stages/redirect: create redirect stage (#12275)

* create redirect stage

* show "keep context" toggle in Flow mode only

* fix typos

* add docs

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>

* simplify property pass

* simplify toggle

* remove `print` statements

whoops

* fix typo

* remove default from `RedirectStage.mode`

* remove migration

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* oops

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* adjust docs

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>

website/docs/customize/policies/expression/managing_flow_context_keys.md

@@ -0,0 +1,17 @@
+---
+title: Managing flow context keys
+---
+
+[Flow context](../../../add-secure-apps/flows-stages/flow/context/index.md) can be managed in [Expression policies](../expression.mdx) via the `context['flow_plan'].context` variable.
+
+Here's an example of setting a key in an Expression policy:
+
+```python
+context['flow_plan'].context['redirect_stage_target'] = 'ak-flow://redirected-authentication-flow'
+```
+
+And here's an example of removing that key:
+
+```python
+context['flow_plan'].context.pop('redirect_stage_target', None)
+```

website/docs/customize/policies/index.md

@@ -8,7 +8,7 @@ In effect, policies determine whether or not a specific stage is applied to a fl
 
 For example, you can create a policy that, for certain users, skips over a stage that prompts for MFA input. Or, you can define a policy that allows users to access a login flow only if the policy criteria are met. See below for other policies, including the reputation policy and an events-driven policy to manage notifications.
 
-For instructions about creating and binding policies to flows and stages, refer to ["Working with policies](./working_with_policies/working_with_policies.md)".
+For instructions about creating and binding policies to flows and stages, refer to ["Working with policies](./working_with_policies.md)".
 
 ## Standard policies
 

website/docs/customize/policies/working_with_policies.md

@@ -2,11 +2,11 @@
 title: Working with policies
 ---
 
-For an overview of policies, refer to our documentation on [Policies](../index.md).
+For an overview of policies, refer to our documentation on [Policies](./index.md).
 
-authentik provides several [standard policy types](../index.md#standard-policies), which can be configured for your specific needs.
+authentik provides several [standard policy types](./index.md#standard-policies), which can be configured for your specific needs.
 
-We also document how to use a policy to [whitelist email domains](./whitelist_email.md) and to [ensure unique email addresses](./unique_email.md).
+We also document how to use a policy to [whitelist email domains](./expression/whitelist_email.md) and to [ensure unique email addresses](./expression/unique_email.md).
 
 ## Create a policy
 
@@ -19,7 +19,7 @@ To create a new policy, follow these steps:
 
 ## Bind a policy to a flow or stage
 
-After creating the policy, you can bind it to either a [flow](../../../add-secure-apps/flows-stages/flow/index.md) or to a [stage](../../../add-secure-apps/flows-stages/stages/index.md).
+After creating the policy, you can bind it to either a [flow](../../add-secure-apps/flows-stages/flow/index.md) or to a [stage](../../add-secure-apps/flows-stages/stages/index.md).
 
 :::info
 Bindings are instantiated objects themselves, and conceptually can be considered as the "connector" between the policy and the stage or flow. This is why you might read about "binding a binding", because technically, a binding is "spliced" into another binding, in order to intercept and enforce the criteria defined in the policy. You can edit bindings on a flow's **Stage Bindings** tab.