Failed to build request: No attribute named 'sesState' is defined."

Gatling (Open-Source)
1

Hi.
I have searched the topics, but I was not able to find a solution. I am using Gatling version 3.9.5 w/ Java. I have tried Gatling standalone and I have tried using IntelliJ and maven, and the same error occurs: Failed to build request: No attribute named ‘sesState’ is defined."

So the main problem is this: “2-authorization-someUrl: Failed to build request: No attribute named ‘sesState’ is defined.”

1.) I am capturing /saving the “state” parameter using e.g. the headerRegex(“location”, statePattern.toString()).saveAs(“sesState”) in the “1-authorization-someUrl” request.
I have also tried using .transformResponse and I have verified that both methods work fine and that the state value is in fact saved (same goes for nonce).

2.) Next, the state parameter (and nonce) should have been sent as the part of the next request:
http(“2-authorization-someUrl”)
.get(“someRedirectedUrl/&state=#{sesState}&nonce=#{sesNonce}”)

Expected:
The Gatling EL replaces the #{sesState} and #{sesNonce} attributes with the saved state and nonce values captured in step 1 and the http request is successfully executed with status code = 302.

Result:
“2-authorization-someUrl: Failed to build request: No attribute named ‘sesState’ is defined.”

Here is the code:
//Deleted imports and package.
// Please disregard bogus headers and uri/url's.

public class SomeSimulation extends Simulation {

  // RegEx Patterns:
  private static final Pattern statePattern = Pattern.compile("&state=(.*)%3D&");
  private static final Pattern noncePattern = Pattern.compile("&nonce=(.*)&");
  private static final Pattern acr_sigPattern = Pattern.compile("%26acr_sig%3D(.*)");    

  private HttpProtocolBuilder httpProtocol = http
      .baseUrl("someUrl")
      .inferHtmlResources();

  private ScenarioBuilder scn = scenario("SomeScenario")
    .exec(
      http("request_0")
        .get(SomeUri + "/")
        .headers(someHeaders_0)
        .resources(          
		http("1-authorization-someUrl")
			 .get("/oauth2/authorization/someUri?")
			 .headers(someHeaders_1)
			 .disableFollowRedirect()
			  .check(
				headerRegex("location", statePattern.toString()).saveAs("sesState"),
				headerRegex("location", noncePattern.toString()).saveAs("sesNonce"),
				status().is(302)),				  
		http("2-authorization-someUrl")   //this is actually an automatically generated redirect
                     .get("someRedirectedUrl/&state=#{sesState}&nonce=#{sesNonce}")
		     .headers(someHeaders_1)
                     .disableFollowRedirect()
                     .check(                    
                         headerRegex("Location", acr_sigPattern.toString()).saveAs("sesAcrSig"),
                         status().is(302))		
			)			  
        );

  {
	  setUp(scn.injectOpen(atOnceUsers(1))).protocols(httpProtocol);
  }
}

Btw. I have also tried the second request with query parameters which results in the same error.
// http(“2-authorization-someUrl”)
// .get(“/openam/oauth2/someUri/authorize?”)
// .queryParam(“response_type”, “code”)
// .queryParam(“client_id”, “OAuth2_client_id”)
// .queryParam(“scope”, “openid blablabla scopes aud:tokenendpoint”)
// .queryParam(“state”, “#{sesState}”)
// .queryParam(“redirect_uri”, “someUri/login/oauth2/code/blablabla”)
// .queryParam(“nonce”, “#{sesNonce}”)
// .queryParam(“acr_values”, “Level4”)
// .headers(headers_15)
// .disableFollowRedirect()
// .check(
// headerRegex(“Location”, acr_sigPattern.toString()).saveAs(“sesAcrSig”),
// status().is(302))

Does anybody have any tips as to why this is happening and how to get around it?
Thank you :+1:

2

Hi @Salmacis,

Welcome aboard!

Your issue lie in the fact that both request manipulating the sesState attribute are at the same level of resources.
That mean they should be handled in parallel.

My question is: why did you put them in resources?
My understanding for your scenario is (for one virtual user):

  • get the home page (request_0)
  • get the authorization (1-authorization-someUrl) and save the sesState
  • use that sesState to perform other things (2-authorization-someUrl)

So, there are different steps.

  private ScenarioBuilder scn = scenario("SomeScenario")
    .exec(
      http("request_0")
        .get(SomeUri + "/")
        .headers(someHeaders_0))
    .exec(
       http("1-authorization-someUrl")
         .get("/oauth2/authorization/someUri?")
         .headers(someHeaders_1)
         .disableFollowRedirect()
         .check(
           headerRegex("location", statePattern.toString()).saveAs("sesState"),
           headerRegex("location", noncePattern.toString()).saveAs("sesNonce"),
           status().is(302))
    ).exec(
      http("2-authorization-someUrl")   //this is actually an automatically generated redirect
        .get("someRedirectedUrl/&state=#{sesState}&nonce=#{sesNonce}")
      .headers(someHeaders_1)
      .disableFollowRedirect()
      .check(                    
        headerRegex("Location", acr_sigPattern.toString()).saveAs("sesAcrSig"),
        status().is(302))		
      );

WDYT?

Cheers!

3

Thanks a lot for the reply, sbrevet :+1:

I am new to Gatling so I just accepted whatever was created from the .har file. I did’nt realize that having both requests manipulating the sesState attribute at the same level of resources would lead to issues, so thank you for the explanation. I will give your suggestion a try right now and let you know how it goes.

Cheers!

4

@sbrevet ; This solved my issue. Thank you so much :blush::+1:

Cheers!

2 Likes