We are really new to locust.io and have setup a load test that allows a user to checkout on an e-commerce website. At the orderconfirmation page we are wanting/needing to clear the users cookies at the end of its run so when it starts over there are no saved cookies. It would be awesome to get some help on this! Python unfortunately is not a language i use on a daily basis so i'm sure this is something simple someone can help with!
class CheckoutPage(TaskSet):
#task(1)
def checkout(self):
self.client.get("/Checkout/OrderConfirmation")
# I want to clear cookies here so the httpuser starts over with no cookies
self.client is an instance of HttpSession, which is a wrapper for a requests.Session, so you can do:
self.client.cookies.clear()
Related
Hi i know this is probably not the place to ask this but i m stumped at the moment as i cant seem to find any reference or docs relating to working with Roblox. I mean sure they have an auth route etc but nothing detailed. I want to login user using username and give them roblox based on different actions they take on the site like completing surveys etc. Can anyone please give me links to some resources that would come in handy for the particular purpose. Thank you.
Roblox does not support any OAuth systems, but you still can use HttpService:GetAsync() function to get strings/data from web site(if the page in website display that text), the way to keep data that you recieved from url(web page) safe is to store script with HttpService:GetAsync() function in server side(example: RobloxScriptService). You need to allow http requests in your GameSettings -> Security in roblox studio. Script example:
local HttpService = game:GetService("HttpService")
local stringg = HttpService:GetAsync("https://pastebin.com/raw/k7S6Ln9R")
print(string)
--Should outpud data written ot the web page, you can use any web page to store data even your own
The only two things that left is to make your web server rewrite the page, or just use some databases at your web site by placing their url into loadstring() function.
Now you just need to parse the string given by url to use it's data.
The pastebin url that i wrote into loadstring() just an example, you can write whatever you wan, but again you need to parse the data that you got from url, or just convert the string into type of text like on the page, and then just check is they written at url/webpage. Example:
local writtenpass = game.Players["anyplayer"].PlayerGui.TestGui.Frame.PasswordTextBox.text
local writtenlogin = game.Players["anyplayer"].PlayerGui.TestGui.Frame.LoginTextBox.text
local HttpService = game:GetService("HttpService")
local response = HttpService:GetAsync("https://pastebin.com/raw/k7S6Ln9R")
local istrue = string.find(response, "{ login = ".. writtenlogin .." pass = ".. writtenpass .." }")
print(istrue)
if istrue == 1 then
print("exist!")
--whatewer actions if login and pass exist
end
You can wiew the page here https://pastebin.com/raw/k7S6Ln9R
Well that a lot of damage!
If it helps mark me
I was trying out the new enhanced revocable sessions in Parse on my Android app. It works well when logging in or signing up via email password or facebook but doesn't work well for custom authentication, e.g. google+.
I'm currently logging in the user using the cloud code which also creates the new user when signing up. This does not create a new Session object, that means the new enhanced sessions are not used and it still uses the legacy sessions.
I pass the session token back to client where using the become method the user logs in but it's the legacy sessions.
This feels like the feature is not complete but I would really like to move to the new enhanced sessions with my app. Has anyone worked with them yet? Are there any workarounds using the REST API or by creating the sessions manually and handling them manually? I looked into the JS API but it says it's only read only.
Here's the Blog post on Enhanced Sessions.
Where should I go next?
Yes, I found a solution but it's a workaround, works for my case because I don't support signing up with user/password.
Basically, the solution (cloud code) in semi pseudo-code is:
Fetch the user with master key
Check if user.getSessionToken() has value
if it has, return the session token and do a user.become() in the client as usual
if it's not, here the workaround, do the following:
yourPreviousPromiseInOrderToChainThem.then(function(user)
password = new Buffer(24);
_.times(24, function(i) {
password.set(i, _.random(0, 255));
});
password = password.toString('base64')
user.setPassword(password);
return user.save();
}).then(function(user) {
return Parse.User.logIn(user.get('username'), password)
}).then(function(user) {
var sessionToken = user.getSessionToken();
// Return the session token to the client as you've been doing with legacy sessions
})
That means, I'm changing the user password each time in order to make a remote login and, of course, I know thist can't be applied to all cases, it's enough for app because I don't support login with user/password (only third party logins) but I understand that maybe it's not for all cases.
I got the idea from this official Parse example.
I don't like this solution because I think is not a workaround, it's a mega hack but I think there is no other way to do it currently (either Parse.com or Parse-Server)
If you find other workaround, please, share it :)
I am looking to introduce Facebook login/sign up tests into a Webdriver suite for a C# application.
Facebook Developers has an article on manual verification, but does not seem to reference any procedure for automating these tests. I could simply write the steps indicated but I would like to avoid running scripts on the Facebook UI, especially when it involves creating test users.
Looking through a few previous answers, it appears that Facebook had an automation solution a few years ago, but I can no longer find any reference to it anywhere.
Has anyone had any experience automating Facebook Connect login or sign up? Any tips or strategies you can share would be greatly appreciated.
The first thing you probably want to do is create test users.
The Facebook API lets you do this easily;
https://developers.facebook.com/docs/graph-api/reference/v2.0/app/accounts/test-users
This will give you a login url which should result in automatic login and as result drop a cookie which should help you avoid manual login within your application.
The api also allows you to create relationships and publish events
You can connect to Facebook by logging in automatically using Selenium, I wrote it in Java.
