Web/style/elements/standalone drawer#21487
Draft
kensternberg-authentik wants to merge 20 commits intomainfrom
Draft
Web/style/elements/standalone drawer#21487kensternberg-authentik wants to merge 20 commits intomainfrom
kensternberg-authentik wants to merge 20 commits intomainfrom
Conversation
window.authentik.flow = {
"layout": "{{ flow.layout }}",
+ "background": "{{ flow.background }}",
+ "title": "{{ flow.title }}",
};
Amends the `flow.html` template and `GlobalAuthentik` parser to include new parameters, `background` and `title`, in the flow-specific part of the configuration written to the HTML `<head>` object, and to provide those parameters to client code.
## Why
The `layout` is start-up critical: it tells the Flow interface how the admin wants the Flow page to look, and allows the HTML and CSS to be pre-aligned to that condition. `layout` is determined on a per-Flow bases, not a per-Stage basis; Flows are derived from a tuple of `(Brand, Application?)`, where the opening policy *may* direct a user to a different flow if the user reached authentik via a redirect from a specific application, but will otherwise fall back to the default Flow for the Brand.
The `background` is a field that is required if the `Flow`’s layout is of type `frame_background`; in this case, the part of the viewport not dedicated to the FlowExecutor is reserved for an `<iframe>` that will be filled in with whatever the administrator specifies. Although this gives it the same priority as `layout` (whether it’s provided or undefined) for describing the [chrome](https://developer.mozilla.org/en-US/docs/Glossary/Chrome) around a challenge, it is currently not provided to the application in the start-up config; it is provided in the `challenge` and renders the IFrame as part of the initial challenge.
This patch fixes that; if `layout` is provided, `background` ought to be as well, even if it’s empty. The execution of a Challenge ought not have any influence over the look and feel of the Flow-defined appearance *around* that Challenge.
I have added `title` as well; with that, all of the current theme-and-appearance related configuration details are placed into `<head>` and can be removed from the FlowExecutor.
Server-side, `background` is currently specified: `background = FileField(blank=True, default="")` which is … interesting since we also appear to store URLs in it. I don’t see anything in the FlowSerializer that would change that from a client’s point of view.
This patch furthers the effort to separate flow execution from flow presentation.
- \[🐰\] The code has been formatted (`make web`)
* main: (36 commits) website: fix typos (#20996) internal/outpost/ak: fix ws URL on outpost restart (#21041) sources/ldap: fix incorrect error response for invalid sync_users_password (#21016) website/docs: add missing dependencies for linux dev environment (#21020) core, web: update translations (#21021) web: bump flatted from 3.4.1 to 3.4.2 in /web (#21037) web: bump @sentry/browser from 10.44.0 to 10.45.0 in /web in the sentry group across 1 directory (#21022) website: bump flatted from 3.4.1 to 3.4.2 in /website (#21038) core: bump astral-sh/uv from 0.10.11 to 0.10.12 in /lifecycle/container (#21027) ci: bump actions-rust-lang/setup-rust-toolchain from 1.15.3 to 1.15.4 in /.github/actions/setup (#21030) ci: bump taiki-e/install-action from 2.68.26 to 2.69.2 in /.github/actions/setup (#21029) core: bump goauthentik/fips-debian from `7baeeaa` to `7726387` in /lifecycle/container (#21028) core: bump aws-cdk-lib from 2.243.0 to 2.244.0 (#21026) core: bump types-ldap3 from 2.9.13.20251121 to 2.9.13.20260319 (#21024) core: bump ruff from 0.15.6 to 0.15.7 (#21023) core: bump goauthentik/fips-python from `859ad57` to `bf45eb7` in /lifecycle/container (#21025) website/integrations: fix AWS SCIM with Identity Center (#21017) root: allow listening on multiple IPs (#20930) website: switch docs analytics to gtag (#20993) web: link file picker to docs (#20995) ...
* main: (22 commits) ci: rotate GH App private key (#21085) internal/web: remove authentication for metrics (#21077) lib/config: explicit some defaults (#21079) internal: remove unix sockets on shutdown (#21081) ci: fix escaping in cherry-pick action (#21082) lib/config: support printing multiple values (#21080) root: fix rust setup (#21078) core: bump types-docker from 7.1.0.20260109 to 7.1.0.20260322 (#21062) policies: remove BufferedPolicyAccessView leftovers (#21057) core: bump axllent/mailpit from v1.29.3 to v1.29.4 in /tests/e2e (#21061) core: bump types-channels from 4.3.0.20250822 to 4.3.0.20260321 (#21063) core: bump github.com/jackc/pgx/v5 from 5.8.0 to 5.9.1 (#21059) translate: Updates for project authentik and language fr_FR (#21056) ci: bump taiki-e/install-action from 2.69.2 to 2.69.6 in /.github/actions/setup (#21068) web: bump the storybook group across 1 directory with 5 updates (#21031) web: bump knip from 5.88.0 to 5.88.1 in /web (#21033) web: bump type-fest from 5.4.4 to 5.5.0 in /web (#21032) events: prevent exception when events contains incompatible unicode (#21048) web/admin: handle non-string values in formatUUID to prevent Event Log crash (#20804) events: avoid implicitly setting context from login_failed event (#21045) ...
