web/admin: rework initial wizard pages and add grid layout (#9668)

* remove @goauthentik/authentik as TS path

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* initial implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* oh yeah

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format earlier changes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* support plain alert

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* initial attempt at dedupe

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make it a base class

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate all wizards

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* create type create mixin to dedupe more, add icon to source create

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ldap icon

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Optimised images with calibre/image-actions

* match inverting

we should probably replace all icons with coloured ones so we don't need to invert them...I guess

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make everything more explicit

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add icons to provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add remaining provider icons

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rework to not use inheritance

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix unrelated typo

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make app wizard use grid layout

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep wizard height consistent

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>

web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.choices.ts

@@ -25,167 +25,152 @@ type ModelConverter = (provider: OneOfProvider) => ModelRequest;
 type ProviderNoteProvider = () => TemplateResult | undefined;
 type ProviderNote = ProviderNoteProvider | undefined;
 
-/**
- * There's an internal key and an API key because "Proxy" has three different subtypes.
- */
-// prettier-ignore
-type ProviderType = [
-    string,                // internal key used by the wizard to distinguish between providers
-    string,                // Name of the provider
-    string,                // Description
-    ProviderRenderer,      // Function that returns the provider's wizard panel as a TemplateResult
-    ProviderModelEnumType, // key used by the API to distinguish between providers
-    ModelConverter,        // Handler that takes a generic provider and returns one specifically typed to its panel
-    ProviderNote?,
-];
-
 export type LocalTypeCreate = TypeCreate & {
     formName: string;
     modelName: ProviderModelEnumType;
     converter: ModelConverter;
     note?: ProviderNote;
+    renderer: ProviderRenderer;
 };
 
