How to handle TOTP Login with Maestro #2621
-
|
Hey Guys. I want to use Maestro for end-to-end testing of my app, and I need to automate the login process. The login screen requires a username, password, and a TOTP code that is generated from a secret key. However, I can't use JavaScript libraries to generate the TOTP code during the test because Rihno and GraalJS do not support that, which makes it difficult to fully automate the login flow. I’m looking for guidance or examples on how to handle this situation with Maestro. Specifically:
So far i tried to pre-generate the code an inject it into the test. Locally it worked but when running the e2e stuff inside the GitHub Action it is to slow and the TOTP gets invalid. Therefore i want to generate the code during the test and not before. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
A few ideas. First: do you need live TOTP in your test environment? Lots of folks I've seen use a static TOTP token in test environments to save this headache. Alternatively, your test environment might know the TOTP that it's expecting and print it to the screen when under test. Next, instead of importing a library, one option I've used before is to find a self contained library and minify it to a single line and dump it into my JS file. It's not graceful, but it absolutely works. The last time was for base64 encoding. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for your reply @Fishbowler The test environment doesnt provide a option to deactivate or make the TOTP static. However i went with your last approach. I bundled and compiled all the js code into one file which could be executed during the test. Not graceful yes but it works |
Beta Was this translation helpful? Give feedback.
-
|
@Fishbowler and other people who maybe read this. I wrote an article about handling test data inside maestro to share my knowledge. So for those which are interested, here is the link: |
Beta Was this translation helpful? Give feedback.
A few ideas.
First: do you need live TOTP in your test environment? Lots of folks I've seen use a static TOTP token in test environments to save this headache.
Alternatively, your test environment might know the TOTP that it's expecting and print it to the screen when under test.
Next, instead of importing a library, one option I've used before is to find a self contained library and minify it to a single line and dump it into my JS file. It's not graceful, but it absolutely works. The last time was for base64 encoding.