We Keep Coding

Watir Webdriver +Chromedriver: ADFS Authentication

I'm attempting to load a page that does a call to ADFS for authentication purposes. On the page load, there is a redirect and then popup to enter credentials.
HTTPS must be used.
Chrome must be used as the testing browser.
So, when loading the page everything is working fine, but I'm forced to manually enter credentials when running the test. After inputting the credentials everything is fine, but is there a way to leverage Watir to input this for me? I've tried popping the username:password into the link already with no success, and since I really need to use Chrome the Firefox plugins are moot.
require 'watir-webdriver'
b = Watir::Browser.new :chrome
b.goto 'https://internalUAT.clientwebsite.com/'
b.link(:text => 'HR Dashboard').click
I'm not allowed to post images due to reputation constraints, but please visit
https://i.imgur.com/ExVt8fp.png
for a screenshot.

When you try passing credentials with the https://user:pass#foo.com technique, do you have any unusual characters in the username or password? (Maybe you have a DOMAIN\username domain prefix?)
If so you might want to make sure any such characters in the credential string are properly escaped.
If that's not the problem, and there's no other way to disable the auth prompt for your tests, then your best bet (IMO) is to write a separate script (or thread) that uses RAutomation (or some other UI automation library of your choosing) to enter your credentials and click the Log In button.
See https://github.com/jarmo/RAutomation
The test cases in the following file contain examples of using RAutomation's send_keys method, which could prove useful:
https://github.com/jarmo/RAutomation/blob/master/spec/window_spec.rb
For the record, it looks like RAutomation may have been used by watir-classic for dialog handling:
https://github.com/watir/watir-classic/blob/master/lib/watir-classic/modal_dialog.rb
http://www.rubydoc.info/github/watir/watir-classic/Watir/ModalDialog

Automatically copy text from a web page

There is a vpn that keeps changing their password. I have an autologin, but obviously the vpn connection drops every time that they change the password, and I have to manually copy and paste the new password into the credentials file.
http://www.vpnbook.com/freevpn
This is annoying. I realise that the vpn probably wants people not to be able to do this, but it's not against the ToS and not illegal, so work with me here!
I need a way to automatically generate a file which has nothing in it except
username
password
on separate lines, just like the one above. Downloading the entire page as a text file automatically (I can do that) will therefore not work. OpenVPN will not understand the credentials file unless it is purely and simply
username
password
and nothing more.
So, any ideas?

This kind of thing is done ideally via an API that vpnbook provides. Then a script can much more easily access the information and store it in a text file.
Barring that, and looks like vpnbook doesn't have an API, you'll have to use a technique called Web Scraping.
To automate this via "Web Scraping", you'll need to write a script that does the following:
First, login to vpnbook.com with your credentials
Then navigate to the page that has the credentials
Then traverse the structure of the page (called the DOM) to find the info you want
Finally, save out this info to a text file.
I typically do web scraping with Ruby and the mechanize library. The first example in the Mechanize examples page shows how to visit the google homepage, perform a search for "Hello World", and then grab the links in the results one at time printing it out. This is similar to what you are trying to do except instead of printing it out you would want to write it to a text file. (Google for writing a text file with Ruby)":
require 'rubygems'
require 'mechanize'
a = Mechanize.new { |agent|
agent.user_agent_alias = 'Mac Safari'
}
a.get('http://google.com/') do |page|
search_result = page.form_with(:id => 'gbqf') do |search|
search.q = 'Hello world'
end.submit
search_result.links.each do |link|
puts link.text
end
end
To run this on your computer you would need to:
a. Install ruby
b. Save this in a file called scrape.rb
c. call it by using the command line "ruby scrape.rb"
OSX comes with an older ruby that would work for this. Check out the ruby site for instructions on how to install it or get it working for your OS.
Before using a gem like mechanize you need to install it:
gem install mechanize
(this depends on Rubygems being installed, which I think typically comes with Ruby).
If you're new to programming this might sound like a big project, but you'll have an amazing tool in your toolbox for the future, where you'll feel like you can pretty much "do anything" you need to, and not rely on other developers to have happened to have built the software you need.
Note: for sites that rely on javascript, mechanize wont work - you can use Capybara+PhantomJS to run an actual browser that can run javascript from Ruby.
Note 2: Its possible that you don't actually have to go through the motions of (a) going to the login page (2) "filling in your info", (3) clicking on "Login", etc. Depending how their authentication works, you may be able to go directly to the page that displays info you need and just provide your credentials directly to that page using either basic auth or other means. You'll have to look at how their auth system works and do some trial and error for this. The most straightforward, most likely to work approach is to just to what a real user would do...login through the login page.
Update
After writing all this, I came across the vpnbook-utils library (during a search for "vpnbook api") which I think does what you need:
...With this little tool you can generate OpenVPN config files for the free VPN provider vpnbook.com...
...it also extracts the ever changing credentials from the vpnbook.com website...
looks like with one command line:
vpnbook config
you can automatically grab the credentials and write them into a config file.
Good luck! I still recommend you learn ruby :)

