Commit Graph

13 Commits

Author SHA1 Message Date
Ryan Richard
39fd9ba270 Small refactors and comments for LDAP/AD UI 2022-05-19 16:02:08 -07:00
Ryan Richard
aa732a41fb Add LDAP browser flow login failure tests to supervisor_login_test.go
Also do some refactoring to share more common test setup code in
supervisor_login_test.go.
2022-05-10 16:28:08 -07:00
Ryan Richard
ec22b5715b Add Pinniped favicon to login UI page 🦭 2022-05-05 14:46:07 -07:00
Ryan Richard
cffa353ffb Login page styling/structure for users, screen readers, passwd managers
Also:
- Add CSS to login page
- Refactor login page HTML and CSS into a new package
- New custom CSP headers for the login page, because the requirements
  are different from the form_post page
2022-05-05 13:13:25 -07:00
Ryan Richard
6ca7c932ae Add unit test for rendering form_post response from POST /login 2022-05-05 13:13:25 -07:00
Ryan Richard
2e031f727b Use security headers for the form_post page in the POST /login endpoint
Also use more specific test assertions where security headers are
expected. And run the unit tests for the login package in parallel.
2022-05-03 16:46:09 -07:00
Margo Crawford
388cdb6ddd Fix bug where form was posting to the wrong path
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2022-05-03 15:18:38 -07:00
Ryan Richard
69e5169fc5 Implement post_login_handler.go to accept form post and auth to LDAP/AD
Also extract some helpers from auth_handler.go so they can be shared
with the new handler.
2022-04-29 16:02:00 -07:00
Margo Crawford
646c6ec9ed Show error message on login page
Also add autocomplete attribute and title element

Signed-off-by: Margo Crawford <margaretc@vmware.com>
2022-04-29 10:36:13 -07:00
Margo Crawford
453c69af7d Fix some errors and pass state as form element
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2022-04-28 12:07:04 -07:00
Margo Crawford
07b2306254 Add basic outline of login get handler
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2022-04-28 11:51:36 -07:00
Ryan Richard
65eed7e742 Implement login_handler.go to defer to other handlers
The other handlers for GET and POST requests are not yet implemented in
this commit. The shared handler code in login_handler.go takes care of
things checking the method, checking the CSRF cookie, decoding the state
param, and adding security headers on behalf of both the GET and POST
handlers.

Some code has been extracted from callback_handler.go to be shared.
2022-04-26 15:37:30 -07:00
Margo Crawford
8832362b94 WIP: Add login handler for LDAP/AD web login
Also change state param to include IDP type
2022-04-25 16:41:55 -07:00