SSO Login Success Page needs a designer's touch

[kontsevoy]

Problems

When using SSO via an external provider, say Github, users execute:

$ tsh login --proxy=proxy.example.com --auth=github

... which opens a browser window with a Github login page.

Problem One

It uses the wrong browser. On my machine the default is Chrome (clicking on any URL in a terminal opens Chrome, I am on Ubuntu). But tsh opens Brave for some reason.

Problem Two

When a user successfully authenticates, Github redirects back to Teleport and it shows this ugly page:

• Drop that smiley face
• Do not mention tsh because the same page is re-used by Gravity. The language should be a simple "Login successfull, you can close this window".
• We must not use any external resources for this page (like URLs to CSS/images)
• (Ev's pet peeve) the URL of this page is also annoying. /msg/info?! Authentication URLs follow REST pattern in well-written applications around "session" resource, i.e. GET /session/new is the login screen and GET /session/status would be this.

[alexwolfe]

How's this?

The images can be base 64 urls and the css can be place in the <style> tag.

[knisbet]

It uses the wrong browser. On my machine the default is Chrome (clicking on any URL in a terminal opens Chrome, I am on Ubuntu). But tsh opens Brave for some reason.

I think a customer reported an issue similar to this previously with tele, and had linked to a go library that they noted works correctly on their system with other programs. The 2 second search though I can't find the history or where this might have been captured in tickets, but let me know if you'd like my help tracking this down.

[kontsevoy]

@klizhentas it's another example where Teleport/Gravity functionality is shared but the Teleport repo is used to create a ticket. tele also uses the wrong browser on my box. See if you want to create a mirroring ticket on Gravity side.

[alex-kovoy]

For the first problem.

We use sensible-browser command to open a default browser on linux systems. Below is an order of lookups it does to launch a default browser:

if test -n "$DISPLAY"; then
    if test -n "$GNOME_DESKTOP_SESSION_ID"; then
        if test -x /usr/bin/gnome-www-browser; then
            exec /usr/bin/gnome-www-browser "$@"
        elif test -x /usr/bin/x-www-browser; then
            exec /usr/bin/x-www-browser "$@"
        elif test -x /usr/bin/gnome-terminal && test -x /usr/bin/www-browser; then
            exec /usr/bin/gnome-terminal -x /usr/bin/www-browser "$@"
        fi
    fi
    if test -x /usr/bin/x-www-browser; then
        exec /usr/bin/x-www-browser "$@"
    elif test -x /usr/bin/x-terminal-emulator && test -x /usr/bin/www-browser; then
        exec /usr/bin/x-terminal-emulator -x /usr/bin/www-browser "$@"
    fi
elif test -x /usr/bin/www-browser; then
    exec /usr/bin/www-browser "$@"
fi

@kontsevoy, could it be the user error with misconfigured default browser? Where (for example) the /usr/bin/gnome-www-browser would start the Brave browser?

[alex-kovoy]

This is another discussion on the subject
https://askubuntu.com/questions/8252/how-to-launch-default-web-browser-from-the-terminal

As an alternative we can use xdg-open command (which some of the golang internal packages use too). And fallback to sensible-browser if does not exist.

[alex-kovoy]

fixed by c6464a7 0b272d4

p.s. All URLs for UI routes will be revisited as part of 1M milestone.