b0507d2063
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: provide `show password` on login page
Provide a `show password` icon, text, and button for the password field both in the
IdentificationStage and the PasswordStage. Essentially the same code for both, although the id of
the password field is unique to each.
Requested by Cloudflare. Seems to be a common thing anyway.
Should it be an administrative option that this facility is available? From where should I derive
that information? I suspect the answer is "a site attribute," but I'd like to get confirmation.
* web: comment doesn't need to be exposed. It's sufficient where it is .
* web: fix button rendering issues
During testing, the buttons did not change as expected. We are using pure DOM
state to control the look of the button, and avoiding using `.requestUpdate()`
to avoid losing customer input, so depending upon Lit to re-render just the
button was an error.
This commit goes old-school and updates the button's label and icon using
standard DOM features, although we do lean into Lit-html`s `render()`
function to create the DOM component for the icon.
* web: provide `show password` on login page
Provide a `show password` icon, text, and button for the password field both in the
IdentificationStage and the PasswordStage. Essentially the same code for both, although the id of
the password field is unique to each.
Provide a configuration detail server-side to allow administrator to enable or disable the 'show
password' feature. Off by default.
Requested by Cloudflare. Seems to be a common thing anyway. Making it configurable wasn't in
Cloudfare's request, but it seemed logical to add.
* ensure the tests pass; quibbling over the wording of the admin field continues.
* Removed some manually identified fluff.
* web: break out `show password`-enabled input field into its own component
Provides a `show password` field, but as a LightDOM-oriented web component. This form of
input[type="password"] is for flows only, as it has a number of specializations for understanding a
flow's validating round-trip, possible error messages within the challenge, and is left within the
LightDOM both to support compatibility issues and to avoid using `elementInterals`, which is a DOM
feature not supported by some older browsers.
Avoids having to maintain two different instances of the same logic, both for permitting 'show
password', and for handling it.
* web: update PasswordStageForm according to lit-analyzer
With lit-analyzer in the mix and functional, we're seeing new complaints about
inconsistent typing in lit objects, and this was one of them.
* Another lit-analyze error found.
91 lines
3.3 KiB
Python
91 lines
3.3 KiB
Python
"""Flow inspector tests"""
|
|
|
|
from json import loads
|
|
|
|
from django.test.client import RequestFactory
|
|
from django.urls.base import reverse
|
|
from rest_framework.test import APITestCase
|
|
|
|
from authentik.core.tests.utils import create_test_admin_user, create_test_flow
|
|
from authentik.flows.models import FlowDesignation, FlowStageBinding, InvalidResponseAction
|
|
from authentik.stages.dummy.models import DummyStage
|
|
from authentik.stages.identification.models import IdentificationStage, UserFields
|
|
|
|
|
|
class TestFlowInspector(APITestCase):
|
|
"""Test inspector"""
|
|
|
|
def setUp(self):
|
|
self.request_factory = RequestFactory()
|
|
self.admin = create_test_admin_user()
|
|
self.client.force_login(self.admin)
|
|
|
|
def test(self):
|
|
"""test inspector"""
|
|
flow = create_test_flow(FlowDesignation.AUTHENTICATION)
|
|
|
|
# Stage 1 is an identification stage
|
|
ident_stage = IdentificationStage.objects.create(
|
|
name="ident",
|
|
user_fields=[UserFields.USERNAME],
|
|
)
|
|
FlowStageBinding.objects.create(
|
|
target=flow,
|
|
stage=ident_stage,
|
|
order=1,
|
|
invalid_response_action=InvalidResponseAction.RESTART_WITH_CONTEXT,
|
|
)
|
|
FlowStageBinding.objects.create(
|
|
target=flow, stage=DummyStage.objects.create(name="dummy2"), order=1
|
|
)
|
|
|
|
res = self.client.get(
|
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
)
|
|
self.assertJSONEqual(
|
|
res.content,
|
|
{
|
|
"allow_show_password": False,
|
|
"component": "ak-stage-identification",
|
|
"flow_info": {
|
|
"background": flow.background_url,
|
|
"cancel_url": reverse("authentik_flows:cancel"),
|
|
"title": flow.title,
|
|
"layout": "stacked",
|
|
},
|
|
"flow_designation": "authentication",
|
|
"password_fields": False,
|
|
"primary_action": "Log in",
|
|
"sources": [],
|
|
"show_source_labels": False,
|
|
"user_fields": ["username"],
|
|
},
|
|
)
|
|
|
|
ins = self.client.get(
|
|
reverse("authentik_api:flow-inspector", kwargs={"flow_slug": flow.slug}),
|
|
)
|
|
content = loads(ins.content)
|
|
self.assertEqual(content["is_completed"], False)
|
|
self.assertEqual(content["current_plan"]["current_stage"]["stage_obj"]["name"], "ident")
|
|
self.assertEqual(
|
|
content["current_plan"]["next_planned_stage"]["stage_obj"]["name"], "dummy2"
|
|
)
|
|
|
|
self.client.post(
|
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
|
|
{"uid_field": self.admin.username},
|
|
follow=True,
|
|
)
|
|
|
|
ins = self.client.get(
|
|
reverse("authentik_api:flow-inspector", kwargs={"flow_slug": flow.slug}),
|
|
)
|
|
content = loads(ins.content)
|
|
self.assertEqual(content["is_completed"], False)
|
|
self.assertEqual(content["plans"][0]["current_stage"]["stage_obj"]["name"], "ident")
|
|
self.assertEqual(content["current_plan"]["current_stage"]["stage_obj"]["name"], "dummy2")
|
|
self.assertEqual(
|
|
content["current_plan"]["plan_context"]["pending_user"]["username"], self.admin.username
|
|
)
|