From 98033e0e7fa4af5eee1a56f73d8fc1367294b4c8 Mon Sep 17 00:00:00 2001
From: SOOS-JAlvarez <92373106+SOOS-JAlvarez@users.noreply.github.com>
Date: Thu, 26 Jan 2023 11:47:57 -0300
Subject: [PATCH] PA-7854 Multi step/page form authentication (#16)

* PA-7854 Multi step/page form authentication

* fix if on shell script

* using alpha for qa to test

* fixed order

* change to a test image for path

* back to alpha after fix

* back to latest for the release
---
 README.md     |  3 +++
 action.yml    | 14 +++++++++++++-
 entrypoint.sh | 12 ++++++++++++
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6c9bae9..d534f4c 100644
--- a/README.md
+++ b/README.md
@@ -66,12 +66,15 @@ The `soos-io/soos-dast-github-action` Action has properties which are passed to
 | request_cookies                     | [none]                     | Set Cookie values for the requests to the target URL.    
 | report_request_headers                     | True                     | Include request/response headers data in report.
 | bearer_token                     | [none]                     | Bearer token to include as authorization header in every request.    
+| auth_form_type                     | [none]                     | simple (all fields are displayed at once), wait_for_password (Password field is displayed only after username is filled), or multi_page (Password field is displayed only after username is filled and submit is clicked).  
 | auth_username                     | [none]                     | Username to use in auth apps.    
 | auth_password                     | [none]                     | Password to use in auth apps.
 | auth_login_url                     | [none]                     | Login url to use in auth apps.  
 | auth_username_field                     | [none]                     | Username input id to use in auth apps.    
 | auth_password_field                     | [none]                     | Password input id to use in auth apps.
 | auth_submit_field                     | [none]                     | Submit button id to use in auth apps.   
+| auth_second_submit_field                     | [none]                     | Second submit button id to use in auth apps (for multi-page forms).  
+| auth_delay_time                     | [none]                     | Delay time in seconds to wait for the page to load after performing actions in the form. (Used only on authFormType: wait_for_password and multi_page) 
 | auth_submit_action                     | [none]                     | Submit action to perform on form filled. Possible values are click or submit. 
 | oauth_token_url                     | [none]                     | The fully qualified authentication URL that grants the access_token.    
 | oauth_parameters                     | [none]                     | Parameters to be added to the oauth token request needs to be comma delimited. (eg: client_id:value, client_secret:value, grant_type:value).  
diff --git a/action.yml b/action.yml
index 5d1afc1..1626104 100644
--- a/action.yml
+++ b/action.yml
@@ -111,6 +111,15 @@ inputs:
   auth_submit_field:
     description: 'Submit button id to use in auth apps.'
     required: false
+  auth_second_submit_field:
+    description: 'Second submit button id to use in auth apps (for multi-page forms).'
+    required: false
+  auth_form_type:
+    description: 'simple (all fields are displayed at once), wait_for_password (Password field is displayed only after username is filled), or multi_page (Password field is displayed only after username is filled and submit is clicked)'
+    required: false
+  auth_delay_time:
+    description: 'Delay time in seconds to wait for the page to load after performing actions in the form. (Used only on authFormType: wait_for_password and multi_page)'
+    required: false
   auth_submit_action: 
     description: 'Submit action to perform on form filled. Possible values are click or submit.'
     required: false
@@ -157,4 +166,7 @@ runs:
     - ${{ inputs.auth_submit_action }}
     - ${{ inputs.oauth_token_url }}
     - ${{ inputs.oauth_parameters }}
-    - ${{ inputs.on_failure }}
\ No newline at end of file
+    - ${{ inputs.on_failure }}
+    - ${{ inputs.auth_second_submit_field }}
+    - ${{ inputs.auth_form_type }}
+    - ${{ inputs.auth_delay_time }}
\ No newline at end of file
diff --git a/entrypoint.sh b/entrypoint.sh
index 3c15aed..2183f63 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -44,6 +44,9 @@ SOOS_AUTH_SUBMIT_FIELD=${30}
 SOOS_AUTH_SUBMIT_ACTION=${31}
 SOOS_OAUTH_TOKEN_URL=${32}
 SOOS_OAUTH_PARAMETERS=${33}
+SOOS_AUTH_SECOND_SUBMIT_FIELD=${35}
+SOOS_AUTH_FORM_TYPE=${36}
+SOOS_AUTH_DELAY_TIME=${37}
 
 SOOS_INTEGRATION_NAME="GitHub"
 SOOS_INTEGRATION_TYPE="Plugin"
@@ -131,5 +134,14 @@ fi
 if [ -n "$SOOS_OAUTH_PARAMETERS" ]; then
     PARAMS+=" --oauthParameters ${SOOS_OAUTH_PARAMETERS}"
 fi
+if [  -n "$SOOS_AUTH_SECOND_SUBMIT_FIELD" ]; then
+    PARAMS+=" --authSecondSubmitField ${SOOS_AUTH_SECOND_SUBMIT_FIELD}"
+fi
+if [  -n "$SOOS_AUTH_FORM_TYPE" ]; then
+    PARAMS+=" --authFormType ${SOOS_AUTH_FORM_TYPE}"
+fi
+if [  -n "$SOOS_AUTH_DELAY_TIME" ]; then
+    PARAMS+=" --authDelayTime ${SOOS_AUTH_DELAY_TIME}"
+fi
 
 python3 main.py ${SOOS_TARGET_URL} ${PARAMS}