Open masakudamatsu opened 3 years ago
Not entirely clear how we should add cypress-nextjs-auth0
to other plugins in cypress/plugins/index.js
...
Reference:
For creating a test user on Auth0 Dashboard
Enable the password grant
Advanced Settings
Grant Types
tabPassword
SAVE CHANGES
This way, the log in to Auth0 without redirecting will be enabled.Set Username-Password-Authentication
as the value of Default Directory
API Authentication Settings
Default Directory
(the name of the connection to be used for Password Grant exchanges)Username-Password-Authentication
(the default database connections that Auth0 adds to all new tenants)Create a test user
Create user
To add Auth0 credentials, we use cypress.env.json
which is git-ignored in the root directory.
The auth0CookieSecret
is a random string of our choice.
Leave auth0Scope
and auth0SessionCookieName
as it is.
We set the port to host Cypress as 3001.
cypress.json
(reference: https://docs.cypress.io/guides/references/configuration#Global)We got the following error:
cy.request('/api/auth/me')
:cy.request() failed on:
http://localhost:3000/api/auth/me
The response we received from your web server was:
> 401: Unauthorized
with the HTTP response saying "The user does not have an active session or is not authenticated"
cy.url('/')
:TestingLibraryElementError: Timed out retrying after 4000ms: Unable to find an element with the text: test-user@my-ideal-map-app.com. This could be because the text is broken up by multiple elements. In this case, you can provide a function for your text matcher to make your matcher more flexible.
Chrome DevTools for Cypress show these error messages:
did_compat
| my-ideal-map-app.jp.auth0.com/
Forking the cypress-nextjs-auth0
repo and using my own Auth0 credentials returns the same error.
"chromeWebSecurity": false
to cypress.json
.But the SameSite cookie attribute warning doesn't show up in DevTools...
DevTools reveals the following.
When the request to /oauth/token
is made, the response includes two cookies did
and did_compat
. The latter hasn't specified its SameSite
attribute, which means its value is lax
by default with Chrome (source).
DevTools says that the cookie "was blocked because it came from a cross-site response... The Set-Cookie had to have been set with SameSite=None to enable cross-site usage."
E2E tests with Cypress won't work by default with Auth0.
With Next.js,
cypress-nextjs-auth0
provides a solution.Reference: https://github.com/sir-dunxalot/cypress-nextjs-auth0