flows: move flow relevant info into ContextualFlowInfo

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-08 16:53:28 +02:00
parent ae8cf00a21
commit ba1b23c879
21 changed files with 111 additions and 113 deletions

View file

@ -28,6 +28,14 @@ class ErrorDetailSerializer(PassiveSerializer):
code = CharField()
class ContextualFlowInfo(PassiveSerializer):
"""Contextual flow information for a challenge"""
title = CharField(required=False, allow_blank=True)
background = CharField(required=False)
cancel_url = CharField()
class Challenge(PassiveSerializer):
"""Challenge that gets sent to the client based on which stage
is currently active"""
@ -35,8 +43,7 @@ class Challenge(PassiveSerializer):
type = ChoiceField(
choices=[(x.value, x.name) for x in ChallengeTypes],
)
title = CharField(required=False, allow_blank=True)
background = CharField(required=False)
flow_info = ContextualFlowInfo()
component = CharField(default="")
response_errors = DictField(

View file

@ -3,6 +3,7 @@ from django.contrib.auth.models import AnonymousUser
from django.http import HttpRequest
from django.http.request import QueryDict
from django.http.response import HttpResponse
from django.urls import reverse
from django.views.generic.base import View
from rest_framework.request import Request
from structlog.stdlib import get_logger
@ -11,6 +12,7 @@ from authentik.core.models import DEFAULT_AVATAR, User
from authentik.flows.challenge import (
Challenge,
ChallengeResponse,
ContextualFlowInfo,
HttpChallengeResponse,
WithUserInfoChallenge,
)
@ -93,10 +95,16 @@ class ChallengeStageView(StageView):
def _get_challenge(self, *args, **kwargs) -> Challenge:
challenge = self.get_challenge(*args, **kwargs)
if "title" not in challenge.initial_data:
challenge.initial_data["title"] = self.executor.flow.title
if "background" not in challenge.initial_data:
challenge.initial_data["background"] = self.executor.flow.background_url
if "flow_info" not in challenge.initial_data:
flow_info = ContextualFlowInfo(
data={
"title": self.executor.flow.title,
"background": self.executor.flow.background_url,
"cancel_url": reverse("authentik_flows:cancel"),
}
)
flow_info.is_valid()
challenge.initial_data["flow_info"] = flow_info.data
if isinstance(challenge, WithUserInfoChallenge):
# If there's a pending user, update the `username` field
# this field is only used by password managers.

View file

@ -15347,10 +15347,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-access-denied
@ -15363,6 +15361,7 @@ components:
error_message:
type: string
required:
- flow_info
- type
ActionEnum:
enum:
@ -15669,10 +15668,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-duo
@ -15695,6 +15692,7 @@ components:
required:
- activation_barcode
- activation_code
- flow_info
- pending_user
- pending_user_avatar
- stage_uuid
@ -15782,10 +15780,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-static
@ -15805,6 +15801,7 @@ components:
type: string
required:
- codes
- flow_info
- pending_user
- pending_user_avatar
- type
@ -15883,10 +15880,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-totp
@ -15904,6 +15899,7 @@ components:
type: string
required:
- config_url
- flow_info
- pending_user
- pending_user_avatar
- type
@ -16060,10 +16056,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-validate
@ -16083,6 +16077,7 @@ components:
$ref: '#/components/schemas/DeviceChallenge'
required:
- device_challenges
- flow_info
- pending_user
- pending_user_avatar
- type
@ -16106,10 +16101,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-webauthn
@ -16127,6 +16120,7 @@ components:
type: object
additionalProperties: {}
required:
- flow_info
- pending_user
- pending_user_avatar
- registration
@ -16156,10 +16150,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-autosubmit
@ -16177,6 +16169,7 @@ components:
type: string
required:
- attrs
- flow_info
- type
- url
BackendsEnum:
@ -16211,10 +16204,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-captcha
@ -16231,6 +16222,7 @@ components:
site_key:
type: string
required:
- flow_info
- pending_user
- pending_user_avatar
- site_key
@ -16416,10 +16408,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-consent
@ -16440,6 +16430,7 @@ components:
items:
$ref: '#/components/schemas/Permission'
required:
- flow_info
- header_text
- pending_user
- pending_user_avatar
@ -16512,6 +16503,18 @@ components:
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
required:
- name
ContextualFlowInfo:
type: object
description: Contextual flow information for a challenge
properties:
title:
type: string
background:
type: string
cancel_url:
type: string
required:
- cancel_url
Coordinate:
type: object
description: Coordinates for diagrams
@ -16715,10 +16718,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-dummy
@ -16729,6 +16730,7 @@ components:
items:
$ref: '#/components/schemas/ErrorDetail'
required:
- flow_info
- type
DummyChallengeResponseRequest:
type: object
@ -16875,10 +16877,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-email
@ -16889,6 +16889,7 @@ components:
items:
$ref: '#/components/schemas/ErrorDetail'
required:
- flow_info
- type
EmailChallengeResponseRequest:
type: object
@ -17668,10 +17669,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-identification
@ -17701,6 +17700,7 @@ components:
items:
$ref: '#/components/schemas/UILoginButton'
required:
- flow_info
- password_fields
- primary_action
- type
@ -21626,10 +21626,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-password
@ -21646,6 +21644,7 @@ components:
recovery_url:
type: string
required:
- flow_info
- pending_user
- pending_user_avatar
- type
@ -23378,10 +23377,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-flow-sources-plex
@ -23397,6 +23394,7 @@ components:
type: string
required:
- client_id
- flow_info
- slug
- type
PlexAuthenticationChallengeResponseRequest:
@ -23739,10 +23737,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-prompt
@ -23758,6 +23754,7 @@ components:
$ref: '#/components/schemas/StagePrompt'
required:
- fields
- flow_info
- type
PromptChallengeResponseRequest:
type: object
@ -24199,10 +24196,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: xak-flow-redirect
@ -24215,6 +24210,7 @@ components:
to:
type: string
required:
- flow_info
- to
- type
RefreshTokenModel:
@ -24912,10 +24908,8 @@ components:
properties:
type:
$ref: '#/components/schemas/ChallengeChoices'
title:
type: string
background:
type: string
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: xak-flow-shell
@ -24929,6 +24923,7 @@ components:
type: string
required:
- body
- flow_info
- type
SignatureAlgorithmEnum:
enum:

