Azure AD B2C flows break when running in cypress

[mattiasclaesson]

Current behavior

Have not been able to pinpoint why there are issues running Azure B2C flows in cypress. For some flows it just fails, one theory would be that there is a issue with cookies.

HAR file of from within cypress: chrome_cypress_not_working_lynkcoprod.b2clogin.com.txt

Desired behavior

The flows should work when running them thru cypress. Har file of a working run in chrome: chrome_working_lynkcodevelop.b2clogin.com.txt

Test code to reproduce

/// <reference types="Cypress" />

const email = 'test@gmail.com'

describe('iam signin only password', () => {

  it('Initiate forgot password', { defaultCommandTimeout: 30000 }, () => {
    cy.visit('https://lynkcodevelop.b2clogin.com/lynkcodevelop.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_SIGNIN_ONLY&client_id=5bc3ee8d-cc20-444c-ab7e-ac3ac29d1d27&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid&response_type=id_token&prompt=login')
    cy.get('#forgotPassword').click()
    cy.get('#email').type(email)
    cy.get('#continue').click()
    cy.get('#verificationCodeSentTo').contains(email)
  })

})

Cypress Version

12.17.3

Node version

v14.18.1

Operating System

windows 10

Debug Logs

No response

Other

No response

[mattiasclaesson]

debug log debug_log_chrome_cypress_not_working_lynkcoprod.b2clogin.txt

[nagash77]

Have you looked into the cert errors being shown in the logs around downloading your fonts?

[mattiasclaesson]

Have you looked into the cert errors being shown in the logs around downloading your fonts?

I see no errors for the fonts. I do see that cypress cannot verify just about any certificate presented to it. I assumen you mean this type of error? 2023-08-10T14:37:48.919Z cypress:launcher:browsers chrome stderr: [9584:31504:0810/163748.918:ERROR:cert_verify_proc_builtin.cc(702)] CertVerifyProcBuiltin for lynkcodevelop.b2clogin.com failed: ----- Certificate i=0 (OU=Cypress Proxy Server Certificate,O=Cypress Proxy CA,L=Internet,ST=Internet,C=Internet,CN=lynkcodevelop.b2clogin.com) ----- ERROR: No matching issuer found

That one is a perfectly valid microsoft certificate.

[distancerunner]

My cypress crashes totally the browser.

I have a webiste hosted on azure and we use B2C login.

When I use different URLs for the angular app and the B2C login (my DEV environment), the login flow works with version 12 of cypress.

When I use the same url for the app and for B2C, the application crashes.

My Azure server uses front door from MS to keep the URL consistent for my ACC environment.

I need to use the "close" button in the Cypress GUI to hard close the chrome/edge/firefox test browser, after a crash occured.

Chrome dev tools: Application -> storage It looks like, the domain name is the same (App and B2C) but the local and session storage is not persistent from the App to the B2C page. The B2C storage is empty, the App storage was filled with some stuff. The B2C instance tries to load unified.html, but this file looks like it is broken: only 3,5kb is loaded, instead of 12kb. Than it also tries to load the js files, but during loading the chrome and the testing window crashes unusable.

This was working in an older version of cypress (v10) but in v12 and v13, it not longer makes this redirect without problems.

[distancerunner]

Here is an example of my login attempt for debugging:

describe('Call Page and click login', () => {
  beforeEach('login and load welcome page', () => {
    cy.visit('https://kundenportal.stromnetz.berlin');
    cy.wait(3000)
    cy.get('div.login-btn')
      .should('be.visible')
      .click()
  });  
});

│ Cypress: 13.6.2 │ │ Browser: Chrome 120 (headless) │ │ Node Version: v16.18.1 (/home/###/.nvm/versions/node/v16.18.1/bin/node)

[cypress-app-bot]

This issue has not had any activity in 180 days. Cypress evolves quickly and the reported behavior should be tested on the latest version of Cypress to verify the behavior is still occurring. It will be closed in 14 days if no updates are provided.