In OAuth 2.0 authorization, you use an access token to authorize a request. An access token expires after some time, so you need to refresh it. ReadyAPI can do it automatically, however, when an access token should be updated during a load test, automated refreshing may fail. It happens because a number of virtual users try to get a new access token simultaneously that leads to errors. This topic describes a possible way to refresh an access token during a load test.
To avoid refreshing an access token by several virtual users, disable automated refreshing. Instead, refresh an access token from a separate scenario that is run by only one virtual user. To refresh an access token in unattended mode, use the Groovy script test step.
1. Disable automated refreshing
To prevent an access token from being automatically refreshed, set the Refresh Access Token advanced option to Manual. You can do it either by using the Auth Manager or the Auth panel:
Open the Auth Manager.
Select the needed profile and click Advanced.
Set the Refresh Access Token to Manual and click OK:
2. Create a script
Update the access token by using the Groovy script test step from a separate test case:
Create a new test case:
Add the Groovy script test step.
Use the following script to update an access token:
// Import the required classes
// Get a project
def project = ModelSupport.getModelItemProject(context.getModelItem());
// Get the needed authorization profile
def authProfile = project.getAuthRepository().getEntry("Ora Bannet");
//Create a facade object
def tokenType = TokenType.ACCESS;
def oAuthFacade = new OltuOAuth2ClientFacade(tokenType);
// Request an access token in headless mode and assign it to the authorization profile we got earlier
oAuthFacade.requestAccessToken(authProfile, true, true);
// Access token retrieval may take time, so we need to pause the execution for 3 seconds to finish it. You may increase this value if needed.
// Posts a new token to the script log
log.info("Set new token: " + authProfile.getAccessToken());
If you are using OAuth 2.0 Azure authorization, replace the
OltuOAuth2ClientFacadeclass in the script with the
3. Create a separate scenario
To run the script only once, you need to run the created test case from a separate scenario that is run by a single virtual user. To do this:
Open a load test and add a new scenario:
Add the test case containing the Groovy script test step as a new target:
Select another target in the scenario and click to remove it:
Set the Load Allocation to Per Scenario:
Select the created scenario and set VUs to 1. Also, set the Wait time to a significantly big number to avoid the scenario repeats:
4. Schedule token refreshing
Now, schedule the created scenario to refresh the token slightly before the access token expires.
Open the Scheduler page and select the created scenario.
In the Inspector, specify the following options:
Enable the Custom Scheduling option.
Set the Delay Before Start option to the value that is slightly smaller than the access token lifetime.
For example, if your access token expires after 20 minutes, specify 19 minutes.
Note: Make sure that the process of getting the new token finishes before the old one expires. Tip: To change time units, use the Time units option.
Set the Duration option to the value smaller than for the Wait Time option of the scenario.
Enable the Repeat option:
Please note that the scenario that refreshes an access token runs for the first time only after the value you set in the Delay Before Start. If this value is close to the access token lifetime, the test may fail before the scenario runs for the first time. To avoid this, you should refresh it at the test start. You can do it by using the same Groovy script from the Setup Script or LoadTestRunnerListener.beforeLoadTest event handler.