It would be nice if you included a description of how silent-auth
would work in this flow. As soon as you try to use cy.visit('/another-page-in-my-app')
it will cause a page refresh which will lose the access token we get in the cy.request callback (set in-memory) only. At that point, it will call auth0.checkSession()
to see if there is an existing session with auth0 (doing the silent-auth flow). However, this will fail due to the face that we do not have a cookie set on the auth0 domain.
In the normal browser flow, right before auth0 login page redirects back to the SPA it will set a cookie auth0
on the domain with a value that matches the user session. Is there a way to obtain that session token and set it manually for using cy.setCookie
?
Or perhaps there is a different way of doing this? Maybe using something like the offline flow?