如何使用 Cypress 登录 cognito Google Oauth?
[英]How to log in to cognito Google Oauth using Cypress?
问题描述
I want to test an app that only has Google Oauth Login via AWS Cognito.
我想测试一个只有 Google Oauth 通过 AWS Cognito 登录的应用程序。 Lots of guides on how to use cypress to programatically login to Cognito using AWS Amplify with a username and password, but cannot find anything on how to do it with Google Oauth.许多关于如何使用 cypress 通过用户名和密码使用 AWS Amplify 以编程方式登录 Cognito 的指南,但找不到任何关于如何使用 Google Oauth 进行登录的指南。
Im trying to use cypress to click the buttons to authenticate but I think there is a click forgery protection on Google.我试图使用柏树点击按钮进行身份验证,但我认为谷歌上有点击伪造保护。
I have also been able to use this cypress documentation to login to Google directly and get a jwt into session storage but not sure if there is a way to pass this to Cognito.我还能够使用此cypress 文档直接登录 Google,并将 jwt 放入 session 存储中,但不确定是否有办法将其传递给 Cognito。
2 个解决方案
解决方案1
1 2022-11-11 00:21:08
If you're doing end to end testing, then the simplest way would be to have another non prod staging environment without the Google Oauth login in Cognito, and instead the username password login you mentioned that has working examples.如果您要进行端到端测试,那么最简单的方法是在 Cognito 中没有 Google Oauth 登录的另一个非产品暂存环境,而是您提到的具有工作示例的用户名密码登录。
This is also a good idea, as you shouldn't be using your production user system in testing anyway.这也是一个好主意,因为无论如何您都不应该在测试中使用您的生产用户系统。
解决方案2
0 已采纳 2022-11-14 17:34:40
I tried many approaches to this including getting oauth token from Google and trying to exchange that manually with Cognito for the token I needed for AWS API Gateway.我尝试了很多方法来解决这个问题,包括从 Google 获取 oauth 令牌,并尝试用 Cognito 手动交换它以获得 AWS API 网关所需的令牌。 I also tried cypress-social-logins without success (because of this bug)我也尝试过 cypress-social-logins 但没有成功(因为这个错误)
Finally I just wrote my own cypress steps to log me into my app with a valid session. NOTE THIS WILL NOT WORK IN A CI/CD because it will probably trigger Google validations and so it is a semi-automated solution.最后,我编写了自己的 cypress 步骤,使用有效的 session 登录到我的应用程序。请注意,这在 CI/CD 中不起作用,因为它可能会触发 Google 验证,因此它是一个半自动化的解决方案。
If in doubt I recommend Tom Roman's answer below about creating a pre-prod environment in cognito that allows username/password login instead of messing about with google login.如果有疑问,我推荐 Tom Roman 在下面关于在 cognito 中创建预生产环境的回答,该环境允许用户名/密码登录而不是乱用谷歌登录。
// /support/login.js
Cypress.Commands.add('loginByGoogle', () => {
cy.visit('http://localhost:3030')
cy.origin('https://somecognitouserpool.auth.eu-west-1.amazoncognito.com', () => {
cy.contains('button', 'Continue with Google')
.click({force: true})
})
cy.origin('https://accounts.google.com', () => {
const resizeObserverLoopError = /^[^(ResizeObserver loop limit exceeded)]/;
Cypress.on('uncaught:exception', (err) => {
/* returning false here prevents Cypress from failing the test */
if (resizeObserverLoopError.test(err.message)) {
return false;
}
});
cy.get('input#identifierId[type="email"]')
.type(Cypress.env('googleSocialLoginUsername'))
.get('button[type="button"]').contains('Next')
.click()
.get('div#password input[type="password"]')
.type(Cypress.env('googleSocialLoginPassword'))
.get('button[type="button"]').contains('Next')
.click();
});
});
// /e2e/sometest.cy.js
before(() => {
cy.loginByGoogle();
});
describe('E2E testing', () => {
it('should now have a session', () => {
})
});
You also need a.env file (because you don't want to be saving your google credentials into github)您还需要一个 .env 文件(因为您不想将您的 google 凭据保存到 github 中)
GOOGLE_USERNAME = ''
GOOGLE_PASSWORD = ''
You also need two experimental flags (as of 14th Nov 2022)您还需要两个实验性标志(截至 2022 年 11 月 14 日)
// cypress.config.js
const { defineConfig } = require('cypress');
require('dotenv').config()
module.exports = defineConfig({
env: {
googleSocialLoginUsername: process.env.GOOGLE_USERNAME,
googleSocialLoginPassword: process.env.GOOGLE_PASSWORD
},
e2e: {
experimentalSessionAndOrigin: true,
experimentalModifyObstructiveThirdPartyCode: true
}
})
Here is my package.json so that you can see the exact packages I am using.这是我的 package.json 以便您可以看到我正在使用的确切包。 In particular I added the flags --headed --no-exit in order to complete 2 factor authentication manually as necessary.特别是我添加了标志--headed --no-exit以便在必要时手动完成 2 因素身份验证。 I have not yet figured out how to stop Google asking for this every time.我还没有想出如何阻止谷歌每次都要求这个。
{
"name": "docs",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"start": "http-server . -p 3030",
"cy:run": "cypress run --headed --no-exit",
"test": "start-server-and-test start http://localhost:3030 cy:run"
},
"author": "",
"license": "ISC",
"devDependencies": {
"cypress": "^11.0.1",
"start-server-and-test": "^1.14.0"
},
"dependencies": {
"dot-env": "^0.0.1",
"dotenv": "^16.0.3"
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.