Documentation

Looking for something in particular?

Secure Login with MFA+SSO using Provar

This article provides instructions for Provar users to securely log in to applications using MFA+Single Sign-On (SSO). Provar’s capability to securely log in to applications using MFA+SSO with TOTP offers enhanced security and seamless integration. Users can effectively manage connections, test login flows, and ensure successful automation of test scenarios.

Note: The MFA and SSO flow is managed within the SSO page object file in a sequence. A sample template will be provided to the user.

Note:  The user must enter all of the information in the SSO Page Object file just once. The login sequence and success condition must be maintained by the user in the same object file. The object file contains the method for generating TOTP using a security key.

Follow these steps to use MFA+SSO with Provar.

1. Create an SSO Connection, see the instructions here. (Skip this step if you already have an existing SSO connection) 

2. Create a UI Connection and Select SSO and MFA options

3. Enter all required details along with SSO Connection and Secret Key

4. Do a Test Connection and click OK.

Users should be able to use this connection in the Test cases for both Test Authoring and Test Executions. The UI Connect step will handle the complete login process as defined in the UI Connection.

Sample JAVA file

package pageobjects.Sample.SSO.SSOwithMFA;
​
import java.util.Map;
​
import org.openqa.selenium.By;
import org.openqa.selenium.NoSuchElementException;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
​
import com.provar.core.model.base.api.IRuntimeConfiguration;
import com.provar.core.testapi.ILoginPage;
import com.provar.core.testapi.ILoginResult;
import com.provar.core.testapi.annotations.Page;
import com.provar.core.testapi.java.UiLoginResultImpl;
​
@Page(title = "SSOwithMFA_Login", connection = "Connection Name")
public class SSOwithMFA_Login implements ILoginPage {
​
    @Override
    public ILoginResult doLogin(IRuntimeConfiguration runtimeConfiguration, WebDriver driver,
            Map<String, String> credentials) {
​
        // Connection 'SSO Username' and 'SSO Password' stored in userName and password
        // variables
​
        String userName = credentials.get(CREDENTIAL_USER);
        String password = credentials.get(CREDENTIAL_PASSWORD);
​
        // User can put wait here to load the page
​
        // Check if the user is already logged in
        if (isLoggedIn(driver)) {
            return new UiLoginResultImpl(true, driver);
        } else {
            // Enter user secret details to login and submit
​
            driver.findElement(By.xpath("<Xpath for username field>")).sendKeys(userName);
            driver.findElement(By.xpath("<Xpath for password field>")).sendKeys(password);
​
            driver.findElement(By.xpath("<Xpath for submit/login button>")).click();
​
            // User can put wait here to load the page (Added 2 second wait)
            waitForPageToLoad(2000);
​
            // Check if user navigate to successfully on opt page(if this is true it means
            // user still on login page).
            if (isInvalidLoginCredentials(driver)) {
                return new UiLoginResultImpl(false, "Invalid login credentials", driver);
            }
​
            // Get Generated OTP and enter in otp in the field 
            int count = 0;
            WebElement otpElement = driver.findElement(By.xpath("<Xpath of otp field>"));
            while (count < 2) {
                try {
​
                    String otp = generateTOTP(credentials);
                    // Optionally user can also pass time interval as 60 sec ,passgenerateTOTP(credentials,60);
                     
                    otpElement.clear();
                    otpElement.sendKeys(otp);
                    driver.findElement(By.xpath("<Xpath of Verify button>")).click();
                    otpElement = driver.findElement(By.xpath("<Xpath of otp field>"));
                    count++;
                } catch (Exception e) {
                    break;
                }
            }
​
            // Check again if user entered correct OTP and logged in successfully
            boolean loginSuccess = isLoggedIn(driver);
            if (loginSuccess) {
                return new UiLoginResultImpl(true, "Login Successful.", driver);
            } else {
                return new UiLoginResultImpl(false, "Login failed : Please check your credentials.", driver);
​
            }
        }
​
    }
​
    private boolean isLoggedIn(WebDriver driver) {
        try {
            driver.findElement(By.xpath("<Xpath for field to check user is logged in>"));
        } catch (NoSuchElementException ex) {
            return false;
        }
        return true;
    }
​
    private  void waitForPageToLoad(long time) {
        try {
            Thread.sleep(time);
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }
​
    private boolean isInvalidLoginCredentials(WebDriver driver) {
        try {
            driver.findElement(By.xpath("<Xpath for field available in login page(like: Password field Xpath)"));
        } catch (NoSuchElementException ex) {
            return false;
        }
        return true;
    }
​
}

 

Feedback

Was this article helpful for you?
Documentation library

Trying to raise a case with our support team?

Log into the Success Portal

We use cookies to better understand how our website is used so we can tailor content for you. For more information about the different cookies we use please take a look at our Privacy Policy.

Scroll to Top