* main: core: remove filter_not_expired for QS (#18274) tenants: fix default schema in initial migration (#21114) core: bump django-stubs[compatible-mypy] from 5.2.9 to 6.0.1 (#21099) core, web: update translations (#21097) lifecycle/aws: bump aws-cdk from 2.1112.0 to 2.1113.0 in /lifecycle/aws (#21098) core: bump types-requests from 2.32.4.20260107 to 2.32.4.20260324 (#21100) core: bump constructs from 10.5.1 to 10.6.0 (#21101) core: bump astral-sh/uv from 0.10.12 to 0.11.0 in /lifecycle/container (#21103) ci: bump taiki-e/install-action from 2.69.6 to 2.69.7 in /.github/actions/setup (#21104) web: bump flatted from 3.4.1 to 3.4.2 (#21076) core: bump goauthentik.io/api/v3 to 3.2026.5.0-rc1-1774286095 (#21089) core: bump cbor2 from 5.8.0 to 5.9.0 (#21094) ci: fix cherry-pick action generating empty title (#21091) web: bump the swc group across 1 directory with 11 updates (#21070) web: bump yaml from 2.8.2 to 2.8.3 in /web (#21071) core: add flag for future default behaviour of requiring a binding to access an application (#16247)
* main: (26 commits) endpoints/connectors: fix enabled flag not respected (#21144) web: bump vite from 7.3.1 to 8.0.2 in /web (#21109) website/docs: add a single page about our user interface, document Consent stage (#20533) website: bump the build group across 1 directory with 9 updates (#21127) web: bump knip from 5.88.1 to 6.0.5 in /web (#21129) core: bump drf-spectacular from 0.28.0 to 0.29.0 (#19420) packages/client-go: init (#21139) providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (#21111) core: bump library/nginx from `dec7a90` to `7150b3a` in /website (#21137) core: bump gunicorn from 25.1.0 to 25.2.0 (#21134) core: bump github.com/getsentry/sentry-go from 0.43.0 to 0.44.1 (#21122) core: bump astral-sh/uv from 0.11.0 to 0.11.1 in /lifecycle/container (#21135) ci: bump taiki-e/install-action from 2.69.8 to 2.69.9 in /.github/actions/setup (#21136) web/a11y: Modals, Command Palette (Merge branch) (#17812) website/docs: document file picker values (#20994) packages/client-rust: init (#21117) core: bump sentry-sdk from 2.55.0 to 2.56.0 (#21124) events: add helper to log deprecation configuration_warning message (#21115) core: bump djangorestframework from 3.17.0 to 3.17.1 (#21126) core: bump twilio from 9.10.3 to 9.10.4 (#21123) ...
* main: (21 commits) root: cleanup API generation (#21172) packages/client-ts: init (#21120) core, web: update translations (#21159) website: bump @goauthentik/docusaurus-config from 2.5.1 to 2.6.0 in /website in the docusaurus group (#21161) core: bump cryptography from 46.0.5 to 46.0.6 (#21162) core: bump library/node from 25.8.1-trixie to 25.8.2-trixie in /website (#21163) ci: bump taiki-e/install-action from 2.69.9 to 2.69.10 in /.github/actions/setup (#21164) web: bump the goauthentik group across 1 directory with 3 updates (#21165) web: bump typescript from 5.9.3 to 6.0.2 in /web (#21107) web/flows: fix continuous flow leftovers (#21158) web: bump picomatch from 4.0.3 to 4.0.4 (#21157) web: bump yaml from 2.8.2 to 2.8.3 (#21156) website: bump picomatch in /website (#21155) web: bump smol-toml from 1.6.0 to 1.6.1 (#21154) web: bump picomatch from 2.3.1 to 2.3.2 in /web (#21153) web: bump smol-toml from 1.6.0 to 1.6.1 in /web (#21152) root: optimise api client generation speed (#21141) website/integrations: nextcloud add back-channel logout documentation (#21147) core: bump requests from 2.32.5 to 2.33.0 (#21146) web: bump chromedriver from 146.0.5 to 146.0.6 in /web (#21128) ...
