Using a .doIf when token expired and need refresh

webcrew62 · November 10, 2022, 9:32pm

It appears one straightforward approach to determine token expiration is using the status code. In this case as unauthorized, 401 should refresh the token. As such, I’m using a .doIf but a bit unclear on the implementation.

Can I check the status code direct, or invoke a boolean function to check and update the token?

I’ve got an example which I’ll post again here. Oddly I’m also getting an ‘unresolved symbol’. Is there a library which must be imported?

private ScenarioBuilder oauth = scenario("OccAuthSimulation")
        .exec(
        http("Auth")
        .post("/authorizationserver/oauth/token?grant_type=client_credentials")
        .headers(load_0)
        .formParam("grant_type", "client_credentials")
        .check(jsonPath("$.access_token").saveAs("bearer"))
        .check(jsonPath("$.expires_in").saveAs("ttl"))
        .check(status().saveAs("status"))
        );


.exec(
        http("CreateCustFull")
        .post("/doterracommerceservices/hycom/v4/customers")
        .headers(load_1)
        .body(RawFileBody("occhybris/occhybrisapisetupsimulation/customer-full.json"))
        .check(status().saveAs("status"))
//        .doIf(("#{.status().is(401)}").then(oauth.injectOpen(atOnceUsers(1)).protocols(httpProtocol)))
        .doIf.status().is(401).then(oauth.injectOpen(atOnceUsers(1)).protocols(httpProtocol))
        )

sbrevet · November 11, 2022, 9:59am

Hi @webcrew62,

doIf is at the same level as exec. So, you cannot put it at the check level.

You already saved the status as status session variable (with saveAs).

Then, you will have to use the Session API to produces your expected condition.

Cheers!

GeMi · November 11, 2022, 1:42pm

I don’t know what is your full Scenario but lokking at data what you shown better way will be using session variable ttl saved in .check(jsonPath("$.expires_in").saveAs("ttl")) and check if left e.g. 100 seconds to expiration time and then refresh token.

webcrew62 · November 11, 2022, 3:36pm

Thanks!

Is it only session variables which can be accessed in a doif? I’m having trouble understanding why I can’t just invoke the method which gets the Token? something like the below psuedo code in the .then clause?

private ScenarioBuilder oauth = scenario("OccAuthSimulation")
        .exec(
        http("Auth")
        .post("/authorizationserver/oauth/token?grant_type=client_credentials")
        .headers(load_0)
        .formParam("grant_type", "client_credentials")
        .check(jsonPath("$.access_token").saveAs("bearer"))
        .check(jsonPath("$.expires_in").saveAs("ttl"))
        .check(status().saveAs("status"))
        );


private ScenarioBuilder scn = scenario("OccHybridApiSetupSimulation")
//        .doIf(("#{.status().is(401)}").oauth.injectOpen(atOnceUsers(1)).protocols(httpProtocol)
        .doIf(session -> {
                int status = session.getInt("status");
                return status < 200 || status > 304;
        }).then(oauth.injectOpen(atOnceUsers(1)).protocols(httpProtocol))
type or paste code here

GeMi · November 11, 2022, 9:34pm

I have make a little example of your Scenario.
Link below:
Case0018GetTokenWhenStatus401Simulation

P.S. @slandelle @sbrevet I’m not sure if I changing/using Class level variable in proper way, so any advices are welcome

sbrevet · November 12, 2022, 8:37am

@GeMi Using class level variable is usually a bad idea: as the simulation is only instantiated once, it is a global variable shared with all virtual user in the same load generator (if you run in Gatling Enterprise, you may have multiple machines for load generation).

And such a token should be unique by virtual user and should be stored as a session variable (real users won’t share credentials, will they?)

@webcrew62 Yes, in the condition part of the doIf you should only access session variables or global constants (global variables are tricky to manipulate right).
The then part can be any ActionBuilder.

Cheers!

slandelle · November 12, 2022, 5:49pm

And such a token should be unique by virtual user and should be stored as a session variable (real users won’t share credentials, will they?)

That’s… complicated… Lots of organizations only have a production authentication platform (internal but no test/preprod, or external service implementing throttling) that they can’t hammer with production-like load from a few IP source addresses.

As a result, it’s a common pattern to share authorization tokens amongst virtual users.
For this pattern, I tend to use the following implementation:

global shared mutable variable
update periodically from a dedicated scenario (1 loop, 1 request, 1 pause smaller than the token expiration) where I inject one single virtual. Update the global reference from an exec(function) like @GeMi is doing: https://github.com/gemiusz/gatling-examples-maven-java/blob/master/src/test/java/pl/gemiusz/Case0018GetTokenWhenStatus401Simulation.java#L70
populate the authorization header from the global variable with a function like @GeMi is doing: https://github.com/gemiusz/gatling-examples-maven-java/blob/master/src/test/java/pl/gemiusz/Case0018GetTokenWhenStatus401Simulation.java#L43

The trick here is to delay the actual scenario, typically with a nothingFor so that it only tries to use the global variable once it has been populated.

Topic		Replies	Views
How to use doIf properly Gatling (Open-Source)	0	232	November 3, 2021
Gatling - how to handle if auth token expires while running the test? Gatling (Open-Source)	9	1246	April 30, 2023
Deadline doif condition is not working to refresh the token Gatling (Open-Source)	2	293	June 5, 2023
Retrieving the response code or body to use as a condition to send another request within tryMax Gatling (Open-Source)	0	130	June 6, 2019
Token Refresh Gatling (Open-Source)	7	518	May 5, 2023

Using a .doIf when token expired and need refresh

Related topics