Add meta component definitions to bootstrap auth flows#2002
Add meta component definitions to bootstrap auth flows#2002ThaminduR wants to merge 1 commit intoasgardeo:mainfrom
Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
📝 WalkthroughWalkthroughSix authentication flow configuration files were enhanced with UI component definitions for visual elements (logos, headings, input fields, action buttons) and updated action routing. A new Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR updates the bootstrap authentication flow definitions to include structured meta.components for PROMPT nodes so the frontend can render form layouts directly from flow JSON.
Changes:
- Added
meta.componentsUI definitions (image/text/blocks/actions/dividers) to PROMPT nodes in multiple bootstrap auth flows. - Updated PROMPT input/action
refvalues to align with the newly introduced component IDs. - Introduced an
AuthorizationExecutorstep afterBasicAuthExecutorin some “basic + social” bootstrap flows.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_sms.json | Adds meta-driven UI layout for mobile number + OTP prompt steps. |
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_google_github.json | Adds meta-driven UI layout for choosing between Google/GitHub auth actions. |
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github_sms.json | Adds meta-driven UI layout for choose-auth + SMS prompts; also adjusts execution graph with an authorization step. |
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github.json | Adds meta-driven UI layout and aligns prompt refs; adds authorization step after basic auth. |
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google.json | Adds meta-driven UI layout and aligns prompt refs; adds authorization step after basic auth. |
| backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_github.json | Adds meta-driven UI layout and aligns prompt refs; adds authorization step after basic auth. |
| "executor": { | ||
| "name": "AuthorizationExecutor" | ||
| }, | ||
| "onSuccess": "send_sms" |
There was a problem hiding this comment.
In this flow, authorization_check routes to send_sms, which makes the BasicAuth path trigger the SMS OTP send step (and potentially require a mobile number) instead of proceeding to auth_assert like the other authentication options. If SMS is meant to be an optional auth method (selected via action_sms), authorization_check.onSuccess should point to auth_assert (or, if SMS is intended as a second factor, route to the correct PROMPT node and ensure task onIncomplete is configured).
| "onSuccess": "send_sms" | |
| "onSuccess": "auth_assert" |
| "type": "ACTION", | ||
| "id": "action_google", | ||
| "label": "{{ t(signin:forms.choose_auth_method.actions.google.label) }}", | ||
| "variant": "SECONDARY", | ||
| "eventType": "SUBMIT" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "type": "BLOCK", | ||
| "id": "block_github", | ||
| "components": [ | ||
| { | ||
| "type": "ACTION", | ||
| "id": "action_github", | ||
| "label": "{{ t(signin:forms.choose_auth_method.actions.github.label) }}", | ||
| "variant": "SECONDARY", | ||
| "eventType": "SUBMIT" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "type": "BLOCK", | ||
| "id": "block_sms", | ||
| "components": [ | ||
| { | ||
| "type": "ACTION", | ||
| "id": "action_sms", | ||
| "label": "{{ t(signin:forms.choose_auth_method.actions.sms.label) }}", | ||
| "variant": "SECONDARY", | ||
| "eventType": "SUBMIT" | ||
| } |
There was a problem hiding this comment.
The new i18n keys used for the social login button labels (e.g., signin:forms.choose_auth_method.actions.google.label / ...actions.github.label / ...actions.sms.label) are not present in the bootstrap translations (backend/cmd/server/bootstrap/i18n/en-US.json). Add these translation entries or adjust the template references to existing keys, otherwise the UI will render missing/fallback text.
| "align": "center", | ||
| "type": "TEXT", | ||
| "id": "text_mobile", | ||
| "label": "{{ t(signin:forms.mobile_number.title) }}", | ||
| "variant": "HEADING_1" | ||
| }, |
There was a problem hiding this comment.
The SMS prompt meta uses i18n keys like signin:forms.mobile_number.* / signin:forms.otp.*, but these keys are not present in the bootstrap translations (backend/cmd/server/bootstrap/i18n/en-US.json). Add the missing translations or change the template references so the UI doesn't render fallback/missing text.
| { | ||
| "type": "ACTION", | ||
| "id": "action_google", | ||
| "label": "{{ t(signin:forms.choose_auth_method.actions.google.label) }}", | ||
| "variant": "PRIMARY", | ||
| "eventType": "SUBMIT" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "type": "BLOCK", | ||
| "id": "block_github", | ||
| "components": [ | ||
| { | ||
| "type": "ACTION", | ||
| "id": "action_github", | ||
| "label": "{{ t(signin:forms.choose_auth_method.actions.github.label) }}", | ||
| "variant": "SECONDARY", | ||
| "eventType": "SUBMIT" | ||
| } |
There was a problem hiding this comment.
