Login to support multi-factor authentication

[tristanperper]

Describe the feature
Login to support supplying otp key.
Login method to have otp key parameter and must be able to supply the otp key during login.

Explain why this feature is needed
D365 users (in our case) will be asked always for an otp key since MFA is a security feature for Dynamics 365. The key will be coming from Microsoft Authenticator App

(instead of sms).

Additional context

[AngelRodriguez8008]

Hi @tristanperper,

I got yesterday the same Issue in a new Online Trial version.

I solve it few weeks ago:
See my comment hier .
I will try to extract this feature from my Fork & merge to the mainstream, I will come back to you.

br

[jhandel]

Our organization uses Azure MFA which doesn't seem to provide a way to get the MFA Secret (it gets handed to the Microsoft Authenticator over a one time SSL call... Anyone have a suggestion on how to get MFA to work or is this an instance were I need to have an "interesting" conversation with IT and security as to why we need a non-MFA account with near "universal" permissions to our dev CRM?

[tristanperper]

Hi @tristanperper,

I got yesterday the same Issue in a new Online Trial version.

I solve it few weeks ago:
See my comment hier .
I will try to extract this feature from my Fork & merge to the mainstream, I will come back to you.

br

will check on this one.

[tristanperper]

Hi @tristanperper,

I got yesterday the same Issue in a new Online Trial version.

I solve it few weeks ago:
See my comment hier .
I will try to extract this feature from my Fork & merge to the mainstream, I will come back to you.

br

thank you very much.. i've seen your code... i also have tried to create a local branch forked from release v9.1 and made that same solution as yours (Login with MFA) / jsakamoto solution. it also worked in my local branch.

though my questions are, 1] when will it be merged and into what release? 2] will it be available as an official package (Visual Studio -> reference -> Manage Nuget Packages) ?

[jhandel]

I also tried the fix, I got it merged in fine, but ( at least for me) there is no way to get the MFA secret with how our Azure AD and MFA is configured.

[AngelRodriguez8008]

Hi @tristanperper,

I'm glad to ear that it is working for you. I create a branch & I want to merge it to develop. But I found at least an Issue with the UCIPerformanceMode and I want to tests it before I create a pull request. See #731. I hope it will be official soon.

Thanks & br

[AngelRodriguez8008]

Hi @jhandel,

I also tried the fix, I got it merged in fine, but ( at least for me) there is no way to get the MFA secret with how our Azure AD and MFA is configured.

Try to navigate

1. From your Profile to Additional security verification
2. Click button "Set up Authenticator app"
   
3. Click link "Configure app without notifications"
4. Get the in table bellow the "Secret Key" & remove the spaces.
5. Add it to app.config or Variable in Build Pipeline ... whatever your configuration look like.

<add key="MfaSecrectKey" value=""/>

Related to: wiki: Azure-DevOps-Test-Execution
That work for me.

br

[jhandel]

@AngelRodriguez8008 our IT had moved us to the "preview" version of the MFA UI.. Once we rolled it back to the current UI (like your screen shot) I was able to find it.

Thanks

[tristanperper]

Hi @tristanperper,

I'm glad to ear that it is working for you. I create a branch & I want to merge it to develop. But I found at least an Issue with the UCIPerformanceMode and I want to tests it before I create a pull request. See #731. I hope it will be official soon.

Thanks & br
Hi @AngelRodriguez8008

Is this somehow related to UCIPerformanceMode being missing? I encountered that in my local... what I do is remove then replace the UIAutomation.Browser binary (dll coming from EasyRepro release v9.1) reference in my solution ...

[AngelRodriguez8008]

Hi @tristanperper,

Thanks for the Info. After merge with #734 the Issue with the UCIPerformanceMode was solved. Maybe was required just Clean & Rebuild of the Solution. I create the Pull Request #735 for this branch.

br

[tristanperper]

Hi @AngelRodriguez8008 ,

Will check on this pull request and skim-thru those changes. Will monitor this pull request until it closed. Thank you very much!! :)

[tristanperper]

Hi @AngelRodriguez8008 ,

I already have the new Dynamics365.UI.Automation.Api referenced in our automation solution/project.
The version is v9.1.0.12.013 as referenced thru NuGet Package Manager. It carries the feature Login With MFA.

But upon using or testing the new login (it does convert the mfa/otp), there is an error upon page redirection. Please see attached screenshot.

This kind of error does not occur in previous login implementation (wherein i would just manually supply the otp on the page).

I have also check/test the login manually the system-under-test seems to work fine.

[AngelRodriguez8008]

Hi @tristanperper,

In which point of the execution are you getting this error? How your "app.config" look like? Which format has your mfa-secrect-key? Did you see the OTC dialog? How look your tests results like, there is some errors printed? Are you getting redirected like in #770? Url? Browser?

I will appreciate more information about this error. You can also open an Issue for that.

Thanks & br

[tristanperper]

Hi @tristanperper,

In which point of the execution are you getting this error? How your "app.config" look like? Which format has your mfa-secrect-key? Did you see the OTC dialog? How look your tests results like, there is some errors printed? Are you getting redirected like in #770? Url? Browser?

I will appreciate more information about this error. You can also open an Issue for that.

Thanks & br

Hi @AngelRodriguez8008 ,

1. The error is happening after the login.
2. My app.config looks something like this

> <configuration>
>   <runtime>
>     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
>       <dependentAssembly>
>         <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
>         <bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
>       </dependentAssembly>
>       <dependentAssembly>
>         <assemblyIdentity name="Otp.NET" publicKeyToken="38a48df817e173a6" culture="neutral" />
>         <bindingRedirect oldVersion="0.0.0.0-1.2.2.0" newVersion="1.2.2.0" />
>       </dependentAssembly>
>     </assemblyBinding>
>   </runtime>
>   <appSettings>
>     <add key="OnlineUsername" value="" />
>     <add key="OnlinePassword" value="" />
>     <add key="OnlineCrmUrl" value="https://somesitefordynamics.com/" />
>     <add key="OTP" value="" />
> 

3. add key="OTP" value="" ----> this parameter carries the mfa-secret key

4. Yes I see the OTC dialog and otp has been successfuly converted and submitted.

5. There is a server application error (please refer to the attached screenshot from my previous comment)

6. I was redirected in this URL https://somesitefordynamics/&flags=easyreproautomation=true,testmode=true&perf=true

7. The browser I used is Firefox 73.0.1 (64-bit)

I also tried the solution in 44f8cd9?diff=split

driver.WaitForPageToLoad();
But unfortunately, same server application error is displayed.

I tried putting the following line in method InitializeModes:
Thread.Sleep(10000);
driver.WaitForPageToLoad();
Page redirection seems to working fine now.
Regards,

Created issue/bug in this link #778

Tristan Perper

[haidykhaled]

@tristanperper did you find any solution for logging with authentication?

[DotaABhash]

@AngelRodriguez8008 I was trying to bypass MFA in one of my CRM application using the secret key, I did everything right the steps ask to, but it seems to be stuck on the OTP screen can you please help me out ....

[Shakevg]

DotaABhash Please create separate issue, I will post workaround