Code : Automating Extension automation with Selenium

Below code is for Chrome. This will work for Firefox  with little change in code.

// Load extension file
File file = new File(“chrome.crx”);
ChromeOptions options = new ChromeOptions();
options.addExtensions(file);

// Launch browser instance with the extension
WebDriver driver = new ChromeDriver(options);

// Access Extension in browser window .. This further allows you to automate all the actions through Selenium
driver.get(“extension://palgcoflnoaklkflllnmheiollkgkipm/popup.html”);

Selenium : Opening a new Tab in browser (Firefox , Chrome or, Safari)


// Get Handle of current window/Tab
String parentHandle = driver.getWindowHandle();

// Get JavaExecuter instance from driver
JavascriptExecutor j = (JavascriptExecutor)driver;

// Open a new Tab with text on it as "Open New Tab
j.executeScript("function createDoc(){var w = window.open(); w.document.open(); w.document.write('Open New Tab'); w.document.close();}; createDoc();");

// Go to the newly opened window
for (String winHandle : driver.getWindowHandles()) {
driver.switchTo().window(winHandle);
Do your work
*/

// Go back to Parent Tab

driver.switchTo().window(parentHandle);

Approach to Automation of firefox and Chrome extensions using Selenium

Browser extensions does not use browser space for it’s GUI display and user interaction, this making it impossible to automate it through Selenium.

But, fortunately, you can run the extension in browser space with little trick and with that you can automate it using Selenium

Below steps will help you do exactly same for a Chrome extension called packman ( https://chrome.google.com/webstore/detail/pacman/palgcoflnoaklkflllnmheiollkgkipm)

Steps:

Way 1:

1.  go to Extension location on the disk . In case of Mac , it’s ~//Library/Application Support/Google/Chrome/Default/Extensions

2. You can find all the extension (installed) here, you can go to folder “palgcoflnoaklkflllnmheiollkgkipm”

palgcoflnoaklkflllnmheiollkgkipm can be found in the Chrome webstore URL

3. find all the html file under this folder. In most cases, you’ll find only one. ( You can use command like find . -name *html ). In case of Packman, you will find  –> ./1.26_0/popup.html

4. Access Pacman in browser interface

Type below in your Chrome Location bar:  chrome-extension://palgcoflnoaklkflllnmheiollkgkipm/popup.html

You can access packman in your browser i.e. You can automate them using Selenium.

On Firefox, the URL will be

chrome://pacman/content/pacman.xul

You can refer to below file to find the URL :

~/Library/Application\ Support/Firefox/Profiles/<profileName>/extensions/pacman\@oppermann.ch.xpi

However, there are some trick involved when it comes to automating it with Selenium. I’ll cover steps for doing it with Java/Python on Firefox and Chrome in next blog.

LDIF Examples : Add modify and Delete users (inetorgperson)

LDIF : Light weight Data Interchange format.

Please go through https://www.ietf.org/rfc/rfc2849.txt for reference

 

Case:  Add an entry to any LDAP Server. (Ex: InetOrgPerson)

Steps: Read the objectclass definition for the entry .

Must attributes for InetOrgPerson: CN (Common Name) and SN  (Surname)

Naming Attribute: UID / CN i.e. RDN (Relative Distinguished Name) can be CN or, UID.

Optional Attributes: Many ( Additionally all the attributes deifined in objectclasses which are used to derive InetOrgperson is available too)

 

Ex:  Adding a sample user “bob” under organization “troubleshoot:


dn: cn=bob,o=troubleshoot
changetype: add
objectclass: inetOrgPerson
cn: bob
sn: test
userpassword: sdh^@hg(^3
title: Test User
TelephoneNumber: 555 555 6666
mail: bob@troubleshoot.com

Ex: Adding additional attributes “UID” and country to entry “bob”


dn: cn=bob,o=troubleshoot
changetype: modify
add: uid
uid: bob-uid
-
add: c
c:UD

Ex: Adding one more value for mail


dn: cn=bob,o=troubleshoot
changetype: modify
add: mail
mail: newmailid@troubleshoot.com

