flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses

closes #1079 Default value of `retry` behaves like previous version. `restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-27 23:57:42 +02:00
parent ba9edd6c44
commit 2b1356bb91
14 changed files with 291 additions and 16 deletions
--- a/web/src/pages/flows/StageBindingForm.ts
+++ b/web/src/pages/flows/StageBindingForm.ts
@ -1,4 +1,4 @@
-import { FlowsApi, FlowStageBinding, PolicyEngineMode, Stage, StagesApi } from "authentik-api";
+import { FlowsApi, FlowStageBinding, InvalidResponseActionEnum, PolicyEngineMode, Stage, StagesApi } from "authentik-api";
 import { t } from "@lingui/macro";
 import { customElement, property } from "lit-element";
 import { html, TemplateResult } from "lit-html";
@ -135,6 +135,23 @@ export class StageBindingForm extends ModelForm<FlowStageBinding, string> {
                </div>
                <p class="pf-c-form__helper-text">${t`Evaluate policies before the Stage is present to the user.`}</p>
            </ak-form-element-horizontal>
+            <ak-form-element-horizontal
+                label=${t`Invalid response action`}
+                ?required=${true}
+                name="invalidResponseAction">
+                <select class="pf-c-form-control">
+                    <option value=${InvalidResponseActionEnum.Retry} ?selected=${this.instance?.invalidResponseAction === InvalidResponseActionEnum.Retry}>
+                        ${t`RETRY returns the error message and a similar challenge to the executor.`}
+                    </option>
+                    <option value=${InvalidResponseActionEnum.Restart} ?selected=${this.instance?.invalidResponseAction === InvalidResponseActionEnum.Restart}>
+                        ${t`RESTART restarts the flow from the beginning.`}
+                    </option>
+                    <option value=${InvalidResponseActionEnum.RestartWithContext} ?selected=${this.instance?.invalidResponseAction === InvalidResponseActionEnum.RestartWithContext}>
+                        ${t`RESTART restarts the flow from the beginning, while keeping the flow context.`}
+                    </option>
+                </select>
+                <p class="pf-c-form__helper-text">${t`Configure how the flow executor should handle an invalid response to a challenge.`}</p>
+            </ak-form-element-horizontal>
            <ak-form-element-horizontal
                label=${t`Policy engine mode`}
                ?required=${true}