Bypass Login Step in selenium webdriver projects is sometimes needed to increase automation speed because many of the test scenarios start with that step and It takes time. In this article, we will learn how to do this operation.
Let’s say you are testing a website with login functionality. Assume that this step takes 10 seconds. For one test, that’s acceptable but when there are 200 test cases in our regression suite, it makes more than 30 minutes that you waste. In case you are using a cloud provider to test, you will consume your time credits easily.
So I was thinking about how to bypass it? I come up with a solution that uses cookie manipulation. Many of the websites are creating cookies. Those cookies create an expiration timestamp to your logged in user. So you access the authorized area of the website faster even after turning on/off the browser. So why not inject those cookies into our selenium driver before ever test.
For this tutorial, you should be familiar with Apache HttpClient.
The website we are testing is www.hepsiburada.com. It’s an e-commerce website and store “Session Cookie” in SFSESSIONID. Every website handles this issue differently, you need to talk your development team to understand how they store cookies.
Let’s start…
Step 1: Make an Initial Request to Web App
CookieStore cookieStore = new BasicCookieStore();
// Create local HTTP context
HttpClientContext localContext = HttpClientContext.create();
// Bind custom cookie store to the local context
localContext.setCookieStore(cookieStore);
HttpGet httpget = new HttpGet("https://www.hepsiburada.com/ayagina-gelsin/giris");
System.out.println("Executing request " + httpget.getRequestLine());
httpclient.start();
// Pass local context as a parameter
Future<HttpResponse> future = httpclient.execute(httpget, localContext, null);
We create HttpClient to make a request to the login module of the website that we are testing.
We create a HttpClientContext and CookieStore to do some stuff on cookies. Then we execute the HttpGet request. This step is not mandatory. I am just making this request to show you basic stuff about Http requests and cookies.
Step 2: Collect Created Cookies
HttpResponse response = future.get();
System.out.println("Response: " + response.getStatusLine());
List<Cookie> cookies = cookieStore.getCookies();
for (int i = 0; i < cookies.size(); i++) {
System.out.println("Local cookie: " + cookies.get(i));
}
As we configured a CookieStore previously, it will store all the cookies created by the first HttpGet command. We are just printing out to analyze them in the console. You can see there’s a cookie with SFSESSIONID. We are on the right track.
Third 3: Make a Request to Login Service
Every web page makes a POST request to authenticate. You can just open Chrome Console and take a look at the Network tab. You can capture the Request URL and Form Data’s from the Network tab.
You firstly create HttpPost object to the web service. Then create a NameValuePair to store the credentials and bind them with the request. Here’s how to do it.
HttpPost httpPost = new HttpPost("https://www.hepsiburada.com/ayagina-gelsin/Customer/Login");
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("em", "username"));
params.add(new BasicNameValuePair("p", "password"));
httpPost.setEntity(new UrlEncodedFormEntity(params));
Future<HttpResponse> future = httpclient.execute(httpPost,localContext,null);
HttpResponse response = future.get();
cookies = cookieStore.getCookies();
Now we have all the cookies in our hands. We need to add those Cookies to our WebDriver.
Step 4: Add Cookies to Selenium WebDriver To Bypass Login
WebDriver allows you to add/remove Cookies with its internal APIs. I am going to add all cookies I got in 3rd step. Selenium Cookie object needs two parameters. First one is the name, the second one is the value.
A quick reminder, you cannot add cookies before navigating a web page. In case you want to add a cookie to a page before navigating, you’ll receive an exception. That’s why you definitely have a navigate to a page. Then add cookies and navigate once again to that page.
System.setProperty("webdriver.chrome.driver","drivers/chromedriver");
WebDriver driver = new ChromeDriver();
driver.navigate().to("https://www.hepsiburada.com/siparislerim/");
org.openqa.selenium.Cookie c;
for (int i = 0; i < cookies.size(); i++) {
System.out.println("Local cookie: " + cookies.get(i));
c = new org.openqa.selenium.Cookie(cookies.get(i).getName(),cookies.get(i).getValue());
driver.manage().addCookie(c);
}
driver.navigate().to("https://www.hepsiburada.com/siparislerim/");
Now, you logged-in to the site without dealing with the Login Page. You just saved a big amount of time in testing.
For a broad implementation, you need to deal with those cookie handling issues in BeforeSuite so you can get the cookie once and use it in other tests. That depends on your implementation.
Here’s the sample source code: https://github.com/swtestacademy/ByPassLogin
Happy automated testing!
Canberk Akduygu
Canberk Akduygu is a Test Lead working in the Netherlands
Hi, you have repository for example?
The link to repository is added to article
Hi can we use this method for bypassing login screen which use oauth2.0 token?
I want to do automation on the CS side, but I don’t know how to do it.Can u give me some advice? thank you
You just have to google all those stuff and find the CS related libraries. Sorry for that
Github örneğiniz fork’ladığımda çalışıyor fakkat örneğin sahibinden.com için denediğimde çalışmıyor. params em ve p değerleri sanırım elementlerin web tarafında ki id’leri. Bunları düzeltmeme rağmen çalışmadı.
Merhaba Caglar, Canberk musait oldugunda bakacaktir. Ancak sitelerde degisik login akislari olabilir. Belki sizin ekstra islemler yapmaniz gerekiyor olabilir. Misal captcha control olabilir ekstradan vs. Bence login flow unu detayli ogrenip o sekilde ilerlemek gerekir. Hatta bence RestAssured ile bu isi yapmak daha mantikli olabilir. Cunku login islemleri hassas islemler access token, authorization token vb. tokenlari genelde header da yollamadan login olmus olmak gunumuzde bana zor geliyor. Hatta bunlarin uzerinde captcha control vb. mekanizmalarda oluyor. Bu nedenle login akisinin tum detaylarini ogrenip, projeye rest assured library sini ekleyip, sonra bur login util class i yazip bu adimlari http call lari ile (get, post vb) ile implement etmek gerekir. Sevgi ve saygilar. -Onur
Bilgilendirme için teşekkür ederim.
Can we do this in WebdriverIO?