Skip to content

VSB-TUO/fix(cypress): stabilize login flow and hide Klaro consent banner in e…#1296

Open
milanmajchrak wants to merge 2 commits into
customer/vsb-tuofrom
fix/integration-tests
Open

VSB-TUO/fix(cypress): stabilize login flow and hide Klaro consent banner in e…#1296
milanmajchrak wants to merge 2 commits into
customer/vsb-tuofrom
fix/integration-tests

Conversation

@milanmajchrak
Copy link
Copy Markdown
Collaborator

@milanmajchrak milanmajchrak commented May 25, 2026
edited
Loading

Summary

Hardens the Cypress login flow on customer/vsb-tuo and documents the root cause of remaining red CI runs, which lives in the backend Docker image, not in this repository.

Frontend changes (this PR)

  • cypress/support/commands.ts:
    • replaced the brittle UI form-fill login with a programmatic cy.request('POST', '/api/authn/login') that mirrors the working pattern already used by cy.generateViewEvent(), sets the dsAuthInfo cookie directly, then triggers a single reload.
    • same approach applied to both cy.login() and the helper loginViaForm().
  • cypress/support/e2e.ts:
    • pre-seeds the Klaro consent cookie (services: authentication, preferences, acknowledgement, google-analytics, google-recaptcha, accessibility) so the banner never renders.
    • hides any residual .klaro DOM via injected CSS at window:before:load.
    • clears DSPACE-XSRF-COOKIE in beforeEach so each test gets a fresh CSRF round-trip.

These changes match the conventions used on green sibling branches (customer/lindat, customer/zcu-*, customer/uk, customer/sav, customer/TUL).

Why CI is still red on this PR — and what is not in scope

The frontend cannot make the tests green on its own because the backend image used by this branch does not respond to POST /api/authn/login on CI.

Evidence

  1. After the programmatic-login change, the CI screenshot for every failing spec still shows
    cy.request POST http://127.0.0.1:8080/server/api/authn/login pending until the 120 s timeout — i.e. no HTTP response at all, not a 401/403.

  2. Anonymous specs that issue the same cy.request POST pattern against the same backend (e.g. homepage-statistics.cy.ts → POST /api/statistics/viewevents) pass. Only /api/authn/login hangs.

  3. Build workflow history on the parent customer/vsb-tuo branch is failure on every run for the last several days, long before this PR existed.

  4. Diff of .github/workflows/build.yml between customer/vsb-tuo and every green sibling branch yields a single relevant difference:

    Branch DSPACE_CI_IMAGE Build CI
    customer/lindat, customer/uk, customer/sav, customer/zcu-pub, customer/zcu-data, customer/TUL dataquest/dspace:dspace-7_x-test green
    customer/vsb-tuo (this branch) dataquest/dspace:customer-vsb-tuo-test red

Conclusion

The Docker image dataquest/dspace:customer-vsb-tuo-test has a broken authentication endpoint (most likely an authentication method in the chain — LDAP / Shibboleth or similar — that blocks on a network connection that does not exist on the CI runner). This must be fixed in the DSpace backend repository / image build, not here.

Suggested backend follow-up

Override the authentication chain on CI to password-only, either by rebuilding the image with a CI-safe authentication.cfg, or by adding to docker/docker-compose-ci.yml under the dspace service environment: block:

plugin__P__sequence__P__org__P__dspace__P__authenticate__P__AuthenticationMethod: org.dspace.authenticate.PasswordAuthentication

(only after confirming the customer image honours __P__ → . env-var substitution).

Validation

  • Local Cypress: login/Klaro regressions resolved; remaining local failures are data-dependent (e.g. admin-workflow-page, submission) and not related to login or consent.
  • CI: still red on this branch due to the backend issue above. Tests will go green automatically once the customer backend image is fixed; no further frontend change can unblock them.

Copilot AI review requested due to automatic review settings May 25, 2026 11:48
Copilot AI reviewed May 25, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR aims to reduce Cypress e2e flakiness by making the login helper deterministic and preventing the Klaro consent overlay from intercepting clicks during test runs.

Changes:

  • Stabilize cy.loginViaForm() by intercepting POST /api/authn/login, waiting for a 200 response, and asserting redirect away from /login.
  • Extend the pre-agreed Klaro consent cookie to include accessibility and inject CSS on each page load to hide the .klaro banner.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
cypress/support/e2e.ts Updates Klaro consent cookie and injects a style rule to hide the Klaro banner on page load.
cypress/support/commands.ts Makes form-based login deterministic via intercept + wait + redirect assertion, and scopes selectors to visible login form.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread cypress/support/commands.ts Outdated
@@ -100,13 +100,32 @@ function loginViaForm(
): void {
cy.wait(500);
Comment thread cypress/support/e2e.ts Outdated
Comment on lines +58 to +60
// Pre-agree to all Klaro cookies by setting the klaro-anonymous cookie
// This just ensures it doesn't get in the way of matching other objects in the page.
cy.setCookie('klaro-anonymous', '{%22authentication%22:true%2C%22preferences%22:true%2C%22acknowledgement%22:true%2C%22google-analytics%22:true%2C%22google-recaptcha%22:true}');
cy.setCookie('klaro-anonymous', '{%22authentication%22:true%2C%22preferences%22:true%2C%22acknowledgement%22:true%2C%22google-analytics%22:true%2C%22google-recaptcha%22:true%2C%22accessibility%22:true}');
@milanmajchrak
fix(cypress): use programmatic REST login to bypass hanging UI form …
d19fb57 
…on CI

CI evidence (run 26398927955) shows every login-protected spec failing with:
  'cy.wait() timed out waiting 30000ms for the 1st response to the route:
   loginRequest. No response ever occurred.'

The browser-side POST /api/authn/login dispatched from the Angular login
form does not receive a response within Cypress' default 30s wait on the
ubuntu-latest runner, while anonymous specs (23/55) pass. Switching to
cy.request() drives the login from the Cypress (Node) side directly against
the backend, bypassing CORS/XSRF/SSR timing problems, and writes the
resulting auth token into the same UI cookie Angular reads on bootstrap.
A subsequent cy.reload() rehydrates Angular as an authenticated user and
preserves the original returnUrl for specs that visit a restricted page
first (e.g. /mydspace, /submit).

Also addresses Copilot review feedback on the prior attempt: removes the
hard cy.wait(500) and encodes the klaro-anonymous cookie via
JSON.stringify + encodeURIComponent.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@milanmajchrak