IMLC.ME
/k6/k6 HTTP Authentication 登录验证/

k6 HTTP Authentication 登录验证

Basic authentication

import encoding from 'k6/encoding';
import http from 'k6/http';
import { check } from 'k6';

const username = 'user';
const password = 'passwd';

export default function () {
  const credentials = `${username}:${password}`;

  // Passing username and password as part of the URL will
  // allow us to authenticate using HTTP Basic Auth.
  const url = `http://${credentials}@httpbin.org/basic-auth/${username}/${password}`;

  let res = http.get(url);

  // Verify response
  check(res, {
    'status is 200': (r) => r.status === 200,
    'is authenticated': (r) => r.json().authenticated === true,
    'is correct user': (r) => r.json().user === username,
  });

  // Alternatively you can create the header yourself to authenticate
  // using HTTP Basic Auth
  const encodedCredentials = encoding.b64encode(credentials);
  const options = {
    headers: {
      Authorization: `Basic ${encodedCredentials}`,
    },
  };

  res = http.get(`http://httpbin.org/basic-auth/${username}/${password}`, options);

  // Verify response (checking the echoed data from the httpbin.org
  // basic auth test API endpoint)
  check(res, {
    'status is 200': (r) => r.status === 200,
    'is authenticated': (r) => r.json().authenticated === true,
    'is correct user': (r) => r.json().user === username,
  });
}

Digest authentication

import http from 'k6/http';
import { check } from 'k6';

const username = 'user';
const password = 'passwd';

export default function () {
  // Passing username and password as part of URL plus the auth option will
  // authenticate using HTTP Digest authentication.
  const credentials = `${username}:${password}`;
  const res = http.get(
    `http://${credentials}@httpbin.org/digest-auth/auth/${username}/${password}`,
    { auth: 'digest' }
  );

  // Verify response (checking the echoed data from the httpbin.org digest auth
  // test API endpoint)
  check(res, {
    'status is 200': (r) => r.status === 200,
    'is authenticated': (r) => r.json().authenticated === true,
    'is correct user': (r) => r.json().user === username,
  });
}

NTLM authentication

import http from 'k6/http';

const username = 'user';
const password = 'passwd';

export default function () {
// Passing username and password as part of URL and then specifying
// "ntlm" as auth type will do the trick!
const credentials = `${username}:${password}`;
const res = http.get(`http://${credentials}@example.com/`, { auth: 'ntlm' });
}

AWS Signature v4 authentication

k6 没有提供开箱即用的 AWS Signature v4 验证。 用户可以借助第三方库 awsv4.jsBrowserify 完成验证。

安装 Browserify

npm install -g browserify

安装 awsv4.js

npm install aws4
browserify node_modules/aws4/aws4.js -s aws4 > aws4.js

引入aws4.js

import aws4 from './aws4.js';

...

这里提供过了一个通过 AWS API 查询 EC2 可用区 的例子。主要这里需要通过环境变量配置 AWS 的 access key 和 secret key。

import http from 'k6/http';
import { sleep } from 'k6';

// Import browserified AWSv4 signature library
import aws4 from './aws4.js';

// Get AWS credentials from environment variables
const AWS_CREDS = {
  accessKeyId: __ENV.AWS_ACCESSKEY,
  secretAccessKey: __ENV.AWS_SECRETKEY,
};

export default function () {
  // Sign the AWS API request
  const signed = aws4.sign(
    {
      service: 'ec2',
      path: '/?Action=DescribeRegions&Version=2014-06-15',
    },
    AWS_CREDS
  );

  // Make the actual request to the AWS API including the
  // "Authorization" header with the signature
  const res = http.get(`https://${signed.hostname}${signed.path}`, {
    headers: signed.headers,
  });

  // Print the response
  console.log(res.body);

  sleep(1);
}

参考文献

HTTP Authentication - K6