Finalize external auth implementation #454
Description
Check out VILLASframework/web-backend#148 for more info.
The gist is this:
Some of the implementation is missing from the front, namely the one that extracts relevant auth data from the location.href params ( or similar )
e.g: Keycloak redirects with an iss and a code, the backend can then check the code against the iss without any extra implementation.
The frontend can then wait on the confirmation from the backend, and choose to direct the user into or out the website.
Here is an attempt at a simple diagram of what i had in mind:
The following needs to be added:
The login component has to always check the parameters in its own address. If it finds some parameters that are relevant to an external authentication, it should send that data to the backend, and block the user in a waiting context.
If the backend manages to confirm the data with the corresponding IDP,an account is created and the user is directed in.
This is ripe with race conditions and needs to be handled with care