npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@abapify/adt-puppeteer

v0.3.6

Published

Puppeteer-based authentication for SAP ADT (SSO/IDP)

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

theplenkov-npmtheplenkov-npm

Keywords

Readme

@abapify/adt-puppeteer

version

Puppeteer-based SSO authentication plugin for SAP ADT systems. Alternative to Playwright for environments where Puppeteer is preferred.

Features

  • 🔐 SSO/IDP Support - Works with Okta, Azure AD, and other identity providers
  • 💾 Session Persistence - Reuse Okta tokens across runs
  • 🎭 Puppeteer-powered - Mature, well-tested browser automation
  • Fast - Skip login when session is still valid
  • 🔄 AuthManager Integration - Works seamlessly with ADT CLI

Installation

npm install @abapify/adt-puppeteer puppeteer

Quick Start

// adt.config.ts
import { defineConfig } from '@abapify/adt-config';
import { withPuppeteer } from '@abapify/adt-puppeteer';

export default withPuppeteer(
  defineConfig({
    destinations: {
      DEV: 'https://sap-dev.example.com',
      PROD: 'https://sap-prod.example.com',
    },
  }),
  {
    userDataDir: true, // Enable session persistence
    headless: false, // Show browser window for SSO
    requiredCookies: ['SAP_SESSIONID_*', 'sap-usercontext'],
  },
);

Direct API Usage

import { puppeteerAuth, toCookieHeader } from '@abapify/adt-puppeteer';

// Authenticate - opens browser for SSO login
const credentials = await puppeteerAuth.authenticate({
  url: 'https://sap-system.example.com',
  userDataDir: true,
  headless: false,
  requiredCookies: ['SAP_SESSIONID_*', 'sap-usercontext'],
});

// Convert to Cookie header for HTTP requests
const cookieHeader = toCookieHeader(credentials);

// Test if session is still valid
const result = await puppeteerAuth.test(credentials);
console.log(result.valid); // true/false

How It Works

┌─────────────────────────────────────────────────────────────────┐
│                    Authentication Flow                          │
├─────────────────────────────────────────────────────────────────┤
│                                                                 │
│  1. Launch Browser ──► 2. Navigate to SAP ──► 3. SSO Redirect  │
│         │                                           │           │
│         ▼                                           ▼           │
│  [Persistent Profile]                    [User completes login] │
│         │                                           │           │
│         ▼                                           ▼           │
│  4. Check Session ◄─────────────────────── 5. Capture Cookies  │
│         │                                           │           │
│         ▼                                           ▼           │
│  [Valid? Skip login]                      [Return credentials]  │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘
  1. Launch Browser - Opens Chrome with optional persistent profile
  2. Navigate to SAP - Goes to ADT discovery endpoint
  3. SSO Redirect - Browser redirects to Okta/IDP
  4. User Login - User completes 2FA/SSO in browser
  5. Capture Cookies - Waits for required cookies, extracts session

Options

interface PuppeteerAuthOptions {
  /** SAP system URL (required) */
  url: string;

  /** Hide browser window (default: false) */
  headless?: boolean;

  /** Login timeout in ms (default: 300000 = 5 minutes) */
  timeout?: number;

  /** Custom user agent */
  userAgent?: string;

  /**
   * Cookie patterns to wait for before completing auth.
   * Supports wildcards: 'SAP_SESSIONID_*'
   * @example ['SAP_SESSIONID_*', 'sap-usercontext']
   */
  requiredCookies?: string[];

  /**
   * Session persistence directory.
   * - true: Use default (~/.adt/browser-profile)
   * - string: Custom path
   * - false/undefined: No persistence
   */
  userDataDir?: string | boolean;

  /** Ignore HTTPS errors (default: true) */
  ignoreHTTPSErrors?: boolean;
}

## Session Persistence

By default, Puppeteer starts a fresh browser session each time. Enable `userDataDir` to persist browser state (cookies, localStorage, cache) across runs - perfect for long-lived Okta/IDP tokens!

### Benefits
- **Skip repeated logins**: Okta tokens persist across runs
- **Faster authentication**: Only refresh SAP cookies when needed
- **Better UX**: Same experience as using a regular browser

