How to use Loader.io to perform load test for OAuth2 flows – Part 2

In this second part, I’m showing how to perform real load tests

Carry out load test with loader.io

Phan Binh Minh (PBM), senior QA of the Safewhere team, knows a thing or two about doing load testing which she wrote about in this post.

In Part 1, I described how to register an account on loader.id. In this second part, I’m showing how to perform real load tests for simple OAuth 2.0 flows in which a client sends a request to a server and receives a response.

Add and run a test

Firstly, we need to add a new test by selecting [+ New Test] on the [Tests] tab:

loader-io-add-new-test

Enter test settings as below:

loader-io-test-settings

In which:

  • Name: name of your test
  • Test type: select [Clients per second] for load testing.
  • Clients: number of clients will send request concurrently to your domain per second
  • Duration: time to run this test

For example, settings in the screenshot above means loader.io will send 48 requests/second concurrently to my web application over the period of 1 minute.

Set up load test for the refresh token flow

This is a typical OAuth 2.0 flow: a client application uses a refresh token to exchange for a new access token:

loader-io-refresh-token-flow

In which:

  • Method, Protocol, Host, Path are information to access to my service’s endpoint
  • Headers: describe my actual content type of data that will be sent to server. Other http headers also go here.
  • Parameters & Request Body: add 3 parameters:
    • grant_type: because this test is used for testing refresh token flow so value of this field is “refresh_token”
    • refresh_token: the refresh token that will be used to exchange the access token. client_id: client id of a test client application

Set up load test for the client credentials flow

This test case is similar to the test case above, but instead it needs to send client credentials, client ID and client secret to the authorization server.

loader-io-client-credentials-flow

After adding the test, click [Run Test] to start test the server’s endpoint:

loader-io-run-test

Result

After sending 48 requests/second concurrently to my web application over the period of 1 minute, the result is:

loader-io-test-result-1
loader-io-test-result-2
loader-io-test-result-3

Summary

Loader.io is a very useful tool to perform load test for web applications. However, its free plan allows for running test in one minute. Running longer tests need a paid plan.

References

-Phan Binh Minh-