No results for

Powered byAlgolia

OAuth Authentication

Scripting examples on how to use OAuth authentication in your load test.

OAuth authentication

The following examples take a set of arguments, shown in the function documentation, and returns the response body as JSON so that you can extract the token from.

Azure Active Directory

azure.js
1import http from 'k6/http';
2
3/**
4 * Authenticate using OAuth against Azure Active Directory
5 * @function
6 * @param {string} tenantId - Directory ID in Azure
7 * @param {string} clientId - Application ID in Azure
8 * @param {string} clientSecret - Can be obtained from https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app#create-a-client-secret
9 * @param {string} scope - Space-separated list of scopes (permissions) that are already given consent to by admin
10 * @param {string} resource - Either a resource ID (as string) or an object containing username and password
11 */
12export function authenticateUsingAzure(tenantId, clientId, clientSecret, scope, resource) {
13 let url;
14 const requestBody = {
15 client_id: clientId,
16 client_secret: clientSecret,
17 scope: scope,
18 };
19
20 if (typeof resource == 'string') {
21 url = `https://login.microsoftonline.com/${tenantId}/oauth2/token`;
22 requestBody['grant_type'] = 'client_credentials';
23 requestBody['resource'] = resource;
24 } else if (
25 typeof resource == 'object' &&
26 resource.hasOwnProperty('username') &&
27 resource.hasOwnProperty('password')
28 ) {
29 url = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
30 requestBody['grant_type'] = 'password';
31 requestBody['username'] = resource.username;
32 requestBody['password'] = resource.password;
33 } else {
34 throw 'resource should be either a string or an object containing username and password';
35 }
36
37 const response = http.post(url, requestBody);
38
39 return response.json();
40}

Okta

Okta-test.js
1import http from 'k6/http';
2import encoding from 'k6/encoding';
3
4/**
5 * Authenticate using OAuth against Okta
6 * @function
7 * @param {string} oktaDomain - Okta domain to authenticate against (e.g. 'k6.okta.com')
8 * @param {string} authServerId - Authentication server identifier (default is 'default')
9 * @param {string} clientId - Generated by Okta automatically
10 * @param {string} clientSecret - Generated by Okta automatically
11 * @param {string} scope - Space-separated list of scopes
12 * @param {string|object} resource - Either a resource ID (as string) or an object containing username and password
13 */
14export function authenticateUsingOkta(
15 oktaDomain,
16 authServerId,
17 clientId,
18 clientSecret,
19 scope,
20 resource
21) {
22 if (authServerId === 'undefined' || authServerId == '') {
23 authServerId = 'default';
24 }
25 const url = `https://${oktaDomain}/oauth2/${authServerId}/v1/token`;
26 const requestBody = { scope: scope };
27 let response;
28
29 if (typeof resource == 'string') {
30 requestBody['grant_type'] = 'client_credentials';
31
32 const encodedCredentials = encoding.b64encode(`${clientId}:${clientSecret}`);
33 const params = {
34 auth: 'basic',
35 headers: {
36 Authorization: `Basic ${encodedCredentials}`,
37 },
38 };
39
40 response = http.post(url, requestBody, params);
41 } else if (
42 typeof resource == 'object' &&
43 resource.hasOwnProperty('username') &&
44 resource.hasOwnProperty('password')
45 ) {
46 requestBody['grant_type'] = 'password';
47 requestBody['username'] = resource.username;
48 requestBody['password'] = resource.password;
49 requestBody['client_id'] = clientId;
50 requestBody['client_secret'] = clientSecret;
51
52 response = http.post(url, requestBody);
53 } else {
54 throw 'resource should be either a string or an object containing username and password';
55 }
56
57 return response.json();
58}

For a detailed example, please visit this article: How to Load Test OAuth secured APIs with k6?