View file

@ -15,8 +15,4 @@ export class FlowURLManager {
return `/flows/-/configure/${stageUuid}/${rest}`;
}
static cancel(): string {
return "/flows/-/cancel/";
}
}

View file

@ -86,8 +86,8 @@ export class FlowExecutor extends LitElement implements StageHost {
private postUpdate(): void {
tenant().then(tenant => {
if (this.challenge?.title) {
document.title = `${this.challenge.title} - ${tenant.brandingTitle}`;
if (this.challenge?.flowInfo.title) {
document.title = `${this.challenge.flowInfo.title} - ${tenant.brandingTitle}`;
} else {
document.title = tenant.brandingTitle || TITLE_DEFAULT;
}
@ -124,8 +124,8 @@ export class FlowExecutor extends LitElement implements StageHost {
}).then((challenge) => {
this.challenge = challenge;
// Only set background on first update, flow won't change throughout execution
if (this.challenge?.background) {
this.setBackground(this.challenge.background);
if (this.challenge?.flowInfo.background) {
this.setBackground(this.challenge.flowInfo.background);
}
this.postUpdate();
}).catch((e: Error) => {
@ -271,7 +271,7 @@ export class FlowExecutor extends LitElement implements StageHost {
${this.tenant?.brandingTitle != "authentik" ? html`
<li><a href="https://goauthentik.io">${t`Powered by authentik`}</a></li>
` : html``}
${this.challenge?.background?.startsWith("/static") ? html`
${this.challenge?.flowInfo.background?.startsWith("/static") ? html`
<li><a href="https://unsplash.com/@danasaki">${t`Background image`}</a></li>
` : html``}
</ul>

View file

@ -28,7 +28,7 @@ export class FlowAccessDenied extends BaseStage<AccessDeniedChallenge, FlowChall
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -11,7 +11,6 @@ import { BaseStage } from "../base";
import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { AuthenticatorDuoChallenge, StagesApi } from "authentik-api";
import { DEFAULT_CONFIG } from "../../../api/Config";
import { AuthenticatorDuoChallengeResponseRequest } from "authentik-api/dist/models/AuthenticatorDuoChallengeResponseRequest";
@ -50,7 +49,7 @@ export class AuthenticatorDuoStage extends BaseStage<AuthenticatorDuoChallenge,
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -60,7 +59,7 @@ export class AuthenticatorDuoStage extends BaseStage<AuthenticatorDuoChallenge,
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<img src=${this.challenge.activationBarcode} />

View file

@ -11,7 +11,6 @@ import { BaseStage } from "../base";
import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { AuthenticatorStaticChallenge } from "authentik-api";
import { AuthenticatorStaticChallengeResponseRequest } from "authentik-api/dist/models/AuthenticatorStaticChallengeResponseRequest";
@ -47,7 +46,7 @@ export class AuthenticatorStaticStage extends BaseStage<AuthenticatorStaticChall
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -57,7 +56,7 @@ export class AuthenticatorStaticStage extends BaseStage<AuthenticatorStaticChall
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<ak-form-element

