http://xstarcd.github.io/wiki/shell/siege.html
https://coder.tw/?p=7198
==========
很像REST Client
1. var = 兩邊不能有空白
EX:
@9020_login = http://192.168.99.100:9020/login
9020_login=http://192.168.99.100:9020/login
2. 當有空白行時
EX:
@_csrf1 = Gxa6Hip4-J_A3L2kpRc72Iclw_Ql8eIcQiTc
@login_challenge = 394bab045e2e4a25be83fe207440787e
如果login_chanllenge是最後一個參數,要補上&
_csrf1=Gxa6Hip4-J_A3L2kpRc72Iclw_Ql8eIcQiTc
login_challenge=394bab045e2e4a25be83fe207440787e&
siege會把CR當成參數內容傳送
==========
siege –help
SIEGE 3.0.6
Usage: siege [options]
siege [options] URL
siege -g URL
Options:
-V, –version VERSION, prints the version number.
-h, –help HELP, prints this section.
-C, –config CONFIGURATION, show the current config.
#在屏幕上打印显示出当前的配置,配置是包括在他的配置文件$HOME/.siegerc中,
#可以编辑里面的参数,这样每次siege 都会按照它运行.
-v, –verbose VERBOSE, prints notification to screen.
Windows
Update chrome v75 > mkdir t > cd t > midir tests > npm install nightwatch --save-dev > npm install chromedriver --save-dev > nano nightwatch.js require('nightwatch/bin/runner.js'); > nano nightwatch.conf.js const chrome = require('chromedriver') module.exports = { src_folders: ['tests'], webdriver: { start_process: true, server_path: chrome.path, port: 9515, }, test_settings: { default: { desiredCapabilities: { browserName: 'chrome', }, }, }, } > nano tests/test.js module.exports = { 'step one: navigate to google' : function (browser) { for (var i = 0; i < 10; i += 1) { browser .
If you use consent website(official login&consent) run all step, routes/consent.js session part need remove mark, surely you can get session data. @token= xLPcJ3tobDqGUDxIVTxWt2p7w_odZSV22IAlUf5QPZU.YD6R_xKQ2ldCLbEV7mmc01E6ZLzemzdEC5H4-otTMPg ### userinfo GET https://openid.hydra:9001/userinfo Authorization: Bearer {{token}} ### introspect POST https://openid.hydra:9002/oauth2/introspect Content-Type: application/x-www-form-urlencoded token={{token}} &scope=openid+photos.read PS:&scope=openid+photos.read can remove.
But you use REST Client need fix. Put session data by yourself. ### accept conent scope PUT https://192.168.99.100:9002/oauth2/auth/requests/consent/accept?consent_challenge={{consent_challenge}} Content-Type: application/json { "grant_scope": ["openid", "photos.read"], "session": { "access_token": { "foo": "bar" }, "id_token": { "baz": "bar" } } } Try and watch many document.
https://www.ory.sh/docs/next/hydra/oauth2#oauth-20-scope
A OAuth 2.0 Scope is not a permission:
A permission allows an actor to perform a certain action in a system: Bob is allowed to delete his own photos.
OAuth 2.0 Scope implies that an end-user granted certain privileges to a client: Bob allowed the OAuth 2.0 Client to delete all users.
The OAuth 2.0 Scope can be granted without the end-user actually having the right permissions. In the examples above, Bob granted an OAuth 2.
hydra login consent node
https://github.com/ory/hydra-login-consent-node
When login success, context data be saved .
Can use
GET https://openid.hydra:9002/oauth2/auth/sessions/consent?subject=foo@bar.com HTTP/1.1
check by subject.
routes/login.js hydra.acceptLoginRequest(challenge, { context: { "test1": "test1", "test2": { "test2i": "test2i"} }, Database keep context
Table name: hydra_oauth2_consent_request save context data. Here is Postgresql (pg). ===== Postgresql command ==== 1. Login Postgresql (pg) docker
psql hydra -U hydra
#login pg (already in db cmd)
\dt;
select * from hydra_oauth2_consent_request;
https://github.com/i-core/werther
https://github.com/i-core/werther
