Add support for HTTP Digest authentication

cypress-io / cypress

Fast, easy and reliable testing for anything that runs in a browser.

https://cypress.io

MIT License

46.7k stars 3.16k forks source link

Add support for HTTP Digest authentication #4669

Open flotwig opened 5 years ago

flotwig commented 5 years ago

Current behavior:

Cypress does not support HTTP Digest authentication in cy.visit:

https://stackoverflow.com/questions/56804599/manually-enter-auth-credentials-in-dialog

Desired behavior:

Cypress supports digest authentication in cy.visit:

cy.visit({
  url: 'http://example.com',
  auth: {
    user: '...',
    pass: '...',
    type: 'digest'
  }
})

Versions

Cypress 3.3.2

Related issues

850 - add in-browser support for NTLM authentication
1255 - add in-browser support for Kerberos authentication

esoto commented 5 years ago

Any update here?

redReno commented 4 years ago

All products I'm testing have digest on as default, so this feature would be greatly appreciated.

RonManR commented 4 years ago

I am eagerly awaiting this feature to be able to complete my move away from selenium.

wclem4 commented 4 years ago

As a workaround for this issue, if you are able to obtain the digest auth cookie by authenticating with curl first (using --digest and --user), then you can store the cookie with -c and save it to an environment variable. You can set the cookie like this in your test, using cypress' built in setCookie() command:

cy.setCookie(`${Cypress.env('COOKIE_NAME')}`, `${Cypress.env('COOKIE_VALUE')}`)

RonManR commented 4 years ago

As a workaround for this issue, if you are able to obtain the digest auth cookie by authenticating with curl first (using --digest and --user), then you can store the cookie with -c and save it to an environment variable. You can set the cookie like this in your test, using cypress' built in setCookie() command:
cy.setCookie(`${Cypress.env('COOKIE_NAME')}`, `${Cypress.env('COOKIE_VALUE')}`)
@wclem4 I don't have experience with curl so pardon my ignorance but can cypress trigger curl commands or would I need to run the curl command before running my cypress tests?

wclem4 commented 4 years ago

not that I know of @RonManR

I personally put it in a script and sourced it before I ran the cypress test runner. I had curl saving the cookie to a file, then another line parsing the file for the name and the value and setting those values to the envs.

You may be able to use their cy.exec() and run curl in that command if you really want to contain it all in cypress. Not sure if that is a good route to go though.

redReno commented 4 years ago

@wclem4 Interesting! I will try this. Right now we configure our devices to use basic auth instead, and custom commands to pass the username/password when using cy.visit(). This would definitely be closer to an actual use case.

khamer1410 commented 3 years ago

We did a workaround by using a custom header to bypass the auth on the server. Funny thing - it works with headless electron mode but in the browser mode, digest auth is still required.

redReno commented 3 years ago

@khamer1410 Could you give an example of how you solved this? Would it be possible to create a solution that works with any server? The tests run on a collection of servers so we would need a solution that could smoothly be applied to all of them.