Community Test class fails: testLoginWithInvalidCredentials in Winter '21 - Answers - Salesforce Trailblazer Community
Trailblazer Community
Ask Search:
Anton van DijkAnton van Dijk 

Community Test class fails: testLoginWithInvalidCredentials in Winter '21

Since last weekend has brought sandboxes to Winter '21 update, we're facing issues due to a Test Class failing. This Test Class however, is a standard one when enabling Communities.
We haven't altered any of these Test Classes for over a year (since the introduction of Communities in our org) and haven't had issues up till now.
Our workaround for now is to comment out this specific method and add it to our VCS in order to skip the failing test.

Test results:
Class
LightningLoginFormControllerTest
Method Name
testLoginWithInvalidCredentials
Pass/Fail
Fail
Error Message
System.AssertException: Assertion Failed: Expected: Argument 1 cannot be null, Actual: null
Stack Trace
Class.LightningLoginFormControllerTest.testLoginWithInvalidCredentials: line 6, column 1
Best Answer chosen by Anton van Dijk
Yemeng ZhuYemeng Zhu
I guess what they mean is probably refers to a newly created org or any org just import this class recently (that already removed this failing class). Our orgs are old orgs, these code was introduced to our org since 2018.

here is their reply if you want more detail:
-------------------
In Winter'21 release, existing orgs will see a test failure when they run LightningLoginFormControllerTest.

Resolution: "We simply need to remove this test from the apex test class. The offending test is already removed from the code and hence it will not be an issue for new orgs."
-------------------

All Answers

sakshi nagpalsakshi nagpal
Hi Aaron,

 After Winter 21 all community guest users should have access to Auro enabled apex controllers.

 Give your user access through profile or permission set

 Check this-:
https://releasenotes.docs.salesforce.com/en-us/spring20/release-notes/rn_lc_restrict_apex_guest_users.htm
https://help.salesforce.com/articleView?id=networks_guest_policies_timelines.htm&r=https:%2F%2Fwww.google.com%2F&type=5
https://help.salesforce.com/articleView?id=000352920&language=en_US&mode=1&r=https:%2F%2Fwww.google.com%2F&type=1
https://releasenotes.docs.salesforce.com/en-us/summer20/release-notes/rn_networks_reduce_object_perms.htm

Let me know if you need more help

 Thanks,
Sakshi
Frédéric ProvotFrédéric Provot
Hi
I have exactly the same problem. The login function returns now null when there is a password error, but the test has not changed.

Is it relative to the AuraEnabled apex securities? Why isn'it managed by Salesforce in Winter 21 and what should we do??
 
Anton van DijkAnton van Dijk
That's the same thing I thought Frédéric.
However, I've granted all profiles access to the apex class and test class, but the outcome was the same.
Perhaps another setting has to be changed first?
Anil JAdhavAnil JAdhav
Hi Anton,

Can we have testLoginWithInvalidCredentials method snippet?

Regards,
AJ
Anton van DijkAnton van Dijk
Sure you can.
@IsTest
static void testLoginWithInvalidCredentials() {
        System.assertEquals('Argument 1 cannot be null', LightningLoginFormController.login('testUser', 'fakepwd', null));
}
and the controller just for reference
@AuraEnabled
public static String login(String username, String password, String startUrl) {
        try{
            ApexPages.PageReference lgn = Site.login(username, password, startUrl);
            aura.redirect(lgn);
            return null;
        }
        catch (Exception ex) {
            return ex.getMessage();
        }
}
Now, as I said before. This is created by Salesforce and we haven't touched it since (it wasn't even in our version control)
 
sakshi nagpalsakshi nagpal
Hi Anton,

 Did you assign permission sets(for aura enabled) to guest user, and authenticated user both?

 Thanks,
Sakshi
Anton van DijkAnton van Dijk

Hi Sakshi,

I'm not sure if we're on the same page. In my comment to Frédéric I said that I've tried assigning all profiles to the controller class and test class. if I run the test class after the change, it still fails with the same message.
I'm not sure how permission sets assigning to specific users will solve that? since it's a test that fails

Frédéric ProvotFrédéric Provot
I have opened a Salesforce request on that subject. 
Note that in our Winter 21 sandboxes I have this security options:
- Security -> Sharing Settings -> "Secure guest user record access" : Enabled
- Community's workspaces section -> Administration -> Preferences : "Let guest users see other members of this community" : Disabled

And we can see that LightningLoginFormController is not explicitly defined "With Sharing" or "Without Sharing, thus is now by default to "With Sharing" while in Summer 20 it was by default to "Without Sharing".
There may be other new security changes in winter21.
 
Anil JAdhavAnil JAdhav
Hi Anton,

I think this is the issue with 'aura.redirect(lgn);' with the new release but I didn't find anywhere documented.

I have seen similar issue from new release - aura.redirect() won't navigate and it doesn't throw an error either.

Let us know once you get response from Salesforce ticket.

Regards,
AJ
Sujila NairSujila Nair
We have the same issue!
Yemeng ZhuYemeng Zhu
we also raised a case to SFDC, and got a feedback to remove that one failing test for old orgs. they say new org should already  been removed.
Sujila NairSujila Nair
@Yemeng Zhu -  But if this is due to Winter'21, arent the preview orgs the new orgs? 
Yemeng ZhuYemeng Zhu
I guess what they mean is probably refers to a newly created org or any org just import this class recently (that already removed this failing class). Our orgs are old orgs, these code was introduced to our org since 2018.

here is their reply if you want more detail:
-------------------
In Winter'21 release, existing orgs will see a test failure when they run LightningLoginFormControllerTest.

Resolution: "We simply need to remove this test from the apex test class. The offending test is already removed from the code and hence it will not be an issue for new orgs."
-------------------
This was selected as the best answer
Anton van DijkAnton van Dijk
Thanks for the great responses. Unfortunately, I haven't received any feedback myself from salesforce yet.

I do have a next issue though: code coverage.
we have all these standard test classes that have code coverage as low as 50%!
removing the test method tips us over the edge in a wrong way: I cannot make changes because code coverage should be 75%

are we really required to write test code for standard salesforce classes while we have a no (custom) code environment?!
Anton van DijkAnton van Dijk
Never mind, I think I got it.
The class (incl test class) is not present at all anymore in production.
Perhaps it's still there for us in sandboxes, since we haven't refreshed lately.
Together with the comment by Yemeng Zhu, it looks like a sandbox refresh or just removing the class completely will solve this issue. thanks guys
Frédéric ProvotFrédéric Provot
Some more details from the support:
This Test class will login with fake credentials without a startUrl and expects the API to return a specific error message. 

This API has changed its behavior to exit gracefully instead of throwing an error(When apex context is not established) from Winter 21. Hence we have to remove this Test method from the Test class.
Which is not automatic on the sandboxes, and indeed the complete test class and Lightning login controllers have been removed in production and new sandboxes.

 
Bao TrinhBao Trinh
I've raised this with Salesforce last week they mentioned to me that you'll need to quote out this test method to move along esp when this error was a blocker for us on deployments. 

>> The proposed solution for you is to bypass this test or remove/comment the test class/method which is failing in your Org, because LightningLoginFormControllerTest is just a sample and does not have much value for end customer.

>> The test itself does not do much, it tries to login with fake credentials without a startUrl and expects the aura api to return a specific error message. Aura api has changed its behavior to exit gracefully instead of throwing an error(When apex context is not established). This test is more like an internal/unit test. 

I wouldn't bet my money that Salesforce will resolve this error by the Winter 21 Production Go Live date as it adds very little value.