From 4c3a80dcfd019ca3020fd033856b847b456f72e5 Mon Sep 17 00:00:00 2001
From: ValueOn AG <p.motsch@valueon.ch>
Date: Mon, 16 Feb 2026 23:15:25 +0100
Subject: [PATCH] feat: add auth flow to headfulDirect variant - click Sign-in,
 run AuthProcedure

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 src/bot/authTestProcedure.ts | 86 ++++++++++++++++++++++++++++++------
 1 file changed, 72 insertions(+), 14 deletions(-)

diff --git a/src/bot/authTestProcedure.ts b/src/bot/authTestProcedure.ts
index d983cb7..5933ae9 100644
--- a/src/bot/authTestProcedure.ts
+++ b/src/bot/authTestProcedure.ts
@@ -162,6 +162,10 @@ async function _runVariant(
       }
     });
 
+    // Auth state
+    let authAttempted = false;
+    let authSuccess: boolean | null = null;
+
     if (variant.id === 'headfulDirect') {
       // Variant 6: Navigate directly to /v2/ URL, bypassing launcher.html entirely
       const directUrl = _buildDirectV2Url(meetingUrl);
@@ -172,15 +176,39 @@ async function _runVariant(
         timeout: 30000,
       });
 
-      // Wait and log where Teams actually redirects to
-      await page.waitForTimeout(8000);
+      // Wait for initial page load
+      await page.waitForTimeout(5000);
       const currentUrl = page.url();
-      _log('info', `After redirect: ${currentUrl.substring(0, 120)}`);
+      _log('info', `After initial load: ${currentUrl.substring(0, 120)}`);
 
       if (currentUrl.includes('light-meetings')) {
         _log('warn', 'Teams redirected /v2/ to light-meetings');
       } else if (currentUrl.includes('/v2/')) {
-        _log('info', '/v2/ page loaded successfully!');
+        _log('info', '/v2/ page loaded — checking for Sign-in link');
+
+        // If we have credentials, attempt auth on the /v2/ page
+        if (botAccountEmail && botAccountPassword) {
+          authAttempted = true;
+          _log('info', `Attempting auth as ${botAccountEmail}`);
+
+          // Look for Sign-in link on the /v2/ pre-join page
+          const signInClicked = await _clickSignInLink(page, _log);
+
+          if (signInClicked) {
+            // Use AuthProcedure for the hybrid flow (inline modal → MS login → password)
+            authSuccess = await _attemptAuth(page, botAccountEmail, botAccountPassword);
+            _log(authSuccess ? 'info' : 'warn', `Auth result: ${authSuccess ? 'success' : 'failed'}`);
+
+            // Wait for page to settle after auth
+            await page.waitForTimeout(5000);
+            _log('info', `After auth, URL: ${page.url().substring(0, 120)}`);
+          } else {
+            _log('warn', 'No Sign-in link found on /v2/ page');
+            authSuccess = false;
+          }
+        } else {
+          _log('info', 'No credentials provided — skipping auth');
+        }
       }
     } else {
       // Standard flow: resolve URL, navigate, click launcher
@@ -197,16 +225,6 @@ async function _runVariant(
       await page.waitForTimeout(5000);
     }
 
-    // If this is the auth variant, attempt login
-    let authAttempted = false;
-    let authSuccess: boolean | null = null;
-    if (variant.id === 'headfulAuth' && botAccountEmail && botAccountPassword) {
-      authAttempted = true;
-      _log('info', `Attempting auth as ${botAccountEmail}`);
-      authSuccess = await _attemptAuth(page, botAccountEmail, botAccountPassword);
-      _log(authSuccess ? 'info' : 'warn', `Auth result: ${authSuccess ? 'success' : 'failed'}`);
-    }
-
     // Detect page type and gather signals
     const detection = await _detectPageType(page);
 
@@ -662,6 +680,46 @@ async function _handleLauncher(page: Page): Promise<void> {
   logger.info('[AuthTest] No launcher dialog found — may already be on pre-join page');
 }
 
+// ============================================================================
+// SIGN-IN LINK CLICK
+// ============================================================================
+
+/**
+ * Click the "Sign in" link on the /v2/ pre-join page to initiate auth flow.
+ * Returns true if clicked successfully, false if not found.
+ */
+async function _clickSignInLink(
+  page: Page,
+  _log: (level: 'info' | 'warn' | 'error', msg: string) => void
+): Promise<boolean> {
+  const signInSelectors = [
+    'button[data-tid="auth-sign-in-link"]',
+    'a[data-tid="auth-sign-in-link"]',
+    'button:has-text("Sign in")',
+    'a:has-text("Sign in")',
+    'button:has-text("Anmelden")',
+    'a:has-text("Anmelden")',
+  ];
+
+  for (const selector of signInSelectors) {
+    try {
+      const element = await page.waitForSelector(selector, { timeout: 5000, state: 'visible' });
+      if (element) {
+        await element.click();
+        _log('info', `Clicked Sign-in link: ${selector}`);
+        // Wait for the inline modal or redirect to appear
+        await page.waitForTimeout(3000);
+        return true;
+      }
+    } catch {
+      // Continue to next selector
+    }
+  }
+
+  _log('warn', 'No Sign-in link found with any selector');
+  return false;
+}
+
 // ============================================================================
 // PAGE TYPE DETECTION
 // ============================================================================