* main: website/integrations: add OAUTH_AUTO_REDIRECT for karakeep (#21180) website/integrations: beszel: add email scope (#21176) web: lint/small type errors (#21179) packages/django-dramatiq-postgres: add index for (queue_name, state, eta) (#21175) root: add git attributes for generated/vendored (#21177) web: bump vite from 8.0.2 to 8.0.3 in /web (#21171) core, web: Vendored client follow-ups (#21174) website: Enable gtag in production (#21151)
* main: (52 commits) stages/authenticator_webauthn: save attestation certificate when creating credential (#20095) web/admin: fix missing icon on app view page (#21251) web/elements: allow table per-column options (#21250) ci: bump actions/setup-go from 6.3.0 to 6.4.0 (#21245) web: bump knip from 6.0.6 to 6.1.0 in /web (#21241) web: bump globby from 16.1.1 to 16.2.0 in /web (#21242) core: bump types-requests from 2.32.4.20260324 to 2.33.0.20260327 (#21236) core: bump types-docker from 7.1.0.20260322 to 7.1.0.20260328 (#21237) core: bump aws-cdk-lib from 2.244.0 to 2.245.0 (#21238) ci: bump int128/docker-manifest-create-action from 2.16.0 to 2.17.0 (#21244) ci: bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in /.github/actions/setup (#21246) ci: bump taiki-e/install-action from 2.69.12 to 2.70.2 in /.github/actions/setup (#21247) ci: bump actions/setup-go from 6.3.0 to 6.4.0 in /.github/actions/setup (#21248) core, web: update translations (#21233) translate: Updates for project authentik and language fr_FR (#21214) web/admin: polish recent events, various button alignments and labels (#21232) outposts: Create separate metrics service in Kubernetes (#21229) events: fix exception in volume endpoint, adjust simple table size (#21230) core: Application stats, device events & cleanup (#21225) core: bump axllent/mailpit from v1.29.4 to v1.29.5 in /tests/e2e (#21226) ...
* main: translate: Updates for project authentik and language fr_FR (#21285) packages/django-postgres-cache: rework to use ORM (#17771) providers/saml: Fix redirect for saml slo (#21258) core: fix provider not nullable (#21275) website/docs: ad source: add note about ldap signing (#21274) website/api: update API clients doc (#21202) ci: bump taiki-e/install-action from 2.70.2 to 2.70.3 in /.github/actions/setup (#21267) lifecycle/aws: bump aws-cdk from 2.1114.1 to 2.1115.0 in /lifecycle/aws (#21265) core, web: update translations (#21264) packages/ak-lib: init (#21257) website/docs: document group_uuid as a property for group object (#20865) web/flow: extract lifecycle events peripheral to stage management into their own controllers (#20898) core: bump pygments from 2.19.2 to 2.20.0 (#21260) website/docs: add grafana dashboard (#21254)
* main: packages/django-postgres-cache: fix expiry and delete (#21307) website/docs: entra scim: add note about validator (#21273) core: bump djangorestframework-stubs[compatible-mypy] from 3.16.8 to 3.16.9 (#21294) web: bump @xmldom/xmldom from 0.8.11 to 0.8.12 in /web (#21301) blueprints: rework one-time import (#18074) lifecycle/aws: bump aws-cdk from 2.1115.0 to 2.1115.1 in /lifecycle/aws (#21293) core, web: update translations (#21288) core: bump sentry-sdk from 2.56.0 to 2.57.0 (#21295) core: bump aws-cdk-lib from 2.245.0 to 2.246.0 (#21296) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#21290) ci: bump getsentry/action-release from 3.5.0 to 3.6.0 (#21298) ci: bump taiki-e/install-action from 2.70.3 to 2.70.4 in /.github/actions/setup (#21299) website/docs: add example recovery flow with MFA (#19497) website/docs: format cache settings (#21289) source/saml: Add forceauthn to saml authnrequest (#20883)
* main: (26 commits) root: fix compose generation for patch releases release candidates (#21353) web: bump @swc/cli from 0.8.0 to 0.8.1 in /web in the swc group across 1 directory (#21300) providers/proxy: fix oidc client not using socket in embedded outpost (#21280) packages/client-rust: fix portable sed usage (#21337) packages/ak-common/tokio/proxy_procotol: init (#21311) packages/ak-common/config: init (#21256) core: bump beryju.io/ldap from 0.1.0 to 0.2.1 (#21235) web: bump @sentry/browser from 10.46.0 to 10.47.0 in /web in the sentry group across 1 directory (#21297) packages/ak-common/arbiter: init (#21253) website/docs: fix full dev setup ordering (#21332) core: bump types-docker from 7.1.0.20260328 to 7.1.0.20260402 (#21342) packages/ak-common: rename from ak-lib (#21314) root: fix rustfmt config (#21312) core: bump types-ldap3 from 2.9.13.20260319 to 2.9.13.20260402 (#21343) web: bump the bundler group across 1 directory with 4 updates (#21345) core: bump aiohttp from 3.13.3 to 3.13.4 (#21333) core, web: update translations (#21335) lifecycle/aws: bump aws-cdk from 2.1115.1 to 2.1116.0 in /lifecycle/aws (#21338) core: bump types-requests from 2.33.0.20260327 to 2.33.0.20260402 (#21339) core: bump django-stubs[compatible-mypy] from 6.0.1 to 6.0.2 (#21340) ...
* main: website/docs: Clean up PostgreSQL documentation (#21131)
…ankly, incoherent. P5 isn't much better, but at least there's an attempt at organization. There was only one circular dependency! :-)
…css building out of the sass.
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-integrations ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Details
REPLACE ME
Checklist
ak test authentik/)make lint-fix)If an API change has been made
make gen)If changes to the frontend have been made
make web)If applicable
make docs)