From 996e22f41e47a3651224755de80cb13b4d19dd92 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 12 Nov 2024 12:58:07 -0800 Subject: [PATCH] Configure browser login flow to skip username/password prompt closes #3 --- config/src/veda.yaml | 75 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/config/src/veda.yaml b/config/src/veda.yaml index b34ca4f..b39e7fb 100644 --- a/config/src/veda.yaml +++ b/config/src/veda.yaml @@ -104,3 +104,78 @@ identityProviders: syncMode: "LEGACY" clientId: $(env:CILOGON_CLIENT_ID) clientSecret: $(env:CILOGON_CLIENT_SECRET) + +# Login Flow Configuration +browserFlow: Browser without Password +authenticationFlows: + - alias: Browser without Password + description: browser based authentication without username password form + providerId: basic-flow + topLevel: true + builtIn: false + authenticationExecutions: + - authenticator: auth-cookie + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-spnego + authenticatorFlow: false + requirement: DISABLED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: identity-provider-redirector + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 25 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 30 + autheticatorFlow: true + flowAlias: Browser without Password forms + userSetupAllowed: false + - alias: Browser without Password forms + description: Username, password, otp and other auth forms. + providerId: basic-flow + topLevel: false + builtIn: false + authenticationExecutions: + - authenticatorConfig: cilogon + authenticator: identity-provider-redirector + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 21 + autheticatorFlow: true + flowAlias: Browser without Password Browser - Conditional OTP + userSetupAllowed: false + - alias: Browser without Password Browser - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: false + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-otp-form + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false +authenticatorConfig: + - alias: cilogon + config: + defaultProvider: cilogon