The meta button labels reference i18n keys signin:forms.choose_auth_method.actions.google.label and ...actions.github.label, but those keys are not defined in the bootstrap translations (backend/cmd/server/bootstrap/i18n/en-US.json). Add these translation entries or adjust to existing keys to avoid missing/fallback labels in the rendered UI.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2002 +/- ##
=======================================
Coverage 89.77% 89.77%
=======================================
Files 867 867
Lines 57471 57471
=======================================
+ Hits 51592 51593 +1
+ Misses 4347 4345 -2
- Partials 1532 1533 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_github.json`:
- Around line 116-126: The "authorization_check" TASK_EXECUTION node only
defines "onSuccess" but needs an explicit failure transition so transient
AuthorizationExecutor failures don't halt the flow; add an "onFailure" field to
the node with a target (e.g., "choose_auth") so failures route back to the
authentication choice/retry path instead of stopping the flow, leaving
"onSuccess": "auth_assert" and the executor name "AuthorizationExecutor"
unchanged.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github_sms.json`:
- Around line 154-164: The "authorization_check" TASK_EXECUTION using
AuthorizationExecutor only defines "onSuccess": "send_sms" and lacks an explicit
failure path, so add an "onFailure" field on the "authorization_check" node that
routes to a proper failure node (either an existing error/rollback node in the
flow such as "choose_auth" or create a new
"authorization_failed"/"authentication_failed" node) so the flow does not halt
on task failure; update the "authorization_check" entry to include the
"onFailure" mapping and implement the new failure node if needed to handle
cleanup/logging and user feedback.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github.json`:
- Around line 135-145: The flow node "authorization_check" that executes
AuthorizationExecutor lacks an onFailure path, so failures halt the flow; update
the "authorization_check" node to include an "onFailure" property pointing to a
dedicated failure handler (e.g., "authorization_failed" or "auth_failure") and
ensure that target node exists (create a TASK/ERROR node like
"authorization_failed" that handles logging, cleanup, and transitions to a
user-facing error or retry step). Ensure the executor remains
"AuthorizationExecutor" and only add the "onFailure" mapping so failures follow
a controlled path.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google.json`:
- Around line 116-126: The authorization_check TASK_EXECUTION node using
AuthorizationExecutor lacks a failure path; update the node (id
"authorization_check", executor "AuthorizationExecutor") to include explicit
branches for failure conditions (e.g., add "onFailure" and/or "onError") that
route to an appropriate recovery or view state such as "choose_auth" or a new
"auth_failure" node so unauthenticated or service-failure results are handled
instead of terminating the flow.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: ef6ee9b4-5cc9-4c10-9095-7efe4a9bca10
📒 Files selected for processing (6)
backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_github.jsonbackend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google.jsonbackend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github.jsonbackend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github_sms.jsonbackend/cmd/server/bootstrap/flows/authentication/auth_flow_google_github.jsonbackend/cmd/server/bootstrap/flows/authentication/auth_flow_sms.json
| "onSuccess": "authorization_check", | ||
| "onIncomplete": "choose_auth" | ||
| }, | ||
| { | ||
| "id": "authorization_check", | ||
| "type": "TASK_EXECUTION", | ||
| "executor": { | ||
| "name": "AuthorizationExecutor" | ||
| }, | ||
| "onSuccess": "auth_assert" | ||
| }, |
There was a problem hiding this comment.
Add an explicit failure path for authorization_check.
This new node only handles onSuccess, but AuthorizationExecutor can fail. Without an onFailure route, transient authz errors turn into a hard stop in the authentication flow.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_github.json`
around lines 116 - 126, The "authorization_check" TASK_EXECUTION node only
defines "onSuccess" but needs an explicit failure transition so transient
AuthorizationExecutor failures don't halt the flow; add an "onFailure" field to
the node with a target (e.g., "choose_auth") so failures route back to the
authentication choice/retry path instead of stopping the flow, leaving
"onSuccess": "auth_assert" and the executor name "AuthorizationExecutor"
unchanged.
| "onSuccess": "authorization_check", | ||
| "onIncomplete": "choose_auth" | ||
| }, | ||
| { | ||
| "id": "authorization_check", | ||
| "type": "TASK_EXECUTION", | ||
| "executor": { | ||
| "name": "AuthorizationExecutor" | ||
| }, | ||
| "onSuccess": "send_sms" | ||
| }, |
There was a problem hiding this comment.
