From ff12986452a51f9ed5d042f2b8d049c9848e51fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Commaille?= <zecakeh@tedomum.fr>
Date: Sun, 12 Jan 2025 19:22:01 +0100
Subject: [PATCH] login: Move away from SSO term and add "Continue" button

Moving away from the SSO term allows us to transition seemlessly towards
OIDC.

Adding a "Continue" button avoids to surprise the user by opening a URL
without warning.

Fixes SSO identity provider login in the process.
---
 .typos.toml                                   |   1 +
 po/POTFILES.in                                |   4 +-
 src/login/homeserver_page.rs                  |   2 +-
 src/login/in_browser_page.rs                  | 145 ++++++++++++++++++
 src/login/{sso_page.ui => in_browser_page.ui} |  46 +++++-
 src/login/method_page.rs                      |   8 +-
 src/login/mod.rs                              | 104 +++----------
 src/login/mod.ui                              |   4 +-
 .../{idp_button.rs => sso_idp_button.rs}      |  88 +++++++----
 .../{idp_button.ui => sso_idp_button.ui}      |   2 +-
 src/login/sso_page.rs                         |  48 ------
 src/ui-resources.gresource.xml                |   4 +-
 12 files changed, 278 insertions(+), 178 deletions(-)
 create mode 100644 src/login/in_browser_page.rs
 rename src/login/{sso_page.ui => in_browser_page.ui} (57%)
 rename src/login/{idp_button.rs => sso_idp_button.rs} (59%)
 rename src/login/{idp_button.ui => sso_idp_button.ui} (80%)
 delete mode 100644 src/login/sso_page.rs

diff --git a/.typos.toml b/.typos.toml
index 9d361b20..e6839ffc 100644
--- a/.typos.toml
+++ b/.typos.toml
@@ -2,6 +2,7 @@
 gir = "gir"
 inout = "inout"
 numer = "numer" # Short for numerator in GStreamer
+ue = "ue" # End of word after mnemonic
 
