missing authentication or invalid log in

Question

I am new to Jmeter. Trying to use this tool for load/performance testing.

steps:

• go to library.xxx.com
• log in
• logout

the application I am trying allows a user to log in with username/password. In the background however, if the user has correct credentials s/he is issued with bearer token. This token is valid until user logs out. this bearer token is generated against the validation of user's credentials.

The issue I am facing using Jmeter is how to keep this token throughout the test, that is make it dynamic.

Here is call sequence -

Now when I use blazemeter's chrome extension to record the test and load it in the Jmeter- here is how it gets loaded

[![enter image description here][2]][2]

When auth.onecl....com makes a Post request for the first time, it passes.

However when it makes another call it fails because the bearer token is invalid. The only difference when I compared the Request headers of the call sequence is

missing "Authorization: bearer 5a010a8f995d2" in the second.

I used regular expression extractor, BeanShell Processor, etc. but nothing works.

Here is what I tried so far-

Jmeter testing for Login

JMeter Basic Authentication

enter image description here

Answer 1

This Authorization: bearer xxxxx indicates that your application is protected with OAuth 2.0 therefore you have 2 options (depending on your application design):

• If this OAuth token is permanent - just obtain all of them using sniffer tool and put into CSV file along with users credentials
• If the token has limited lifetime - it can still be correlated, check out How to Run Performance Tests on OAuth Secured Apps with JMeter article for more details on bypassing OAuth challenges in JMeter tests