-// prettier-ignore
-const _providerModelsTable: ProviderType[] = [
-    [
-        "oauth2provider",
-        msg("OAuth2/OIDC (Open Authorization/OpenID Connect)"),
-        msg("Modern applications, APIs and Single-page applications."),
-        () =>
+export const providerModelsList: LocalTypeCreate[] = [
+    {
+        formName: "oauth2provider",
+        name: msg("OAuth2/OIDC (Open Authorization/OpenID Connect)"),
+        description: msg("Modern applications, APIs and Single-page applications."),
+        renderer: () =>
             html`<ak-application-wizard-authentication-by-oauth></ak-application-wizard-authentication-by-oauth>`,
-        ProviderModelEnum.Oauth2Oauth2provider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.Oauth2Oauth2provider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.Oauth2Oauth2provider,
             ...(provider as OAuth2ProviderRequest),
         }),
-    ],
-    [
-        "ldapprovider",
-        msg("LDAP (Lightweight Directory Access Protocol)"),
-        msg("Provide an LDAP interface for applications and users to authenticate against."),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/openidconnect.svg",
+    },
+    {
+        formName: "ldapprovider",
+        name: msg("LDAP (Lightweight Directory Access Protocol)"),
+        description: msg(
+            "Provide an LDAP interface for applications and users to authenticate against.",
+        ),
+        renderer: () =>
             html`<ak-application-wizard-authentication-by-ldap></ak-application-wizard-authentication-by-ldap>`,
-        ProviderModelEnum.LdapLdapprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.LdapLdapprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.LdapLdapprovider,
             ...(provider as LDAPProviderRequest),
         }),
-    ],
-    [
-        "proxyprovider-proxy",
-        msg("Transparent Reverse Proxy"),
-        msg("For transparent reverse proxies with required authentication"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/ldap.png",
+    },
+    {
+        formName: "proxyprovider-proxy",
+        name: msg("Transparent Reverse Proxy"),
+        description: msg("For transparent reverse proxies with required authentication"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-for-reverse-proxy></ak-application-wizard-authentication-for-reverse-proxy>`,
-        ProviderModelEnum.ProxyProxyprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.ProxyProxyprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.ProxyProxyprovider,
             ...(provider as ProxyProviderRequest),
             mode: ProxyMode.Proxy,
         }),
-    ],
-    [
-        "proxyprovider-forwardsingle",
-        msg("Forward Auth (Single Application)"),
-        msg("For nginx's auth_request or traefik's forwardAuth"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/proxy.svg",
+    },
+    {
+        formName: "proxyprovider-forwardsingle",
+        name: msg("Forward Auth (Single Application)"),
+        description: msg("For nginx's auth_request or traefik's forwardAuth"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-for-single-forward-proxy></ak-application-wizard-authentication-for-single-forward-proxy>`,
-        ProviderModelEnum.ProxyProxyprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.ProxyProxyprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.ProxyProxyprovider,
             ...(provider as ProxyProviderRequest),
             mode: ProxyMode.ForwardSingle,
         }),
-    ],
-    [
-        "proxyprovider-forwarddomain",
-        msg("Forward Auth (Domain Level)"),
-        msg("For nginx's auth_request or traefik's forwardAuth per root domain"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/proxy.svg",
+    },
+    {
+        formName: "proxyprovider-forwarddomain",
+        name: msg("Forward Auth (Domain Level)"),
+        description: msg("For nginx's auth_request or traefik's forwardAuth per root domain"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-for-forward-proxy-domain></ak-application-wizard-authentication-for-forward-proxy-domain>`,
-        ProviderModelEnum.ProxyProxyprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.ProxyProxyprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.ProxyProxyprovider,
             ...(provider as ProxyProviderRequest),
             mode: ProxyMode.ForwardDomain,
         }),
-    ],
-    [
-        "racprovider",
-        msg("Remote Access Provider"),
-        msg("Remotely access computers/servers via RDP/SSH/VNC"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/proxy.svg",
+    },
+    {
+        formName: "racprovider",
+        name: msg("Remote Access Provider"),
+        description: msg("Remotely access computers/servers via RDP/SSH/VNC"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-for-rac></ak-application-wizard-authentication-for-rac>`,
-        ProviderModelEnum.RacRacprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.RacRacprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.RacRacprovider,
             ...(provider as RACProviderRequest),
         }),
-        () => html`<ak-license-notice></ak-license-notice>`
-    ],
-    [
-        "samlprovider",
-        msg("SAML (Security Assertion Markup Language)"),
-        msg("Configure SAML provider manually"),
-        () =>
+        note: () => html`<ak-license-notice></ak-license-notice>`,
+        requiresEnterprise: true,
+        component: "",
+        iconUrl: "/static/authentik/sources/rac.svg",
+    },
+    {
+        formName: "samlprovider",
+        name: msg("SAML (Security Assertion Markup Language)"),
+        description: msg("Configure SAML provider manually"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-by-saml-configuration></ak-application-wizard-authentication-by-saml-configuration>`,
-        ProviderModelEnum.SamlSamlprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.SamlSamlprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.SamlSamlprovider,
             ...(provider as SAMLProviderRequest),
         }),
-    ],
-    [
-        "radiusprovider",
-        msg("RADIUS (Remote Authentication Dial-In User Service)"),
-        msg("Configure RADIUS provider manually"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/saml.png",
+    },
+    {
+        formName: "radiusprovider",
+        name: msg("RADIUS (Remote Authentication Dial-In User Service)"),
+        description: msg("Configure RADIUS provider manually"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-by-radius></ak-application-wizard-authentication-by-radius>`,
-        ProviderModelEnum.RadiusRadiusprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.RadiusRadiusprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.RadiusRadiusprovider,
             ...(provider as RadiusProviderRequest),
         }),
-    ],
-    [
-        "scimprovider",
-        msg("SCIM (System for Cross-domain Identity Management)"),
-        msg("Configure SCIM provider manually"),
-        () =>
+        component: "",
+        iconUrl: "/static/authentik/sources/radius.svg",
+    },
+    {
+        formName: "scimprovider",
+        name: msg("SCIM (System for Cross-domain Identity Management)"),
+        description: msg("Configure SCIM provider manually"),
+        renderer: () =>
             html`<ak-application-wizard-authentication-by-scim></ak-application-wizard-authentication-by-scim>`,
-        ProviderModelEnum.ScimScimprovider,
-        (provider: OneOfProvider) => ({
+        modelName: ProviderModelEnum.ScimScimprovider,
+        converter: (provider: OneOfProvider) => ({
             providerModel: ProviderModelEnum.ScimScimprovider,
             ...(provider as SCIMProviderRequest),
         }),
-    ],
+        component: "",
+        iconUrl: "/static/authentik/sources/scim.png",
+    },
 ];
 
-function mapProviders([
-    formName,
-    name,
-    description,
-    _,
-    modelName,
-    converter,
-    note,
-]: ProviderType): LocalTypeCreate {
-    return {
-        formName,
-        name,
-        description,
-        component: "",
-        modelName,
-        converter,
-        note,
-    };
-}
-
-export const providerModelsList = _providerModelsTable.map(mapProviders);
-
 export const providerRendererList = new Map<string, ProviderRenderer>(
-    _providerModelsTable.map(([modelName, _0, _1, renderer]) => [modelName, renderer]),
+    providerModelsList.map((tc) => [tc.formName, tc.renderer]),
 );
 
 export default providerModelsList;

