web/flow: Type safe stage imports#20083
Merged
kensternberg-authentik merged 110 commits intoweb/flow/tablize-token-component-relationshipfrom Feb 13, 2026
Merged
Conversation
GirlBossRush
added
the
area:frontend
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
) Bumps library/nginx from `b17697e` to `341bf0f`. --- updated-dependencies: - dependency-name: library/nginx dependency-version: 1.29-trixie dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pyrad](https://github.com/pyradius/pyrad) from 2.5.2 to 2.5.4. - [Release notes](https://github.com/pyradius/pyrad/releases) - [Changelog](https://github.com/pyradius/pyrad/blob/master/CHANGES.rst) - [Commits](pyradius/pyrad@2.5.2...2.5.4) --- updated-dependencies: - dependency-name: pyrad dependency-version: 2.5.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [msgraph-sdk](https://github.com/microsoftgraph/msgraph-sdk-python) from 1.53.0 to 1.54.0. - [Release notes](https://github.com/microsoftgraph/msgraph-sdk-python/releases) - [Changelog](https://github.com/microsoftgraph/msgraph-sdk-python/blob/main/CHANGELOG.md) - [Commits](microsoftgraph/msgraph-sdk-python@v1.53.0...v1.54.0) --- updated-dependencies: - dependency-name: msgraph-sdk dependency-version: 1.54.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [twilio](https://github.com/twilio/twilio-python) from 9.10.0 to 9.10.1. - [Release notes](https://github.com/twilio/twilio-python/releases) - [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md) - [Commits](twilio/twilio-python@9.10.0...9.10.1) --- updated-dependencies: - dependency-name: twilio dependency-version: 9.10.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ws (#20070) Bumps [aws-cdk](https://github.com/aws/aws-cdk-cli/tree/HEAD/packages/aws-cdk) from 2.1104.0 to 2.1105.0. - [Release notes](https://github.com/aws/aws-cdk-cli/releases) - [Commits](https://github.com/aws/aws-cdk-cli/commits/aws-cdk@v2.1105.0/packages/aws-cdk) --- updated-dependencies: - dependency-name: aws-cdk dependency-version: 2.1105.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [chromedriver](https://github.com/giggio/node-chromedriver) from 145.0.0 to 145.0.1. - [Commits](giggio/node-chromedriver@145.0.0...145.0.1) --- updated-dependencies: - dependency-name: chromedriver dependency-version: 145.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [semver](https://github.com/npm/node-semver) from 7.7.3 to 7.7.4. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.7.3...v7.7.4) --- updated-dependencies: - dependency-name: semver dependency-version: 7.7.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.2.0 to 25.2.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.2.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…c1-1770333267 in /web in the goauthentik group across 1 directory (#20078) web: bump @goauthentik/api Bumps the goauthentik group with 1 update in the /web directory: [@goauthentik/api](https://github.com/goauthentik/authentik). Updates `@goauthentik/api` from 2026.2.0-rc1-1770223158 to 2026.2.0-rc1-1770333267 - [Release notes](https://github.com/goauthentik/authentik/releases) - [Commits](https://github.com/goauthentik/authentik/commits) --- updated-dependencies: - dependency-name: "@goauthentik/api" dependency-version: 2026.2.0-rc1-1770333267 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: goauthentik ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the bundler group with 1 update in the /web directory: [esbuild](https://github.com/evanw/esbuild). Updates `esbuild` from 0.27.2 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.2...v0.27.3) Updates `@esbuild/darwin-arm64` from 0.27.2 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.2...v0.27.3) Updates `@esbuild/linux-arm64` from 0.27.2 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.2...v0.27.3) Updates `@esbuild/linux-x64` from 0.27.2 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.2...v0.27.3) --- updated-dependencies: - dependency-name: esbuild dependency-version: 0.27.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler - dependency-name: "@esbuild/darwin-arm64" dependency-version: 0.27.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler - dependency-name: "@esbuild/linux-arm64" dependency-version: 0.27.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler - dependency-name: "@esbuild/linux-x64" dependency-version: 0.27.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the storybook group with 4 updates in the /web directory: [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs), [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links), [@storybook/web-components](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/web-components) and [@storybook/web-components-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/web-components-vite). Updates `@storybook/addon-docs` from 10.2.6 to 10.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.2.7/code/addons/docs) Updates `@storybook/addon-links` from 10.2.6 to 10.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.2.7/code/addons/links) Updates `@storybook/web-components` from 10.2.6 to 10.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.2.7/code/renderers/web-components) Updates `@storybook/web-components-vite` from 10.2.6 to 10.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.2.7/code/frameworks/web-components-vite) Updates `storybook` from 10.2.6 to 10.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.2.7/code/core) --- updated-dependencies: - dependency-name: "@storybook/addon-docs" dependency-version: 10.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: storybook - dependency-name: "@storybook/addon-links" dependency-version: 10.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: storybook - dependency-name: "@storybook/web-components" dependency-version: 10.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: storybook - dependency-name: "@storybook/web-components-vite" dependency-version: 10.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: storybook - dependency-name: storybook dependency-version: 10.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: storybook ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [django-cte](https://github.com/dimagi/django-cte) from 2.0.0 to 3.0.0. - [Changelog](https://github.com/dimagi/django-cte/blob/main/CHANGELOG.md) - [Commits](dimagi/django-cte@v2.0.0...v3.0.0) --- updated-dependencies: - dependency-name: django-cte dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…roup across 1 directory (#20079) web: bump @types/react in /web in the react group across 1 directory Bumps the react group with 1 update in the /web directory: [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react). Updates `@types/react` from 19.2.11 to 19.2.13 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) --- updated-dependencies: - dependency-name: "@types/react" dependency-version: 19.2.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: react ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: Fix locale selector in compatibility mode. * Fix.
