fix: login via teams.microsoft.com redirect (not generic MS login) to get Teams cookies

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-17 00:53:50 +01:00 · 2026-02-17 00:53:50 +01:00 · f0c93c505d
commit f0c93c505d
parent 22ae30d6ef
1 changed files with 30 additions and 10 deletions
--- a/src/bot/authTestProcedure.ts
+++ b/src/bot/authTestProcedure.ts
@ -167,29 +167,49 @@ async function _runVariant(
    let authSuccess: boolean | null = null;

    if (variant.id === 'headfulDirect') {
-      // Strategy: Login at Microsoft FIRST, then navigate to /v2/ meeting URL.
-      // The /v2/ "Sign in" button leads to a guest-code flow, NOT Microsoft login.
-      // So we must authenticate before navigating to the meeting.
+      // Strategy: Login via Teams' own auth redirect (not generic MS login).
+      // Generic login.microsoftonline.com sets cookies for m365.cloud.microsoft,
+      // NOT for teams.microsoft.com. We must trigger the Teams-specific login flow.

      if (botAccountEmail && botAccountPassword) {
        authAttempted = true;
-        _log('info', `Step 1: Authenticating at login.microsoftonline.com as ${botAccountEmail}`);
+        _log('info', `Step 1: Navigate to teams.microsoft.com to trigger Teams login redirect`);

-        // Navigate to Microsoft login directly
+        // Navigate to Teams — this redirects to login.microsoftonline.com with
+        // Teams-specific client_id and redirect_uri=teams.microsoft.com
+        await page.goto('https://teams.microsoft.com', {
+          waitUntil: 'domcontentloaded',
+          timeout: 30000,
+        });
+        await page.waitForTimeout(3000);
+        _log('info', `After Teams redirect: ${page.url().substring(0, 120)}`);
+
+        // Now we should be on login.microsoftonline.com with Teams context.
+        // Use AuthProcedure with skipNavigation=true (we're already on the login page)
        const authProcedure = new AuthProcedure(page, logger);
-        authSuccess = await authProcedure.authenticateWithMicrosoft(botAccountEmail, botAccountPassword, false);
+        const onLoginPage = page.url().includes('login.microsoftonline.com') || page.url().includes('login.live.com');
+
+        if (onLoginPage) {
+          _log('info', `On MS login page, authenticating as ${botAccountEmail}`);
+          authSuccess = await authProcedure.authenticateWithMicrosoft(botAccountEmail, botAccountPassword, false);
+        } else {
+          // Maybe already logged in, or Teams served directly
+          _log('info', `Not on login page (${page.url().substring(0, 80)}), trying direct auth`);
+          authSuccess = await authProcedure.authenticateWithMicrosoft(botAccountEmail, botAccountPassword, false);
+        }
+
        _log(authSuccess ? 'info' : 'warn', `Auth result: ${authSuccess ? 'success' : 'failed'}`);

        if (authSuccess) {
-          // Wait for auth to fully settle (cookies, redirects)
-          await page.waitForTimeout(3000);
-          _log('info', `After auth, URL: ${page.url().substring(0, 120)}`);
+          // Wait for redirect chain to complete (MS → Teams)
+          await page.waitForTimeout(5000);
+          _log('info', `After auth settle: ${page.url().substring(0, 120)}`);
        }
      } else {
        _log('info', 'No credentials provided — skipping auth');
      }

-      // Step 2: Navigate to /v2/ meeting URL (with or without auth cookies)
+      // Step 2: Navigate to /v2/ meeting URL (with Teams auth cookies)
      const directUrl = _buildDirectV2Url(meetingUrl);
      _log('info', `Step 2: Direct /v2/ navigation: ${directUrl.substring(0, 120)}`);