web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.ts

@@ -3,63 +3,41 @@ import "@goauthentik/components/ak-switch-input";
 import "@goauthentik/components/ak-text-input";
 import { WithLicenseSummary } from "@goauthentik/elements/Interface/licenseSummaryProvider";
 import "@goauthentik/elements/forms/FormGroup";
-import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
+import "@goauthentik/elements/wizard/TypeCreateWizardPage";
+import { TypeCreateWizardPageLayouts } from "@goauthentik/elements/wizard/TypeCreateWizardPage";
 
 import { msg } from "@lit/localize";
 import { customElement } from "@lit/reactive-element/decorators/custom-element.js";
-import { html, nothing } from "lit";
-import { map } from "lit/directives/map.js";
+import { html } from "lit";
 
 import BasePanel from "../BasePanel";
-import providerModelsList from "./ak-application-wizard-authentication-method-choice.choices";
 import type { LocalTypeCreate } from "./ak-application-wizard-authentication-method-choice.choices";
+import providerModelsList from "./ak-application-wizard-authentication-method-choice.choices";
 
 @customElement("ak-application-wizard-authentication-method-choice")
 export class ApplicationWizardAuthenticationMethodChoice extends WithLicenseSummary(BasePanel) {
-    constructor() {
-        super();
-        this.handleChoice = this.handleChoice.bind(this);
-        this.renderProvider = this.renderProvider.bind(this);
-    }
-
-    handleChoice(ev: InputEvent) {
-        const target = ev.target as HTMLInputElement;
-        this.dispatchWizardUpdate({
-            update: {
-                ...this.wizard,
-                providerModel: target.value,
-                errors: {},
-            },
-            status: this.valid ? "valid" : "invalid",
-        });
-    }
-
-    renderProvider(type: LocalTypeCreate) {
-        const method = this.wizard.providerModel;
-
-        return html`<div class="pf-c-radio">
-            <input
-                class="pf-c-radio__input"
-                type="radio"
-                name="type"
-                id="provider-${type.formName}"
-                ?disabled=${type.formName === "racprovider" && !this.hasEnterpriseLicense}
-                value=${type.formName}
-                ?checked=${type.formName === method}
-                @change=${this.handleChoice}
-            />
-            <label class="pf-c-radio__label" for="provider-${type.formName}">${type.name}</label>
-            <span class="pf-c-radio__description"
-                >${type.description}${type.note ? type.note() : nothing}</span
-            >
-        </div>`;
-    }
-
     render() {
+        const selectedTypes = providerModelsList.filter(
+            (t) => t.formName === this.wizard.providerModel,
+        );
         return providerModelsList.length > 0
             ? html`<form class="pf-c-form pf-m-horizontal">
-                  ${map(providerModelsList, this.renderProvider)}
+                  <ak-wizard-page-type-create
+                      .types=${providerModelsList}
+                      layout=${TypeCreateWizardPageLayouts.grid}
+                      .selectedType=${selectedTypes.length > 0 ? selectedTypes[0] : undefined}
+                      @select=${(ev: CustomEvent<LocalTypeCreate>) => {
+                          this.dispatchWizardUpdate({
+                              update: {
+                                  ...this.wizard,
+                                  providerModel: ev.detail.formName,
+                                  errors: {},
+                              },
+                              status: this.valid ? "valid" : "invalid",
+                          });
+                      }}
+                  ></ak-wizard-page-type-create>
               </form>`
             : html`<ak-empty-state loading header=${msg("Loading")}></ak-empty-state>`;
     }

web/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts

@@ -9,7 +9,7 @@ import "@goauthentik/elements/forms/HorizontalFormElement";
 
 import { msg } from "@lit/localize";
 import { customElement, state } from "@lit/reactive-element/decorators.js";
-import { TemplateResult, css, html, nothing } from "lit";
+import { PropertyValues, TemplateResult, css, html, nothing } from "lit";
 import { classMap } from "lit/directives/class-map.js";
 
 import PFEmptyState from "@patternfly/patternfly/components/EmptyState/empty-state.css";
@@ -94,8 +94,7 @@ export class ApplicationWizardCommitApplication extends BasePanel {
 
     response?: TransactionApplicationResponse;
 
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    willUpdate(_changedProperties: Map<string, any>) {
+    willUpdate(_changedProperties: PropertyValues<this>) {
         if (this.commitState === idleState) {
             this.response = undefined;
             this.commitState = runningState;

web/src/admin/applications/wizard/methods/ak-application-wizard-authentication-method.ts

@@ -12,8 +12,6 @@ import "./radius/ak-application-wizard-authentication-by-radius";
 import "./saml/ak-application-wizard-authentication-by-saml-configuration";
 import "./scim/ak-application-wizard-authentication-by-scim";
 
-// prettier-ignore
-
 @customElement("ak-application-wizard-authentication-method")
 export class ApplicationWizardApplicationDetails extends BasePanel {
     render() {