How to Skip Authentication in test automation using Playwright
Every software application identifies, recognizes, and authenticates the user trying to access the system using some type of credentials (i.e Username and password). And once the user is verified/authenticated, that user is granted permission to access authorized resources.
So, while testing the software application for every test case, the first step we perform is the login step.
If the test suite consists of 100+ test cases, then the step of logging in to the application will be performed for each test case. You can imagine the unnecessary time that will consume for logging in to the application each time for all those 100+ test cases.
Can we find a way to reduce the time required for logging in to the application for every test case? or can we skip logging in to the software application altogether?
This is where Playwright comes into the picture.
The playwright is an open-source test automation tool created by Microsoft. It is a cross-platform tool and has a set of features like Test Generator (codegen), Trace viewer, Inspector, etc, and the most important feature of Playwright which will help us to skip authentication in test automation is full isolation with browser context.
In addition, you can refer to the official document on playwright basic authentication.
First Off, we will have to login into the application via UI and reuse the authentication state in different and multiple scenarios using the browser context.
Let’s see how we can do it.
First, we are going to create a GenerateSession.java class where all of our own logical and automated login steps will be implemented,
Code:
import com.microsoft.playwright.*;
import java.nio.file.Paths;
public class GenerateSession {
Playwright playwright = Playwright.create();
Browser browser = playwright.chromium().launch(new BrowserType.LaunchOptions().setHeadless(false));
BrowserContext browserContext = browser.newContext();
Page page = browserContext.newPage();
page.navigate(BASE URL);
page.fill("//*[@id=\"username\"]",USERNAME);
page.fill("//*[@id=\"password\"]",PASSWORD);
page.click("//*[@id=\"Login\"]");So, what we did here is, launched the browser and created a new page.
In BrowserContext browserContext = browser.newContext();
we have created a browser context. This browserContext will store our authentication state i.e it will store the session, cookies, local storage, etc.
As you can see, we created the browser context browserContext, but the question here is, where will this authentication state (browserContex) will be stored?
The best way to store this browser context in a .json file.
The playwright provides a method called storageState() which will help us store the authentication state.
browserContext.storageState(new BrowserContext.StorageStateOptions().setPath(Paths.get("appLoginInfo.json")));The above code snippet will store the authentication state, cookies, local storage, etc in json format in appLoginInfo.json file.
If the appLoginInfo.json file is not created then the playwright will create a new file with the provided name appLoginInfo.json at the provided location in setPath(Paths.get(“appLoginInfo.json”)));
If you have the appLoginInfo.json file already created, each time you execute the above snippet, a new authentication state with cookies and local storage will be overwritten in the appLoginInfo.json file.
Now, we are all set up with our authentication state, cookies, and local storage. Our next question is
How do we use that authentication state and skip login for each scenario?
We can use a Playwright to skip authentication scenarios. As we all know, Web applications use cookies and token-based authentications. These authentications are stored in the form of cookies or local storage. The playwright provides us with methods that can store these authentication state and then create a new browser context with the previously restored session, which in turn help us skip login/authentication for the scenarios.
Here, we will set the stored authentication state using the methods above to the new browser context created for each scenario we run.
The playwright provides us with a method newContext() which will create a new browser context.
And by using NewContextOptions(), we can add/set the stored authentication state in the appLoginInfo.json file.
Let’s look at how we can do it in the code snippet below.
BrowserContext brContext = browser.newContext(new Browser.NewContextOptions().
setStorageStatePath(Paths.get("appLoginInfo.json")));Here, setStorageStatePath(Paths.get(“appLoginInfo.json”))will set the authentication state stored in appLoginInfo.json to the new browser context created in the previous step.
So, every time we execute the above code snippet, the browser context that is stored in appLoginInfo.json file will be set to the new browser context and the previous session will be restored.
Please refer to the methods listed below. I used these methods to skip authentication scenarios for one of the Salesforce apps.
@Test
public void generateSessionCookies() throws InterruptedException {
Playwright playwright = Playwright.create();
Browser browser = playwright.chromium().launch(new BrowserType.LaunchOptions().setHeadless(false));
BrowserContext browserContext = browser.newContext();
Page page = browserContext.newPage();
page.navigate("BASE URL");
page.fill("//*[@id=\"username\"]", "USERNAME");
page.fill("//*[@id=\"password\"]", "PASSWORD");
page.click("//*[@id=\"Login\"]");
page.click("//*[@id=\"save\"]");
browserContext.storageState(new BrowserContext.StorageStateOptions().setPath(Paths.get("appLoginInfo.json")));
page.close();
}
@Test
public void useSavedSessionCookies() throws InterruptedException {
Playwright playwright = Playwright.create();
Browser browser = playwright.chromium().launch(new BrowserType.LaunchOptions().setHeadless(false));
BrowserContext browserContext = browser.newContext();
Page page = browserContext.newPage();
browserContext.storageState(new BrowserContext.StorageStateOptions().setPath(Paths.get("appLoginInfo.json")));
page.close();
}Conclusion:
In this way, Playwright helps us to store the authentication state, cookies, local storage, etc. And we can use this authentication state and set it to our new browser context and restore the previous session, which will in turn help us skip the login step for the n number of scenarios for a software application.
I hope this article has served you well.
Apurva is a Test Engineer, with 3+ years of experience in Manual and automation testing. Having hands-on experience in testing Web as well as Mobile applications in Selenium and Playwright BDD with Java. And loves to explore and learn new tools and technologies.