Add an explicit failure path for authorization_check.
The new AuthorizationExecutor step only wires onSuccess. If authorization lookup fails, this branch has no configured failure node and the authentication flow stops on the failed task.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github_sms.json`
around lines 154 - 164, The "authorization_check" TASK_EXECUTION using
AuthorizationExecutor only defines "onSuccess": "send_sms" and lacks an explicit
failure path, so add an "onFailure" field on the "authorization_check" node that
routes to a proper failure node (either an existing error/rollback node in the
flow such as "choose_auth" or create a new
"authorization_failed"/"authentication_failed" node) so the flow does not halt
on task failure; update the "authorization_check" entry to include the
"onFailure" mapping and implement the new failure node if needed to handle
cleanup/logging and user feedback.
| "onSuccess": "authorization_check", | ||
| "onIncomplete": "choose_auth" | ||
| }, | ||
| { | ||
| "id": "authorization_check", | ||
| "type": "TASK_EXECUTION", | ||
| "executor": { | ||
| "name": "AuthorizationExecutor" | ||
| }, | ||
| "onSuccess": "auth_assert" | ||
| }, |
There was a problem hiding this comment.
Add an explicit failure path for authorization_check.
AuthorizationExecutor is not success-only. If it returns FAILURE, this node has no onFailure target, so the flow stops on a failed task instead of taking a controlled error path.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google_github.json`
around lines 135 - 145, The flow node "authorization_check" that executes
AuthorizationExecutor lacks an onFailure path, so failures halt the flow; update
the "authorization_check" node to include an "onFailure" property pointing to a
dedicated failure handler (e.g., "authorization_failed" or "auth_failure") and
ensure that target node exists (create a TASK/ERROR node like
"authorization_failed" that handles logging, cleanup, and transitions to a
user-facing error or retry step). Ensure the executor remains
"AuthorizationExecutor" and only add the "onFailure" mapping so failures follow
a controlled path.
| "onSuccess": "authorization_check", | ||
| "onIncomplete": "choose_auth" | ||
| }, | ||
| { | ||
| "id": "authorization_check", | ||
| "type": "TASK_EXECUTION", | ||
| "executor": { | ||
| "name": "AuthorizationExecutor" | ||
| }, | ||
| "onSuccess": "auth_assert" | ||
| }, |
There was a problem hiding this comment.
Add an explicit failure path for authorization_check.
AuthorizationExecutor can return FAILURE when the user is unauthenticated or the authz service call fails. This node only handles onSuccess, so those cases currently end as a failed task with no configured branch or recovery view.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@backend/cmd/server/bootstrap/flows/authentication/auth_flow_basic_google.json`
around lines 116 - 126, The authorization_check TASK_EXECUTION node using
AuthorizationExecutor lacks a failure path; update the node (id
"authorization_check", executor "AuthorizationExecutor") to include explicit
branches for failure conditions (e.g., add "onFailure" and/or "onError") that
route to an appropriate recovery or view state such as "choose_auth" or a new
"auth_failure" node so unauthenticated or service-failure results are handled
instead of terminating the flow.
Purpose
Add structured UI meta component definitions to all bootstrap authentication flow JSON files. This adds form layout metadata (input fields, buttons, dividers, text elements) to the PROMPT steps, enabling the frontend to render login forms from the flow definitions.
Approach
Added
meta.componentssections to each PROMPT step in the following bootstrap auth flows:auth_flow_basic_github.jsonauth_flow_basic_google.jsonauth_flow_basic_google_github.jsonauth_flow_basic_google_github_sms.jsonauth_flow_google_github.jsonauth_flow_sms.jsonEach meta section defines the UI structure including app logo, heading text, input fields (username, password, OTP), action buttons, dividers, and social login blocks with proper i18n template references.
Related Issues
Related PRs
Checklist
breaking changelabel added.Security checks
Summary by CodeRabbit