search

liip / TheA11yMachine

The A11y Machine is an automated accessibility testing tool which crawls and tests pages of any web application to produce detailed reports.
https://www.liip.ch/
621 stars 66 forks source link

Support SAML #110

Open rakeshkmr516 opened 6 years ago

rakeshkmr516 commented 6 years ago

Hi , I am unable to install sudo npm install -g the-a11y-machine due tophantom js error since phantomjs days came to an end, can we remove this package from the bundle

phantomjs-prebuilt@2.1.15 install /usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt node install.js

Considering PhantomJS found at /usr/local/bin/phantomjs Looks like an npm install -g Found PhantomJS at /usr/local/lib/node_modules/phantomjs/lib/phantom/bin/phantomjs ...verifying Writing location.js file Error checking path, continuing { Error: EACCES: permission denied, open '/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/location.js' at Object.fs.openSync (fs.js:652:18) at Object.fs.writeFileSync (fs.js:1299:33) at writeLocationFile (/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/util.js:84:6) at Promise._successFn (/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/install.js:366:11) at nextTickCallback (/usr/local/lib/node_modules/the-a11y-machine/node_modules/kew/kew.js:47:28) at _combinedTickCallback (internal/process/next_tick.js:131:7) at process._tickCallback (internal/process/next_tick.js:180:9) errno: -13, code: 'EACCES', syscall: 'open', path: '/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/location.js' } Download already available at /tmp/phantomjs/phantomjs-2.1.1-macosx.zip Verified checksum of previously downloaded file Extracting zip contents Removing /usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/phantom Copying extracted folder /tmp/phantomjs/phantomjs-2.1.1-macosx.zip-extract-1506325827577/phantomjs-2.1.1-macosx -> /usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/phantom Phantom installation failed { Error: EACCES: permission denied, link '/tmp/phantomjs/phantomjs-2.1.1-macosx.zip-extract-1506325827577/phantomjs-2.1.1-macosx' -> '/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/phantom' errno: -13, code: 'EACCES', syscall: 'link', path: '/tmp/phantomjs/phantomjs-2.1.1-macosx.zip-extract-1506325827577/phantomjs-2.1.1-macosx', dest: '/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/phantom' } Error: EACCES: permission denied, link '/tmp/phantomjs/phantomjs-2.1.1-macosx.zip-extract-1506325827577/phantomjs-2.1.1-macosx' -> '/usr/local/lib/node_modules/the-a11y-machine/node_modules/phantomjs-prebuilt/lib/phantom'

Hywan commented 6 years ago

I am not able to reproduce your issue.

since phantomjs days came to an end, can we remove this package from the bundle

I don't understand what your are suggesting. a11ym uses PhantomJS to test the web pages. We would like to use SlimerJS one day, and probably libservo one other day too, but it's the case today. If you have time to help on this area, we would be glad to work with you!

rakeshkmr516 commented 6 years ago

Finally able to install with yarn Thank you @Hywan for your support I am able to run on an example website which gave me good report with issues ( Accessibility errors) under a11ym_output index file. Kudos to your team

However when i tried on my real website which requires authentication able to fetch urls until redirection failed to run accessibility test on URLS and displays 0 errors Do i need to use these parameters for crawling authenticated websites --http-auth-user Username to authenticate all HTTP requests. --http-auth-password Password to authenticate all HTTP requests. --http-tls-disable Disable TLS/SSL when crawling or downloading pages. Eg:- a11ym https:/example.com --http-auth-user username --http-auth-password password --http-tls-disable

Even after using above parameters fetch stopped after saml login page

@Hywan Can you suggest recommended approach to test authenticated websites

Hywan commented 6 years ago

--http-auth-* options are dedicated to solve this issue. What is SAML login page?

rakeshkmr516 commented 6 years ago

we are using saml based authentication after crawling to that particular url fetch stopped and run havent executed AM still suprised to see fetch stopped at authentication url

rakeshkmr516 commented 6 years ago

@Hywan I am able to successfully point it at sites that do not require login. However, our application does require login and the “–http-auth-user” and “–http-auth-password” parameters appear to do nothing. Here is my sample usage. I would guess I am doing something wrong.

a11ym –http-auth-user username –http-auth-password password -http-tls-disable https://website.com

Are these headers confirmed to work? I could not find much on how to use them properly.

Thank you for your help, and have a wonderful day

Hywan commented 6 years ago

HTTP auth works yes, but it's basic auth, not SAML.

SAML support is not implemented yet.

rakeshkmr516 commented 6 years ago

@Hywan Could you please take it as an enhancement since there are so many form based authentication websites

Hywan commented 6 years ago

My recommendation is to have a “test-xxx” profile for your application that by-pass some auth for instance. I am no longer working actively on this project since I don't work for Liip anymore. I am just a regular contributor.

cc @jeanmonod @ralf57