From fce2f3f392f5cd806e6b4ea04699e5f169680d46 Mon Sep 17 00:00:00 2001
From: Marco Malavolti <marco.malavolti@gmail.com>
Date: Wed, 10 Nov 2021 17:53:26 +0100
Subject: [PATCH] Fixed issue #11

---
 eccs_properties.py.template | 6 ++++--
 utils.py                    | 8 +++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/eccs_properties.py.template b/eccs_properties.py.template
index db83765..69de830 100644
--- a/eccs_properties.py.template
+++ b/eccs_properties.py.template
@@ -51,8 +51,10 @@ ROBOTS_USER_AGENT = "ECCS/2.0 (+https://technical.edugain.org/eccs)"
 JAVASCRIPT = '"x-my-okta-version"'
 IDPERROR = "error\s(has\s)?occur(r)?ed|Error\swhen\sprocessing\s(the\s)?authentication\srequest|The\s(server|system)\sencountered\san\s(internal\s)?error|Internal\sServer\sError|403\sForbidden|Service\sUnavailable|InvalidProfileConfiguration|Unexpected\sSystem\sError|404\s(.\s)?not\sfound|OpenAthens:\s404|On\stapahtunut\svirhe|Unhandled\sexception|Bad\sGateway|Page\sNot\sFound|Δεν\sεπιτρέπεται\sη\sπρόσβαση|tempora(ry|rily)\s(unavailable|error)+|License\serror|n'est\spas\sgérée|Invalid\sRequest|Erreur\s!|Please\sreport\sthis\serror\sto|该网站无法访问|proxy\serror|There\sis\sa\sproblem\swith\syour\saccount"
 METADATAPATTERN = "Unable\sto\slocate(\sissuer\sin|)\smetadata(\sfor|)|no\smetadata\sfound|profile\sis\snot\sconfigured\sfor\srelying\sparty|Cannot\slocate\sentity|fail\sto\sload\sunknown\sprovider|does\snot\srecognise\sthe\sservice|unable\sto\sload\sprovider|Nous\sn'avons\spas\spu\s(charg|charger)\sle\sfournisseur\sde\sservice|Metadata\snot\sfound|application\s(you\shave\saccessed\s)?is\snot\sregistered\s(for\suse\sthis\sservice)?|Message\sdid\snot\smeet\ssecurity\srequirements|unsupported\s[Rr]equest|METADATANOTFOUND|Unknown\slogin\srequester|is\sunspecified\sor\sunsupported|Unknown\sservice\sprovider|Richiesta\snon\ssupportata|Metadati\snon\strovati|untrusted\sprovider|Unregistered\sService|UNHANDLEDEXCEPTION|Metadata.*.expired|Could\snot\sfind\sany.*.metadata.*.for|不支持的请求|l'application\sn'est\spas\senregistrée|Requisição\snão\ssuportada|トされていないリクエスト|is\snot\sallowed|Authorization\sFailure|Pedido\snão\ssuportado|Nicht\sunterstützte\sAnfrage|Service\sNot\sAuthorized\sfor\sSingle\sSign-On|Your\sbrowser\ssent\sa\srequest\sthat\sthis\sserver\scould\snot\sunderstand|Application\sNot\sAuthorized\sTo\sUse\sCAS"
-PASSWORDPATTERN = '<input[\s]+[^>]*(type=\s*[\'"]password[\'"]|password)[^>]*>'
-USERNAMEPATTERN = '<input[\s]+[^>]*((type=\s*[\'"](text|email)[\'"]|user)|(name=\s*[\'"](name)[\'"]))[^>]*>'
+XPATH_CHECK_PATTERN = '//input[@type="password"]|//input[@type="Password"]|//input[@type="text"]|//input[@type="email"]|//input[@type="user"]|//input[@name="name"]|//form[@action="/idp/module.php/multiauth/selectsource.php"]'
+#PASSWORDPATTERN = '<input[\s]+[^>]*(type=\s*[\'"]password[\'"]|password)[^>]*>'
+#USERNAMEPATTERN = '<input[\s]+[^>]*((type=\s*[\'"](text|email)[\'"]|user)|(name=\s*[\'"](name)[\'"]))[^>]*>'
+#REFUSEDPATTERN = '(^http)(.*\.png$)|(.*\.css$)|(.*\.js$)|(.*\.gif$)|(.*\.svg$)|(.*\.jpg$)'
 
 # { 'reg_auth':'reason' }
 FEDS_DISABLED_DICT = {
diff --git a/utils.py b/utils.py
index a7e9dd0..6671c55 100644
--- a/utils.py
+++ b/utils.py
@@ -307,9 +307,8 @@ def check_idp_response_selenium(sp,idp,test):
        if (load_js):
           driver.refresh()
 
-       input_xpath = '//input[@type="password"]|//input[@type="Password"]|//input[@type="text"]|//input[@type="email"]|//input[@type="user"]|//input[@name="name"]'
        WebDriverWait(driver, e_p.ECCS_SELENIUMPAGELOADTIMEOUT).until(
-          EC.presence_of_element_located((By.XPATH,input_xpath))
+          EC.presence_of_element_located((By.XPATH,e_p.XPATH_CHECK_PATTERN))
        )
 
        if (test): pgsrc = f"\n[WAYFLESS_URL]\n{wayfless_url} - OK"
@@ -323,8 +322,7 @@ def check_idp_response_selenium(sp,idp,test):
        metadata_not_found = re.search(e_p.METADATAPATTERN,driver.page_source, re.IGNORECASE)
 
        try:
-          input_xpath = '//input[@type="password"]|//input[@type="Password"]|//input[@type="text"]|//input[@type="email"]|//input[@type="user"]|//input[@name="name"]'
-          input_password_found = driver.find_element(By.XPATH, input_xpath)
+          input_xpath_found = driver.find_element(By.XPATH, e_p.XPATH_CHECK_PATTERN)
 
        except NoSuchElementException as e:
           # This IF is for those IdP that doesn't consuming the eduGAIN metadata and reaching Timeout
@@ -374,7 +372,7 @@ def check_idp_response_selenium(sp,idp,test):
           if (stored):
              return (idp['entityID'],wayfless_url,check_time,"Timeout",webdriver_error)
 
-       # <input type="password"> found
+       # input_xpath has been found
        # This IF is for those IdPs that Timeout is caused by an image or other that do not prevent the Login process.
        if (test): pgsrc = f"\n[PAGE_SOURCE]\n{driver.page_source} - Timeout but OK"
        else: pgsrc = driver.page_source
-- 
GitLab