 [type.po]
 extend-glob = ["*.po"]
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 12ae55d6..74fa6f39 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -60,13 +60,13 @@ src/login/advanced_dialog.ui
 src/login/greeter.ui
 src/login/homeserver_page.rs
 src/login/homeserver_page.ui
-src/login/idp_button.rs
+src/login/in_browser_page.ui
 src/login/method_page.rs
 src/login/method_page.ui
 src/login/mod.rs
 src/login/mod.ui
 src/login/session_setup_view.ui
-src/login/sso_page.ui
+src/login/sso_idp_button.rs
 src/secret/linux.rs
 src/session/model/session.rs
 src/session/model/notifications/mod.rs
diff --git a/src/login/homeserver_page.rs b/src/login/homeserver_page.rs
index b60cb017..f3ce4586 100644
--- a/src/login/homeserver_page.rs
+++ b/src/login/homeserver_page.rs
@@ -242,7 +242,7 @@ mod imp {
             match handle.await.expect("task was not aborted") {
                 Ok(res) => {
                     login.set_login_types(res.flows);
-                    login.show_login_screen();
+                    login.show_login_page();
                 }
                 Err(error) => {
                     warn!("Could not get available login types: {error}");
diff --git a/src/login/in_browser_page.rs b/src/login/in_browser_page.rs
new file mode 100644
index 00000000..da858e9c
--- /dev/null
+++ b/src/login/in_browser_page.rs
@@ -0,0 +1,145 @@
+use adw::{prelude::*, subclass::prelude::*};
+use gtk::{glib, CompositeTemplate};
+use ruma::api::client::session::SsoRedirectOidcAction;
+use tracing::{error, warn};
+use url::Url;
+
+use super::Login;
+use crate::{prelude::*, spawn, spawn_tokio, toast};
+
+mod imp {
+    use std::cell::{Cell, RefCell};
+
+    use glib::subclass::InitializingObject;
+
+    use super::*;
+
+    #[derive(Debug, Default, CompositeTemplate, glib::Properties)]
+    #[template(resource = "/org/gnome/Fractal/ui/login/in_browser_page.ui")]
+    #[properties(wrapper_type = super::LoginInBrowserPage)]
+    pub struct LoginInBrowserPage {
+        #[template_child]
+        continue_btn: TemplateChild<gtk::Button>,
+        /// The ancestor `Login` object.
+        #[property(get, set, nullable)]
+        login: glib::WeakRef<Login>,
+        /// Whether we are logging in with OIDC compatibility.
+        #[property(get, set)]
+        oidc_compatibility: Cell<bool>,
+        /// The identity provider to use when logging in with SSO.
+        #[property(get, set, nullable)]
+        sso_idp_id: RefCell<Option<String>>,
+    }
+
+    #[glib::object_subclass]
+    impl ObjectSubclass for LoginInBrowserPage {
+        const NAME: &'static str = "LoginInBrowserPage";
+        type Type = super::LoginInBrowserPage;
+        type ParentType = adw::NavigationPage;
+
+        fn class_init(klass: &mut Self::Class) {
+            Self::bind_template(klass);
+            Self::bind_template_callbacks(klass);
+        }
+
+        fn instance_init(obj: &InitializingObject<Self>) {
+            obj.init_template();
+        }
+    }
+
+    #[glib::derived_properties]
+    impl ObjectImpl for LoginInBrowserPage {}
+
+    impl WidgetImpl for LoginInBrowserPage {
+        fn grab_focus(&self) -> bool {
+            self.continue_btn.grab_focus()
+        }
+    }
+
+    impl NavigationPageImpl for LoginInBrowserPage {
+        fn shown(&self) {
+            self.grab_focus();
+        }
+    }
+
+    #[gtk::template_callbacks]
+    impl LoginInBrowserPage {
+        /// Open the URL of the SSO login page.
+        #[template_callback]
+        async fn login_with_sso(&self) {
+            let Some(login) = self.login.upgrade() else {
+                return;
+            };
+
+            let client = login.client().await.expect("client was constructed");
+            let oidc_compatibility = self.oidc_compatibility.get();
+            let sso_idp_id = self.sso_idp_id.borrow().clone();
+
+            let handle = spawn_tokio!(async move {
+                let mut sso_login = client
+                    .matrix_auth()
+                    .login_sso(|sso_url| async move {
+                        let ctx = glib::MainContext::default();
+                        ctx.spawn(async move {
+                            spawn!(async move {
+                                let mut sso_url = sso_url;
+
+                                if oidc_compatibility {
+                                    if let Ok(mut parsed_url) = Url::parse(&sso_url) {
+                                        // Add an action query parameter manually.
+                                        parsed_url.query_pairs_mut().append_pair(
+                                            "action",
+                                            SsoRedirectOidcAction::Login.as_str(),
+                                        );
+                                        sso_url = parsed_url.into();
+                                    } else {
+                                        // If parsing fails, just use the provided URL.
+                                        error!("Failed to parse SSO URL: {sso_url}");
+                                    }
+                                }
+
+                                if let Err(error) = gtk::UriLauncher::new(&sso_url)
+                                    .launch_future(gtk::Window::NONE)
+                                    .await
+                                {
+                                    // FIXME: We should forward the error.
+                                    error!("Could not launch URI: {error}");
+                                }
+                            });
+                        });
+                        Ok(())
+                    })
+                    .initial_device_display_name("Fractal");
+
+                if let Some(sso_idp_id) = &sso_idp_id {
+                    sso_login = sso_login.identity_provider_id(sso_idp_id);
