performance - OAuth PKCE 和 Visual Studio 负载测试的问题
问题描述
(请原谅我的术语)
使用 Visual Studio Enterprise 2019 负载测试
我在使用 Visual Studio 负载测试器时尝试使用启用了 OAuth PKCE 的网站登录/验证时遇到问题。我似乎无法正确提取正确的信息。代码质询和代码方法以查询字符串的形式给出。我得到的错误都是401错误。
这是流程:
[GET] 去那个网站
[GET] 重定向到 API(API 查询字符串包含code_challenge
and code_challenge_method
)
然后发布[POST] _RequestVerificationToken
(以 cookie 的形式出现)
[GET]code_challenge
使用 /sign-in 链接发送不同的
[GET] 然后我得到另一个code
和一个session_state
[POST]code
然后将上面的内容与code_verifier
我不知道我应该如何获取和发布标准,我尝试使用隐藏字段、文本提取和 REGEX,但找不到信息。
如果有人有什么要添加或尝试的,请告诉我,因为我被这个问题阻止了。
我附上了一张图片,其中包含从 OAuth 开始到结束的敏感信息。
记录结果
Passed http://portal-qa.***.com/ 0.158 sec - -
Passed https://portal-qa.***.com/ 200 OK - 0.158 sec 0
Passed https://portal-qa.***.com/css/chunk-vendors.a903617c.css 200 OK - 0.013 sec 0
Passed https://portal-qa.***.com/css/app.b3b1d014.css 200 OK - 0.009 sec 0
Passed https://portal-qa.***.com/js/chunk-vendors.dc65dbba.js 200 OK - 0.007 sec 0
Passed https://portal-qa.***.com/js/app.5db053cd.js 200 OK - 0.008 sec 0
Passed https://portal-qa.***.com/fonts/apercu-light-pro.55f01ab6.eot 200 OK 0.003 sec 0.003 sec 0
Passed https://portal-qa.***.com/fonts/apercu-regular-pro.ad897f51.eot 200 OK 0.003 sec 0.003 sec 0
Passed https://portal-qa.***.com/fonts/apercu-medium-pro.27a3987c.eot 200 OK 0.003 sec 0.003 sec 0
Passed https://qa.***.com/identityserver/connect/authorize 0.523 sec - -
Passed https://qa.***.com/identityserver/Account/Login?ReturnUrl=%2Fidentityserver%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DPortalCodePkce%26redirect_uri%3Dhttps%253A%252F%252Fportal-qa.***.com%252Fsign-in%26state%3D%252Ftransactions%26response_type%3Dcode%26scope%3D***IdentityApi%2520pcoProfile%2520openid%2520profile%2520reportingApi%2520portalApi%2520offline_access%26code_challenge%3DRaOI-Ln_ePSDimLT3ryZWEMQIiVybDaGE9VTg1gTu44%26code_challenge_method%3DS256 200 OK - 0.379 sec 0
Passed https://qa.***.com/identityserver/css/app.css 200 OK - 0.008 sec 0
Passed https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css 200 OK - 0.020 sec 0
Passed https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.1/cookieconsent.min.js 200 OK - 0.008 sec 0
Passed https://qa.***.com/identityserver/***-logo-primary.svg 200 OK - 0.009 sec 0
Passed https://qa.***.com/identityserver/lib/jquery/jquery.js 200 OK - 0.007 sec 0
Passed https://qa.***.com/identityserver/js/app.js 200 OK - 0.009 sec 0
Passed https://qa.***.com/identityserver/fonts/apercu/light/apercu-light-pro.eot 200 OK - 0.002 sec 0
Passed https://qa.***.com/identityserver/fonts/apercu/regular/apercu-regular-pro.eot 200 OK - 0.003 sec 0
Passed https://qa.***.com/identityserver/fonts/apercu/medium/apercu-medium-pro.eot 200 OK - 0.001 sec 0
Passed https://qa.***.com/identityserver/fonts/fontawesome/fa-light-300.eot 200 OK 0.003 sec 0.003 sec 0
Passed https://qa.***.com/identityserver/fonts/fontawesome/fa-regular-400.eot 200 OK 0.004 sec 0.004 sec 0
Passed https://qa.***.com/identityserver/fonts/fontawesome/fa-solid-900.eot 200 OK 0.003 sec 0.003 sec 0
Passed https://qa.***.com/identityserver/Account/Login 0 0 3.341 sec 1.497 sec 0
Passed https://portal-qa.***.com/fonts/apercu-light-pro.55f01ab6.eot 200 OK - 0.002 sec 0
Passed https://portal-qa.***.com/fonts/apercu-regular-pro.ad897f51.eot 200 OK - 0.002 sec 0
Passed https://portal-qa.***.com/fonts/apercu-medium-pro.27a3987c.eot 200 OK - 0.002 sec 0
Passed https://qa.***.com/identityserver/connect/token 200 OK - 0.842 sec 0
Passed https://qa.***.com/identityserver/Account/Login 1.921 sec - -
Passed https://qa.***.com/identityserver/connect/authorize/callback - - -
Passed https://portal-qa.***.com/sign-in?code=83ad6ae0d1d85fa29811a989e5163048fe8620f6135455ca644d1d5f446134a8&scope=pcoProfile%20openid%20profile%20***IdentityApi%20reportingApi%20portalApi%20offline_access&state=%2Ftransactions&session_state=WJ3CeIFnO79UAiPetCFUHzNSEbF9cSDwXvulUWkr244.ae03a8ccef5b763b1457fa790e0d83ad 200 OK - 1.921 sec 0
Passed https://portal-qa.***.com/css/chunk-vendors.a903617c.css 200 OK - 0.009 sec 0
