feat(react): add SignIn component and create sample app

[movinsilva]

Purpose

• Add components
  • SignIn
    • BasicAuth
    • EmailOTP
    • TOTP
    • SMSOTP
    • SocialLogins
  • SignInButton
  • SignedIn
  • SignedOut
  • SignOutButton
• Initialized sample react-vite application
• Add localization for new signin fragments

Related Issues

• ☂️ MVP

Related PRs

• N/A

Checklist

• e2e cypress tests locally verified.
• Manual test round performed and verified.
• UX/UI review done on the final implementation.
• Documentation provided. (Add links if there are any)
• Unit tests provided. (Add links if there are any)
• Integration tests provided. (Add links if there are any)

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines?
• Ran FindSecurityBugs plugin and verified report?
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets?

[DonOmalVindula]

Let's move this to a variable for better readability

[movinsilva]

Will do this in the next PR

[DonOmalVindula]

brandingFromConsole is this term correct? We are not getting branding from the console rather from the IS/Asgardeo

[movinsilva]

I agree. Since we don't have a unified name yet, there was a discussion sometime back to use more common words without siding with either of them. Any suggestions for a better name?

[DonOmalVindula]

Shall we move this to a default value of the AuthConfig itself?

[movinsilva]

Will address this in the coming PR.
Is the actual default value carbon.super?

[DonOmalVindula]

Suggested change

	keys,
	keys
	``
	It looks like linter is not working properly. Check and see. It should catch these formatting errors

[DonOmalVindula]

Does it make sense to call this inside this hook? This will cause the authorize call to fire when the dependency array changes

[movinsilva]

Yes, I will move this out.

[DonOmalVindula]

We might be able to convert this to a hook like useBranding()

[DonOmalVindula]

I hope you have documented these error codes and their meaning somewhere

[movinsilva]

I'm following the same format in Asgardeo Auth-JS. This is the format.
will add this to the docs and readme later.

[DonOmalVindula]

Suggested change

	handleAuthenticate(resp.nextStep.authenticators[0].authenticatorId, {code, state});
	handleAuthenticate(resp?.nextStep?.authenticators[0]?.authenticatorId, {code, state});

Add null checks. Check in other places as well

[DonOmalVindula]

Shouldn't we access this from text customization

[movinsilva]

This is kind of a special scenario where multiple authenticators are there without username & password. So this text doesn't belong to a specific authenticator screen. Could add this to the common set of texts. But doesn't seem much logical to add it there as well. WDYT?

[DonOmalVindula]

Suggested change

[movinsilva]

Wouldn't these spacing be better for readability?

[DonOmalVindula]

Let's keep the fallback locale in a constant

[movinsilva]

Will address this in the next PR.

[DonOmalVindula]

Suggested change

	const [username, setUsername] = useState('');
	const [username, setUsername] = useState<string>('');

Define types for states. Check in other places as well

[DonOmalVindula]

Suggested change

	if (isLoading) {
	return (
	<div className="circular-progress-holder">
	<CircularProgress className="circular-progress" />
	</div>
	);
	}
	if (isLoading) => (
	<div className="circular-progress-holder">
	<CircularProgress className="circular-progress" />
	</div>
	);

[movinsilva]

I don't think that if statements support arrow functions like this.

[DonOmalVindula]

Remove this logic and expose an onSignOut hooks so the app user can handle it themselves

[DonOmalVindula]

Why can't we use an enum here?

[DonOmalVindula]

Avoid using dangerouslySetInnerHTML as this could lead to XSS attacks

[DonOmalVindula]

Don't hardcode this within the code. Let's read from a config.json file or a .env file

[DonOmalVindula]

Do we need this?