Fix cypress login test, to work with cross-signing (locally)

cypress/e2e/login/login.spec.ts

@@ -41,6 +41,7 @@ describe("Login", () => {
         // Will be replaced by a generated random user when we have a full docker setup
         const username = Cypress.env("E2E_TEST_USER_EMAIL");
         const password = Cypress.env("E2E_TEST_USER_PASSWORD");
+        const securityKey = Cypress.env("E2E_TEST_USER_SECURITY_KEY");
 
         beforeEach(() => {
             // We use a pre-existing user on dev backend. If random user was created each time, we would use :
@@ -57,12 +58,20 @@ describe("Login", () => {
 
             cy.get("#mx_LoginForm_email").type(username);
             cy.get("#mx_LoginForm_password").type(password);
-            cy.startMeasuring("from-submit-to-home");
             cy.get(".mx_Login_submit").click();
 
-            //TODO: does not work if account has cross signing because the screen is /#/login "Vérifier cet appareil"
+            // Enter security key
+            cy.get(".mx_CompleteSecurityBody .mx_AccessibleButton")
+                .contains("Vérifier avec un Code de Récupération")
+                .click();
+            cy.get("#mx_securityKey").type(securityKey);
+            cy.get(".mx_AccessSecretStorageDialog .mx_Dialog_primary").click();
+
+            // Success page displays. Click to continue.
+            cy.get(".mx_E2EIcon_verified"); // check for presence of success icon
+            cy.get(".mx_CompleteSecurityBody .mx_AccessibleButton_kind_primary").click();
+
             cy.url().should("contain", "/#/home");
-            cy.stopMeasuring("from-submit-to-home");
         });
     });
 });

cypress/support/axe.ts

@@ -1,25 +1,13 @@
 /*
-Copyright 2022 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+copied from matrix-react-sdk/cypress/support/axe.ts
 */
 
 /// <reference types="cypress" />
 
 import "cypress-axe";
 import * as axe from "axe-core";
-import { Options } from "cypress-axe";
 
+import type { Options } from "cypress-axe";
 import Chainable = Cypress.Chainable;
 
 function terminalLog(violations: axe.Result[]): void {
@@ -67,3 +55,35 @@ Cypress.Commands.overwrite(
         );
     },
 );
+
+// Load axe-core into the window under test.
+//
+// The injectAxe in cypress-axe attempts to load axe via an `eval`. That conflicts with our CSP
+// which disallows "unsafe-eval". So, replace it with an implementation that loads it via an
+// injected <script> element.
+Cypress.Commands.overwrite("injectAxe", (originalFn: Chainable["injectAxe"]): void => {
+    Cypress.log({ name: "injectAxe" });
+
+    // load the minified axe source, and create an intercept to serve it up
+    cy.readFile("node_modules/axe-core/axe.min.js", { log: false }).then((source) => {
+        cy.intercept("/_axe", source);
+    });
+
+    // inject a script tag to load it
+    cy.get("head", { log: false }).then(
+        (head) =>
+            new Promise((resolve, reject) => {
+                const script = document.createElement("script");
+                script.type = "text/javascript";
+                script.async = true;
+                script.onload = resolve;
+                script.onerror = (_e) => {
+                    // Unfortunately there does not seem to be a way to get a reason for the error.
+                    // The error event is useless.
+                    reject(new Error("Unable to load axe"));
+                };
+                script.src = "/_axe";
+                head.get()[0].appendChild(script);
+            }),
+    );
+});