我正在学习 Ga特林工具,并致力于开发安全 Http API 调用的场景。我创建了一个场景,在该场景中,我能够获取不记名令牌并将其保存在变量(Token)中,但变量(Token)没有在授权标头中传递其值。
这是我的代码,请查看,
以下代码行无法获取 token 变量的值, .authorizationHeader(s"Bearer $token")
====================================================== =====
import io.gatling.core.Predef._
import io.gatling.http.Predef._
import scala.concurrent.duration._
import scala.collection.JavaConversions._
class SampleToken2 extends Simulation {
//Token define
private var token: String = ""
val auth = scenario("Retrieve Token")
.exec(
http("POST Auth Req")
.post("http://iserver:9092/login")
.body(ElFileBody("bodies/inventalogin.json")).asJson
.check(bodyString.saveAs("Auth_Response"))
.check(status.is(200))
.check(jsonPath("$.token").find.saveAs("accesskey")))
.exec{session => { token = session("accesskey").as[String]
session}}
//Header Define
val httpConf = http
.baseUrl("http://iaserver:9092")
.authorizationHeader(s"Bearer $token")
.acceptHeader("application/json, */*")
.acceptCharsetHeader("UTF-8") // Here are the common headers
.doNotTrackHeader("1")
.acceptLanguageHeader("en-UK,en;q=0.5")
.acceptEncodingHeader("gzip, deflate")
.userAgentHeader("Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:16.0) Gecko/20100101 Firefox/16.0")
.shareConnections
.proxy(Proxy("localhost", 8888).httpsPort(8888))
def myTestObjectMethod = {
exec { session => println("token print2"); session }
exec { session => println(token:String); session }
exec(http("Get all devices with pagination")
.get("/devices/getAllDevices?page=0&size=200")
.check(status.in(200 to 210)))
.pause(1, 20)
}
val scn = scenario("my_actual_load_test").exec(myTestObjectMethod)
setUp(
auth.inject(constantUsersPerSec(1) during (1 seconds)),
scn.inject(nothingFor(2 seconds),
constantUsersPerSec(50) during (300 seconds)
)
.protocols(httpConf))
.assertions(global.responseTime.max.lt(500))
.assertions(forAll.failedRequests.percent.lte(1))
.assertions(global.responseTime.mean.lte(100))
}
您的令牌没有被使用,因为您将其传输到标准 scala 变量,而不是仅仅通过会话传递它。
Gattle 构建器在启动时执行一次,因此当您的
httpConf$tokentoken""由于您似乎希望通过一次调用来获取一个令牌,然后在第二种情况下由所有用户使用该令牌,因此您需要将
tokenhttpConfval httpConf = http
.baseUrl("http://iaserver:9092")
.authorizationHeader("Bearer ${token}")
.acceptHeader("application/json, */*")
...
def myTestObjectMethod = {
exec(session => session.set("token", token)
.exec(http("Get all devices with pagination")
.get("/devices/getAllDevices?page=0&size=200")
.check(status.in(200 to 210))
)
.pause(1, 20)
}
您可以编写获取“Bearer”令牌的http请求,然后将其保存在变量中。然后这个变量可以在您将来的请求中使用。
private static HttpRequestActionBuilder authenticate() {
return http("Authenticate in Keycloak")
.post("http://localhost:8080/token")
.asFormUrlEncoded()
.formParam("grant_type", "client_credentials")
.formParam("client_id", "my-client")
.formParam("client_secret", "secret")
.check(jmesPath("access_token").ofString()
.exists().saveAs("access_token"));
}
之后您可以在标题中使用它,如下所示:
exec(http("GET request")
.get("/api/movie/1")
.header("Authorization", "Bearer #{access_token}")))
从以下链接得到我的答案: Gattle Scala:无法使用会话变量将身份验证令牌发送到方法
我需要在场景中传递token方法才能在会话中获取token。
val authAPI = exec(
exec(
http("POST Auth API")
.post("http://iserver:9092/login")
.body(ElFileBody("bodies/inventalogin.json")).asJson
.check(bodyString.saveAs("Auth_Response"))
.check(status.is(200))
.check(jsonPath("$.token").find.saveAs("token")))
exec{session => { tokenAPI = session("token").as[String]
session}}
var headers_10 = Map("Content-Type" -> """application/json""", "Authorization" -> "Bearer ${token}")
def getAllDevices() = {
exec { session => println("token print2"); session }
exec { session => println(tokenAPI:String); session }
exec(session => session.set("token", tokenAPI))
exec(http("Get all devices")
.get("/devices/getAllDevices")
.headers(headers_10)
.check(status.in(200 to 210)))
//.exec { session => println(session); session }
.pause(1, 20)
}
// Scenario Definition
val scn = scenario("Basic")
.exec(authAPI)
.pause(1)
.exec(getAllDevices())
.pause(1)
.exec(getAllDevicesPagination())
.pause(1)
.exec(logintest())