Ex: Replacing all previous values of mail with a new one.


dn: cn=bob,o=troubleshoot
changetype: modify
replace: mail
mail: finalmail@troubleshoot.com

Ex: Delete title


dn: cn=bob,o=troubleshoot
changetype: modify
delete: title

Ex: Delete entry bob


dn: cn=bob,o=troubleshoot
changetype: delete

Let me know through comment if you need example for any of below or, you have any other question….. I’ll update the post with response asap…

Ex: Change RDN

Ex: Alias

Ex: Add to a group

Ex:

SSL V3 Poodle : Shell script to verify the server

Copy below as poodle.sh

Execute this command as below:

sh poodle.sh <site>

or,

sh poodle.sh <site>:<port>

 

#!/bin/sh
help()
{
echo
echo "Usage: "
echo "sh poodle.sh <hostname>:<port>"
echo
echo "Example"
echo "sh poodle.sh google.com:443"
echo "sh poodle.sh symantec.com:443"
exit
}

hostname=$1
if [ $# -ne 1 ]
then
help
elif [ "$hostname" == '-h' ]
then
help
fi

echo $hostname | grep ":" >/dev/null
if [ $? -ne 0 ]
then
hostname=$hostname:443
fi

echo "Sending Test request to $hostname....."

echo
echo

output=`openssl s_client -connect $hostname -ssl3 < /dev/null` 2>/dev/null

echo
echo
echo "Test Complete ....."
echo
echo
echo $output | grep "ssl handshake failure" >/dev/null
if [ $? -eq 0 ]
then

echo "Server verified : $hostname"
echo "Wow !! No POODLE issue found "

else

echo "Server checked: $hostname --> Issue exist "
echo "Please disble SSL V3 on the server"

fi


 

Testing Concept: One line definations

Role of a Test Engineer ? : Finding and reporting bugs that a customers/hackers can find (period).

Bug ?: Any deviation from expected outcome for a given action. Expected outcome is defined based on production Requirement Document (or, it’s derivatives)

Functional Testing ? : Testers will normally represent single user and exercise various functionality offered by product.

Browser compatibility ? : Part of functionality test cases that was executed on various OS/Browser combination to verify that it works on all or, major players

Performance ?: Tester tries to benchmark product for best numbers against given server configuration. One should make sure to minimize impact of external factors like network latency, other processes on server , client bottleneck etc.

Reliability? : Run some chosen test scenario for long duration (24 hrs to weeks) . This helps in detecting resource leaks.

Scalability?: Scaling different attribute of product to find their limits.

Stress? : product response under extreme load on Server ( The load could be on cpu cycle, memory due to other code running on system)

L10N?: Localization testing  : – Testing product to verify that it supports localized language.

i18n?: Internationalization testing. — Testing code for localization readiness.

Many more one liner definition to come with time…..

SSLv3 vulnerability: POODLE

POODLE :  Padding Oracle On Downgraded Legacy Encryption : – This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack.

Three Google security researchers discovered the flaw and detailed how it could be exploited through what they called a Padding Oracle On Downgraded Legacy Encryption (POODLE) attack (CVE-2014-3566).

POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3. It does not affect the newer encryption mechansim known as Transport Layer Security (TLS).

How to test this against your Server:

openssl s_client -connect <server>:443  -ssl3

If above command succeeds, it indicates that SSLV3 is enabled on your server.

Script @ https://troubleshootblog.com/2014/10/20/ssl-v3-poodle-shell-script-to-verify-the-server/

To fix this, disable sslV3 on your server.

