matrix-react-sdk icon indicating copy to clipboard operation
matrix-react-sdk copied to clipboard

Published 20 hours ago verified publisher icon matrix-org

Implementation of MSC3824 to make the client OIDC-aware

Open hughns opened this issue 2 years ago • 1 comments

Requirements as taken from https://github.com/matrix-org/matrix-spec-proposals/pull/3824:

  • [x] ~~support the m.login.sso auth flow~~ already supported
  • [x] where a delegated_oidc_compatibility value of true is present on an m.login.sso then only offer that auth flow to the user
  • [x] append action=login and action=register parameters to the SSO redirect URLs
  • [x] sign post and link users to manage their account at the OP web UI given by MSC2965
  • [x] RECOMMENDED: label SSO button as "Continue"

Here's what your changelog entry will look like:

✨ Features

  • Implementation of MSC3824 to make the client OIDC-aware (#8681). Contributed by @hughns.

hughns avatar May 24 '22 14:05 hughns

With regards to design review -

This PR adds a new section to the user settings screens: in the case that the homeserver is OIDC enabled and the delegated OIDC Provider (authentication server) has an account management web interface, an outbound link is provided to that external web interface.

Before: image

After: image

The "Manage your account" link opens in a new browser tab (target=_blank) on the OIDC Provider.

For context, here is an example external account management web interface: image

hughns avatar Sep 12 '22 08:09 hughns

FTR, the latest iteration on the design shows the hostname of the server hosting the management URL:

image

hughns avatar Jan 06 '23 09:01 hughns

@hughns err, I'm not clear on why my review is requested?

Because you previously reviewed this PR and commented.

The PR is old, so feel free to take yourself off it if no longer appropriate.

hughns avatar Jan 09 '23 19:01 hughns

@hughns here are 2 options for the Settings UI about managing your account...

  1. Option 1 - Dedicated menu item in left rail takes you directly to the external web page
  2. Option 2 - Updated text and dedicated button

Settings - General - Option 1

Settings - General - Option 2

americanrefugee avatar Jan 17 '23 15:01 americanrefugee

Also, "Continue" for the SSO button label is fine :)

americanrefugee avatar Jan 17 '23 15:01 americanrefugee

@americanrefugee this is what I have implemented for next iteration:

image

Notes:

  • I've tweaked the wording to reference "managed" have than "stored"
  • The horizontal line isn't present anywhere else on the screens so I have left it out. I do think the readability of the screen would improve with more visual clues on the structure.
  • I've used the default <code> style to be more consistent with the rest of the app.

Let me know what you think?

hughns avatar Jan 23 '23 16:01 hughns

@hughns The implementation LGTM

americanrefugee avatar Jan 25 '23 09:01 americanrefugee