Closed natalian98 closed 2 months ago
This PR adds support for signing in with local credentials (kratos password method). MFA, recovery and verification will be addressed in future PRs.
password
Set up docker env:
docker-compose -f docker-compose.dev.yml up --build --force-recreate --remove-orphans docker exec <hydra-container> \ hydra create client \ --endpoint http://127.0.0.1:4445 \ --name grafana \ --grant-type authorization_code,refresh_token \ --response-type code,id_token \ --format json \ --scope openid,offline_access,email \ --redirect-uri http://localhost:2345/login/generic_oauth docker run -d --name=grafana -p 2345:2345 --network idp-docker_intranet \ -e "GF_SERVER_HTTP_PORT=2345" \ -e "GF_AUTH_GENERIC_OAUTH_ENABLED=true" \ -e "GF_AUTH_GENERIC_OAUTH_AUTH_ALLOWED_DOMAINS=hydra,localhost" \ -e "GF_AUTH_GENERIC_OAUTH_NAME=Identity Platform" \ -e "GF_AUTH_GENERIC_OAUTH_CLIENT_ID=<client-id>" \ -e "GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=<client-secret>" \ -e "GF_AUTH_GENERIC_OAUTH_SCOPES=openid offline_access email" \ -e "GF_AUTH_GENERIC_OAUTH_AUTH_URL=http://localhost:4444/oauth2/auth" \ -e "GF_AUTH_GENERIC_OAUTH_TOKEN_URL=http://hydra:4444/oauth2/token" \ -e "GF_AUTH_GENERIC_OAUTH_API_URL=http://hydra:4444/userinfo" \ grafana/grafana docker exec <kratos-container> kratos import identities /etc/config/kratos/identity.json --endpoint http://127.0.0.1:4434
Run login ui:
make npm-build build export KRATOS_PUBLIC_URL="http://localhost:4433" export HYDRA_ADMIN_URL="http://localhost:4445" export BASE_URL="http://localhost:4455" export PORT="4455" export TRACING_ENABLED="false" export LOG_LEVEL="debug" export AUTHORIZATION_ENABLED="false" go run . serve
Go to http://localhost:2345 and sign in with identity platform. It will redirect to login ui and display the option to sign in with local credentials:
If incorrect credentials are typed, error will be shown:
Logging in with the imported test user (test@example.com / mQ#v9fwHc0@8) logs the user to grafana:
I also tested logging with external idp to make sure the changes don't break it.
This PR adds support for signing in with local credentials (kratos
password
method). MFA, recovery and verification will be addressed in future PRs.Testing
Set up docker env:
Run login ui:
Go to http://localhost:2345 and sign in with identity platform. It will redirect to login ui and display the option to sign in with local credentials:![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/85e9d5b1-21fd-4b6e-ad59-28a6fbdd246f)
If incorrect credentials are typed, error will be shown:![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/305b309e-517a-4989-86ac-22378dde84e8)
Logging in with the imported test user (test@example.com / mQ#v9fwHc0@8) logs the user to grafana:![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/f5903a5c-2c54-474d-862d-03f9434cd37d)
I also tested logging with external idp to make sure the changes don't break it.