Authentik-driven flutter flows for login and registration #3112
Description
For the new OpenID based authentication mechanism in Acter, we have to implement new screens for login and registration. As we will be handling our service via authentik and that allows us to follow the same flow via its API (interactive API browser on M-2 here) we want to provide native screens for the flows. To be able to do that we need to:
- detect that the provider we are sent to is an authentik service (it seems the
X-Powered-By-Header provides that information) - if so, extract the flow_id it is responding with, so we can go through a custom UI flow for it
To recreate the steps from https://authentik.m-2.acter.global/if/flow/default-authentication-flow/?next=%2F and https://authentik.m-2.acter.global/if/flow/default-enrollment-flow/?next=%2F from within the App (without having to go through the website).
For the UI flow itself, we have to implement various widgets (input fields and alike), and pages (for each of the "components" that might be returned). For our case we must at least implements:
Components
-
ak-stage-identification -
ak-stage-prompt(which has custom fields, see below) -
ak-stage-password -
ak-stage-authenticator-email -
ak-stage-authenticator-static, -
ak-stage-authenticator-totp -
xak-flow-redirect -
ak-stage-authenticator-sms -
ak-stage-authenticator-duo -
ak-stage-authenticator-validate -
ak-stage-user-login
Fields
-
type: username -
type: email -
type: checkbox -
type: text
Notes:
- you can find the API of the test server here, including an interactive browser
- the setup default flow is
default-authentication-flow, which will also point you to the registration flow, which isdefault-enrollment-flow-- neither must be hard-coded though! - As this is against a documented API, we should have a large test coverage with all possible states and content, especially error cases and problems!