I'm trying to compare JWT value returned by an API call to an expected valid value in JMeter. For this, I need to generate the expected value in a pre-processor (either the BSF pre-processor or the Bean shell pre-processor) and then compare it to the extracted from the call response value. Has anyone created anything similar before? I currently use http://jwt.io/ to manually generate the expected values, but would like to dynamically generate these values in JMeter.
Unfortunately there is at the moment no out-of-box solution for processing JWT-signed requests in JMeter.
Looks like you have at least the following options:
Try to use gatling instead of JMeter. Gatling has already implemented extension for this payload - gatling-jwt - but seems that it supports currently only GET requests.
Possibly you can try to extend standard HTTP Request Sampler or custom REST Sampler with JWT signing using any java implementation of JWT - like it's done in OAuth Sampler plugin for OAuth payload.
But it may appear quite complex way which requires a bit of development experience as well as will be not error-prone - inaccurate implementation may cause performance degradation and affect your test-results.
Approach with Pre- and Post-processors for JWT-signing and response verification you've mentioned in your question seems to be reasonable compromise.
When I've stuck on the same issue my first and quite successful approach with Pre- and PostProcessors usage too.
Several points to note:
HTTP Request // your http call Body Data = ${jwtSignedBody} // variable with request body already signed in pre-processor JSR233 PreProcessor // sign here your body data and put into variable JSR233 PostProcessor // decode JWT-signed response