import { defineConfig, devices } from '@playwright/test'; // The e2e runs inside the compose network (infra/run-e2e-check.sh); baseURL defaults to the // self-service service. Keep timeouts generous — the first navigation triggers the DigiD flow. const baseURL = process.env.SELF_SERVICE_URL ?? 'http://self-service'; export default defineConfig({ testDir: '.', timeout: 90_000, expect: { timeout: 15_000 }, retries: 1, reporter: [['list']], use: { baseURL, trace: 'on-first-retry', // The portal is served over plain HTTP on a non-localhost origin (http://self-service) inside the // compose network, so it is NOT a secure context — and Web Crypto (`crypto.subtle`) is undefined // there. angular-auth-oidc-client needs SubtleCrypto to build the PKCE code challenge, so // `authorize()` throws and the login redirect never fires (the login form never appears). In // production the portal runs behind HTTPS, where this works. Rather than terminate TLS in the // throwaway e2e stack, tell Chromium to treat this origin as secure — which faithfully emulates // the production HTTPS context. This flag is only honoured by the full Chromium build (new // headless), not Playwright's default headless-shell, so pin `channel: 'chromium'`. channel: 'chromium', launchOptions: { args: [`--unsafely-treat-insecure-origin-as-secure=${baseURL}`] }, }, projects: [{ name: 'chromium', use: { ...devices['Desktop Chrome'] } }], });