feat: backport auth-validation preflight + email_login credentials
Backport upstream Shannon PR #335: - Add credential validation activity that drives a real browser login before the full pipeline, catching bad credentials early - New email_login credentials type for magic-link and email-OTP flows - Make credentials.password optional for passwordless flows - Playwright stealth config (chrome.runtime, plugin simulation, UA) - Centralize prompt directory resolution into resolvePromptDir helper - New AUTH_LOGIN_FAILED error code with non-retryable classification - Remove dangerous-pattern validation on credentials.password - Pipeline-testing stub for auth validation (returns success) - Auth validation timeout of 10 minutes for browser-based login - .playwright directory workspace overlay for CLI/Docker Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -47,6 +47,25 @@ rules:
|
||||
type: path
|
||||
url_path: "/api/v2/user-profile"
|
||||
|
||||
# Email-based login (for magic-link / email-OTP flows)
|
||||
# authentication:
|
||||
# login_type: form
|
||||
# login_url: "https://example.com/login"
|
||||
# credentials:
|
||||
# username: "testuser"
|
||||
# email_login:
|
||||
# address: "testuser@example.com"
|
||||
# password: "email-password"
|
||||
# totp_secret: "JBSWY3DPEHPK3PXP" # Optional TOTP for email 2FA
|
||||
# login_flow:
|
||||
# - "Type $username into the username field"
|
||||
# - "Type $email_address into the email field"
|
||||
# - "Type $email_password into the email password field"
|
||||
# - "Enter $email_totp in the verification code field"
|
||||
# success_condition:
|
||||
# type: url_contains
|
||||
# value: "/dashboard"
|
||||
|
||||
# Pipeline execution settings (optional)
|
||||
# pipeline:
|
||||
# retry_preset: subscription # 'default' or 'subscription' (6h max retry for rate limit recovery)
|
||||
|
||||
Reference in New Issue
Block a user