You don't even need to parse the content. Just string search for the second occurrence of Username:, cut everything before that, use sed to find the content between the next two occurrences of <strong> and </strong>. You can use curl or wget -qO- to get the website's content.

Handling 'choose a digital certificate' with selenium webdriver chrome

When I open a page with selenium webdriver I get a chrome dialog box "Choose certificate". The default certificate is the right one so I only have to click OK button. But I have problem with this. I have python code:
drv = webdriver.Chrome()
drv.get("https://example.com/login")
and after that I want to do something like:
drv.switch_to_alert().accept()
or
drv.switch_to_alert().send_keys(Keys.TAB)
drv.switch_to_alert().send_keys(Keys.SPACE)
The problem is that the code stops executing on line drv.get("https://example.com/login"). Webdriver is waiting for page to load. And before that line there is no chrome dialog box.
How can I handle this?

You'll have to use something like AutoIT:
http://www.autoitscript.com/site/autoit/
Why you ask? It's an OS dialog, which Selenium does not and probably never will handle, so you'll have to turn to other solutions (in C# you should use native Win32 API methods to click the button for instance).

Certificates are managed by the OS, not the browser. Delete all but the necessary certificate from your browser's certificate store and then configure the browser to automatically select the certificate when only one certificate is present. You could also create a browser profile and have your program launch this profile or avoid testing over HTTPS.

before handling anything here, add below so it will not get frozen as soon as you navigate/triggert the certificate pop up. remeber to add the correct waittime back later.
getDriver().manage().timeouts().pageLoadTimeout(1000, TimeUnit.MILLISECONDS);
after this, then you can try using keyboard or autoIt whatever .

You can configure you Policys Group for Chrome choose your certificate.
Chrome use a registry with a json with information of your certificate. After you configure gpo,find a way to modified this json with Python.
With C# I use Microsoft.Win32.Registry to manipulates the registrys.
Follow the steps to configure you gpo:
First I need to thanks IngussNeilands for the tutorial provided on his Github. It saved me!
You can follow the steps on IngussNeilands´s tutorial here or follow my version of his tutorial below.
## Steps to Configure the Policy Groups
Download Chrome Policy Tamplates from here: http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
Extract the .zip file and find the chrome.adm that matches the country and the language settings on your Windows, following the path: policy_templates\windows\adm\<YourCountryAndLanguage>\chrome.adm
Type "run" into your Windows Search Bar or press Windows + R. Then type de command gpedit.msc to open the The Local Group Policy Editor
Now, access: 'Computer Policy>> Computer Configuration' and right-click the file 'Administrative Templates' and select 'Add or remove tamplates'
Click 'add' and navigate to the chrome.adm that you choose before on 'policy_templates\windows\adm\<YourCountryAndLanguage>\chrome.adm'. Click to open it
Now, navigate to:
'Computer Policy>> Computer Configuration>> Administrative Templates>> Classic Administrative Templates(ADM)>> Google>> Google Chrome>> Content Settings'
Then on the rigth side of the window find and double-click the option 'Automatically select client certificates for these sites'
Click the 'Enabled' option
Now, Click the 'Show...' in the option pane below
Copy and paste the 'JSON' below in the line of the column Value:
{"pattern":"https://[*.]example.com","filter":{"ISSUER":{"CN":"example.com"}, "SUBJECT":{"CN":"value"}}. This JSON needs to be rewriten with your certificate informations
How to rewrite the Chrome Configure JSON
Ok, now a will give you a brief explanation on how to rewrite the Chrome Config JSON.
In the "pattern" key the value needs to be the URL that the certificate will be sent to. In most cases this URL is the same URL of the page, but some sites don´t use the same URL base to send the certificate.
For example, when I was trying to webscraping the NFS-e in Uberlândia city I needed to debug the script of the page to find the URL to where the certificate was sent.
The "filter" key will have the certificate information. In my case, I need to access the same website with diferent certificates, for that I'll have to fill the JSON with the information of "ISSUER" and "SUBJECT". Chrome will choose one certificate that matches with the informations content in the filter key. For example, if I fill the "CN" from "ISSUER" object with "SERASA Certificadora Digital v5" I'll have more than one certificate with these informations and Chrome won´t be able to choose the right certificate.
In my git in here you can find the solution to alter the JSON for access the same site with more the one certificate.

HTML hyperlink to call exe with parameters

-Hello, looking for some help.
We currently have a winform app used to do approvals in our company. The app sends html emails to the "approvers" who read the relevant info in the email and click on a hyperlink which launches the app so they can do their approval.
Currently this is done by including the following in the email html:
<a href=file:///C:\Temp\test.exe>Click to Approve</a>
This correctly launches the app, after a couple of security warnings which we are OK with. We use Outlook 2010.
Now, in order to improve this process I would need to pass an argument identifying the approver to the app. This works correctly if I pass the argument from, say, a windows shortcut, however, I cannot find a way to pass the argument to the exe in the href attribute in order to do it from the email. I looked everywhere, and found nothing except questions.
I have tried the following to no avail:
<a href=file:///C:\Temp\test.exe approverID>Click to Approve</a>
<a href=file:///C:\Temp\test.exe 'approverID'>Click to Approve</a>
Click to Approve
Also I have tried doing it with JavaScript, which from an HTML page works fine, but not from an email in Outlook.
I thought maybe there is a security threat with this approach hence it is not possible, but if I can successfully from an email run an exe, why can I not run an exe with parameters? It doesnt make sense.
Thank you for your help.
Leo

after not getting any suitable responses and after continuing my research for this without success, I will temporarily conclude that what I am looking for is not possible. If the reasons for this not being possible concern security, then I am completely puzzled as to why running an exe without parameters is allowed and therefore considered LESS harmful than running an exe with parameters. Surely, an exe does not require parameters to be harmful. If anyone would care to elaborate on this, it would be educational for me, thank you.
Nevertheless, I have thought of an alternative to my problem, which is not as elegant as would otherwise be stating parameters in href, but it serves my purpose. Because our app is run from a network drive, I have changed it so that it creates user-specific cmd files on the network drive and the hyperlink in the email it creates points to these cmd instead of the exe. That way, the cmd files contains the call to the exe with the correct parameters and as the cmd files are very light and quickly written, this is OK.
I am closing this as "answered", but it is not.
Thanks for taking your time to read.
Leo

I recommend you take a look to "How to create a protocol and assign it an app with parameters".
Example : http://kb.mozillazine.org/Register_protocol
http://msdn.microsoft.com/en-us/library/aa767914.aspx

I have had the same problem and one alternative I have found was to create a .bat file that is attached to the e-mail that includes the command line and respective parameters, the user double-click the attachment, confirms that wants to open the file and the .bat runs. It is not as cleaner as the link but I guess It is an acceptable workaround in some cases.
Important: My OS is Win7 and e-mail client is Lotus Notes, I am not sure if this alternative works with other mail clients/OSs .

Can an AIR app be programmed to handle a URL protocol?

I'm writing what is essentially a browser in Adobe AIR (ActionScript, not AJAX). A great bit of functionality to implement would be protocol handling. iTunes, for instance, handles itms protocols; when your friend sends you a link beginning with "itms://", it's going to launch iTunes as long as it's installed. Is there a way to write an AIR app (requiring AIR 2 would be fine) that can be the "handler" for a protocol in this way?

There is no way, programatically speaking, to specifically handle a particular protocol. However, there is InvokeEvent. InvokeEvent will be fired when the application is "invoked", either when it's explictly launched or if an associated file or URL is activated.
The process of associating your app with a particular file type or protocol scheme is separate and application-dependant. In iOS, for example, you would need to specify the protocol in Info.plist under CFBundleURLTypes/CFBundleURLSchemes.

Yes. You can use the URLLoader class to download data in binary form (URLLoader.BINARY) and then parse this as appropriate. See this CS3 documentation on working with external data.

http://www.patrick-heinzelmann.de/labs/lastfm/
I'm not sure exactly how it works and I don't see a way to download the app, so I can't even test it, but maybe it will help...

Check out this page. I am trying to find out the same thing, but I haven't found any solution to do it with just Air yet. Seems like you might need a custom installer to setup the correct registry entries, and a proxy application to "wash" the input to a correct format that then can start your application with the correct command line parameters. Hope this can be of any assistance.