add support for OIDC implicit flow #1879

bgerrity · 2024-02-23T22:57:58Z

Description & motivation 💭

Work in progress. Addresses #1881.

Adds configurable support for the OIDC Implicit Flow. As that flow is designed for SPAs, this approach shifts auth from the server to the client.

Screenshots (if applicable) 📸

Design Considerations 🎨

Looked at using JS libraries but didn't see a way to mesh it neatly.

Testing 🧪

How was this tested 👻

Manual testing
E2E tests added
Unit tests added

Manual tests

Worked from this guide. Pointed the server to an Okta development app with the configuration below. Can add other users to the app for reproduction.

Screen.Recording.2024-04-01.at.4.07.01.PM.mov

    - label: oidc implicit flow
      type: oidc
      flow: implicit
      # TODO: support optional issuer validation
      authorizationUrl: https://dev-95856544.okta.com/oauth2/v1/authorize  # discovery isn't supported for implicit flow. the endpoint must be provided directly
      clientId: 0oag5vkuazxXyvuel5d7
      scopes:
        - openid
        - profile
        - email

Unit tests

Updated unit tests and added some more. Opened #1915 for some unrelated tests. Happy to take suggestions for additional areas or manual approaches.

Steps for others to test: 🚶🏽‍♂️🚶🏽‍♀️

# unit tests
pnpm vitest

# manual with dev yaml configured
pnpm dev

Checklists

Draft Checklist

Add testing with feedback

Merge Checklist

Issue(s) closed

#1881

Docs

Any docs updates needed?

vercel · 2024-02-23T22:58:03Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
holocene	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 9, 2024 10:05pm

CLAassistant · 2024-02-23T22:58:04Z

All committers have signed the CLA.

bgerrity · 2024-02-26T14:57:49Z

@stevekinney @Alex-Tideman Still a draft and haven't added tests yet but I'm seeking early feedback and guidance on testing against a public IdP.

utilities/ui-server.ts

bgerrity · 2024-03-25T14:17:50Z

Added some unit tests to maintain coverage. Happy to take feedback on additional testing.

bgerrity · 2024-04-01T20:13:58Z

Added manual testing against an Okta dev app.

server/server/config/auth.go

src/routes/(app)/+layout.ts

src/lib/utilities/route-for.ts

bgerrity · 2024-04-09T21:14:37Z

made changes to address issues found in review. also added unit tests to define the behavior for handling the hash fragment from the callback.

bgerrity changed the title ~~OIDC implicit flow~~ [draft] add support for OIDC implicit flow Feb 23, 2024

vercel bot deployed to Preview February 23, 2024 22:58 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from d153a22 to c548516 Compare February 23, 2024 23:19

vercel bot deployed to Preview February 23, 2024 23:20 View deployment

bgerrity mentioned this pull request Feb 26, 2024

support for OIDC implicit flow #1881

Open

bgerrity force-pushed the oidc-implicit-flow branch from c548516 to 0659cfb Compare March 5, 2024 17:56

vercel bot deployed to Preview March 5, 2024 17:57 View deployment

vercel bot deployed to Preview March 5, 2024 19:33 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from 0590201 to 8ec6ebf Compare March 18, 2024 18:14

vercel bot deployed to Preview March 18, 2024 18:15 View deployment

jlegrone reviewed Mar 18, 2024

View reviewed changes

utilities/ui-server.ts Outdated Show resolved Hide resolved

bgerrity force-pushed the oidc-implicit-flow branch from 8ec6ebf to 1a24d07 Compare March 18, 2024 22:09

bgerrity changed the title ~~[draft] add support for OIDC implicit flow~~ add support for OIDC implicit flow Mar 18, 2024

vercel bot deployed to Preview March 18, 2024 22:09 View deployment

bgerrity marked this pull request as ready for review March 20, 2024 14:22

bgerrity requested review from stevekinney, Alex-Tideman and a team as code owners March 20, 2024 14:22

bgerrity force-pushed the oidc-implicit-flow branch from 1a24d07 to fc9399f Compare March 20, 2024 14:25

vercel bot deployed to Preview March 20, 2024 14:26 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from fc9399f to f2df0ea Compare March 20, 2024 17:20

