示例赛普拉斯脚本绕过SSO

时间:2019-03-25 16:34:45

标签: javascript azure login single-sign-on cypress

我正在设置新的赛普拉斯测试,以测试Dynamics 365应用程序中的某些功能。但是,我只剩下一个浏览器窗口,其中包含URL https://login.microsoftonline.com/__/和文本Whoops,没有测试可以运行。

describe('Initial Cypress Tests,()=> {

var dragging_text = false;

$(window).on("dragstart", function(event){
    dragging_text = true;
    console.log("dragstart");
});

$(document).on("dragenter", "#element", function(event){
    event.preventDefault();

    if(dragging_text){
        console.log("NO, dragging text!");
    }else{
        console.log("OK, dragging file!");
    }
});

})

1 个答案:

答案 0 :(得分:0)

建议您直接进行POST调用以获取SSO身份验证令牌,并使用获取的令牌触发cy.visit('https://wipropoc.crm8.dynamics.com')

以下是官方文档中要遵循的步骤,

  1. 在第三方服务器上完成身份验证后登录。
  2. 使用cy.request()解析令牌。
  3. 在本地存储上手动设置令牌。
  4. 映射外部主机并指向本地服务器。

cy.request('POST', 'https://sso.corp.com/auth', { username: 'foo', password: 'bar' })
    .then((response) => {
    // pull out the location redirect
    const loc = response.headers['Location']

    // parse out the token from the url (assuming its in there)
    const token = parseOutMyToken(loc)

    // do something with the token that your web application expects
    // likely the same behavior as what your SSO does under the hood
    // assuming it handles query string tokens like this
    cy.visit('http://localhost:8080?token=' + token)

    // if you don't need to work with the token you can sometimes
    // just visit the location header directly
    cy.visit(loc)
    })

您可以在此处详细了解-https://docs.cypress.io/guides/guides/web-security.html#Form-Submission-Redirects

实时示例-https://xebia.com/blog/how-to-use-azure-ad-single-sign-on-with-cypress/