cypress-social-logins: "Couldn't sign you in" This browser or app may not be secured, Google login fails

Hello,

I am trying to perform Google Auth operation and using the same example code provided in README file.

Initially with option headless: true it took long and returns following error:

image

Then I tried to debug the situation and toggled headless: false then situation was different.

image

I have recorded small video of this: https://www.loom.com/share/0b13b447f9c54a4e81beeee856e45544

Setup code:

it('Login through Google', () => {
    const username = Cypress.env('LOGIN_EMAIL');
    const password = Cypress.env('PASSWORD');
    const loginUrl = Cypress.env('LOGIN_URL');
    const cookieName = Cypress.env('COOKIE_NAME');
    const socialLoginOptions = {
      username,
      password,
      loginUrl,
      headless: true, // for debugging I used false option 
      isPopup: true,
      logs: false,
      loginSelector: 'button',
      popupDelay: 3000,
    };

    return cy.task('GoogleSocialLogin', socialLoginOptions).then(({ cookies }) => {
      cy.clearCookies();

      const cookie = cookies.filter((cookie) => cookie.name === cookieName).pop();
      if (cookie) {
        cy.setCookie(cookie.name, cookie.value, {
          domain: cookie.domain,
          expiry: cookie.expires,
          httpOnly: cookie.httpOnly,
          path: cookie.path,
          secure: cookie.secure,
        });

        Cypress.Cookies.defaults({
          whitelist: cookieName,
        });
      }
    });
  });

{
  "chromeWebSecurity": true // I have tried all 3 options (removing this property, true and false
}

Not sure if I am doing something wrong or it requires extra configurations. Kindly help!

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 16 (6 by maintainers)

Most upvoted comments

Closing this one as I don’t see this being a bug in the plugin or in Cypress. Happy to re-open if anybody wants to contribute more information here.

+7
lirantal on Jul 2, 2020

Hey @mumairofficial,

That issue seems to be more related to Google and their security constraints than to the plugin itself. That’s a message coming in from Google’s own platform once you try to login.

Apparently, other people have reported something similar with selenium and probably other tools too? See here: https://stackoverflow.com/questions/59380356/how-to-handle-browser-or-app-may-not-be-secure-issue-with-web-driver-selenium-py

There’s also an official question on this on Google’s support: https://support.google.com/accounts/thread/22873505?hl=en

+3
lirantal on Jun 18, 2020

Just remove the --enable-automation flag from Chrome / Chromium:

module.exports = defineConfig({
  e2e: {
    setupNodeEvents(on, config) {
      // implement node event listeners here
      on('before:browser:launch', (browser, launchOptions) => {
        console.log(launchOptions.args);
        let removeFlags = [
          '--enable-automation',
        ];
        launchOptions.args = launchOptions.args.filter(value => !removeFlags.includes(value));
        return launchOptions
      })
    },
  },
});

and enjoy:

image

+1
denysvitali on Jan 13, 2024
Read more comments on GitHub
← LiquidCore: missing libnode.so for arm64-v8a
cypress-social-logins: Error: module not found: "ws" from file ..... node_modules/puppeteer/lib/WebSocketTransport.js →