Oauth2 authorization issue

Hi all!

I am using Gatling for performance testing,
The issue is that Request endpoints are dynamic and sessionToken has been generated the wrong way since it returns this: “status”:“UNAUTHENTICATED”.

sessionToken generates at this request:
/oauth2/default/v1/authorize?client_id=0oa1es8qb2dRXrmRf1d8&code_challenge=SXNHENJvNBzMN3o_LP_SY7F2jpoKk2wYleqrQTbnI7o&**code_challenge_method=S256&nonce=**1ZGQxhLqnTbGinaiGgbNdy2CaN0UnA28EhhkzwAzDBJe8TVVGetJ8je0pXKc78FB&redirect_uri=https%3A%2F%2F{YOUR DOMAIN}%2Fimplicit%2Fcallback&response_type=**code&state=**dfNFBELqzkcMUAMtfqLZtpVFLLjK5nqnJ3hfECs2LRp1A8d2akCPQfh0CiMHAVll&scope=openid%20profile%20email

code_challenge, nonce, code&state are dynamic parameters, I could not find the request where they have been generated

Anyone? :sweat_smile:

What are you using to make the /authorize request?

Our SDKs will generate code_challenge, nonce, and state for you. The sessionToken is returned by Okta after primary authentication is successfully completed for a user and can also be passed in the authorize request to exchange it for an Okta session (also something our SDKs can do)

So what I do is I record the network tab in chrome dev tools, then I save it as HAR file, after that I convert it to Gatling Scala class through Gatling recorder,
As you see on the screenshot the /authorize request is the request_3, that was the one that returns me a sessionToken :slight_smile: ,

apparently that sessionToken is not a good one since when I pass on next request when I sign in it returns this : {“errorCode”:“E0000011”,“errorSummary”:“Invalid token provided”,“errorLink”:“E0000011”,“errorId”:“oaeSyalNNrqTlexEHDrFDva5A”,“errorCauses”:}

Screen Shot 2021-01-21 at 12.14.55 PM