Gatling Verifying Decoded JWT token
Question
I'm trying to decode a JWT token returned, and check the sub claim for if it matches the username. But I can't seem to find the syntax to do so.
...
.check(status.is(HttpResponseStatus.OK.code()))
.check(jsonPath("$.access_token").saveAs("access_token"))
.check(jsonPath("$.refresh_token").exists)
.check(JWSObject.parse("${access_token}").getPayload.toJSONObject.get("sub").toString.substring("$username"))
I'm getting errors around it expecting a HttpCheck, is there a HTTPCheck for this type?
Thanks
1 answers
solution1
2 ACCPTED 2019-12-12 23:16:29
This is pretty much exactly what.transform is for. You extract the token with jsonPath, do a transform to get the sub, and then assert that it matches the username.
(I have not tried the actual jwt extract / validation)
.check(jsonPath("$.access_token").transform(jwt => JWT.decode(jwt).getClaim("sub").asString()).is("${username}")
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Gatling - decode JWT token and verify value in token
Verifying JWT using jsonwebtoken in node.js with a token generated by jose4j fails
Saving decoded and validated JWT/access tokens in Java
JWT gets decoded easily on its site
Verifying JWT Signature using public key endpoint
Active Directory - Verifying the access token
JWT is issuing the same token
Issue creating JWT token
how to delete a token JWT
Storing a JWT token
Related Tags