+                }
+
+                sso_login.send().await
+            });
+
+            match handle.await.expect("task was not aborted") {
+                Ok(response) => {
+                    login.handle_login_response(response).await;
+                }
+                Err(error) => {
+                    warn!("Could not log in via SSO: {error}");
+                    let obj = self.obj();
+                    toast!(obj, error.to_user_facing());
+                }
+            }
+        }
+    }
+}
+
+glib::wrapper! {
+    /// A page shown while the user is logging in via SSO.
+    pub struct LoginInBrowserPage(ObjectSubclass<imp::LoginInBrowserPage>)
+        @extends gtk::Widget, adw::NavigationPage, @implements gtk::Accessible;
+}
+
+impl LoginInBrowserPage {
+    pub fn new() -> Self {
+        glib::Object::new()
+    }
+}
diff --git a/src/login/sso_page.ui b/src/login/in_browser_page.ui
similarity index 57%
rename from src/login/sso_page.ui
rename to src/login/in_browser_page.ui
index 8625b76d..03da736b 100644
--- a/src/login/sso_page.ui
+++ b/src/login/in_browser_page.ui
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <interface>
-  <template class="LoginSsoPage" parent="AdwNavigationPage">
-    <property name="tag">sso</property>
-    <property name="title" translatable="yes">Single Sign-On</property>
+  <template class="LoginInBrowserPage" parent="AdwNavigationPage">
+    <property name="tag">in-browser</property>
+    <property name="title" translatable="yes">Authentication</property>
     <property name="child">
       <object class="AdwToolbarView">
         <child type="top">
@@ -23,7 +23,6 @@
                 <property name="vexpand">True</property>
                 <property name="child">
                   <object class="AdwClamp">
-                    <property name="maximum-size">360</property>
                     <property name="margin-top">24</property>
                     <property name="margin-bottom">24</property>
                     <property name="margin-start">12</property>
@@ -38,7 +37,7 @@
                             <property name="wrap">True</property>
                             <property name="wrap-mode">word-char</property>
                             <property name="justify">center</property>
-                            <property name="label" translatable="yes">Single Sign-On</property>
+                            <property name="label" translatable="yes">Authentication</property>
                             <property name="accessible-role">heading</property>
                             <accessibility>
                               <property name="level">1</property>
@@ -53,12 +52,44 @@
                             <property name="wrap">True</property>
                             <property name="wrap-mode">word-char</property>
                             <property name="justify">center</property>
-                            <property name="label" translatable="yes">Please follow the steps in the browser</property>
+                            <property name="label" translatable="yes">Click on the button below and follow the steps in the browser</property>
                             <style>
-                              <class name="title-4"/>
+                              <class name="body"/>
                             </style>
                           </object>
                         </child>
+                        <child>
+                          <object class="GtkButton" id="continue_btn">
+                            <style>
+                              <class name="suggested-action"/>
+                              <class name="standalone-button"/>
+                              <class name="image-text-button"/>
+                              <class name="pill"/>
+                            </style>
+                            <property name="child">
+                              <object class="GtkBox">
+                                <property name="halign">center</property>
+                                <child>
+                                  <object class="GtkLabel">
+                                    <property name="label" translatable="yes">Contin_ue</property>
+                                    <property name="use-underline">True</property>
+                                    <property name="ellipsize">end</property>
+                                    <property name="mnemonic-widget">continue_btn</property>
+                                  </object>
+                                </child>
+                                <child>
+                                  <object class="GtkImage">
+                                    <property name="icon-name">external-link-symbolic</property>
+                                    <property name="accessible-role">presentation</property>
+                                    <property name="valign">center</property>
+                                  </object>
+                                </child>
+                              </object>
+                            </property>
+                            <property name="halign">center</property>
+                            <signal name="clicked" handler="login_with_sso" swapped="yes" />
+                          </object>
+                        </child>
                       </object>
                     </property>
                   </object>
@@ -71,4 +102,3 @@
     </property>
   </template>
 </interface>
-
diff --git a/src/login/method_page.rs b/src/login/method_page.rs
index b7214111..4774da3e 100644
--- a/src/login/method_page.rs
+++ b/src/login/method_page.rs
@@ -4,7 +4,7 @@ use gtk::{self, glib, glib::clone, CompositeTemplate};
 use ruma::api::client::session::get_login_types::v3::LoginType;
 use tracing::warn;
 
