Cypress does not log in by cy.setCookie() in AzureDevOps project
I am trying to run automation tests with cypress in a project set up by interns at the company I myself is now an intern at. The website uses OAuth 2.0 and AAD for the login process and there is currently no API POST endpoint for the login. When I try to reach the login page I get caught in an infinite redirection loop that ends in error 414, so to avoid this I am trying to set the cookie with the JWT token that the login process creates before getting to the website. This is my code
describe('Mock authentication so I can test the website', () => {
beforeEach(() =>{
cy.clearCookies();
})
it('Visits BoostApps dev site', () => {
cy.viewport(1200,1800)
cy.setCookie('access_token', 'Token is placed here', {
domain: 'url to website',
path: '/',
secure: false,
httpOnly: false,
});
cy.debug().getCookie('access_token')
cy.visit('url to website', {
failOnStatusCode: false,
});
cy.contains('Competitions').click() //Competitions are only available for logged in users
});
});
When running this with a newly generated token from Postman I get the following error
! CypressError
cy.setCookie() had an unexpected error setting the requested cookie in Chrome.
> Error: Sanitizing cookie failed
I have set chromeWebSecurity: false in my config file
Tried solution 1
I have tried using different browsers with third party cookies allowed
same results
Tried solution 2
I have tried using c.origin() in different ways
same results
I have also tried a huge number of other small solutions in code differences supplied to me by Chatgpt. I am fairly new to testing and very new to cypress. My coding knowledge is fairly low so I am wondering if anyone else have encountered this issue or if there is a good way to go through with the authorization without using the login ui.
It will be some bad formatting in the token.
Take a look at these tests:
Well formed token
it('sets a well-formed token in a cookie', () => {
const token = '123'
cy.setCookie('test', token)
})
Malformed token
it('sets a badly-formed token in a cookie', () => {
// multi-line token string
const token = `
123`
cy.setCookie('test', token)
})
This throws the same error you have:
- KeyCloak Java Service Account Create User
- Get Google business reviews server side
- SpringBoot OAuth2 with Keycloak not returning mapped Roles as Authorities
- Aws Cognito Oauth2: Refresh token rotation
- What is the purpose of the "access_token=" parameter when downloading a file from Google Drive?
- java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer
- How do I implement social login with GitHub accounts?
- portainer keycloak 20 oauth login "unauthorized" / "Unable to login via OAuth"
- Google Oauth2 redirect_uri_mismatch when send request from localhost
- Google OAuth 2 authorization - Error: redirect_uri_mismatch
- Use Entra ID as Identity Provider for Client Credentials flow
- Should access tokens be refreshed automatically or manually?
- OIDC login flow breaks in react strict mode for react-admin v5
- M2M Client Credential Flow between NetSuite and Synapse
- LWA : Not able to exchange Authorization Code for AccessToken : invalid_grant
- How to authenticate resource owner with JWT when sending request to /oauth2/authorize?
- SSO in a .NET Core web app, authenticating MS Entra users using OIDC/OAuth
- Help on Facebook Graph API, returns "false" but UID is public
- Microsoft OAuth2 Authentication Not Returning Refresh Token
- How do refresh tokens work in an OAuth flow?
- MSAL.NET OBO refresh token problems
- UPS OAUTH authorize API integration getting timeout
- SpringBoot + AWS cognito, can't resolve issuerUri
- Call Google Cloud Functions from App Scripts
- MailKit OAuth2 SMTP Office365 Send Mail
- Keycloak-Remix integration: where should I place the checks?
- Oauth2 Bff unable to connect with keycloak using reverse proxy
- AttributeError: 'Graph' object has no attribute 'get_user_token'
- Gmail API scopes - send email with https://www.googleapis.com/auth/gmail.addons.current.action.compose
- Using PHPMailer when already have an access token