Authentication
This page is about authentication with GDSL. When you log in to your app or web site, different mechanism could be used :
- two-factor authentication with OTP (one time password), an OTP can be sent by SMS, email or get by an authenticator (google, microsoft),
- magic link can be sent to email account to connect directly to the website
Authentication mechanism create complexity to write GDSL test, here are the different cases to pass authentication in GDSL test.
Case 1 : Disable two-factor authentication (recommended)
To easier the measurement of your app or website, we recommend to disable two-factor authentication for the account you use. You can also switch to another environment (testing or development) where the two-factor authentication can be disabled.
If you can’t disable please read another case.
Case 2 : Your app or website can send OTP or magic link via email
In this case, when you connect to your app or website, you receive an OTP or a magic link on your email account. To be able to automate in GSDL test, you have to configure your account with a disposable email, we support mailsac. Then GDSL can use mailsac API to retrieve the sent OTP or the magic link.
Please read Authentication with email to have more details.
Your authentication mechanism should authorize the use of the disposable email mailsac. If not possible, you can put an automatic rules on your email service provider to send the received email for authentication to the disposable email. If not possible, please read another case.
Case 3 : Your app can automatically read an OTP sent by SMS
In this case, the phone where the measure run has a SIM card, receives a SMS after you log in and the app automatically reads the OTP code in the SMS. If your are not in this case please you need to read the another case.
When you launch a measurement on a TestBench device, you need to select a device with sim. The phone number of the device should be registered in the user account you use to log in. In most case you do not know the phone number of the Testbench device. So when writing GDSL test, you need to code the account creation and link it with the phone number of the device and then you can test your app.
When sending measurement on a TestBench phone with SIM, your GDSL can get the SIM phone number with available variables.
In this example, we add SIM phone number on the edit text
setTextById,${config-simphonenumber},com.myapp:id/phoneNumberEditText
the variable ${config-simphonenumber}
contents a number like 605120000 (without the first phone number)
there is another variable ${config-simcodecountry}
that contents the code country like +33
if you want to have the complete phone number you can concatenate both variables
setTextById,${config-simcodecountry}${config-simphonenumber},com.myapp:id/phoneNumberEditText
This is another GSDL example to enter country code and sim number in a form
measureStart,ACTION_authentication_fill_form
clickById,[your package]:id/countryCode
scrollToText,${config-simcodecountry}
clickByText,${config-simcodecountry}
pause,1000
setTextById,${config-simphonenumber},[your package]:id/phoneNumberEditText
measureStop
You can also use your GDSL file to launch measurement on your own phone with TestRunner. In this case you need to set in your file job.yml, the extras variables config-simcodecountry et config-simphonenumber which match your SIM card.
Case 4 : Other case, manual OTP
In these case, not everything is automated. When you launch a measurement on a TestBench device, you have to be ready to accept authenticator (google, microsoft) notification or retrieve the OTP in your own PC or phone (sms, email).
Case 4-1 : Accept notification via Authenticator (Google / Microsoft)
When you launch a measurement on a Test Bench device with the Greenspector CLI, you can receive a Authenticator notification on your own device. Accept it. Then your GDSL test can continue easily.
Case 4-2 : Retrieve OTP Code and make it available for your GDSL test.
When you launch a measurement on a Test Bench device with the Greenspector CLI, you can receive a email or a SMS on your own device linked to your account. Get the OTP and write it to a public json file on Internet that your GDSL test will read.
Please read Authentication with manual actions to have more details.