-use super::{idp_button::IdpButton, Login};
+use super::{sso_idp_button::SsoIdpButton, Login};
 use crate::{
     components::LoadingButton, gettext_f, prelude::*, spawn_tokio, toast, utils::BoundObjectWeakRef,
 };
@@ -28,7 +28,7 @@ mod imp {
         password_entry: TemplateChild<adw::PasswordEntryRow>,
         #[template_child]
         sso_idp_box: TemplateChild<gtk::Box>,
-        sso_idp_box_children: RefCell<Vec<IdpButton>>,
+        sso_idp_box_children: RefCell<Vec<SsoIdpButton>>,
         #[template_child]
         more_sso_btn: TemplateChild<gtk::Button>,
         #[template_child]
@@ -157,8 +157,8 @@ mod imp {
                 let mut sso_idp_box_children = self.sso_idp_box_children.borrow_mut();
                 sso_idp_box_children.reserve(sso_login.identity_providers.len());
 
-                for provider in &sso_login.identity_providers {
-                    if let Some(btn) = IdpButton::new(provider) {
+                for identity_provider in sso_login.identity_providers {
+                    if let Some(btn) = SsoIdpButton::new(identity_provider) {
                         self.sso_idp_box.append(&btn);
                         sso_idp_box_children.push(btn);
 
diff --git a/src/login/mod.rs b/src/login/mod.rs
index 280bc3fa..37d710d1 100644
--- a/src/login/mod.rs
+++ b/src/login/mod.rs
@@ -7,23 +7,24 @@ use gtk::{
 };
 use matrix_sdk::Client;
 use ruma::{
-    api::client::session::{get_login_types::v3::LoginType, login, SsoRedirectOidcAction},
+    api::client::session::{get_login_types::v3::LoginType, login},
     OwnedServerName,
 };
-use tracing::{error, warn};
+use tracing::warn;
 use url::Url;
 
 mod advanced_dialog;
 mod greeter;
 mod homeserver_page;
-mod idp_button;
+mod in_browser_page;
 mod method_page;
 mod session_setup_view;
-mod sso_page;
+mod sso_idp_button;
 
 use self::{
     advanced_dialog::LoginAdvancedDialog, greeter::Greeter, homeserver_page::LoginHomeserverPage,
-    method_page::LoginMethodPage, session_setup_view::SessionSetupView, sso_page::LoginSsoPage,
+    in_browser_page::LoginInBrowserPage, method_page::LoginMethodPage,
+    session_setup_view::SessionSetupView,
 };
 use crate::{
     components::OfflineBanner, prelude::*, secret::store_session, session::model::Session, spawn,
@@ -40,8 +41,8 @@ enum LoginPage {
     Homeserver,
     /// The page to select a login method.
     Method,
-    /// The page to wait for SSO to be finished.
-    Sso,
+    /// The page to log in with the browser.
+    InBrowser,
     /// The loading page.
     Loading,
     /// The session setup stack.
@@ -74,7 +75,7 @@ mod imp {
         #[template_child]
         method_page: TemplateChild<LoginMethodPage>,
         #[template_child]
-        sso_page: TemplateChild<LoginSsoPage>,
+        in_browser_page: TemplateChild<LoginInBrowserPage>,
         #[template_child]
         done_button: TemplateChild<gtk::Button>,
         /// Whether auto-discovery is enabled.
@@ -117,8 +118,8 @@ mod imp {
                 "login.sso",
                 Some(&Option::<String>::static_variant_type()),
                 |obj, _, variant| async move {
-                    let idp_id = variant.and_then(|v| v.get::<Option<String>>()).flatten();
-                    obj.imp().login_with_sso(idp_id, false).await;
+                    let sso_idp_id = variant.and_then(|v| v.get::<Option<String>>()).flatten();
+                    obj.imp().show_in_browser_page(sso_idp_id, false);
                 },
             );
 
