IBM Mobile First Server OAuth with JWT Authentication - 不正确的 JWT 格式错误
IBM Mobile First Server OAuth with JWT Authentication - Incorrect JWT Format error
我正在使用 Rational Performance Tester V9.0 和 V8.7 为混合移动应用程序开发性能测试脚本。
移动应用程序将请求发送到 IBM Mobile First Server v8.0,它使用 OAuth 和 JWT(JSON Web 令牌)对其用户进行身份验证。
我尝试增强脚本并重播,但在请求令牌 /mfp/api/az/v1/token
的 API 登录步骤失败
下面提到的是 API 调用的请求和响应,
URI: POST /mfp/api/az/v1/token
要求:
client_assertion=eyJhbGciOiJSUzI1NiIsImp3ayI6eyJhbGciOiJSUzI1NiIsImUiOiJBUUFCIiwiZXh0Ijp0cnVlLCJrZXlfb3BzIjpbXSwia3R5IjoiUlNBIiwibiI6IjAtX19nSjFLWnZsVlU5M1JGRlFuZk80TGdLeUhTN3hIMVg3RUw2ZGhKa1B6SGQ0cUhEaHdFQzFIT0k0cHhmeEMzZWh6M1I3cXQtU3A5WnpOb3o4Z1lDTVRmSmh3T21OZWh5dkNkMDU3V09PVjB1b0ZPQmFpS21pMG9qdHJoMFMzMlNuS1VWTElwekxhQUZJSkhsOGtCSm9sZ21JQW9hZHNRdFpTUWg0MVJZN2c3aWNCUzlJRkRCdGdDbUtjRHlRY29VSnpTWkIxZk1ZY2VYNGFBNDZ3elkwRkdaY3hxcG11U1kwV0xCTEhDUjdLSm9oa2wwZDk4OFlSVGtuQkE3dFBLTEF4RnQxT2daQ1BYR1owWW41ZHFKN3ZwWXZtd21hc09vSFNacWp3cktMOW51MDR0QUZ1OENHZ3ZrTnZPUmJjRFRQaElvcy1iQ0J0ZFhXZjBWek1uUSIsImtpZCI6IjYxZWNkMjY2LTNjYTItNDhlYy04M2M2LTY3MTk5MGVjNzdlOCJ9fQ%3D%3D.eyJpc3MiOiJlQmFua2luZyR3ZWIiLCJzdWIiOiI2MWVjZDI2Ni0zY2EyLTQ4ZWMtODNjNi02NzE5OTBlYzc3ZTgiLCJleHAiOjE1Mzk3Nzc3NjMxNzQsImlhdCI6MTUzOTc3NzcwMzE3NCwianRpIjoiLTQ0NjkwNTY3Njc4NzAzMTYyNzEiLCJhdWQiOiJhei92MS90b2tlbiJ9.nMcfmOPDcLjONOXhF%2B3mArM87AiPfqEPp5Bk815f9Dg7VaaIgY41jeSmlWASCdmjf9Cno3%2BwHGom%2BzAEGQDdFkmBjLpCY7TnCAv9j8HzIPDubYdSQW2pq7WKVz%2FvEQ8Z5Pa8jh8aAMTlrsBnjlPoiVfcqHBh%2F2vpHZnKvkSoCOcA2TAeJnioSlp4vpWOc26IsMwKYMqZlVs9K2Z8JwHQvESKlzDu9etxYnnQfxyqunwhG%2B5T9GKgMmCAo1%2BBGqqsEtTwOG5UmhoyYIYbMnNHzHFdl8fWwMMOtpf%2F3RqjBYNeAsZ%2BTuGkskLlA5hrLiHmfOhzPYstr8tCO2I MLbTpjQ%3D%3D&code=5059335353176972418&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fuatirmob.qcdib.com%2Fmfp%2Fapi%2Faz%2Fv1%2Fauthorization%2Fredirect%2F17553a31 -f583-44f9-9b7a-d8fab31b3bff&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
回复:
{"errorCode":"invalid_client","errorMsg":"Incorrect JWT format"}
解密时,我注意到client_assertion值以JSON形式携带动态数据
此外,开发了 IBM 移动优先站点中提到的加密逻辑,以生成引用此 link 的 client_assertion 值:https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/
按照上面的步骤还是没有成功
请提供解决方案来处理 /mfp/api/az/v1/token 请求并生成将在后续请求中传递的访问令牌。
提前致谢。
尝试最新的 Mobilefirst v8 版本(2018 年 10 月下旬),这将解决此问题。
我们已经记录了 JMeter 的性能测试说明。
详情请参考link - https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/
请参阅 "Sign grant code" 部分并确保您正确执行步骤 [ https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/#sign-grant-code ]
