: 'digest' }
14 );
15
16 // Verify response (checking the echoed data from the httpbin.test.k6.io digest auth
17 // test API endpoint)
18 check(res, {
19 'status is 200': (r) => r.status === 200,
20 'is authenticated': (r) => r.json().authenticated === true,
21 'is correct user': (r) => r.json().user === username,
22 });
23}

NTLM authentication

ntlm-auth.js
1import http from 'k6/http';
2
3const username = 'user';
4const password = 'passwd';
5
6export default function () {
7 // Passing username and password as part of URL and then specifying
8 // "ntlm" as auth type will do the trick!
9 const credentials = `${username}:${password}`;
10 const res = http.get(`http://${credentials}@example.com/`, { auth: 'ntlm' });
11}

AWS Signature v4 authentication with the k6-jslib-aws

To authenticate requests to AWS APIs using AWS Signature Version 4, k6 offers the k6-jslib-aws JavaScript library, which provides a dedicated SignatureV4 class. This class can produce authenticated requests to send to AWS APIs using the http k6 module.

Here's an example script to demonstrate how to sign a request to fetch an object from an S3 bucket:

awsv4-auth.js
import http from 'k6/http';
import { AWSConfig, SignatureV4 } from 'https://jslib.k6.io/aws/0.11.0/signature.js';
const awsConfig = new AWSConfig({
region: __ENV.AWS_REGION,
accessKeyId: __ENV.AWS_ACCESS_KEY_ID,
secretAccessKey: __ENV.AWS_SECRET_ACCESS_KEY,
/**
* Optional session token for temporary credentials.
*/
sessionToken: __ENV.AWS_SESSION_TOKEN,
});
export default function () {
/**
* Create a signer instance with the AWS credentials.
* The signer will be used to sign the request.
*/
const signer = new SignatureV4({
service: 's3',
region: awsConfig.region,
credentials: {
accessKeyId: awsConfig.accessKeyId,
secretAccessKey: awsConfig.secretAccessKey,
sessionToken: awsConfig.sessionToken,
},
});
/**
* Use the signer to prepare a signed request.
* The signed request can then be used to send the request to the AWS API.
*/
const signedRequest = signer.sign({
method: 'GET',
protocol: 'https',
hostname: 'test-jslib-aws.s3.us-east-1.amazonaws.com',
path: '/bonjour.txt',
headers: {},
uriEscapePath: false,
applyChecksum: false,
}, {
signingDate: new Date(),
signingService: 's3',
signingRegion: 'us-east-1',
});
/**
* The `signedRequest` object contains the signed request URL and headers.
* We can use them to send the request to the AWS API.
*/
http.get(signedRequest.url, { headers: signedRequest.headers });
}