Azure Active Directory
Grizzly provides a way to get tokens via Azure Active Directory (AAD), in the framework this is implemented by RestAPI
load user and HTTP client task, via the @refresh_token
decorator.
It is possible to use it in custom code as well, by implementing a custom class that inherits grizzly.auth.GrizzlyHttpAuthClient
.
For information about how to set context variables, see step_setup_set_context_variable
Context variable values supports Templating.
There are two ways to get an token, see below.
Client secret
Using client secret for an app registration.
Given a user of type "RestApi" load testing "https://api.example.com"
And set context variable "auth.tenant" to "<provider>"
And set context variable "auth.client.id" to "<client id>"
And set context variable "auth.client.secret" to "<client secret>"
And set context variable "auth.client.resource" to "<resource url/guid>"
Username and password
Using a username and password, with optional MFA authentication.
auth.user.redirect_uri
needs to correspond to the endpoint that the client secret is registrered for.
Given a user of type "RestApi" load testing "https://api.example.com"
And set context variable "auth.provider" to "<provider>"
And set context variable "auth.client.id" to "<client id>"
And set context variable "auth.user.username" to "alice@example.onmicrosoft.com"
And set context variable "auth.user.password" to "HemL1gaArn3!"
And set context variable "auth.user.redirect_uri" to "/app-registrered-redirect-uri"
MFA / TOTP
If the user is required to have a MFA method, support for software based TOTP tokens are supported. The user must first have this method configured.
Configure TOTP
-
Login to the accounts My signins
-
Click on
Security info
-
Click on
Add sign-in method
-
Choose
Authenticator app
-
Click on
I want to use another authenticator app
-
Click on
Next
-
Click on
Can't scan image?
-
Copy
Secret key
and save it some where safe -
Click on
Next
-
Open a terminal and run the following command:
OTP_SECRET="<secret key from step 8>" grizzly-cli auth
$Env:OTP_SECRET = "<secret key from step 8>" grizzly-cli auth
-
Copy the code generate from above command, go back to the browser and paste it into the text field and click
Next
-
Finish the wizard
The user now have software based TOTP tokens as MFA method, where grizzly
will act as the authenticator app.
Example
In addition to the "Username and password" example, the context variable auth.user.otp_secret
must also be set.
Given a user of type "RestApi" load testing "https://api.example.com"
And set context variable "auth.tenant" to "<provider>"
And set context variable "auth.client.id" to "<client id>"
And set context variable "auth.user.username" to "alice@example.onmicrosoft.com"
And set context variable "auth.user.password" to "HemL1gaArn3!"
And set context variable "auth.user.redirect_uri" to "/app-registrered-redirect-uri"
And set context variable "auth.user.otp_secret" to "asdfasdf" # <-- `Secret key` from Step 8 in "Configure TOTP"