How to generate Authorization code in Jmeter with Oauth PKCE flow

Question

I'm trying to generate Authorization code in Jmeter with Oauth PKCE flow could'nt extract code any thoughts here would be helpful.

Answer 1

Refer your application documentation as the implementations might be different.

Some parameters cannot be "extracted", i.e. you need to know your client_id beforehand.

Some parameters needs to be generated, if no documentation is available you can use i.e. Call Your API Using the Authorization Code Flow with PKCE which contains comprehensive explanation and example code snippets for creating code_verifier and code_challenge

Example code for code_verifier generation:

import java.security.SecureRandom;

SecureRandom sr = new SecureRandom();
byte[] code = new byte[32];
sr.nextBytes(code);
String verifier = Base64.getUrlEncoder().withoutPadding().encodeToString(code);

log.info('code_verifier: ' + verifier)

vars.put('verifier', verifier)

Example code for code_challenge

import java.security.MessageDigest
import org.apache.commons.codec.binary.Base64

byte[] bytes = vars.get('verifier').getBytes("US-ASCII");
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(bytes, 0, bytes.length);
byte[] digest = md.digest();
String challenge = Base64.encodeBase64URLSafeString(digest);

log.info('code_challenge: ' + challenge)

The code can be invoked from the JSR223 Test Elements using Groovy as the language