Passed https://portal-qa.***.com/css/app.b3b1d014.css 200 OK - 0.009 sec 0
Passed https://portal-qa.***.com/js/chunk-vendors.dc65dbba.js 200 OK - 0.009 sec 0
Passed https://portal-qa.***.com/js/app.5db053cd.js 200 OK - 0.007 sec 0
Passed https://qa.***.com/identityserver/connect/userinfo 204 NoContent 0.041 sec 0.041 sec 0
Passed https://qa.***.com/identityserver/connect/userinfo 200 OK 0.448 sec 0.448 sec 0
Passed https://qa.***.com/management/user/policyRoles 204 NoContent 0.038 sec 0.038 sec 0
Passed https://qa.***.com/management/user/policyRoles 200 OK 0.245 sec 0.245 sec 0
Passed https://qa.***.com/management/businesses 204 NoContent 0.051 sec 0.051 sec 0
Passed https://qa.***.com/management/businesses 200 OK 0.325 sec 0.325 sec 0
测试结果
Passed http://portal-qa.***.com/ 301 Moved Permanently 0.691 sec 0.161 sec 0
Passed https://portal-qa.***.com/ 200 OK - 0.163 sec 574,226
Passed https://portal-qa.***.com/css/chunk-vendors.a903617c.css 200 OK - 0.075 sec 4,653
Passed https://portal-qa.***.com/css/app.b3b1d014.css 200 OK - 0.128 sec 50,069
Passed https://portal-qa.***.com/js/app.5db053cd.js 200 OK - 0.148 sec 54,291
Passed https://portal-qa.***.com/js/chunk-vendors.dc65dbba.js 200 OK - 0.343 sec 464,356
Passed https://qa.***.com/identityserver/connect/authorize 302 Moved Temporarily 0.322 sec 0.096 sec 0
Passed https://qa.***.com/identityserver/Account/Login 200 OK - 0.067 sec 92,765
Passed https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.1/cookieconsent.min.js 200 OK - 0.037 sec 6,773
Passed https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css 200 OK - 0.043 sec 1,215
Passed https://qa.***.com/identityserver/css/app.css 200 OK - 0.051 sec 3,570
Passed https://qa.***.com/identityserver/***-logo-primary.svg 200 OK - 0.067 sec 4,044
Passed https://qa.***.com/identityserver/js/app.js 200 OK - 0.085 sec 945
Passed https://qa.***.com/identityserver/lib/jquery/jquery.js 200 OK - 0.153 sec 74,245
Failed https://qa.***.com/identityserver/Account/Login 0.015 sec 0.015 sec 0
Passed https://qa.***.com/identityserver/Account/Login 302 Moved Temporarily 0.824 sec 0.442 sec 4,314
Passed https://qa.***.com/identityserver/connect/authorize/callback 302 Moved Temporarily - 0.189 sec 0
Passed https://portal-qa.***.com/sign-in 200 OK - 0.033 sec 574,226
Passed https://portal-qa.***.com/css/chunk-vendors.a903617c.css 200 OK - 0.048 sec 4,653
Passed https://portal-qa.***.com/css/app.b3b1d014.css 200 OK - 0.068 sec 50,069
Passed https://portal-qa.***.com/js/app.5db053cd.js 200 OK - 0.080 sec 54,291
Passed https://portal-qa.***.com/js/chunk-vendors.dc65dbba.js 200 OK - 0.157 sec 464,356
Failed https://qa.***.com/identityserver/connect/userinfo 405 Method Not Allowed 0.048 sec 0.048 sec 0
Failed https://qa.***.com/identityserver/connect/userinfo 401 Unauthorized 0.044 sec 0.044 sec 0
Failed https://qa.***.com/management/user/policyRoles 404 Not Found 0.046 sec 0.046 sec 0
Failed https://qa.***.com/management/user/policyRoles 401 Unauthorized 0.038 sec 0.038 sec 0
Failed https://qa.***.com/management/businesses 404 Not Found 0.042 sec 0.042 sec 0
Failed https://qa.***.com/management/businesses Submitting... 0.041 sec 0.041 sec 0
解决方案
这篇文章中的问题不是解释的确切问题,但 Visual Studio Load Tester 产生的错误让我相信 OAuth PKCE 是问题所在。
实际问题是 Visual Studio 正在记录不必要的请求并尝试在GET
方法中使用查询字符串。这些请求使测试失败的真正原因变得模糊不清,一旦我删除了所有不必要的请求,例如字体、非法请求并将验证令牌发布到正确的位置,测试就会按预期工作。
只是将验证令牌发布在正确的位置仍然给我同样的“未经授权”错误,直到我删除了非法GET
请求,我才能够确定其他所有内容的正确位置。
我要感谢 AdrianHHH 在没有这些信息的情况下为我提供了更好地调试 VSLT 的提示,我仍然会考虑翻转表格。过去 VSLT 只是为我工作,所以这是一个很好的挑战。
推荐阅读
- materialize - Materialise Model - 下面的内容是可见的
- postgresql - 如何在 PostgreSQL 中获取完整的语句
- sql - 如何获取最大日期及其行的总和 SQL
- r - 使用 500 行参考文件创建具有 5000 行的数据框
- rsocket - 如何通过在 Rsocket-CPP 中使用请求/响应来接收超过 4KB 的数据
- php - 如何在 laravel 5.2 中显示 404 页面?
- python - 在 Python 中检查输入是 Tuple[int, int] 还是 Iterable[Tuple[int, int]]
- laravel - Laravel 任何路线都不会被执行
- asp.net-mvc - Asp net core 在运行时读取或写入视图
- python - 如何在 dev/qa/prod 等气流中设置 ENV 变量?