Scripting examples on how to use OAuth authentication in your load test.
OAuth authentication
The following examples take a set of arguments, shown in the function documentation, and returns the response body as JSON so that you can extract the token from.
Azure Active Directory
azure.js
1import http from 'k6/http';2
3/**4 * Authenticate using OAuth against Azure Active Directory5 * @function6 * @param {string} tenantId - Directory ID in Azure7 * @param {string} clientId - Application ID in Azure8 * @param {string} clientSecret - Can be obtained from https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app#create-a-client-secret9 * @param {string} scope - Space-separated list of scopes (permissions) that are already given consent to by admin10 * @param {string} resource - Either a resource ID (as string) or an object containing username and password11 */12export function authenticateUsingAzure(tenantId, clientId, clientSecret, scope, resource) {13 let url;14 const requestBody = {15 client_id: clientId,16 client_secret: clientSecret,17 scope: scope,18 };19
20 if (typeof resource == 'string') {21 url = `https://login.microsoftonline.com/${tenantId}/oauth2/token`;22 requestBody['grant_type'] = 'client_credentials';23 requestBody['resource'] = resource;24 } else if (25 typeof resource == 'object' &&26 resource.hasOwnProperty('username') &&27 resource.hasOwnProperty('password')28 ) {29 url = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;30 requestBody['grant_type'] = 'password';31 requestBody['username'] = resource.username;32 requestBody['password'] = resource.password;33 } else {34 throw 'resource should be either a string or an object containing username and password';35 }36
37 const response = http.post(url, requestBody);38
39 return response.json();40}Okta
Okta-test.js
1import http from 'k6/http';2import encoding from 'k6/encoding';3
4/**5 * Authenticate using OAuth against Okta6 * @function7 * @param {string} oktaDomain - Okta domain to authenticate against (e.g. 'k6.okta.com')8 * @param {string} authServerId - Authentication server identifier (default is 'default')9 * @param {string} clientId - Generated by Okta automatically10 * @param {string} clientSecret - Generated by Okta automatically11 * @param {string} scope - Space-separated list of scopes12 * @param {string|object} resource - Either a resource ID (as string) or an object containing username and password13 */14export function authenticateUsingOkta(15 oktaDomain,16 authServerId,17 clientId,18 clientSecret,19 scope,20 resource21) {22 if (authServerId === 'undefined' || authServerId == '') {23 authServerId = 'default';24 }25 const url = `https://${oktaDomain}/oauth2/${authServerId}/v1/token`;26 const requestBody = { scope: scope };27 let response;28
29 if (typeof resource == 'string') {30 requestBody['grant_type'] = 'client_credentials';31
32 const encodedCredentials = encoding.b64encode(`${clientId}:${clientSecret}`);33 const params = {34 auth: 'basic',35 headers: {36 Authorization: `Basic ${encodedCredentials}`,37 },38 };39
40 response = http.post(url, requestBody, params);41 } else if (42 typeof resource == 'object' &&43 resource.hasOwnProperty('username') &&44 resource.hasOwnProperty('password')45 ) {46 requestBody['grant_type'] = 'password';47 requestBody['username'] = resource.username;48 requestBody['password'] = resource.password;49 requestBody['client_id'] = clientId;50 requestBody['client_secret'] = clientSecret;51
52 response = http.post(url, requestBody);53 } else {54 throw 'resource should be either a string or an object containing username and password';55 }56
57 return response.json();58}For a detailed example, please visit this article: How to Load Test OAuth secured APIs with k6?