From 211e6f4724191dc25ce95a57e9e01e8e0220b71b Mon Sep 17 00:00:00 2001 From: Vignesh Shanmugam Date: Wed, 27 Nov 2024 13:45:01 -0800 Subject: [PATCH] [Synthetics]: fix MFA totp method for browser monitors (#4581) (cherry picked from commit 083cf27f8f7042cee5b6377c9990151e1cc8c649) # Conflicts: # docs/en/serverless/synthetics/synthetics-mfa.asciidoc --- docs/en/observability/synthetics-mfa.asciidoc | 6 +- .../synthetics/synthetics-mfa.asciidoc | 66 +++++++++++++++++++ 2 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 docs/en/serverless/synthetics/synthetics-mfa.asciidoc diff --git a/docs/en/observability/synthetics-mfa.asciidoc b/docs/en/observability/synthetics-mfa.asciidoc index 476c3ce04a..d49fe6fb63 100644 --- a/docs/en/observability/synthetics-mfa.asciidoc +++ b/docs/en/observability/synthetics-mfa.asciidoc @@ -41,7 +41,7 @@ import { journey, step, mfa} from '@elastic/synthetics'; journey('MFA Test', ({ page, params }) => { step('Login using TOTP token', async () => { // login using username and pass and go to 2FA in next page - const token = mfa.token(params.MFA_GH_SECRET); + const token = mfa.totp(params.MFA_SECRET); await page.getByPlaceholder("token-input").fill(token) }); }); @@ -51,12 +51,12 @@ For monitors created in the Synthetics UI using the Script editor, the `mfa` obj ```ts step('Login using 2FA', async () => { - const token = mfa.token(params.MFA_GH_SECRET); + const token = mfa.totp(params.MFA_SECRET); await page.getByPlaceholder("token-input").fill(token) }); ``` [NOTE] ==== -`params.MFA_GH_SECRET` would be the encoded secret that was used for registering the Synthetics Authentication in your web application. +`params.MFA_SECRET` would be the encoded secret that was used for registering the Synthetics Authentication in your web application. ==== \ No newline at end of file diff --git a/docs/en/serverless/synthetics/synthetics-mfa.asciidoc b/docs/en/serverless/synthetics/synthetics-mfa.asciidoc new file mode 100644 index 0000000000..7565b7d5e4 --- /dev/null +++ b/docs/en/serverless/synthetics/synthetics-mfa.asciidoc @@ -0,0 +1,66 @@ +[[observability-synthetics-mfa]] += Multi-factor Authentication (MFA) for browser monitors + +++++ +Multifactor Authentication for browser monitors +++++ + +Multi-factor Authentication (MFA) adds an essential layer of security to +applications login processes, protecting against unauthorized access. A very +common use case in Synthetics is testing user journeys involving websites +protected by MFA. + +Synthetics supports testing websites secured by Time-based One-Time Password +(TOTP), a common MFA method that provides short-lived one-time tokens to +enhance security. + +[discrete] +[[observability-synthetics-mfa-configuring-totp-for-mfa]] +== Configuring TOTP for MFA + +To test a browser journey that uses TOTP for MFA, first configure the +Synthetics authenticator token in the target application. To do this, generate a One-Time +Password (OTP) using the Synthetics CLI; refer to <`>>. + +[source,sh] +---- +npx @elastic/synthetics totp + +// prints +OTP Token: 123456 +---- + +[discrete] +[[observability-synthetics-mfa-applying-the-totp-token-in-browser-journeys]] +== Applying the TOTP Token in Browser Journeys + +Once the Synthetics TOTP Authentication is configured in your application, you can now use the OTP token in the synthetics browser +journeys using the `mfa` object imported from `@elastic/synthetics`. + +[source,ts] +---- +import { journey, step, mfa } from "@elastic/synthetics"; + +journey("MFA Test", ({ page, params }) => { + step("Login using TOTP token", async () => { + // login using username and pass and go to 2FA in next page + const token = mfa.totp(params.MFA_SECRET); + await page.getByPlaceholder("token-input").fill(token); + }); +}); +---- + +For monitors created in the Synthetics UI using the Script editor, the `mfa` object can be accessed as shown below: + +[source,ts] +---- +step("Login using 2FA", async () => { + const token = mfa.totp(params.MFA_SECRET); + await page.getByPlaceholder("token-input").fill(token); +}); +---- + +[NOTE] +==== +`params.MFA_SECRET` would be the encoded secret that was used for registering the Synthetics Authentication in your web application. +====