web/flows: Simplified flow executor (#10296)

* initial sfe

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* build sfe

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* downgrade bootstrap

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix path

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make IE compatible

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix query string missing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add autosubmit stage

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add background image

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add code support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add support for combo ident/password

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix logo rendering

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only use for edge 18 and before

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add webauthn support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate to TS for some creature comforts

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix ci

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* dedupe dependabot

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use API client...kinda

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more polyfills yay

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* turn powered by into span

prevent issues in restricted browsers where users might not be able to return

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* allow non-link footer entries

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tsc errors

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

* auto switch for macos

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* reword

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Update website/docs/flow/executors/if-flow.md

Signed-off-by: Jens L. <jens@beryju.org>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
#	.github/workflows/ci-web.yml
#	Dockerfile
#	website/developer-docs/api/flow-executor.md

website/docs/core/settings.md

@@ -51,6 +51,8 @@ The setting can be used as follows:
 [{ "name": "Link Name", "href": "https://goauthentik.io" }]
 ```
 
+Starting with authentik 2024.6.1, the `href` attribute is optional, and this option can be used to add additional text to the flow executor pages.
+
 ### GDPR compliance
 
 When enabled, all the events caused by a user will be deleted upon the user's deletion. Defaults to `true`.

website/docs/flow/executors/headless.md

@@ -6,6 +6,6 @@ The headless flow executor is used by clients which don't have access to the web
 
 The following stages are supported:
 
--   [**identification**](../stages/identification/)
--   [**password**](../stages/password/)
--   [**authenticator_validate**](../stages/authenticator_validate/)
+-   [**Identification stage**](../stages/identification/)
+-   [**Password stage**](../stages/password/)
+-   [**Authenticator Validation Stage**](../stages/authenticator_validate/)

website/docs/flow/executors/if-flow.md

@@ -1,5 +1,9 @@
 ---
-title: Default (Web)
+title: Default
 ---
 
-This is the default, web-based environment flows are executed in. All stages are compatible with this environment and no limitations are imposed.
+This is the default, web-based environment that flows are executed in. All stages are compatible with this environment and no limitations are imposed.
+
+:::info
+All flow executors use the same [API](../../../developer-docs/api/flow-executor) which allows for the implementation of custom flow executors.
+:::

website/docs/flow/executors/sfe.md

@@ -0,0 +1,31 @@
+---
+title: Simplified flow executor
+---
+
+<span class="badge badge--info">authentik 2024.8+</span>
+
+A simplified web-based flow executor that authentik automatically uses for older browsers that do not support modern web technologies.
+
+Currently this flow executor is automatically used for the following browsers:
+
+-   Internet Explorer
+-   Microsoft Edge (up to and including version 18)
+
+The following stages are supported:
+
+-   [**Identification stage**](../stages/identification/)
+
+    :::info
+    Only user identifier and user identifier + password stage configurations are supported; sources and passwordless configurations are not supported.
+    :::
+
+-   [**Password stage**](../stages/password/)
+-   [**Authenticator Validation Stage**](../stages/authenticator_validate/)
+
+Compared to the [default flow executor](./if-flow.md), this flow executor does _not_ support the following features:
+
+-   Localization
+-   Theming (Dark / light themes)
+-   Theming (Custom CSS)
+-   Stages not listed above
+-   Flow inspector

website/docs/flow/stages/authenticator_validate/index.md

@@ -1,5 +1,5 @@
 ---
-title: Authenticator Validation Stage
+title: Authenticator validation stage
 ---
 
 This stage validates an already configured Authenticator Device. This device has to be configured using any of the other authenticator stages: