-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support external step for login flow #23204
base: dev
Are you sure you want to change the base?
Conversation
55dcb60
to
5b56570
Compare
src/auth/ha-auth-external.ts
Outdated
super.firstUpdated(changedProps); | ||
window.open(this.step.url); | ||
window.addEventListener("message", async (message: MessageEvent) => { | ||
if (message.data.type === "externalCallback") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we do a check for origin
and source
of the message?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, sounds good. I have this working for the window.open (following what the previous PR did). How do you track the source of the button that opens the window above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I dont think there is a way with just an anchor link. You could make it a click event and open the window programmatically with window.open
. Hoping that will not cause issues with popup blockers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK -- I changed this to use a button to run the same code thats run when first loading. Perhaps that is reasonable...
window.addEventListener("message", async (message: MessageEvent) => { | ||
if (message.data.type === "externalCallback") { | ||
if ( | ||
message.origin === window.location.origin && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The message is sent from the external site right? So the origin would something like this.step.url
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It appears to always be the home assistant url e.g. http://localhost:8123
when i'm testing, and not as the external IDP.
Any progress? This would be a great addition. |
A bunch of the usual suspects have been on PTO for the holidays, some expected slow down in reviews. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR would help implement a better user experience for https://github.com/christiaangoossens/hass-oidc-auth as well.
It's approved but not merged? Are we waiting for another review? |
Getting a bit concerned this is going the way of previous prs attempting to change auth |
Proposed change
Support external step for login flow for use by authentication providers for custom components. This is an update on #14471 that addresses some of the PR feedback, and is also simpler, reusing more of the existing login flow and is based on the config flow external steps.
Type of change
Example configuration
Additional information
Screen.Recording.2024-12-07.at.11.18.46.AM.mov
Checklist
If user exposed functionality or configuration variables are added/changed: