Url encoding using Jmeter - jmeter

I am getting the response,and i want to send this value encode and next request,in UI i tried check encoded,looks still not working fine,is there any other way we can encode the response value.
In the screenshot in getrooms response i will get rate_id in decoded,so this value i have to encode and send in next request,please help
The response rate_id encoded value have to send in next call price check as a param.
Encode rate_id value.
"rate_id":"U2FsdGVkX1+HjyYgKhRqQqZFG9RHN5oSSimGi8j1F1rDjaogIxs5kqTWhVlKCYVnM9f2eqzcBik/OxGAlWeWW3ZqZ7Tya9fOR2BjFaoIWYaGhsrDEwrOckKq615FDUwz0jdvxoB0kgFIw7GPlfdNiyRQuBsH9mtCuXn6lKR4C6wV7OBsNCEQ8WeeriqmgFE429OVZGnqQl6udYtlXPp3JPa7qiby1WBp408ekA7dlPZAUtkOXHLzM0DLq+YBHiewpqxS6y53XsfpEu/8rRPA7WUp1UnkzX2h3H429LjCU4XqnlOaimkSbztsKnFLAvuW2iU8vy8hceDfVUPK7LKqwKI1LkLc1cKUWqYufYRI6hrafophnbVPkEa7g42udKoqwVmtDIw44svctOwkWZJdacDei166BWSI/mDf+WuUp/DfR1uo5c+GOVg8r1Se2x2T53j+jttNRCeWtdj5WhWyFsPVoOn1fdNOgRGTobwvWpjIOt48FfmJqkbfopE3XWILz6vx2ieecVUrhjWZ+y+T1L1lGt7p7pvibksHgHXrDEb/4d+Btj3H15YfUoe9dORhXxcHEWbWEBNgsZKcoKy44k1PTq0HdWlGI8h5G8Vowo4ubGkqjs4qPoNDfPx+CVGa7IeUSp2WFxMuv6MdOLPadrpSlmoNv7LkoltMv89tmC6txbzYm465znjXK+PBn3Nehsf7txI7ZjDQOHm74zmUNY5lF8PcvbBV9Im5yg/vLaupIUNUR6s/HKMXwo5cBrckCRBIY2TAas1MipVP8nlx/ob8Mkh3FLWw1oQk3z5QA+7dm38zlk9akGDwnw5VXhxVpesMEo4ebbkA7fXFPYDT0HH2RNzICuiSipHd3WyeaT++u3xeQxYhqUKaLYA88/6HnZ8sWLX4KwFP8KW/FRjYZP+ZiL4//Xtm9tXo7+C8ppWY7gRdnNV4lEonKWuDPGl1Gu1CR267QDWqGS6TTS6sB2WD4gvWz7BcoZOi11z5Ky1G6XbT3ndn5/iop8lHUZDXQjgGwD8CQbiHix/oc8KfkQp3AO0qIBNKrThMiVPLcfSRdDJAuczZkNAY+jNwwZ8S50wwYTX9xJc0HMflqBgGTMLnvDMv45aY1QNCR0fRlu2Xv+sAYyNxm00nde/Vo9C3hIUJyls476alFZRd+PoKxgaOj/GXorZj7OoVyeMfj0XCNUcMjp0GxpH1zU9RFClEOmnlE3I/xBirhH8IsvCGLZBFxV0nvWyy4+Dv9kEui29sMi0Z4D9bddsYjqnfK306y4MgSviXd8aOgsFTEb5MRPjCoLi7MfnzLcJmT9eNfSdPH7aevEdNFftAFlFcV6tE4Ek5s2MDhk4OUVOZHzk//103hsA+LakxYYOCwN+xi3/rivpRzkBimQ5EcfbOdxTmTKY8z8iq0eNvmShnHVxThfjnGrU/VxIdm/8luVlisJsT7UE55nOBZqqzvdtUPCORYWtAbwnD0VRNtb2rMocTQU5ztlW93BN1n9iJB4WDkVPMAlImEvpnkLmP9Q3e5aHsqNb8jSaOZazC+Fr73IVnOvZp92L2auEkUKJ6lVWNhfWDAtaHpIVisoOW39/KSvGkWr635TJK66+8iRRhkHqNBVAl0Tzln311ouVUwXaiDRkUaKWoSKD21Wv2TA+CiPnGjhx8zjOWfPsylNfBl6yTiS448KVNN13zDeZhqHEwJYc6Vmu9fxXnwSEIukidPEfTIa9ytxysZu2EGoUCJUpuuqEYIA0FEJDtiD0ZeOj6Pty9ZTRsQ5lGqSo4N8vhiUxflPrsnLovqqiGRld2U7t4JMBI6fde8YbNFttm7a7CPF9ONTYoBhox4XuTxG61XRv5eI51zziFrFt7oOLzQXtTqTMo4si31Ml7QgGVYuczhCRY7HbWd4Yi6ggrzMb6W8kkDYafJMmk727ufp+VoA4PfLh9hAILqs1JcpbHPNQ41P3MNhqIAUo6jxMbKIw6evodXRopSqnT8gyy7P/a9ihUi5ePdGAY3eXj+Ex+VQwIGmyz5M1eGgZoDL6hilgtgIZDcH6UQ5Uc14UZbxDt9gf8elT6dk0HPh/EN70ypW3rxpMpXo9f/a9F+R4mqz91YCOPjxkgUQHBLDZ4JqhC21YfdBMMUoRVBoiNlE1WEKn81O8gUlcZwSPMNMh59LPj2Fbak0x/xA2Dtzbm5GdLc73XGNiph477uJAM5HtqYAUytYb9nDOf6PGqBqFFG0e8IkSLBOufPOgEw9zjpcvC0wXskGSDJiMPSmH6bdTbeoX6xwFd5dsE5eCUxasXFioWZuU+spyyhGqXRGmaYOe1Dq8BMRH7bXKFBDpXuAvGV38aneJGZdeM+qwgmppeW3qBLOELctRwQXFzlZZ2AvnJ47Id3PYaQF0RifrAzNGNR+4pH0/l8eLEn4TCQcVORjMxSn8afSL371qfLp+BcYO/1SPzJUopEf7Ot/Au2lzdlnyduR+aazYn1EW1Ecuo0wno18SGokvb3ZCu/Iq/EplytdrY5ZPLamhCgM28zyPPh1TT7TB4KCWTfOH+tPqja+a/G/GyzFeDCJ6oSdsu7w1CcJ77ODVCwrhxzjcKdZdTufO/CJduGrkzCnuc+joxDgJnsZGtRy3Xsflw7W7M359o/Z5YoBPewSCWB5RamtJuvowx4Cvvkyu5Ntw93ijms4hoebI40/LaUro10KUlo3XtMaU+M5FYgBaVum2uRATe2BgREVbbGi7S0Epr99rWcJ5wZG2L/Gy3ggOqNWyhrdrF+YJ7mNSq3c1Z9byRleoDn9xwu0VjonEWxSznfiwUdsIDwKlPN55tlsxUAdZZWj81MGur2Wa5YGm3McUOYFec/UgOX9SzKD/uqMLtuRf/RjzLLiPPb6gtBXmfKA0nEqaZ9mOh7wjOOhjHjfaFQub7wNeXVqXRkQXX9MkxU/oTqsZ/nwnNCg5pSj4D/3ndVDouuBxirV4uNi5XhKuKYeGlzYpDWvb5HMX9kRAj1GIMckjLJD21TjOAr1VPChHzvxTvQ4kcyGcNOE/HUchevdYIjnRWCWsBSBhSHj/esSCoatkzqyLXE7iocl0RJkPa52HFps6Plt/OqoU1MjmVa299sisCEGAkU2KPTrRjD1Npb7wkx9Y7SB4GveVqS8Qv31QgnZyRqGGgB7k84Ezer5j6HvOyJSY="

It is not possible to come up with the comprehensive solution without seeing the full encoded data in text form, not as the image so consider extracting this rate_id from the response using JSON Extractor
It might be the case it's something easy like Base64, in that case you can use i.e. __base64Decode() function
Otherwise you need to determine the algorithm and once done you will be able to decode the data using JSR223 PostProcessor

Related

How to add a variable from Json extractor into an array in JMeter?

I'm new here and also a beginner on JMeter and maybe this was already answered in an old post that I didn't find, sorry if this is the case.
I had this Post request I need to send with all these IDs that vary according to the account
Post Request
In order to get all of the IDs, I used the JSon extractor to put then into a variable
JSon extractor, then I got all the FieldIDs that I need.
ID extracted
But now how can I add this variable inside the request? I tried something like {"ids":"${fieldId}","includeBoundary":true} but it didn't work. How can I use this?
Please see: HTTP Request parameter dialog example
If you need to extract the whole response, save it into a JMeter Variable and send it back to another endpoint - the easiest way is using Boundary Extractor providing empty left and right boundaries
If you need more complex transformations - take a look at JSR223 Test Elements and Groovy language
I solved my problem in a so easy way(damn it)!!!!
On the Json extractor I just marked the option "Computer concatenation var (suffix_ALL)" then on the debbuger I got all IDs I needed in only one line and finally on my request I just add on the body data the line {"ids": [${fieldId_ALL}],"includeBoundary":true} and bingo it worked like a charm!!!!

Jmeter 5.3: Extract run time 'code_challenge' URL parameter value from request URL which is not shown in any response

We have one URL parameter as "code_challenge" which gets generated at run time, this value we need to extract so that from next runs it can be handled. However since this code value is not captured in any previous requests/responses and need to extract at run time, unable to understand how to achieve.
Tried Regular Extractor choosing URL radio button, but it captures the value from recorded script.
Steps followed:
Record script using Blazmeter (Browse URL xx.com>Click Login)
Redirected to URL(s) in which one of the url has "code_Challenge" parameter with run time value)
First URL is: accounts-xx.com/oauth2/oidcdiscovery/.well-known/openid-configuration> The response doesn't have any parameter values
Second URL is:
https://accounts-xx.com/oauth2/authorize?response_type=code&client_id=zzzz&scope=ituytutut&redirect_uri=xx.com/callBack&code_challenge_method=ooo&**code_challenge=dsfsdlfhl**
In above 3rd point url, Code_challenge value is generated at run time when executed steps from browser.
However If replayed the recorded script which would have already generated code value hence other requests would fail. Due to this, need to get the code value fetched.
The code_challenge is generated from WS02 service.
Jmeter version: 5.3
Please suggest, or should we need to use Selenium webdriver integration.
Regular expression which would extract the value from recorded script:
As per Mitigating Authorization Code Interception Attacks article:
code_challenge The client creates and records a secret cryptographically random string (the code_verifier), which is then encoded using URL safe base64 encoding to transform it into the code_challenge.
As per PKCE in WSO2 IS server article:
1.Plain:
If a code_challenge method is mention as plain or not mention at all it will take this plain value. Then code_challenge will like:
code_challenge = code_verifier
2. SHA256:
To have the code_challenge as SHA256, we should mention this in request otherwise plain value will be assumed.For SHA256 code challenge will be like
code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))
Here base64url is same as base64encoding(used so that all machine can identify as same value) but trailing “=” will be removed and “+” & “/” are placed by “-” & “_” to avoid unnecessary length in URL.(otherwise ‘+’ becomes ‘%2B’, ‘/’ becomes ‘%2F’ and ‘=’ becomes ‘%3D in URL)
As much as possible, it is better to select the code challenge method as SHA256 then the flow will become more secure and hard to guess(if someone try to brute force it)
So I think you need to add JSR223 PreProcessor and calculate/generate the code_challenge using the algorithm used by your server in Groovy language, store the value into a JMeter Variable and use it in the request.
You can leave the field value empty and then its value gets updated once the request is sent. But you won't see the value in the request.
I had a similar issue, it worked in my case.

Pass Content and Attributes from 2 different Processors to InvokeHttp Processor

Here is what i am trying to do
Get a file and encode it to base 64
Login to API and get OAUTH token for subsequent API calls (Since Invoke HTTP doesnt take a body so i have to pass a body using GenerateFlow processor before that)
Both Steps 1 and 2 are interchangeable
Now i need the token from the login call as Header value and Base64 encoded file as the body to the next Invoke Processor.
The problem is i am not able to connect the flows 1 and 2 so i can take them to step 3 where i need to invoke another API using the data from the 2. Both GetFile and GenerateFlow are source processors.
Here is what i am thinking, to somehow convert the content to attribute. Since the file is encoded in base64, is there a way i can convert that content to attribute? i am trying to but the content is just random text, i am not sure what param to look for or what i need to put that to. is there a way to say convert whatever is in the content to an attribute say filecontent="all the flow-content"
nifi-flow-snapshot
Base 64 encoded content
First trigger both flow fro mthe same generateflowfie >> updateattribute(create common attribute to be used in merge correlation).
Do your work
Use MergeContent - keep all unique attribute - Set correlaion using the common attribute set in out first step.
This is how i resolved my issue for now. There may be other better ways but this one worked.
Start the flow with
GetFile>>Base64Encode>>ExtractText>>ReplaceText>>Login>>continue
with rest of the flow
The trick that work was to place the ReplaceText so it can grab the entire base64 encoded content and place it in an attribute. then ReplaceText will replace the entire content with the body of the login processor.
Now i have both login token and base 64 encoded file which i can send to my next processors.
Thanks

Jmeter is converting '#' in the Password into junk character

I am recording Login in Jmeter. Password has '#'. Jmeter recorded exact string but when i run the same, '#' is converted to '%40ss' and login is getting failed(login is failing even if i pass parameters through csv file). But if we pass parameters through jmeter Body Data, Login is successful. I dont want to pass through Body Data, i want to send parameters through CSV file. How to achieve this. Please find the attachments
Recorded and Response
My expectation is that it is only a matter of representation, i.e. when I run similar request using a sniffer tool like Wireshark I can see # sign as a part of form data.
Most probably your problem lies somewhere else, i.e. you haven't correlated this __RequestVerificationToken or haven't added HTTP Cookie Manager.
When it comes to load testing ASP.NET web applications you cannot just record and replay your test, you need to perform correlation of dynamic parameters, check out ASP.NET Login Testing with JMeter article for more details.
Lakshmikanth, when you are passing any special character in parameters values then JMeter converts that character into percent-encoding for eg. '#' converts to '%40', '!' converts to '%21'.
To overcome this issue you can pass your password as it is [say P#ssword] in the .csv file but in your request you need to uncheck the encode checkbox corresponding to your password parameter.

after recording using fiddler can we check whether the post parameters of a request are encoded or not

My requirement is to know whether the post parameter in a request that is recorded in fiddler is encoded or not so that i can accordingly use it in Jmeter.
I tried recording a scenario in fiddler and i am able to find the post parameters for the requests sent, but I am not able to find whether a post parameter is encoded when request is sent to the server or not.
For example:
Consider the below is my post data of my request captured which has three parameters with respective values(name1,name2,name3 and value1, value2, value3 respectively)
Suppose i capture the same request using Jmeter, we will easily know whether the post parameter is encoded or not as the encode? column will be checked in case of encoding or uncecked if not encoded.
Similarly can we find whether a post parameter is encoded in fiddler, Can anyone help.
You can check the TextView tab in fiddler which will show you if the parameters are encoded or not, and then apply the same thing to your Jmeter script.
If you cant find that in the TextView tab then check the Raw tab which will show the full request you sent and check there if the parameters were encoded or not.

Resources