nield · nield · Apr 22, 2025 · Apr 22, 2025
diff --git a/scripts/k6/api-create-test.js b/scripts/k6/api-create-test.js
@@ -1,38 +1,69 @@
-// import necessary modules
 import { check } from 'k6';
 import http from 'k6/http';
 import exec from 'k6/execution';
 
 // define configuration
 export const options = {
-  // define thresholds
   thresholds: {
-    http_req_failed: ['rate<0.01'], // http errors should be less than 1%
-    http_req_duration: ['p(99)<1000'], // 99% of requests should be below 1s
+    http_req_failed: ['rate<0.01'],
+    http_req_duration: ['p(99)<1000'],
   },
 };
 
+// config for Keycloak
+const keycloakConfig = {
+  tokenUrl: 'http://localhost:8930/realms/my-realm/protocol/openid-connect/token',
+  clientId: 'minimal-api-k6-client',
+  clientSecret: '615M2X7zOywKE2nNWQSOC72quFjmvc3Q',
+  username: 'StandardUser',
+  password: 'password',
+};
+
+function getAccessToken() {
+  const payload = {
+    grant_type: 'password',
+    client_id: keycloakConfig.clientId,
+    username: keycloakConfig.username,
+    password: keycloakConfig.password,
+  };
+
+  // Include client_secret if applicable
+  if (keycloakConfig.clientSecret) {
+    payload.client_secret = keycloakConfig.clientSecret;
+  }
+
+  const headers = { 'Content-Type': 'application/x-www-form-urlencoded' };
+
+  const res = http.post(
+    keycloakConfig.tokenUrl,
+    Object.entries(payload).map(([k, v]) => `${k}=${encodeURIComponent(v)}`).join('&'),
+    { headers }
+  );
+
+  const body = res.json();
+  return body.access_token;
+}
+
 export default function () {
-  // define URL and request body
-  const url = 'https://localhost:8000/api/v1/todos';
+  const token = getAccessToken();
+
+  const url = 'https://localhost:8901/api/v1/todos';
   const payload = JSON.stringify({
     title: 'load-test-' + exec.vu.idInTest,
     note: exec.scenario.name,
-    tags: [
-        "load-test"
-    ]
+    tags: ["load-test"]
   });
+
   const params = {
     headers: {
       'Content-Type': 'application/json',
+      'Authorization': `Bearer ${token}`,
     },
   };
 
-  // send a post request and save response as a variable
   const res = http.post(url, payload, params);
 
-  // check that response is 201
   check(res, {
-    'response code was 201': (res) => res.status == 201,
+    'response code was 201': (res) => res.status === 201,
   });
 }
diff --git a/scripts/keycloak/realm-export.json b/scripts/keycloak/realm-export.json
@@ -808,6 +808,69 @@
         "minimal-api-aud"
       ]
     },
+    {
+      "clientId": "minimal-api-k6-client",
+      "name": "minimal-api-k6-client",
+      "description": "",
+      "rootUrl": "",
+      "adminUrl": "",
+      "baseUrl": "",
+      "surrogateAuthRequired": false,
+      "enabled": true,
+      "alwaysDisplayInConsole": false,
+      "clientAuthenticatorType": "client-secret",
+      "secret": "615M2X7zOywKE2nNWQSOC72quFjmvc3Q",
+      "redirectUris": [
+        "/*"
+      ],
+      "webOrigins": [
+        "/*"
+      ],
+      "notBefore": 0,
+      "bearerOnly": false,
+      "consentRequired": false,
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": false,
+      "directAccessGrantsEnabled": true,
+      "serviceAccountsEnabled": true,
+      "publicClient": false,
+      "frontchannelLogout": true,
+      "protocol": "openid-connect",
+      "attributes": {
+        "realm_client": "false",
+        "oidc.ciba.grant.enabled": "false",
+        "client.secret.creation.time": "1745312354",
+        "backchannel.logout.session.required": "true",
+        "post.logout.redirect.uris": "+",
+        "oauth2.device.authorization.grant.enabled": "false",
+        "backchannel.logout.revoke.offline.tokens": "false"
+      },
+      "authenticationFlowBindingOverrides": {},
+      "fullScopeAllowed": true,
+      "nodeReRegistrationTimeout": -1,
+      "defaultClientScopes": [
+        "web-origins",
+        "service_account",
+        "acr",
+        "profile",
+        "roles",
+        "basic",
+        "email",
+        "minimal-api-aud"
+      ],
+      "optionalClientScopes": [
+        "address",
+        "phone",
+        "offline_access",
+        "organization",
+        "microprofile-jwt"
+      ],
+      "access": {
+        "view": true,
+        "configure": true,
+        "manage": true
+      }
+    },
     {
       "id": "5c028218-62f0-4fe1-8600-91eeaf3d4a5a",
       "clientId": "realm-management",