Hi, currently I am having a scenario where I need jwt gen for each user, it was done but I just want to know if Gatling team can do a built-in function for jwt ?
Thank you for reading
So I was thinking of 2 ways:
First way is to build as a function, like one you built
"#{foo.size()}"
// here, something like
"#{jwt.build().withIssuer(...).sign(algorithm)}"
This approach will just need an external library, like java-jwt and then tweak it into a built-in function.
Second way, although this is much more complex, but I still want to see if possible, imagine you are forming an API as:
class JwtSimulation extends Simulation {
val httpProtocol = http.baseUrl("https://api.example.com")
val headers = Map(
"Header1" -> "Value1",
"Header2" -> "Value2"
)
val scn = scenario("JWT API Test")
.exec(
http("Request with JWT")
.get("/endpoint")
.JwtAuthHeader("AuthenticationScheme - Bearer(?)", "Algorithm", "secretKey", ...) //allows to override functions
.headers(headers)
.check(status.is(200))
)
...
Since JWT tokens are mostly (if not all) used as authorization header, this will help distinct the header a bit (or could lead to a bit complexity), but I think this is how I describe it.
And, the word “generator” may not be correct in this case, I think using “function built in” is better.
After giving more thoughts about this, I don’t think we’ll provide a built-in for this.
The reason is that we’d have to build something on top of nimbus-jose-jwt or similar, which pulls LOTS of dependencies we don’t want because it would increase the risk of dependencies conflict with client code.
IMO, the best solution would be a dedicated guide in our documentation.
A dedicated guide is a better approach indeed, as it doesn’t take much time to build a suitable jwt gen object for user need.
Thanks for your input, appreciate alot
Contributing by guide ? Yes I would love to.
Contributing by code may require some time for me to understand it, I was planning to build locally also. Perhaps you can share some entry point so that I can start
My build was a simple library function calls, and it is specific for my token payload only, if I were to extend to allow overriding method, it is a different story.
But yeah, when finished, hopefully we can discuss about this more