It roughly looks like this:
void login()
{
if(isElementFound(EMAIL_FIELD))
driver.findElement(EMAIL_FIELD).sendKeys(username);
if(isElementFound(PWD_FIELD))
driver.findElement(PWD_FIELD).sendKeys(password);
if(isElementFound(LOGIN_BUTTON))
driver.findElement(LOGIN_BUTTON).click();
if(waitForElement(MENU, 30))
System.out.println("login Successful");
else
System.out.println("login un-successful");
}
#Test
public void facebookLogin() throws Exception {
WebDriver driver = getDriver();
driver.get("http://www.facebook.com");
WebElement email = driver.findElement(By.name("email"));
email.clear();
email.sendKeys("myuser");
WebElement password = driver.findElement(By.name("pass"));
password.clear();
password.sendKeys("mypass");
WebElement loginbutton = driver.findElement(By.id("loginbutton"));
loginbutton.click();
System.out.println("done!");
}
When I needed to do this, the option of creating test users was not sufficient - they were too short lived and we needed time to populate them with a particular set of attributes.
We ended up setting up servers that mocked the parts of the Facebook APIs that were exercised in our tests. We then redirected the test environment to resolve the facebook domain names to our those servers. It was not easy, but this approach had several advantages
We could populate the users as we pleased without worrying about them disappearing
We could have as many as we wanted
We could control the performance of the FB APIs - and capture metrics on that performance during the test. If something was slow, we could be sure it wasn't a FB hiccup. If we wanted to test what happened to the target app if FB got slow, we could do that, too.
I have a google app engine that handled logging in to Yahoo and Google though the OpenID mechanism and it works well. I have added the facebook connector (Javascript Library) and it to works well with the exception that I can't get the app to think it's authenticated. I know why this is occurring because Facebook provides its own "connect" and it's not OpenID.
Is there a way I can call the GAE framework once authenticated to allow for login: required pages to work?
I want to add others like twitter and microsoft, but it's a real pain if I can't get the GAE to honour the fact it's authenticated.
EDIT
Thanks to #Isaac below I did stumble upon this URL at facebook:
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/
The redirect URL you specifiy gets a few tokens that facebook thinks you need... in their case access_token={access-token}&expires={seconds-til-expiration}.
From the time when I managed to break my app because of the ajax loading I noticed that google OAuth put you back on /_ah/login?continue=<new final end point> which processed the tokens seemlessly and then did something within the framework to register the user as authenticated, then puts you back on the URL you specified in the first place. It's this I want to understand.
Further edit
I've found a few bits for example:
http://code.scotchmedia.com/engineauth/docs/index.html
It's python but it looks like it is possible to handle multiple authentication types from multiple vendors (the link shows things like twitter and facebook) so this does look possible.
I tried creating a new User on the framework, but there is no setCurrentUser() on the UserService object.
The only thing I can think of now is forging the authentication cookie. Anyone know the best way to do that?
I believe facebook has an oauth login flow. These links might help:
http://hayageek.com/facebook-javascript-sdk/
https://developers.facebook.com/docs/reference/dialogs/oauth/
https://developers.facebook.com/docs/facebook-login/
If you can't get oauth to work, you could use a #login_required decorator on your endpoints
import functools
def login_required(func):
#functools.wraps(func)
def decorated(self, *args, **kwargs):
current_user = users.get_current_user()
if current_user or check_facebook_login(self):
return func(self, *args, **kwargs)
elif self.request.method == 'GET':
self.redirect(users.create_login_url(self.request.url))
else:
self.response.headers['Content-Type'] = 'text/plain'
self.response.write('Forbidden')
self.error(403)
return decorated
class QueryHandler(webapp2.RequestHandler):
#login_required
def get(self):
...
I'm using the Javascript SDK inside a node.js (Express) App.
Connecting Users works fine, but the connection does not persist between page reloads.
Is this the default behaviour, or is the User supposed to stay connected in new requests?
Do I have to use OAuth token authentication and if so, how can this be done with the JS-SDK?
Inside the "Permission"-Popup, Users are already logged in with soundlcoud, though.
(just have to click the "connect" button each time)
Figured I'd share my answer for those who are unsatisfied with the current answers for automated oauth:
Retrieving access_token:
I had to define get and set cookie functions and then I use the functions to set and retrieve a function holding the access token. I'm not going to give these functions for conciseness but you can easily find them with a google search. I then use this line of code to get the SC access token (once the user has authenticated for the first time)
SC.accessToken()
Setting token:
So this is kind of just an elephant in the room in my opinion that for some reason no one has mentioned. How in the **** do you connect w/ SC using the access token? Do you set it as oauth param? On each call pass it? Well, after experimenting with putting the parameter in every single place I could think, I found out you have to do something like this:
SC.initialize({
client_id: '[removed for security reasons]',
client_secret: '[removed for security reasons]',
redirect_uri: '[removed for security reasons]',
access_token: getCookie("sc_lm2"),
scope: 'non-expiring'
});
//Where "sc_lm2" is the name of my cookie
Hope the helps! Took me a while to figure this out for such a simple thing
EDIT
Using PHP and Wordpress:
$json = wp_remote_get("http://api.soundcloud.com/users/[user_id]/tracks.json?client_id=[client_id]");
$soundcloudData = json_decode($json['body'],true);
(substitue cURL functionality if you're not using Wordpress). #krafty I assume you would just change the endpoint from "/tracks" to "/users" but I can't say I have ever really needed to grab anything but tracks using the Soundcloud API. Hope this helps, though I'm not sure I fully understand what it is that you are trying to accomplish (or rather, how exactly you're going about it) - are you trying to allow user logins? If you want to explain fully what you're trying to accomplish and the steps you're taking I'd be happy to take a crack at it.
Yep, this is the way to do it, officially. :)
For the Next SoundCloud site, we store the token in localStorage (until the user logs out, of course). In each AJAX request to the API from the front end, we put the oauth token in a request header:
jqXHR.setRequestHeader('Authorization', 'OAuth ' + the_oauth_token);