For web application, when using roobt framework to test, how to do parallel testing when google authenticator is required for login to application.
How will parallel testing work here…
Hi @nanthuqa and welcome to the most awesome software testing community around.
Do please explain a bit more about how exactly you are using robot, and why robot. And then why you think that the authenticator needs to be part of your test flow and why you want to have parallel execution here and not just extend the F/W to do the task synchronously anyway.
2 Likes
I am testing a web application using Robot framework with selenium/python.
In our app, we use google authenticator as two factor authentication to login.
So now for test automation, we are using pyotp lib to get otp and passing it on the field to login.
however if we try to run the tests parallel, we couldn’t generate different otp simultaneously for every test cases running in parallel.
Because google otp once generated cannot be used twice… Only once it is valid
Then how to enter simultaneously in every test cases
How to tackle this road block?? Or while parallel testing cant we use google authentication??
2 Likes
Aaah so your robot test is only requesting one OTP code, and then passing that code to all of the spawned tests, I did not know that robot could parallel natively, I last used it about 10 years ago admittedly. But to me, looks like the problem is that your implementation of the OTP code retrieve needs to merely run as a step in each test, or hmmmmmm
Or run in another process maybe so that it will generate a fresh code, although I think you need to change the implementation so that your test… oh that won’t work. Doh.
I think the trouble I have understanding is why you want to test simultaneous logins, when what you are hitting into as a problem is the 2FA, not your product code, so you want a integration hook or flag that bypasses the 2FA, since the 2FA is really preventing you from load-testing is it? Hope I am being a “good duck”.
1 Like
Actually we are trying to run tests in parallel to save daily execution time.Nothing more to that.
And we are retrieving the 2FA code as a step in eac h test however code retrieved is same for every test running in parallel which is causing the problem now.
Google auth generate only one code for every minute and that cannot be used more than once to login.
I want to know is there any way to get fresh code from 2FA??
Like you mentioned may be i should try to by pass that 2FA. Thanks for hearing me out.
Ah yes, that’s because it’s supposed to be per account/device, not per browser instance most likely is what you are hitting?
You will have to scale up on the devices/generators, if you are running multiple browsers on one computer/host, that’s probably not an option… and in reality I’m a bit confused as to why you don’t just disable 2FA in all of your tests and test auth separately in one suite - it will speed up testing a lot and reduce the cost to deal with issues. (That’s why it’s for me an anti-pattern to test a 3rd party integration multiple times in your test suite, you loose time and effort covering someone else’s code. It allows you to focus more on other priorities like your own team’s code, not google code.)
But if you really have to, then you really have to run each test in a separate sandbox/guest runspace or VM. Nothing is free. Alternately switch to testing using a different device-auth method that does not have this limitation? I assume you support other kinds of authentication, and can thus separate concerns and be more flexible by putting security in one suite and bypass it or go cheap on security for all other test suites so they can focus on functionality and speed or scale. When a test fails, it has to fail for one reason only to be truly valuable so tests that all cover the same ground create workaround waste that can grow over time. I hope at the end of it that you take this as advice only, not as someone trying to tell you you are wrong to want to use the authenticator in all tests Nanthu 
.
Not at all. I very much appreciate your help.
Like you mentioned, may be i will go with different auth type or altogether try to disable 2FA for parallel test suite to bypass this limitation. Thank you for your time.
1 Like