In the process of interface testing, sometimes you will encounter interfaces that need to be encrypted and decrypted. Below I will introduce how to test against MD5 encryption interfaces and perform fingerprint signatures for all body parameters.
1. First look for development to understand the requirements, and know that it is an http type For the post request, you first need to get the timestamp (time), then MD5 encrypt the appid, body, accessToken, and time to generate the sign, and then pass the parameter to the message header for authentication, and use the body parameter for fingerprint signature. Improve security
2. What we need to do is to ask the developer to get the MD5 encryption function (java code), and then process it through the preprocessor BeanShell PreProcessor of jmeter to achieve this effect
1. Add MD5 encrypted jar package
1. 首先需要让开发提供MD5加密方法,把该方法打成jar包,然后放置到apache-jmeter-4.0\lib\ext目录,在重启jmeter,这样jmeter就能调用该加密方法
2. Add BeanShell Sample preprocessor and HTTP request
1. 添加HTTP请求,-选中线程组,点击右键,添加》Sampler》HTTP请求
2.添加BeanShell请求-选中HTTP请求,点击右键,添加》前置处理器》BeanShell PreProcessor
3. 代码如下,首先import引入jar包,然后定义time变量,直接使用jmeter自带time函数获取时间戳,param就是前文说的body参数,把time、param变量进行put是让HTTP请求的信息头能够调用它,然后在定义sign变量,调用引入的jar包加密方法,最后在put
import com.course.testng.*; //引用jar包
String time = "${__time(,)}"; //获取时间戳
String param ="{\"activeId\":\"${activeId}\",\"method\":1,\"userId\":${userId},\"userName\":\"自动化\",\"userPhone\":\"${mobile}\",\"userHome\":\"${familyName}\",\"communityId\":${communityId},\"houseId\":${houseId},\"houseName\":\"1\\\\/第一单元\\\\/103\"}" ;
vars.put("time",time); //置为jmeter变量
vars.put("param",param); //置为jmeter变量,方便HTTP请求调用,这样只需要在beanshell维护一套参数,而不用重复进行维护
String sign = Encrypt1.test("1120",param,"${accessToken}",time); //调用MD5加密方法,生成sign
vars.put("sign",sign); //置为jmeter变量
4.HTTP请求直接在body data调用${param}即可
5.添加HTTP信息头管理器-选中HTTP请求,点击右键,添加》配置元件》HTTP信息头管理器
3. Execution request
1. 在页面点击启动按钮,就可以看到脚本正常执行,响应结果正常,到此脚本开发完成,可以直接调用该脚本进行测试
Fourth, the pits encountered in the development of the script
1. 执行脚本提示SIGN_ERROR,最后和开发排查java加密代码,发现是请求参数中有中文,然后md5没有指定编码类型导致,指定编码为UTF-8即可
2. 执行脚本报error,查看日志提示Error invoking bsh method:eval sourced file: ,经过排查,原因是请求参数中有\\/,需要多加\\转义即可,如下所示
If the article is helpful to you, please pay attention to my official account. The official account is synchronized with the articles on this platform for your convenience. I will continue to publish articles related to testing and share testing techniques with you. Every original article is written with heart , To prevent plagiarism and copy
QQ Technical Exchange Group: Please enter the verification information to join the group 51cto
Follow the WeChat QR code to the official account:
After paying attention, reply to the resource download to get the download location of various resources shared by me:
