Decode JWT Token in Jmeter: This tutorial will help you in decoding JWT token and sent by a server to the client.
First how to identify the string is JWT token or some other String generated by Server.
- If the string is JWT then string should contain 3 dots (header, body, Signature).
How to Decode JWT Token in Jmeter?
Recently most of the applications are using JWT for adding enough security to their application.
L;et us assume generated Jwt Token is like below
eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJqc29uIHdlYiB0b2tlbiIsImdlbmRlciI6Ik1hbGUiLCJuYW1lIjoiTWFyayIsImFnZSI6MjV9.MLpo7rS5JOUXfb0ZajSmCV6DWyOznG1qnUIV5JqjbtEtJQOok_s6TXiwr5L8MxyWDeW_xoTOSto2qv7P8qBByQ
Create a BeanShell sampler with the below code
import org.apache.commons.codec.binary.Base64;
//jwt_token is the variable declared in user defined variables
//generally we can get the corrlated value instead of jwt_token
String response = vars.get("jwt_token");
String[] arr=response.split("\\.");
String actualvalue=arr[1].replaceAll("-","+");
actualvalue=actualvalue.replaceAll("_","/");
byte[] decoded_response = Base64.decodeBase64(actualvalue);
// inserting decoded JWT token into B_IdToken
vars.put("B_IdToken",new String(decoded_response));
log.info(new String(decoded_response));
in the above bean shell sampler.
- First getting the JWT token into bean shell sampler.
- Then splitting the string with .(dot). JWT will having 3 sections (header,body,Signature).
- Taking the first index of the created array (if you want to decode the header section then change the index from 1 to zero in bean shell sampler ).
- Replacing all _ values with slash(/).
- Doing base 64 decode and adding it to JMeter variables.
Executed the BeanShell sampler and below is the decoded response is below
If you want to capture values from JWT token the add JSON path extractor to a decoded variable from BeanShell sampler.
Also Read: How to add Parallel/Concurrent Requests in Jmeter
Also Read: Beanshell Assertion in Jmeter
How to Decode JWT Token in Jmeter?
Hi Team,
I’m capturing the JWT token value via JSR223 PostProcessor, and I’m decoding JWT token there and I’m in need of a value(UserID) from decoded response and pass to other requests.
Below is the code:
import org.apache.commons.codec.binary.Base64;
def response = vars.get(“jwt_token”)
log.info(response);
String[] arr=response.split(“\\.”);
def actualvalue=arr[1].replaceAll(“-“,”+”);
actualvalue=actualvalue.replaceAll(“_”,”/”);
byte[] decoded_response = Base64.decodeBase64(actualvalue);
// inserting decoded JWT token into B_IdToken
vars.put(“B_IdToken”,new String(decoded_response));
log.info(new String(decoded_response));
String[] arr1= new String(decoded_response).split(“\\,”);
log.info(“*********************”+arr1);
//def actualvalue1=arr1[0].replaceAll(“-“,”+”);
def actualvalue1=arr1[0];
log.info(“*********************”+actualvalue1);
String[] arr2= actualvalue1.split(“\\\””);
log.info(“*********************”+arr2);
def CustomerUserId=arr2[3];
log.info(“*********************”+CustomerUserId);
def UserId=CustomerUserId.toString();
//vars.put(“UserId”,CustomerUserId.toString());
log.info(“*********************”+UserId);
I need to pass the UserId from the this preproccesor request to other http requests. As this is coming in request, I cannot pass using JSON/ regular expression extractor
Nice Info but i wanted to know, after deccode the Jwt token i wanted to fetch Session Token, how to do that.
i have to write code to decode jwt token payload and then change payload to random value and again encode it
we can decode JWT token but we cannot encode, decoded token without key which need to create jwt token