### Plugin-Level Configuration (Recommended)

Configure once, applies to all destinations:

```typescript
import { withPuppeteer } from '@abapify/adt-puppeteer';

export default withPuppeteer(
  defineConfig({
    destinations: {
      DEV: 'https://sap-dev.example.com',
      PROD: 'https://sap-prod.example.com',
    },
  }),
  {
    userDataDir: true,  // ALL destinations share the same profile
  }
);

Per-Destination Configuration

Only use if you need different profiles per destination:

import { puppeteer } from '@abapify/adt-puppeteer';

export default defineConfig({
  destinations: {
    DEV: puppeteer({
      url: 'https://sap-dev.example.com',
      userDataDir: '/path/to/dev-profile', // Custom profile for DEV
    }),
    PROD: puppeteer({
      url: 'https://sap-prod.example.com',
      // No userDataDir = fresh session every time
    }),
  },
});

Options

  • userDataDir: true - Use default directory (~/.adt/puppeteer-profile)
  • userDataDir: '/custom/path' - Custom directory path
  • userDataDir: false or omitted - No persistence (default)

How It Works

  1. First run: Opens browser, user logs in via Okta → profile saved
  2. Subsequent runs: Loads existing profile → checks if session valid
    • Valid: Skips login, extracts cookies
    • Expired: Prompts for re-login (only SAP cookies need refresh)

Silent Session Refresh

When SAP cookies expire but Okta session is still valid, use adt auth refresh:

# Refresh expired SAP session using stored Okta cookies
npx adt auth refresh

# Or specify a system
npx adt auth refresh --sid S0D

How it works:

  1. Launches headless browser with persistent profile (no window popup!)
  2. Navigates to SAP system
  3. Okta auto-authenticates from stored session
  4. Extracts fresh SAP cookies
  5. Updates ~/.adt/auth.json

Benefits:

  • Fast - No manual login, typically <30 seconds
  • 🤫 Silent - Runs in background, no browser window
  • 🔄 Automatic - ADT CLI can auto-refresh when detecting expired sessions

Note: Refresh only works when userDataDir is enabled. Without it, you'll need to run adt auth login again.

Clearing Sessions

If authentication fails or you need a fresh start:

# Remove default profile
rm -rf ~/.adt/browser-profile

# Or remove custom profile
rm -rf /path/to/custom/profile

Configuration Patterns

Pattern 1: All destinations use Puppeteer (Recommended)

// adt.config.ts
import { defineConfig } from '@abapify/adt-config';
import { withPuppeteer } from '@abapify/adt-puppeteer';

export default withPuppeteer(
  defineConfig({
    destinations: {
      DEV: 'https://sap-dev.example.com',
      QAS: 'https://sap-qas.example.com',
      PROD: 'https://sap-prod.example.com',
    },
  }),
  {
    // Plugin options applied to ALL destinations
    userDataDir: true, // Session persistence
    headless: false, // Show browser
    timeout: 120000, // 2 min timeout
    requiredCookies: ['MYSAPSSO2', 'SAP_SESSIONID_*'],
  },
);

Pattern 2: Mixed auth types

import { defineConfig } from '@abapify/adt-config';
import { basic } from '@abapify/adt-client';
import { puppeteer } from '@abapify/adt-puppeteer';

export default defineConfig({
  destinations: {
    // Basic auth for dev
    DEV: basic({ url: 'https://dev.example.com', client: '100' }),

    // Puppeteer for production (SSO)
    PROD: puppeteer({ url: 'https://prod.example.com' }),
  },
});

Pattern 3: Per-destination Puppeteer options

import { puppeteer } from '@abapify/adt-puppeteer';

export default defineConfig({
  destinations: {
    DEV: puppeteer({
      url: 'https://sap-dev.example.com',
      timeout: 60000, // Custom timeout for DEV
    }),

    PROD: puppeteer({
      url: 'https://sap-prod.example.com',
      requiredCookies: ['MYSAPSSO2', 'SAP_SESSIONID_*'],
    }),
  },
});

Architecture

This package is a thin wrapper around @abapify/browser-auth:

@abapify/browser-auth (core logic)
├── Event-driven auth flow
├── Cookie utilities
└── Pattern matching
    ↑
@abapify/adt-puppeteer (this package)
├── adapter.ts       - Puppeteer BrowserAdapter implementation
├── puppeteer-auth.ts - Wrapper around browser-auth
├── auth-plugin.ts   - AuthManager compatibility
└── index.ts         - Public exports

Exports

// Main auth object
export { puppeteerAuth, puppeteer } from '@abapify/adt-puppeteer';

// Config helper
export { withPuppeteer } from '@abapify/adt-puppeteer';

// Utilities
export { toCookieHeader, toHeaders } from '@abapify/adt-puppeteer';

// AuthManager plugin (default export)
import authPlugin from '@abapify/adt-puppeteer';

// Types
export type {
  PuppeteerCredentials,
  PuppeteerAuthOptions,
  PuppeteerPluginOptions,
  CookieData,
} from '@abapify/adt-puppeteer';

Playwright vs Puppeteer

| Feature | Playwright | Puppeteer | | ------------------- | -------------------------- | ------------------------ | | Browser Support | Chromium, Firefox, WebKit | Chrome/Chromium | | Maintenance | Microsoft-backed | Google-backed | | API Style | Modern, auto-waiting | Classic, manual waits | | Bundle Size | Larger | Smaller | | Recommendation | Preferred for new projects | Legacy/existing projects |

Both packages share the same core logic via @abapify/browser-auth.

Related Packages