Trouble with Single Sign On

Hello,
first and foremost: thanks for the great Framework. It’s great fun to work with it.
Now to a little challenge I am experiencing. I need to automate a website which uses single sign on(via Microsoft). I alread gave up using Chromium, cause it needs an extension for single sign on in the Microsoft cosmos and I have absolutely no idea how to automate this in a way, that the tests would run on Windows and Linux. So I decided on firefox, becaus FF has the functionality I need already build in. Strange thing with FF is, when opening the site and it is the first site in the window, it still needs a login. Only when opening a second tab, does single sign on work without any interaction. But I am unable to open a second tab, using Robot Framework Browser with following code:

*** Settings ***
Library    Browser

*** Test Cases ***
Open pages in two different tabs
    Set Log Level    TRACE
    New Browser      browser=firefox    headless=False    firefoxUserPrefs={'network.http.windows-sso.enabled': True}
    New Context
    New Page         url=https://www.mozilla.org
    Press Keys       //html    Control+t
    Keyboard Key     down     Control
    Keyboard Key     press    t
    Keyboard Key     up       Control
    Go To            url=https://firefox.com
    Sleep    120

Any idea what am I doing wrong? I would expect any browser (chromium, webkit or FF) to open at least one new tab, but neither browser seems to care about Press Keys or Keyboard Key?
Thanks and regards.

p.s.: I also tried “New Page” instead of “Go To” - but that opens a new window for me, instead of new tab - which again needs login for Single Sign On.

Hi TorSte,

Welcome to the forum,

As far as I know the when an app is using the Microsoft single sign on pages, there’s no need for an extension in chromium or any of the chromium derived browsers (Chrome, Microsoft Edge, Brave, etc), where you might have difficulty is if your sit’s admin enabled multi factor authentication (MFA) on your test accounts, is the extension you mentioned related to this? I usually recommend asking the admins to disable MFA on your test accounts, don’t let them tell you it’s not possible, it can be done for either all accounts in an IP range, or all accounts in a org unit.

Something people often misunderstand with browser automation, when you launch the browser on your local machine it will appear to sign-in automatically or “remember“ your username so you only need to enter the password, but when you launch the browser from the automation tool (it’s the same for all automation tools not just robot framework) then you get a different behaviour and always get the login page like the first time you went to the site or as if you used private/incognito mode. Is this what you mean by needing sign in when opening a new tab? Because this is normal behaviour for test automation tools.

FYI the `New Page`keyword is the closest equivalent of opening a new tab in a browser, it will open a new window within the same context as the first page you opened, so if you log in on the first window, then call `New Page`and load the site on this new window, you’ll still be logged in, if you want to login as a different user on the new page while keeping the first user logged in on the first window, then use `New Context`

If you really need a new tab and not a new window, I think you can do it by running some JavaScript in the first browser page with Evaluate JavaScript

Something like this I think will work:

Evaluate JavaScript    window.open('https://www.mozilla.org', '_blank').focus();

OK… after some digging, it seems to be an issue with playwright itself: [Feature] context.newPage() to open a new tab instead of a new window in Firefox · Issue #3696 · microsoft/playwright · GitHub
I tried the workaround mentioned there in comment: [Feature] context.newPage() to open a new tab instead of a new window in Firefox · Issue #3696 · microsoft/playwright · GitHub and I finally got a new tab - sadly it did not solve my issue with Single Sign On. Somehow even the new tab ignores the firefox setting: firefox_user_prefs={‘network.http.windows-sso.enabled’: True}. But if I open a new tab in the same browser manually - it works.
Anyone any ideas on how to get Single Sign on working? Or on how to force at least firefox to not ignore the setting ‘network.http.windows-sso.enabled’: True for new pages?
Thanks.

Thanks for the hint.
I got the new tab with:

Evaluate JavaScript    //html    window.open("https://www.firefox.com", "_blank").focus();

(without the html, the Keyword thought “window” was a selector, don’t know if thats wanted behaviour)

And you are probably right, thats it is MFA, cause after entering a username in the browser started by RobotFramework Browser, I need to enter a pin.
But entering both is not enough, cause I get the info that either I should install: https://chromewebstore.google.com/detail/microsoft-single-sign-on/ppnbnpeolgkicgegkbkbjmhlideopiji (in chromium)
or (in firefox): How to enable Windows SSO login in Firefox | Firefox Help . (which already is done)
And I am not too sure, that I could request from the admins to disable MFA, since the server is provided by an external provider.

I had a look at that plug-in, maybe the reason I hadn’t seen it before is I mostly use Linux desktop, so when I sign in to a site using the MS SSO, I user Chrome/Edge on Linux and that plug-in only works for Windows and MacOS.

Is there a skip option when the page loads that talks about that plug-in? or are you trying to actually get the user to login to the application without entering a username+password?

There is another trick you can try, not sure if it’ll work or not. you can construct the user with the username and password in the url, e.g. `https://username:password@www.mozilla.org` for many applications this will allow you to avoid the login screen, but not sure how well that will work with the MS SSO site.

Anyway hopefully you have something that works for you now, with the new tab using the`Evaluate JavaScript`keyword,

Dave.