Allow for skipping the welcome screen (even if HA username/password is still registered) (#272)

* Allow for skipping the welcome screen (even if HA username/password is still registered)

* Linting & formatting

* Typing & tests

custom_components/auth_oidc/__init__.py

@@ -28,6 +28,7 @@ from .config import (
     ROLES,
     NETWORK,
     FEATURES_INCLUDE_GROUPS_SCOPE,
+    FEATURES_DEFAULT_REDIRECT,
     FEATURES_FORCE_HTTPS,
     REQUIRED_SCOPES,
 )
@@ -43,6 +44,7 @@ from .endpoints import (
     OIDCDeviceSSE,
 )
 from .tools.oidc_client import OIDCClient
+from .tools.types import OIDCWelcomeOptions
 from .provider import OpenIDAuthProvider
 
 _LOGGER = logging.getLogger(__name__)
@@ -146,6 +148,7 @@ async def _setup_oidc_provider(hass: HomeAssistant, my_config: dict, display_nam
     name = re.sub(r"[^A-Za-z0-9 _\-\(\)]", "", name)
 
     force_https = features_config.get(FEATURES_FORCE_HTTPS, False)
+    default_redirect = features_config.get(FEATURES_DEFAULT_REDIRECT, False)
 
     await hass.http.async_register_static_paths(
         [
@@ -158,7 +161,15 @@ async def _setup_oidc_provider(hass: HomeAssistant, my_config: dict, display_nam
     )
 
     hass.http.register_view(
-        OIDCWelcomeView(provider, name, force_https, has_other_auth_providers)
+        OIDCWelcomeView(
+            provider,
+            OIDCWelcomeOptions(
+                name=name,
+                force_https=force_https,
+                has_other_auth_providers=has_other_auth_providers,
+                prefers_skipping=default_redirect,
+            ),
+        )
     )
     hass.http.register_view(OIDCDeviceSSE(provider))
     hass.http.register_view(OIDCRedirectView(oidc_client, provider, force_https))

custom_components/auth_oidc/config/const.py

@@ -27,6 +27,7 @@ FEATURES_AUTOMATIC_PERSON_CREATION = "automatic_person_creation"
 FEATURES_DISABLE_PKCE = "disable_rfc7636"
 FEATURES_INCLUDE_GROUPS_SCOPE = "include_groups_scope"
 FEATURES_FORCE_HTTPS = "force_https"
+FEATURES_DEFAULT_REDIRECT = "default_redirect"
 CLAIMS = "claims"
 CLAIMS_DISPLAY_NAME = "display_name"
 CLAIMS_USERNAME = "username"

custom_components/auth_oidc/config/schema.py

@@ -15,6 +15,7 @@ from .const import (
     FEATURES_DISABLE_PKCE,
     FEATURES_INCLUDE_GROUPS_SCOPE,
     FEATURES_FORCE_HTTPS,
+    FEATURES_DEFAULT_REDIRECT,
     CLAIMS,
     CLAIMS_DISPLAY_NAME,
     CLAIMS_USERNAME,
@@ -75,6 +76,13 @@ CONFIG_SCHEMA = vol.Schema(
                         vol.Optional(FEATURES_FORCE_HTTPS, default=False): vol.Coerce(
                             bool
                         ),
+                        # Welcome page will be skipped automatically if there are no
+                        # other auth providers.
+                        # This flag enables this behavior regardless of the amount
+                        # of other auth providers.
+                        vol.Optional(
+                            FEATURES_DEFAULT_REDIRECT, default=False
+                        ): vol.Coerce(bool),
                     }
                 ),
                 # Determine which specific claims will be used from the id_token

custom_components/auth_oidc/endpoints/welcome.py

@@ -8,6 +8,7 @@ from aiohttp import web
 from homeassistant.components.http import HomeAssistantView
 from ..tools.helpers import error_response, get_url, template_response
 from ..provider import OpenIDAuthProvider
+from ..tools.types import OIDCWelcomeOptions
 
 PATH = "/auth/oidc/welcome"
 
@@ -20,16 +21,13 @@ class OIDCWelcomeView(HomeAssistantView):
     name = "auth:oidc:welcome"
 
     def __init__(
-        self,
-        oidc_provider: OpenIDAuthProvider,
-        name: str,
-        force_https: bool,
-        has_other_auth_providers: bool,
+        self, oidc_provider: OpenIDAuthProvider, options: OIDCWelcomeOptions
     ) -> None:
         self.oidc_provider = oidc_provider
-        self.name = name
-        self.force_https = force_https
-        self.has_other_auth_providers = has_other_auth_providers
+        self.name = options.get("name")
+        self.force_https = options.get("force_https")
+        self.has_other_auth_providers = options.get("has_other_auth_providers")
+        self.prefers_skipping = options.get("prefers_skipping")
 
     async def _process_url(self, redirect_uri: str) -> List[str, bool]:
         """Processes the redirect URI to determine if we need setTokens and if this is mobile."""
@@ -108,7 +106,9 @@ class OIDCWelcomeView(HomeAssistantView):
 
         # If this is the only provider and we are on desktop,
         # automatically go through the OIDC login
-        if not is_mobile and not self.has_other_auth_providers:
+        if not is_mobile and (
+            not self.has_other_auth_providers or self.prefers_skipping
+        ):
             raise web.HTTPFound(
                 location=get_url("/auth/oidc/redirect", self.force_https),
                 headers=cookie_header,

custom_components/auth_oidc/tools/types.py

@@ -39,3 +39,19 @@ class OIDCState(dict):
 
     # IP address
     ip_address: str | None
+
+
+class OIDCWelcomeOptions(dict):
+    """Options for the welcome screen"""
+
+    # User friendly SSO name to display
+    name: str
+
+    # Does the user force HTTPS on all generated URLs?
+    force_https: bool
+
+    # Has the user registered any other auth providers?
+    has_other_auth_providers: bool
+
+    # Does the user prefer to skip the welcome screen?
+    prefers_skipping: bool