Is Cypress compatible with Salesforce? - cypress

After I log in, the domain changes and it doesn't do anything else that my script tells it to do. Is it the case that you just can't do anything once the domain changes? I can't quite tell from the documentation. I know it says that it can't navigate to a second domain, but I haven't seen where it says it can't do anything on a second domain.
Additionally, did Cypress used to login to Salesforce with cy.request()? Because currently Salesforce doesn't allow for logging in by sending a request with parameters.
cy.visit('https://test.salesforce.com');
cy.get('.username').type(username)
cy.get('.password').type(password)
cy.get('#Login').click()
This is my code for logging in.

Hi you can use Session in cypress in order to Cache and restore cookies, localStorage, and sessionStorage
Just create a command in ./support/command.js
You can read the documentation here https://docs.cypress.io/api/commands/session#Syntax

Related

Cookies in Google Scripts Web App

Is it possible to keep track of cookies (or any kind of session variables) in a GAS Web App? The script is running as myself, and anyone (even anonymous) can access the site. I need to be able to keep track of login information, so I should be able to see if the user is logged in between requests.
Note: The user is not required to have a Gmail account.
I didn't find the GAS solution for this even after almost 3 years since this question was asked.
Looks like the only solution is to use javascript cookie handling (document.cookie) in each template file.

Parse authorization in mvc5 - login issues

I'm writing an app that's supposed to run with MVC5 and using parse as a backend.
I'm using the new Identity feature of the MVC5 to login an user. I also tried to use this solution but I couldn't make it work.
What is happening is that when I login with the user A and then login with the user B in a different session (a incognito windows or a new browser) whenever I try to insert something related with a ParseUser object using the first user that was logged in I get an exception: UserCannotBeAlteredWithoutSessionError.
I'm not sure if I'm doing the implementation in a wrong way, or if it is a limitation of the Parse (I think it was designed to run using one user per device).
If you have a workaround for this situation please help me.
There is a good answer which may help: Parse Database Authorization - Security For User Objects.
So, it's a kind of Parse SDK limitation, when you can work with only one user per device (as ParseUser is cached locally). The only workaround that I can see is to perform SignOut/Login explicitly, when you need to do something from other user's context. There is no way to have two users work simultaneously from the same device.

Reconciling browser-side and server-side authentication

apologies if this has been asked but I'm trying to figure out this kind of stuff for the first time -
I'm developing an app where I want to divide the authenticated content from the web-facing side, completely; therefore I am not using a simple backbone.js-style "keep all views in one file" (unless I'm wrong about this, please illuminate!) but actually divided server files (using PHP).
Current flow: the user logs in client-side (using the Parse.com Todo app as an example) and, if successful, I store cookie (via POST/AJAX) with user email and the returned sessionToken on client side. I then thought that when user next visits site, the server can read cookie and shuffle the user to the private/locked portion of site, which, again, is a different set of PHP files.
Here I get lost -- how do I then tell Parse.com that the user is logged in, if I don't have her username/password (only email), and start grabbing data from the classes? Is there a way to do this that I'm not recognizing? I guess I can load different .JS files, read if a session exists, and JS-redirect to a different url, but that seems to me to be a weird way of going about it.
Is there a general philosophy/methodology to my questions that I should read up on, along concrete advice dealing with Parse.com questions?
I believe the Parse User session management functions should be good for you.
Check out https://parse.com/docs/cloud_code_guide#webapp-users
There is an example at the bottom of their announcement blog post here: http://blog.parse.com/2013/09/04/new-cloud-modules-for-images-and-users/
It gives you user session management with minimal effort.

sfGuardPlugin session: how to reuse it with wget -- or map SID to sfGuardUser

Recently I was asked to add an XML API to one of the Symfony modules in my project. I did it, and it works well. For authentication, we use sfGuardPlugin. Symfony version is 1.3.11. Using Propel, not Doctrine.
The most recent request to me is this:
We will embed a Flash game into the website.
The Flash will do requests to the XML API.
The guy who is coding the Flash application says that it doesn't share cookies with the browser.
We want the Flash to be able to reuse the session of the currently logged in user (we won't allow to be even shown if no user is logged in).
I did try this would-be solution: (taken from other SO articles and various Google search results)
I was told that the Symfony session resides in the symfony cookie.
I was told that if I copy this value in another client (in my case, wget) and do session_id("stolen_session_id") I will be able to duplicate the session, have the same user logged in, etc.
This turned out to be wrong. Say my cookie symfony had the "blabla" value. I did this: wget --post-data='session_id=blabla' X.X.X.X:NN/api/bla.xml -O-. My server PHP code parses this POST parameter and feeds it to session_id function. It then reported in the logs that the session_id('blabla') was returning 1. However, calling $this->getUser()->getGuardUser() returns null.
I need a way to map a passed session_id to a valid sfGuardUser. Or find an alternative way of reusing a session which already exists.
Suppose I have full access to the cookies. I want to know which one of them (or all of them?) to duplicate in order to achieve this.
BTW, I am seeing in my Chrome dev tools that the symfony cookie is of a session type. So it's no wonder at all as to why my method doesn't work, but I am little lost as to how do I do this in Symfony, while using the sfGuardPlugin.
I do realize this is not one of the most informed questions, but ditto, I just need help.
Thanks for your time.
(Dimitar P.)
Oops, forgot to mention which cookies I see on my domain:
symfony
sfRemember
__utma
__utmb
__utmc
__utmz
I am guessing the last four are for Google Analytics, though.
I didn't want to do this, but I was unable to find other alternatives:
$ wget --header='Cookie: symfony=blabla' X.X.X.X:NN/api/bla.xml -O-
I wanted my XML API to be REST, but evidently, Symfony doesn't allow authenticated requests other way than using cookies (and to enable the session ID to be always included in the URL is not an option at all).
Still, if somebody shows up with a fully REST alternative, I will upvote his/her answer.
You will need some way of specifying which user is executing the (wget) request. And PHP sessions use a session ID by default.
A common way to do this is token-based authentication. The most common way to achieve this is OAuth, which has a lot of default libraries (both for Symfony and for your API consumers).
If you're the only one using this API, you can also create a custom token (random sha1 string) per user per session (you can store this somewhere in your database). Now you would create something like ` wget X.X.X.X:NN/api/bla.xml?token=asdfhdsfhf

XMPP to show presence and without login in a web application?

The main problem is, how would you ensure people can login to the xmpp server securely without having to login again from the web app login page?
I assume that you want to send a <presence/> stanza indicating that the user is available. In that case, you need to instantiate a new session, either by logging in manually, or other means.
If you want to automatically login a user and start up the application, try using localStorage, then triggering login so that it seems like the user did not login.
If you wanted to send a <presence><show>chat</show></presence> or something akin to that, you might be able to get away with using a preexisting BOSH connection. The problem with that is you won't presence from JIDs in the roster because no probes were sent out.
I recommend the first solution. The second is there more for informational purposes than anything else. And if push comes to shove, go to http://xmpp.org. Look through BOSH XEP (if you are using it), RFC 3920 (XMPP Core) and RFC 3921 (XMPP IM).

Resources