No results for

Powered byAlgolia

OAuth Authentication

suggest edits

Scripting examples on how to use OAuth authentication in your load test.

OAuth authentication

The following examples take a set of arguments, shown in the function documentation, and returns the response body as JSON so that you can extract the token from.

Azure Active Directory

azure.js
1import http from 'k6/http';
2
3/**
4 * Authenticate using OAuth against Azure Active Directory
5 * @function
6 * @param {string} tenantId - Directory ID in Azure
7 * @param {string} clientId - Application ID in Azure
8 * @param {string} clientSecret - Can be obtained from https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app#create-a-client-secret
9 * @param {string} scope - Space-separated list of scopes (permissions) that are already given consent to by admin
10 * @param {string} resource - Either a resource ID (as string) or an object containing username and password
11 */
12export function authenticateUsingAzure(
13 tenantId,
14 clientId,
15 clientSecret,
16 scope,
17 resource,
18) {
19 let url;
20 const requestBody = {
21 client_id: clientId,
22 client_secret: clientSecret,
23 scope: scope,
24 };
26 if (typeof resource == 'string') {
27 url = `https://login.microsoftonline.com/${tenantId}/oauth2/token`;
28 requestBody['grant_type'] = 'client_credentials';
29 requestBody['resource'] = resource;
30 } else if (
31 typeof resource == 'object' &&
32 resource.hasOwnProperty('username') &&
33 resource.hasOwnProperty('password')
34 ) {
35 url = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
36 requestBody['grant_type'] = 'password';
37 requestBody['username'] = resource.username;
38 requestBody['password'] = resource.password;
39 } else {
40 throw 'resource should be either a string or an object containing username and password';
41 }
43 let response = http.post(url, requestBody);
45 return response.json();
46}

Okta

Okta-test.js
1import http from 'k6/http';
2
3/**
4 * Authenticate using OAuth against Okta
5 * @function
6 * @param {string} oktaDomain - Okta domain to authenticate against (e.g. 'k6.okta.com')
7 * @param {string} authServerId - Authentication server identifier (default is 'default')
8 * @param {string} clientId - Generated by Okta automatically
9 * @param {string} clientSecret - Generated by Okta automatically
10 * @param {string} scope - Space-separated list of scopes
11 * @param {string|object} resource - Either a resource ID (as string) or an object containing username and password
12 */
13export function authenticateUsingOkta(
14 oktaDomain,
15 authServerId,
16 clientId,
17 clientSecret,
18 scope,
19 resource,
20) {
21 if (authServerId === 'undefined' || authServerId == '') {
22 authServerId = 'default';
23 }
24 let url = `https://${oktaDomain}/oauth2/${authServerId}/v1/token`;
25 const requestBody = { scope: scope };
26 let response;
28 if (typeof resource == 'string') {
29 requestBody['grant_type'] = 'client_credentials';
31 const encodedCredentials = encoding.b64encode(
32 `${clientId}:${clientSecret}`,
33 );
34 const params = {
35 auth: 'basic',
36 headers: {
37 Authorization: `Basic ${encodedCredentials}`,
38 },
39 };
41 response = http.post(url, requestBody, params);
42 } else if (
43 typeof resource == 'object' &&
44 resource.hasOwnProperty('username') &&
45 resource.hasOwnProperty('password')
46 ) {
47 requestBody['grant_type'] = 'password';
48 requestBody['username'] = resource.username;
49 requestBody['password'] = resource.password;
50 requestBody['client_id'] = clientId;
51 requestBody['client_secret'] = clientSecret;
53 response = http.post(url, requestBody);
54 } else {
55 throw 'resource should be either a string or an object containing username and password';
56 }
58 return response.json();
59}

For a detailed example, please visit this article: How to Load Test OAuth secured APIs with k6?