Refactor authflow nodes as intent for bot protection subflow

pkong-ds commented 4 days ago

What's in this PR?

Refactored existing nodes in below auth flow branches as intents
Added some e2e tests for auth flow branches affected (ref DEV-1484)

Why this PR?

To accommodate upcoming changes in bot protection.

Since a simple node cannot spawn new sub flow, these branches nodes need to be intent to spawn IntentBotProtection

Questions [ALL resolved]

~@louischan-oursky Can help with below when free?~

[RESOLVED in below comment] Could not found intent_PROMOTE_flow_step_create_authenticator, is the flow reusing intent_signup_...?
[RESOLVED with newman] now make -C e2e run always timeout after 10 min after running locally, tried below to no avail
- make -C e2e teardown first
- remove docker image Suspect this timeout is related to changes in this PR, but the timeout seem no logs to trace. How should one debug this?
[RESOLVED in tung's comment]Not sure about the refactoring of node_create_authenticator_totp in f8bfb120833cf81b72996307e0f272713ae8f267 , please advise if any 🙏

tung2744 commented 3 days ago

Yes. You can read pkg/lib/authenticationflow/declarative/intent_promote_flow_steps.go

pkong-ds commented 3 days ago

Changed 14 nodes into intents, e2e tests pass locally

intent_create_authenticator_password
intent_create_authenticator_totp
intent_create_identity_login_id
intent_lookup_identity_login_id
intent_lookup_identity_passkey
intent_promote_identity_login_id
intent_skip_creation_by_existing_identity
intent_use_account_recovery_identity
intent_use_authenticator_passkey
intent_use_authenticator_password
intent_use_authenticator_totp
intent_use_identity_login_id
intent_use_identity_passkey
intent_use_recovery_code

pkong-ds commented 2 days ago

Added below e2e tests, ~reauth still WIP; Feel free to review first~

Signup flows
- create_authenticator
- totp
Login Flows
- authenticate
- totp
Signup-Login flows
- For non-existing, switch to Signup
- For existing, switch to Login
Account-Recovery flows (Change password)
- entire flow + login
Reauth flows
- identify with id_token
- authenticate with primary password

pkong-ds commented 2 days ago

Since it is agreed that below will not have e2e tests (see DEV-1484), please find below a screenshot video on these 2 features working locally

`signin > create_authentifcator > passkey`

https://github.com/authgear/authgear-server/assets/74223769/f4b1c2e6-0bf2-4641-bde9-b5893fb1f5b2

`login > authenticate > passkey`

https://github.com/authgear/authgear-server/assets/74223769/aea4ddd5-a937-4af3-82f1-8a0b9257ff6c

pkong-ds commented 2 days ago

@louischan-oursky ready for review 🙏 local ci & e2e pass

authgear / authgear-server