我正在使用 Rational Performance Tester V9.0 和 V8.7 为混合移动应用程序开发性能测试脚本。
移动应用程序将请求发送到 IBM Mobile First Server v8.0,它使用 OAuth 和 JWT(JSON Web 令牌)对其用户进行身份验证。
我尝试增强脚本并重播,但在请求令牌 /mfp/api/az/v1/token
的 API 登录步骤失败下面提到的是 API 调用的请求和响应,
URI: POST /mfp/api/az/v1/token
要求:
client_assertion=eyJhbGciOiJSUzI1NiIsImp3ayI6eyJhbGciOiJSUzI1NiIsImUiOiJBUUFCIiwiZXh0Ijp0cnVlLCJrZXlfb3BzIjpbXSwia3R5IjoiUlNBIiwibiI6IjAtX19nSjFLWnZsVlU5M1JGRlFuZk80TGdLeUhTN3hIMVg3RUw2ZGhKa1B6SGQ0cUhEaHdFQzFIT0k0cHhmeEMzZWh6M1I3cXQtU3A5WnpOb3o4Z1lDTVRmSmh3T21OZWh5dkNkMDU3V09PVjB1b0ZPQmFpS21pMG9qdHJoMFMzMlNuS1VWTElwekxhQUZJSkhsOGtCSm9sZ21JQW9hZHNRdFpTUWg0MVJZN2c3aWNCUzlJRkRCdGdDbUtjRHlRY29VSnpTWkIxZk1ZY2VYNGFBNDZ3elkwRkdaY3hxcG11U1kwV0xCTEhDUjdLSm9oa2wwZDk4OFlSVGtuQkE3dFBLTEF4RnQxT2daQ1BYR1owWW41ZHFKN3ZwWXZtd21hc09vSFNacWp3cktMOW51MDR0QUZ1OENHZ3ZrTnZPUmJjRFRQaElvcy1iQ0J0ZFhXZjBWek1uUSIsImtpZCI6IjYxZWNkMjY2LTNjYTItNDhlYy04M2M2LTY3MTk5MGVjNzdlOCJ9fQ%3D%3D.eyJpc3MiOiJlQmFua2luZyR3ZWIiLCJzdWIiOiI2MWVjZDI2Ni0zY2EyLTQ4ZWMtODNjNi02NzE5OTBlYzc3ZTgiLCJleHAiOjE1Mzk3Nzc3NjMxNzQsImlhdCI6MTUzOTc3NzcwMzE3NCwianRpIjoiLTQ0NjkwNTY3Njc4NzAzMTYyNzEiLCJhdWQiOiJhei92MS90b2tlbiJ9.nMcfmOPDcLjONOXhF%2B3mArM87AiPfqEPp5Bk815f9Dg7VaaIgY41jeSmlWASCdmjf9Cno3%2BwHGom%2BzAEGQDdFkmBjLpCY7TnCAv9j8HzIPDubYdSQW2pq7WKVz%2FvEQ8Z5Pa8jh8aAMTlrsBnjlPoiVfcqHBh%2F2vpHZnKvkSoCOcA2TAeJnioSlp4vpWOc26IsMwKYMqZlVs9K2Z8JwHQvESKlzDu9etxYnnQfxyqunwhG%2B5T9GKgMmCAo1%2BBGqqsEtTwOG5UmhoyYIYbMnNHzHFdl8fWwMMOtpf%2F3RqjBYNeAsZ%2BTuGkskLlA5hrLiHmfOhzPYstr8tCO2I MLbTpjQ%3D%3D&code=5059335353176972418&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fuatirmob.qcdib.com%2Fmfp%2Fapi%2Faz%2Fv1%2Fauthorization%2Fredirect%2F17553a31 -f583-44f9-9b7a-d8fab31b3bff&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
回复: {"errorCode":"invalid_client","errorMsg":"Incorrect JWT format"}
解密时,我注意到client_assertion值以JSON形式携带动态数据此外,开发了 IBM 移动优先站点中提到的加密逻辑,以生成引用此 link 的 client_assertion 值:https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/
按照上面的步骤还是没有成功
请提供解决方案来处理 /mfp/api/az/v1/token 请求并生成将在后续请求中传递的访问令牌。
提前致谢。
尝试最新的 Mobilefirst v8 版本(2018 年 10 月下旬),这将解决此问题。
我们已经记录了 JMeter 的性能测试说明。
详情请参考link - https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/
请参阅 "Sign grant code" 部分并确保您正确执行步骤 [ https://mobilefirstplatform.ibmcloud.com/blog/2016/08/09/performance-testing-for-mobilefirst-foundation-8-0/#sign-grant-code ]