Refresh OAuth 2.0 Access Token During Long Load Tests

To avoid refreshing an access token by several virtual users, disable automated refreshing. Instead, refresh an access token from a separate scenario that is run by only one virtual user. To refresh an access token in unattended mode, use the Groovy script test step.

To prevent an access token from being automatically refreshed, set the Refresh Access Token advanced option to Manual. You can do it either by using the Auth Manager or the Auth panel:

• Auth Manager
• Auth panel

Update the access token by using the Groovy script test step from a separate test case:

1. Create a new test case:

   

   Click the image to enlarge it.

2. Add the Groovy script test step.

   

   Click the image to enlarge it.

3. Use the following script to update an access token:

   Groovy

   Groovy

   // Import the required classes
   import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade;
   import com.eviware.soapui.support.editor.inspectors.auth.TokenType;
   import com.eviware.soapui.model.support.ModelSupport;
   
   // Get a project
   def project = ModelSupport.getModelItemProject(context.getModelItem());
   
   // Get the needed authorization profile
   def authProfile = project.getAuthRepository().getEntry("Ora Bannet");
   
   //Create a facade object
   def tokenType = TokenType.ACCESS;
   def oAuthFacade = new OltuOAuth2ClientFacade(tokenType);
   
   // Request an access token in headless mode and assign it to the authorization profile we got earlier
   oAuthFacade.requestAccessToken(authProfile, true, true);
   
   // Access token retrieval may take time, so we need to pause the execution for 3 seconds to finish it. You may increase this value if needed.
   sleep(3000);
   
   // Posts a new token to the script log
   log.info("Set new token: " + authProfile.getAccessToken());

   If you are using OAuth 2.0 Azure authorization, replace the OltuOAuth2ClientFacade class in the script with the OltuOAuth2AzureClientFacade class.

To run the script only once, you need to run the created test case from a separate scenario that is run by a single virtual user. To do this:

1. Open a load test and add a new scenario:

   

   Click the image to enlarge it.

2. Add the test case containing the Groovy script test step as a new target:

   

   Click the image to enlarge it.

3. Select another target in the scenario and click to remove it:

   

   Click the image to enlarge it.

4. Set the Load Allocation to Per Scenario:

   

   Click the image to enlarge it.

5. Select the created scenario and set VUs to 1. Also, set the Wait time to a significantly big number to avoid the scenario repeats:

   

   Click the image to enlarge it.

Now, schedule the created scenario to refresh the token slightly before the access token expires.

1. Open the Scheduler page and select the created scenario.

2. In the Inspector, specify the following options:

   • Enable the Custom Scheduling option.

   • Set the Delay Before Start option to the value that is slightly smaller than the access token lifetime.

     For example, if your access token expires after 20 minutes, specify 19 minutes.

     Note:

     Make sure that the process of getting the new token finishes before the old one expires.

     Tip:	To change time units, use the Time units option.

   • Set the Duration option to the value smaller than for the Wait Time option of the scenario.

   • Enable the Repeat option:

     

     Click the image to enlarge it.

Please note that the scenario that refreshes an access token runs for the first time only after the value you set in the Delay Before Start. If this value is close to the access token lifetime, the test may fail before the scenario runs for the first time. To avoid this, you should refresh it at the test start. You can do it by using the same Groovy script from the Setup Script or LoadTestRunnerListener.beforeLoadTest event handler.