PA-7854 Multi step/page form authentication (#16)

* PA-7854 Multi step/page form authentication * fix if on shell script * using alpha for qa to test * fixed order * change to a test image for path * back to alpha after fix * back to latest for the release
soos-io · Jan 26, 2023 · 98033e0 · 98033e0
1 parent 30ede47
commit 98033e0
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -66,12 +66,15 @@ The `soos-io/soos-dast-github-action` Action has properties which are passed to
 | request_cookies                     | [none]                     | Set Cookie values for the requests to the target URL.    
 | report_request_headers                     | True                     | Include request/response headers data in report.
 | bearer_token                     | [none]                     | Bearer token to include as authorization header in every request.    
+| auth_form_type                     | [none]                     | simple (all fields are displayed at once), wait_for_password (Password field is displayed only after username is filled), or multi_page (Password field is displayed only after username is filled and submit is clicked).  
 | auth_username                     | [none]                     | Username to use in auth apps.    
 | auth_password                     | [none]                     | Password to use in auth apps.
 | auth_login_url                     | [none]                     | Login url to use in auth apps.  
 | auth_username_field                     | [none]                     | Username input id to use in auth apps.    
 | auth_password_field                     | [none]                     | Password input id to use in auth apps.
 | auth_submit_field                     | [none]                     | Submit button id to use in auth apps.   
+| auth_second_submit_field                     | [none]                     | Second submit button id to use in auth apps (for multi-page forms).  
+| auth_delay_time                     | [none]                     | Delay time in seconds to wait for the page to load after performing actions in the form. (Used only on authFormType: wait_for_password and multi_page) 
 | auth_submit_action                     | [none]                     | Submit action to perform on form filled. Possible values are click or submit. 
 | oauth_token_url                     | [none]                     | The fully qualified authentication URL that grants the access_token.    
 | oauth_parameters                     | [none]                     | Parameters to be added to the oauth token request needs to be comma delimited. (eg: client_id:value, client_secret:value, grant_type:value).  

diff --git a/action.yml b/action.yml
@@ -111,6 +111,15 @@ inputs:
   auth_submit_field:
     description: 'Submit button id to use in auth apps.'
     required: false
+  auth_second_submit_field:
+    description: 'Second submit button id to use in auth apps (for multi-page forms).'
+    required: false
+  auth_form_type:
+    description: 'simple (all fields are displayed at once), wait_for_password (Password field is displayed only after username is filled), or multi_page (Password field is displayed only after username is filled and submit is clicked)'
+    required: false
+  auth_delay_time:
+    description: 'Delay time in seconds to wait for the page to load after performing actions in the form. (Used only on authFormType: wait_for_password and multi_page)'
+    required: false
   auth_submit_action: 
     description: 'Submit action to perform on form filled. Possible values are click or submit.'
     required: false
@@ -157,4 +166,7 @@ runs:
     - ${{ inputs.auth_submit_action }}
     - ${{ inputs.oauth_token_url }}
     - ${{ inputs.oauth_parameters }}
-    - ${{ inputs.on_failure }}
+    - ${{ inputs.on_failure }}
+    - ${{ inputs.auth_second_submit_field }}
+    - ${{ inputs.auth_form_type }}
+    - ${{ inputs.auth_delay_time }}
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -44,6 +44,9 @@ SOOS_AUTH_SUBMIT_FIELD=${30}
 SOOS_AUTH_SUBMIT_ACTION=${31}
 SOOS_OAUTH_TOKEN_URL=${32}
 SOOS_OAUTH_PARAMETERS=${33}
+SOOS_AUTH_SECOND_SUBMIT_FIELD=${35}
+SOOS_AUTH_FORM_TYPE=${36}
+SOOS_AUTH_DELAY_TIME=${37}
 
 SOOS_INTEGRATION_NAME="GitHub"
 SOOS_INTEGRATION_TYPE="Plugin"
@@ -131,5 +134,14 @@ fi
 if [ -n "$SOOS_OAUTH_PARAMETERS" ]; then
     PARAMS+=" --oauthParameters ${SOOS_OAUTH_PARAMETERS}"
 fi
+if [  -n "$SOOS_AUTH_SECOND_SUBMIT_FIELD" ]; then
+    PARAMS+=" --authSecondSubmitField ${SOOS_AUTH_SECOND_SUBMIT_FIELD}"
+fi
+if [  -n "$SOOS_AUTH_FORM_TYPE" ]; then
+    PARAMS+=" --authFormType ${SOOS_AUTH_FORM_TYPE}"
+fi
+if [  -n "$SOOS_AUTH_DELAY_TIME" ]; then
+    PARAMS+=" --authDelayTime ${SOOS_AUTH_DELAY_TIME}"
+fi
 
 python3 main.py ${SOOS_TARGET_URL} ${PARAMS}