View file

@ -14,7 +14,6 @@ import { showMessage } from "../../../elements/messages/MessageContainer";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { MessageLevel } from "../../../elements/messages/Message";
import { FlowURLManager } from "../../../api/legacy";
import { AuthenticatorTOTPChallenge, AuthenticatorTOTPChallengeResponseRequest } from "authentik-api";
@ -34,7 +33,7 @@ export class AuthenticatorTOTPStage extends BaseStage<AuthenticatorTOTPChallenge
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -44,7 +43,7 @@ export class AuthenticatorTOTPStage extends BaseStage<AuthenticatorTOTPChallenge
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<input type="hidden" name="otp_uri" value=${this.challenge.configUrl} />

View file

@ -162,7 +162,7 @@ export class AuthenticatorValidateStage extends BaseStage<AuthenticatorValidatio
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
${this.selectedDeviceChallenge ? "" : html`<p class="pf-c-login__main-header-desc">
${t`Select an identification method.`}

View file

@ -13,7 +13,6 @@ import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import { PasswordManagerPrefill } from "../identification/IdentificationStage";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { AuthenticatorValidationChallenge } from "authentik-api/dist/models/AuthenticatorValidationChallenge";
import { AuthenticatorValidationChallengeResponseRequest, DeviceChallenge } from "authentik-api";
@ -44,7 +43,7 @@ export class AuthenticatorValidateStageWebCode extends BaseStage<AuthenticatorVa
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<ak-form-element

View file

@ -12,7 +12,6 @@ import { AuthenticatorValidateStage } from "./AuthenticatorValidateStage";
import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { AuthenticatorValidationChallenge } from "authentik-api/dist/models/AuthenticatorValidationChallenge";
import { AuthenticatorValidationChallengeResponseRequest, DeviceChallenge } from "authentik-api";
@ -49,7 +48,7 @@ export class AuthenticatorValidateStageWebDuo extends BaseStage<AuthenticatorVal
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>

View file

@ -85,7 +85,7 @@ export class WebAuthnAuthenticatorRegisterStage extends BaseStage<AuthenticatorW
render(): TemplateResult {
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge?.title}
${this.challenge?.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -32,7 +32,7 @@ export class AutosubmitStage extends BaseStage<AutosubmitChallenge, AutoSubmitCh
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -12,7 +12,6 @@ import { BaseStage } from "../base";
import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { CaptchaChallenge, CaptchaChallengeResponseRequest } from "authentik-api";
@customElement("ak-stage-captcha")
@ -58,7 +57,7 @@ export class CaptchaStage extends BaseStage<CaptchaChallenge, CaptchaChallengeRe
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -68,7 +67,7 @@ export class CaptchaStage extends BaseStage<CaptchaChallenge, CaptchaChallengeRe
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<div class="ak-loading">

View file

@ -10,7 +10,6 @@ import AKGlobal from "../../../authentik.css";
import { BaseStage } from "../base";
import "../../../elements/EmptyState";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { ConsentChallenge, ConsentChallengeResponseRequest } from "authentik-api";
@ -30,7 +29,7 @@ export class ConsentStage extends BaseStage<ConsentChallenge, ConsentChallengeRe
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -40,7 +39,7 @@ export class ConsentStage extends BaseStage<ConsentChallenge, ConsentChallengeRe
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<div class="pf-c-form__group">

View file

@ -28,7 +28,7 @@ export class DummyStage extends BaseStage<DummyChallenge, DummyChallengeResponse
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -27,7 +27,7 @@ export class EmailStage extends BaseStage<EmailChallenge, EmailChallengeResponse
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -206,7 +206,7 @@ export class IdentificationStage extends BaseStage<IdentificationChallenge, Iden
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">

View file

@ -12,7 +12,6 @@ import "../../../elements/forms/FormElement";
import "../../../elements/EmptyState";
import { PasswordManagerPrefill } from "../identification/IdentificationStage";
import "../../FormStatic";
import { FlowURLManager } from "../../../api/legacy";
import { PasswordChallenge, PasswordChallengeResponseRequest } from "authentik-api";
@customElement("ak-stage-password")
@ -31,7 +30,7 @@ export class PasswordStage extends BaseStage<PasswordChallenge, PasswordChalleng
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">
@ -41,7 +40,7 @@ export class PasswordStage extends BaseStage<PasswordChallenge, PasswordChalleng
userAvatar="${this.challenge.pendingUserAvatar}"
user=${this.challenge.pendingUser}>
<div slot="link">
<a href="${FlowURLManager.cancel()}">${t`Not you?`}</a>
<a href="${this.challenge.flowInfo.cancelUrl}">${t`Not you?`}</a>
</div>
</ak-form-static>
<input name="username" autocomplete="username" type="hidden" value="${this.challenge.pendingUser}">

View file

@ -111,7 +111,7 @@ export class PromptStage extends BaseStage<PromptChallenge, PromptChallengeRespo
}
return html`<header class="pf-c-login__main-header">
<h1 class="pf-c-title pf-m-3xl">
${this.challenge.title}
${this.challenge.flowInfo.title}
</h1>
</header>
<div class="pf-c-login__main-body">