How to fix this on Apache:

> SSLProtocol All -SSLv2 -SSLv3                   <- Removes SSLv2 and SSLv3 from Config

> service apache restart                          <- Restart server

Open LDAP – Installation and configuration

Software Download

Download OpenLDAP Source code from 

http://www.openldap.org/software/download/OpenLDAP/openldap-release/

 

Pre Work :

Set below environmental variable. The path may change based on your local system install location of berkleyDB

———————

CPPFLAGS=”-I/usr/local/berkeleyDB/include”

export CPPFLAGS

LDFLAGS=”-L/usr/local/lib -L/usr/local/berkeleyDB/lib -R/usr/loca/berkeleyDB/lib”

export LDFLAGS

LD_LIBRARY_PATH=”/usr/local/berkeleyDB/lib”

export LD_LIBRARY_PATH

———————

 

Building OpenLDAP Source code: 

Go to folder where you have extracted openLDAP

Run below commands: (if you want/need to support TLS , run with flag –with-tls )

# ./configure 

# make depend

# make

# make test (if this fails, please logout and re-login and run this command)

 

Configuring openLDAP :

 

Go to /usr/local/etc/openldap 

Update slapd.conf under title :  BDB database definitions

suffix          “dc=ACME,dc=com”

rootdn          “cn=Manager,dc=idcqa,dc=com”

rootpw          password

Note: Replace “dc=amce,dc=com” with your required DN.

You can set password as hashed value. for that use slappasswd to generate the hash.  

 

Starting the Server

Start LDAP Server using below command

/usr/local/libexec/slapd -d127 -h “ldap://:389/ ldaps://:636/”  &

This will start server in debug mode and it will listen cleartext on 389 and TLS on 636

Sample LDIFs 

Use Below LDIF to add your first entry (save it as root.ldif)

dn: dc=ACME,dc=com

dc: ACME

description: ACME  Corp.

objectClass: dcObject

objectClass: organization

o: Acme

 

Command to add the entry to OpenLDAP: 

ldapadd -a -h localhost -p 389 -D “cn=Manager,dc=idcqa,dc=com” -w password  -f root.ldif -x

# ldapadd command will get installed along with openLDAP installation

 

Create Group:

create a ldif file with following contents to add a group under dc=Acme,dc=com

dn: cn=group1,dc=acme,dc=com

objectClass: groupOfNames

cn: group1

member:

Command:   ldapadd  -h localhost -p 389 -D “cn=Manager,dc=idcqa,dc=com” -w password  -f group.ldif -x

 

Creating User 

create a ldif file with following contents:

dn: cn=u1,dc=acme,dc=com

changetype: add

objectClass: inetOrgPerson

objectClass: organizationalPerson

objectClass: person

objectClass: top

sn: u1

cn: u1

mail: u1@acme.com

userPassword: password

Continue reading

Lightweight Directory Access protocol ( LDAP ) : Basic layman style introduction

LDAP – Lightweight Directory Access Protocol

Basic:

 Think of it as a Tree… “Say Apple tree” . It has leaves , Apple etc..,

Apple has property like Cover, color, seeds etc.

Similarly, Leave has properties like It’s Green , It’s soft etc….

Let’s look closely @ Apple,

We can view Apple as “class” in java and it’s occurrence in the tree as instances of Apple Object…. –> In LDAP, it’s exactly same, Apple is ObjectClass and Instances of it on tree are called Objects or. entries.

Properties of Apple ..Color , Cover , Seeds are property that defines Apple… in LDAP , These can be viewed as attribute that defined the  Objectclass “Apple”.

Similarly you can think of other entries on Apple Tree ..i.e. Leaves , stem etc.

 Now, coming back to LDAP, LDAP is a Database which holds data like any other database, but in Hierarchically fashion and are defined by Objectclasses.

The data/objects could be user , Computer, Server, Customer and everything that needs to be represented as data.

Ex: One of the popular used object class is “user” in Active Directory.

     If you look into the schema, it is defined as an object class which must hold attributes like “CN (common Name)” and SN (surname) . It may additionally hold attribute like UID, UserPassword,photo , member (group membership) , title, Supervisor, etc.

Schema , which defines ldapSyntax, Attribute, Objectlass and extensions , are key which defines the data that is stored in an LDAP Server along with access capabilities. We’ll take deep dive into them later.

Below is Sample LDIF file to create a user in LDAP.

 ——————–

dn: cn=user1,cn=users,dc=domainname,dc=com

change type: Add

Objectclass: inetOrgperson

sn: user1

userpassword: password

uid: user1

——————-