Add browser autofill

Fixes #1182
Versent · Dec 14, 2023 · 7fe33f0 · 7fe33f0
1 parent 6047196
commit 7fe33f0
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 1 deletion.
diff --git a/cmd/saml2aws/main.go b/cmd/saml2aws/main.go
@@ -74,6 +74,7 @@ func main() {
 	app.Flag("idp-provider", "The configured IDP provider. (env: SAML2AWS_IDP_PROVIDER)").Envar("SAML2AWS_IDP_PROVIDER").EnumVar(&commonFlags.IdpProvider, "Akamai", "AzureAD", "ADFS", "ADFS2", "Browser", "GoogleApps", "Ping", "JumpCloud", "Okta", "OneLogin", "PSU", "KeyCloak", "F5APM", "Shibboleth", "ShibbolethECP", "NetIQ", "Auth0")
 	app.Flag("browser-type", "The configured browser type when the IDP provider is set to Browser. if not set 'chromium' will be used. (env: SAML2AWS_BROWSER_TYPE)").Envar("SAML2AWS_BROWSER_TYPE").EnumVar(&commonFlags.BrowserType, "chromium", "firefox", "webkit", "chrome", "chrome-beta", "chrome-dev", "chrome-canary", "msedge", "msedge-beta", "msedge-dev", "msedge-canary")
 	app.Flag("browser-executable-path", "The configured browser full path when the IDP provider is set to Browser. If set, no browser download will be performed and the executable path will be used instead. (env: SAML2AWS_BROWSER_EXECUTABLE_PATH)").Envar("SAML2AWS_BROWSER_EXECUTABLE_PATH").StringVar(&commonFlags.BrowserExecutablePath)
+	app.Flag("browser-autofill", "Configures browser to autofill the username and password. (env: SAML2AWS_BROWSER_AUTOFILL)").Envar("SAML2AWS_BROWSER_AUTOFILL").BoolVar(&commonFlags.BrowserAutoFill)
 	app.Flag("mfa", "The name of the mfa. (env: SAML2AWS_MFA)").Envar("SAML2AWS_MFA").StringVar(&commonFlags.MFA)
 	app.Flag("skip-verify", "Skip verification of server certificate. (env: SAML2AWS_SKIP_VERIFY)").Envar("SAML2AWS_SKIP_VERIFY").Short('s').BoolVar(&commonFlags.SkipVerify)
 	app.Flag("url", "The URL of the SAML IDP server used to login. (env: SAML2AWS_URL)").Envar("SAML2AWS_URL").StringVar(&commonFlags.URL)

diff --git a/pkg/cfg/cfg.go b/pkg/cfg/cfg.go
@@ -41,6 +41,7 @@ type IDPAccount struct {
 	Provider              string `ini:"provider"`
 	BrowserType           string `ini:"browser_type,omitempty"`            // used by 'Browser' Provider
 	BrowserExecutablePath string `ini:"browser_executable_path,omitempty"` // used by 'Browser' Provider
+	BrowserAutoFill       bool   `ini:"browser_autofill,omitempty"`        // used by 'Browser' Provider
 	MFA                   string `ini:"mfa"`
 	MFAIPAddress          string `ini:"mfa_ip_address"` // used by OneLogin
 	SkipVerify            bool   `ini:"skip_verify"`

diff --git a/pkg/flags/flags.go b/pkg/flags/flags.go
@@ -14,6 +14,7 @@ type CommonFlags struct {
 	IdpProvider           string
 	BrowserType           string
 	BrowserExecutablePath string
+	BrowserAutoFill       bool
 	MFA                   string
 	MFAIPAddress          string
 	MFAToken              string
@@ -83,6 +84,10 @@ func ApplyFlagOverrides(commonFlags *CommonFlags, account *cfg.IDPAccount) {
 		account.BrowserExecutablePath = commonFlags.BrowserExecutablePath
 	}
 
+	if commonFlags.BrowserAutoFill {
+		account.BrowserAutoFill = commonFlags.BrowserAutoFill
+	}
+
 	if commonFlags.MFA != "" {
 		account.MFA = commonFlags.MFA
 	}

diff --git a/pkg/provider/browser/browser.go b/pkg/provider/browser/browser.go
@@ -3,11 +3,11 @@ package browser
 import (
 	"errors"
 	"fmt"
+	"github.com/playwright-community/playwright-go"
 	"net/url"
 	"regexp"
 	"strings"
 
-	"github.com/playwright-community/playwright-go"
 	"github.com/sirupsen/logrus"
 	"github.com/versent/saml2aws/v2/pkg/cfg"
 	"github.com/versent/saml2aws/v2/pkg/creds"
@@ -25,6 +25,7 @@ type Client struct {
 	// Setup alternative directory to download playwright browsers to
 	BrowserDriverDir string
 	Timeout          int
+	BrowserAutoFill  bool
 }
 
 // New create new browser based client
@@ -35,6 +36,7 @@ func New(idpAccount *cfg.IDPAccount) (*Client, error) {
 		BrowserType:           strings.ToLower(idpAccount.BrowserType),
 		BrowserExecutablePath: idpAccount.BrowserExecutablePath,
 		Timeout:               idpAccount.Timeout,
+		BrowserAutoFill:       idpAccount.BrowserAutoFill,
 	}, nil
 }
 
@@ -132,6 +134,13 @@ var getSAMLResponse = func(page playwright.Page, loginDetails *creds.LoginDetail
 		return "", err
 	}
 
+	if client.BrowserAutoFill {
+		err := autoFill(page, loginDetails)
+		if err != nil {
+			logger.Error("error when auto filling", err)
+		}
+	}
+
 	// https://docs.aws.amazon.com/general/latest/gr/signin-service.html
 	// https://docs.amazonaws.cn/en_us/aws/latest/userguide/endpoints-Ningxia.html
 	// https://docs.amazonaws.cn/en_us/aws/latest/userguide/endpoints-Beijing.html
@@ -155,6 +164,40 @@ var getSAMLResponse = func(page playwright.Page, loginDetails *creds.LoginDetail
 	return values.Get("SAMLResponse"), nil
 }
 
+var autoFill = func(page playwright.Page, loginDetails *creds.LoginDetails) error {
+	passwordField := page.Locator("input[type='password']")
+	err := passwordField.WaitFor(playwright.LocatorWaitForOptions{
+		State: playwright.WaitForSelectorStateVisible,
+	})
+
+	if err != nil {
+		return err
+	}
+
+	err = passwordField.Fill(loginDetails.Password)
+	if err != nil {
+		return err
+	}
+
+	keyboard := page.Keyboard()
+
+	// move to username field which is above password field
+	err = keyboard.Press("Shift+Tab")
+	if err != nil {
+		return err
+	}
+
+	err = keyboard.InsertText(loginDetails.Username)
+	if err != nil {
+		return err
+	}
+
+	// Find the submit button of the form that the password field is in
+	return page.Locator("form", playwright.PageLocatorOptions{
+		Has: passwordField,
+	}).Locator("input[type='submit']").Click()
+}
+
 func signinRegex() (*regexp.Regexp, error) {
 	// https://docs.aws.amazon.com/general/latest/gr/signin-service.html
 	// https://docs.amazonaws.cn/en_us/aws/latest/userguide/endpoints-Ningxia.html