Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add redirect to continue_with for SPA flows #3889

Merged
merged 6 commits into from
May 24, 2024
Merged

feat: add redirect to continue_with for SPA flows #3889

merged 6 commits into from
May 24, 2024

Conversation

aeneasr
Copy link
Member

@aeneasr aeneasr commented Apr 22, 2024

This patch adds the new continue_with action redirect_browser_to, which contains the redirect URL the app should redirect to. It is only supported for SPA (not server-side browser apps, not native apps) flows at this point in time.

Related issue(s)

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    security@ory.sh) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

@aeneasr aeneasr marked this pull request as draft April 22, 2024 12:05
@aeneasr
Copy link
Member Author

aeneasr commented Apr 22, 2024

This is missing verification and recovery:

  • link
  • code

Also, I did not add tests for social sign in, because for social sign in we always use redirect-based flows, even for SPAs who react with 422 browser location change required, which in the end does a regular browser redirect with /callback?code=....

Since these are redirects I'm not sure if I covered all the cases everywhere.

@codecov Codecov
Copy link

codecov bot commented Apr 22, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (two-step-login@9ebe88c). Learn more about missing BASE report.

Current head 1e8190f differs from pull request most recent head b8192fc

Please upload reports for the commit b8192fc to get more accurate results.

Additional details and impacted files 
@@                Coverage Diff                @@
##             two-step-login    #3889   +/-   ##
=================================================
  Coverage                  ?   78.06%           
=================================================
  Files                     ?      360           
  Lines                     ?    25252           
  Branches                  ?        0           
=================================================
  Hits                      ?    19712           
  Misses                    ?     4033           
  Partials                  ?     1507

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@aeneasr
Copy link
Member Author

aeneasr commented Apr 23, 2024

#3889 (comment)

I believe that these flows do not need continue_with transitions because they solve it differently (they show a success page where you click continue and end up on the redirect url).

@aeneasr aeneasr force-pushed the add-return-to branch 5 times, most recently from fde4678 to 67c6d74 Compare April 24, 2024 09:51
@aeneasr aeneasr changed the base branch from master to two-step-login May 24, 2024 08:01
@aeneasr
feat: add redirect to continue_with for SPA flows
7aac70c 
This patch adds the new `continue_with` action `redirect_browser_to`, which contains the redirect URL the app should redirect to. It is only supported for SPA (not server-side browser apps, not native apps) flows at this point in time.
@aeneasr
feat: add browser return_to continue_with action
52222a6
@aeneasr
feat(sdk): add missing profile discriminator to update registration
970408d
@aeneasr
feat(sdk): avoid eval with javascript triggers
a0f1e62 
Using `OnLoadTrigger` and `OnClickTrigger` one can now map the trigger to the corresponding JavaScript function.

For example, trigger `{"on_click_trigger":"oryWebAuthnRegistration"}` should be translated to `window.oryWebAuthnRegistration()`:

```
if (attrs.onClickTrigger) {
  window[attrs.onClickTrigger]()
}
```
@aeneasr
fix: replace submit with continue button for recovery and verificatio…
fd5a4da 
…n and add maxlength
@aeneasr
feat: set maxlength for totp input
b8192fc
@aeneasr aeneasr marked this pull request as ready for review May 24, 2024 08:03
@aeneasr aeneasr merged commit 42371b7 into two-step-login May 24, 2024
3 of 4 checks passed
@aeneasr aeneasr deleted the add-return-to branch May 24, 2024 08:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zepatrik zepatrik Awaiting requested review from zepatrik zepatrik is a code owner

@hperl hperl Awaiting requested review from hperl hperl is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@aeneasr