Search code examples
javascriptload-testingk6

How to simulate / script for AD integrated SSO Login in k6 tool

Application uses SSO login for access.

If SSO login doesn't work, browser asks for credentials in order to login to the application.

For load testing such application with K6 tool, I am trying to understand how this can be scripted for successful login.

I have tried to pass the credentials as part of the URL as in below code and trying as NTLM authentication.

Below is my script;

const username = "global\\user001", 
    password = "Password";

let pURL="abc.xyz.dev";

let req, res;
req = [{
 "method": "get",
 "url": `https://${username}:${password}@${pURL}/pqrs`,
 "params": {
  "headers": {
   "Host": ""+pURL+"",
   "Connection": "keep-alive",
   "Pragma": "no-cache",
   "Cache-Control": "no-cache",
   "Upgrade-Insecure-Requests": "1",
   "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
   "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
   "Accept-Encoding": "gzip, deflate, br",
   "Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8"
  },
  "auth":"ntlm",
 }
}];
res = http.batch(req);

The expected HTTP status code for the response is 301 but I currently getting a 401: Unauthenticated.

However, if the URL in above request is changed to: 

"url": `https://${username}:${password}@${pURL}/pqrs`,

I am getting error (below) as it cannot accept the username with another domain mentioned with it.

ERRO[0002] GoError: parse https://global\user001:Password@abc.xyz.dev/pqrs: net/url: invalid userinfo

What am I doing wrong and how can I fix it?

Solution

  • You have \ in your username, so you will need to url encode it. You can use encodeURI as shown below:

    import http from "k6/http";

const username = encodeURI("global\\user001"),
            password = "Password";
export default function() {

    let pURL="httpbin.org";

    let req, res;
    req = [{
         "method": "get",
         "url": `https://${username}:${password}@${pURL}/basic-auth/${username}/${password}`,
         "params": {
               "headers": {
                      "Host": ""+pURL+"",
                      "Connection": "keep-alive",
                      "Pragma": "no-cache",
                      "Cache-Control": "no-cache",
                      "Upgrade-Insecure-Requests": "1",
                      "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
                      "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
                      "Accept-Encoding": "gzip, deflate, br",
                      "Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8"
                     },
               "auth":"ntlm",
              }
    }];
    res = http.batch(req);

    console.log(JSON.stringify(res[0].body));
}