* sources/saml: hash a username longer than 150 chars * rework * reword * add const for username length, always use same format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* providers/saml: move sp acs binding down in form * add deprecation warning * fix warning * update warning location * make once a month
# What Separate out the “here’s how a stage is defined” from “Here’s how a stage is represented internally.” This gives us a nice central store of where to define how the server-side componentName relates to a client-side customElementName while also guaranteeing that the componenName or supplied customElementName exists and corresponds. Type safety has been preserved system-wide (thanks, @GirlBossRush!)
✅ Deploy Preview for authentik-integrations ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
BeryJu
reviewed
Feb 7, 2026
| // - Variants describe the attribute needs. There are only two variant: "standard" and "challenge." | ||
| // The "challenge" variant is for components that immediately issue redirects. "standard" is the | ||
| // default; you don't need to specify it. | ||
| // - If the stage needs to be live immediately, import it above. Otherwise, provide an import |
Member
There was a problem hiding this comment.
certain things qualify a stage for being instant imported, such as opening windows (like plex and apple) and certain webauthn interactions (like webauthnregister)
Contributor
There was a problem hiding this comment.
Is this list sufficient guidance? Or is there more? If we can give guidance for when to supply a dynamic vs static import, that would be awesome.
BeryJu
reviewed
Feb 7, 2026
| // type declaration above. The variants are meant to reduce the amount of information you have to | ||
| // provide: | ||
| // | ||
| // - If the server-side component and the client-side tag are the same, only provide the component. |
Member
There was a problem hiding this comment.
This should always be the case, is there anywhere where this isn't the case?
Contributor
There was a problem hiding this comment.
Yes, and they're documented right here in this file:
["ak-source-oauth-apple", "ak-flow-source-oauth-apple"],
["ak-source-plex", "ak-flow-source-plex"],
["ak-source-telegram", "ak-flow-source-telegram"],
["xak-flow-redirect", "ak-stage-redirect"],
* website/docs: generate CVE sidebar Signed-off-by: Jens Langhammer <jens@goauthentik.io> * docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * slightly less warnings Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add audience to id_token decode * set verify_iss to false, more realistic id_token in test * fix test
Bumps [type-fest](https://github.com/sindresorhus/type-fest) from 5.4.3 to 5.4.4. - [Release notes](https://github.com/sindresorhus/type-fest/releases) - [Commits](sindresorhus/type-fest@v5.4.3...v5.4.4) --- updated-dependencies: - dependency-name: type-fest dependency-version: 5.4.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…te (#20220) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* web: fix italic formatting in lifecycle rule help text * r
…en the user is a member of multiple reviewer groups (#20266)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* first approach * add cc and bcc support, better ui * remove unnecessary data return * add template support * fix linting * do the ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * display invite info in InvitationSendEmailForm.ts * Select the invitation template by default * Fix linting * fix tests * Add tests, clean code * Add docs * fix link * Make the UI less disgusting * Make the UI less disgusting * Apply suggestions from code review Co-authored-by: Dewi Roberts <dewi@goauthentik.io> Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com> * small formatting fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Use writeToClipboard function, better wording for CC and BCC --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
* website/docs: Custom CSS * Revise. * Fix paths. * Update links. * Update header capitalization Signed-off-by: Dewi Roberts <dewi@goauthentik.io> --------- Signed-off-by: Dewi Roberts <dewi@goauthentik.io> Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
…p-v3 * main: (105 commits) website/docs: Custom CSS (#19991) core: bump goauthentik.io/api/v3 to 3.2026.5.0-rc1-1770992049 (#20285) stage/invitation: Send invite via email UI (#19823) root: remove unused `django-cte` (#20090) core: bump ruff from 0.15.0 to 0.15.1 (#20273) core, web: update translations (#20271) ci: bump docker/build-push-action from 6.19.1 to 6.19.2 (#20274) enterprise/lifecycle: fix multiple reviews showing up in "Reviews" when the user is a member of multiple reviewer groups (#20266) ci: fix binary outpost build on release (#20248) web: add pretty names for lifecycle review events in event logs (#20264) web: fix italic formatting in lifecycle rule help text (#20263) website/docs: 2025.8.6 release notes (#20243) website/docs: 2025.12.4 release notes (#20226) website/docs: 2025.10.4 release notes (#20242) security: CVE-2026-25748 (#20240) security: CVE-2026-25922 (#20241) security: CVE-2026-25227 (#20239) ci: fix release testing (#20207) core: Apply CSpell corrections. (#20191) core: bump goauthentik.io/api/v3 to 3.2026.5.0-rc1-1770842608 (#20213) ...
…le is constructed ONCE at start-up, there's never going to be a cache hit. The FlowExecutorStageFactory produces StageMappings (StageMapping[]), which is itself a warehouse of singular server-component -> client-component relationships, fetching the client from the bundle as needed. The StageMapping only does the fetch once per instance, so (for example) a password failure will reinstantiate a PasswordStage, but it will not fetch it a second time.
kensternberg-authentik
merged commit 2acc605
into
web/flow/tablize-token-component-relationship
91 of 95 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Details
This PR builds on Ken's clean up, adding exhaustive type checking to the flow executor stage mappings. Similar to our locale definitions, each flow challenge name is mapped to...
For the majority of our stage imports, the imported module can be used to look up the tag name, avoiding an area of the code which can become unsynchronized. The stage mapping is also type checked to match all entries, effectively preventing a situation where the API can return a component name for which we do not have a corresponding element.
How to review this PR
The
FlowExecutorSelections.tsandFlowExecutor.tsfiles is where the action happens.The bulk of this PR is updating the existing flow stages to have a default export, ensuring that each import has the correct type.