Okta authorization fails

pbains1 · July 11, 2022, 7:28pm

Prior to any action my script is required to authenticate via the UserId/Password credentials to get the valid authentication token. Authentication is based on a standard OAuth 2 grant type: Password Credentials. End User will need to use the credential’s and need to make a call to the OKTA URL to get the proper token. Bearer token that is to be returned by the OKTA authentication endpoint. The following CURL command works. (I also have a working postman and Jmeter script).

curl --location --request POST 'https://host.com/oauth2/<redacted>/v1/token' --header 'Authorization: Basic <redacted>=' --header 'Content-Type: application/x-www-form-urlencoded' --header 'Cookie: JSESSIONID=<redacted>' --data-urlencode 'grant_type=password' --data-urlencode 'username=<redacted>@gmail.com' --data-urlencode 'password=<redacted>@<redacted>' --data-urlencode 'scope=openid'.

The following K6 script fails with a http 400 bad request error and the authorisation fails. Is there something obvious i am doing wring in this script.

import http from 'k6/http'
import { check } from "k6";

export default function () {
    var url = 'https://host/oauth2/<redacted>/v1/token';

    var headerParam = {
        headers: {
            'Authorization': 'Basic <redacted>=',
            'Content-Type': 'application/x-www-form-urlencoded',
            'Cookie': 'JSESSIONID=<redacted>'
        }
    };

    //lets define body - accepts email and password 
    var payload = JSON.stringify({
        grant_type: 'password',
        username: '<redacted>@gmail.com',
        password: '<redacted>@<redacted>',
        scope: 'openid'
    });

    // URL, HEADER, JSON BODY
    let response = http.post(url, headerParam, payload)

    check(response, {
        success: r => r.status == 200
      });
    
}

mstoykov · July 12, 2022, 7:42am

hi @pbains1,

You have switched the order of the headers and the body in the http.post call - it is “url, body, params”

pbains1 · July 12, 2022, 8:20am

Hi mystoykov,

I have switched the order as you quite rightly observed they were the wrong way around. However i now get another error (after switching debugging to full) which i dont understand. As you can see i have specified the grant_type in the header as grant_type: ‘password’ but the error seems to suggest that it is not specified.

{“error”:“invalid_request”,“error_description”:“The token request must specify a ‘grant_type’. Valid values: [password, authorization_code]”}

mstoykov · July 12, 2022, 9:33am

You are also sending a json body in k6 but a urlencoded one with curl.

Does it work if you just don’t call JSON.stringify on the object before you send it?

pbains1 · July 12, 2022, 9:59am

Hi,

I removed the JSON.stringify and the request works now. Thanks a lot.

Parm

Topic		Replies	Views
K6 and Okta help with script OSS Support	1	463	May 25, 2021
ERRO[0004] SyntaxError: EOF OSS Support	4	976	February 10, 2023
Grafana with Okta OAuth2 authentication is failing with 400 Bad request in Okta Grafana	3	2080	June 28, 2022
Basic Digest Authentication request not working OSS Support	6	1420	January 29, 2021
Infinity Oauth2 authentication issue - cannot parse json: json: cannot unmarshal object into Go struct field tokenJSON.error of type string Authentication api , plugins , infinity-datasource	8	209	September 3, 2024

Okta authorization fails

Related topics