vercel bot deployed to Preview March 20, 2024 17:21 View deployment

bgerrity requested a review from rossedfort as a code owner April 1, 2024 20:13

vercel bot deployed to Preview April 1, 2024 20:13 View deployment

Alex-Tideman reviewed Apr 2, 2024

View reviewed changes

server/server/config/auth.go Outdated Show resolved Hide resolved

Alex-Tideman reviewed Apr 2, 2024

View reviewed changes

src/routes/(app)/+layout.ts Outdated Show resolved Hide resolved

Alex-Tideman reviewed Apr 2, 2024

View reviewed changes

src/lib/utilities/route-for.ts Outdated Show resolved Hide resolved

bgerrity force-pushed the oidc-implicit-flow branch from 056e219 to 4f70f2b Compare April 9, 2024 13:27

vercel bot deployed to Preview April 9, 2024 13:28 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from 4f70f2b to 1bf1afc Compare April 9, 2024 14:20

vercel bot deployed to Preview April 9, 2024 14:21 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from 1bf1afc to b882d3d Compare April 9, 2024 21:01

vercel bot had a problem deploying to Preview April 9, 2024 21:01 Failure

bgerrity force-pushed the oidc-implicit-flow branch from b882d3d to 8f1ed2e Compare April 9, 2024 21:04

vercel bot deployed to Preview April 9, 2024 21:04 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from 8f1ed2e to 662ec4c Compare April 9, 2024 21:06

vercel bot deployed to Preview April 9, 2024 21:07 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from 662ec4c to f05fcbf Compare April 9, 2024 21:12

vercel bot deployed to Preview April 9, 2024 21:13 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from f05fcbf to d25970d Compare April 9, 2024 21:23

vercel bot deployed to Preview April 9, 2024 21:24 View deployment

bgerrity force-pushed the oidc-implicit-flow branch from d25970d to 1a07994 Compare April 9, 2024 21:47

vercel bot deployed to Preview April 9, 2024 21:47 View deployment

bgerrity requested a review from Alex-Tideman April 9, 2024 21:48

bgerrity force-pushed the oidc-implicit-flow branch from 1a07994 to a77d0d7 Compare April 9, 2024 22:02

vercel bot deployed to Preview April 9, 2024 22:02 View deployment

support oidc implicit flow

5d494ac

bgerrity force-pushed the oidc-implicit-flow branch from a77d0d7 to 5d494ac Compare April 9, 2024 22:04

vercel bot deployed to Preview April 9, 2024 22:05 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add support for OIDC implicit flow #1879

add support for OIDC implicit flow #1879

bgerrity commented Feb 23, 2024 •

edited

Loading

vercel bot commented Feb 23, 2024 •

edited

Loading

CLAassistant commented Feb 23, 2024 •

edited

Loading

bgerrity commented Feb 26, 2024 •

edited

Loading

bgerrity commented Mar 25, 2024

bgerrity commented Apr 1, 2024

bgerrity commented Apr 9, 2024

add support for OIDC implicit flow #1879

Are you sure you want to change the base?

add support for OIDC implicit flow #1879

Conversation

bgerrity commented Feb 23, 2024 • edited Loading

Description & motivation 💭

Screenshots (if applicable) 📸

Design Considerations 🎨

Testing 🧪

How was this tested 👻

Manual tests

Unit tests

Steps for others to test: 🚶🏽‍♂️🚶🏽‍♀️

Checklists

Draft Checklist

Merge Checklist

Issue(s) closed

Docs

Any docs updates needed?

vercel bot commented Feb 23, 2024 • edited Loading

CLAassistant commented Feb 23, 2024 • edited Loading

bgerrity commented Feb 26, 2024 • edited Loading

bgerrity commented Mar 25, 2024

bgerrity commented Apr 1, 2024

bgerrity commented Apr 9, 2024

bgerrity commented Feb 23, 2024 •

edited

Loading

vercel bot commented Feb 23, 2024 •

edited

Loading

CLAassistant commented Feb 23, 2024 •

edited

Loading

bgerrity commented Feb 26, 2024 •

edited

Loading