Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): new auth with cert service #649

Merged
merged 4 commits into from
Feb 6, 2025
Merged

feat(auth): new auth with cert service #649

merged 4 commits into from
Feb 6, 2025

Conversation

marianfoo
Copy link
Member

first PoC to authenticate with a SAP Passport Certificate to BTP using playwright and abstraction package playwright-client-certificate-login
currently, to make this work, put pfx file to folder ui5-ts-app and rename it to sap.pfx and put your passphrase to in the CertAuthenticator.ts and run npm run authentication:btp.

This is just a PoC, needs better testing cases and proper config handling in the CertAuthenticator.ts.
Still work to do but it works locally, should also work on pipelines

@marianfoo marianfoo marked this pull request as ready for review November 7, 2024 11:53
@marianfoo marianfoo requested a review from vobu November 7, 2024 11:53
@marianfoo marianfoo changed the title feat(auth): first PoC with Cert Auth to BTP feat(auth): new auth with cert service Nov 8, 2024
@christian-bromann
Copy link

This automation done in playwright-client-certificate-login can be easily done in WebdriverIO as well, allowing you to avoid the additional dependency to Playwright. Wdyt?

@marianfoo
Copy link
Member Author

This automation done in playwright-client-certificate-login can be easily done in WebdriverIO as well, allowing you to avoid the additional dependency to Playwright. Wdyt?

I haven't seen any example of it. Can you show me a demo or documentation ?

@christian-bromann
Copy link

@marianfoo sorry I was a bit to quick to judge here. It is currently not as easy to do it with WebDriver.

@marianfoo
Copy link
Member Author

marianfoo commented Nov 15, 2024
edited
Loading

@marianfoo sorry I was a bit to quick to judge here. It is currently not as easy to do it with WebDriver.

@christian-bromann
we tried setting the certificate with pk12util but it just did not work, locally and in the pipeline. Using the new feature from playwright i just so much easier and it just works.
It would be great to have this feature in WebdriverIO for tests, till then i´ll use Playwright.

@marianfoo marianfoo requested a review from Siolto November 26, 2024 08:09
@marianfoo
Copy link
Member Author

@vobu @Siolto
any capacity to review?

vobu
vobu approved these changes Feb 6, 2025
View reviewed changes
Copy link
Contributor

@vobu vobu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

finally got to this - and it's GOOD
this will hopefully remove the blocker for using wdi5 with apps deployed on BTP with standard SAP Client ID authentication

docs/authentication.md
// browserName: "..."
"wdi5:authentication": {
provider: "Certificate",
certificateOrigin: "https://accounts.sap.com", // this should always be accounts.sap.com
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if it should always be accounts.sap.com, we could also move it away from user-facing ... but that's optional, so nothing to act on for now

src/lib/authentication/CertAuthenticator.ts

constructor(options: CertAuthenticatorType, browserInstanceName, baseUrl: string) {
super(browserInstanceName)
this.origin = options.certificateOrigin || "https://accounts.sap.com"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@vobu vobu merged commit eb6257e into main Feb 6, 2025
12 of 13 checks passed
@vobu vobu deleted the feat/cert-auth branch February 6, 2025 12:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vobu vobu vobu approved these changes

@Siolto Siolto Awaiting requested review from Siolto

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marianfoo @christian-bromann @vobu