@@ -181,7 +182,8 @@ mod imp {
                 LoginPage::Greeter => self.greeter.grab_focus(),
                 LoginPage::Homeserver => self.homeserver_page.grab_focus(),
                 LoginPage::Method => self.method_page.grab_focus(),
-                LoginPage::Sso | LoginPage::Loading => false,
+                LoginPage::InBrowser => self.in_browser_page.grab_focus(),
+                LoginPage::Loading => false,
                 LoginPage::SessionSetup => {
                     if let Some(session_setup) = self.session_setup() {
                         session_setup.grab_focus()
@@ -355,8 +357,8 @@ mod imp {
             dialog.run_future(&*obj).await;
         }
 
-        /// Show the appropriate login screen given the current login types.
-        pub(super) fn show_login_screen(&self) {
+        /// Show the appropriate login page given the current login types.
+        pub(super) fn show_login_page(&self) {
             let mut oidc_compatibility = false;
             let mut supports_password = false;
 
@@ -375,77 +377,19 @@ mod imp {
             }
 
             if oidc_compatibility || !supports_password {
-                spawn!(clone!(
-                    #[weak(rename_to = imp)]
-                    self,
-                    async move {
-                        imp.login_with_sso(None, oidc_compatibility).await;
-                    }
-                ));
+                self.show_in_browser_page(None, oidc_compatibility);
             } else {
                 self.navigation.push_by_tag(LoginPage::Method.as_ref());
             }
         }
 
-        /// Log in with the SSO login type.
-        async fn login_with_sso(&self, idp_id: Option<String>, oidc_compatibility: bool) {
-            self.navigation.push_by_tag(LoginPage::Sso.as_ref());
-            let client = self.client().await.expect("client was constructed");
-
-            let handle = spawn_tokio!(async move {
-                let mut login = client
-                    .matrix_auth()
-                    .login_sso(|sso_url| async move {
-                        let ctx = glib::MainContext::default();
-                        ctx.spawn(async move {
-                            spawn!(async move {
-                                let mut sso_url = sso_url;
-
-                                if oidc_compatibility {
-                                    if let Ok(mut parsed_url) = Url::parse(&sso_url) {
-                                        // Add an action query parameter manually.
-                                        parsed_url.query_pairs_mut().append_pair(
-                                            "action",
-                                            SsoRedirectOidcAction::Login.as_str(),
-                                        );
-                                        sso_url = parsed_url.into();
-                                    } else {
-                                        // If parsing fails, just use the provided URL.
-                                        error!("Failed to parse SSO URL: {sso_url}");
-                                    }
-                                }
-
-                                if let Err(error) = gtk::UriLauncher::new(&sso_url)
-                                    .launch_future(gtk::Window::NONE)
-                                    .await
-                                {
-                                    // FIXME: We should forward the error.
-                                    error!("Could not launch URI: {error}");
-                                }
-                            });
-                        });
-                        Ok(())
-                    })
-                    .initial_device_display_name("Fractal");
-
-                if let Some(idp_id) = idp_id.as_deref() {
-                    login = login.identity_provider_id(idp_id);
-                }
+        /// Show the page to log in with the browser with the given parameters.
+        fn show_in_browser_page(&self, sso_idp_id: Option<String>, oidc_compatibility: bool) {
+            self.in_browser_page.set_sso_idp_id(sso_idp_id);
+            self.in_browser_page
+                .set_oidc_compatibility(oidc_compatibility);
 
-                login.send().await
-            });
-
-            match handle.await.expect("task was not aborted") {
-                Ok(response) => {
-                    self.handle_login_response(response).await;
-                }
-                Err(error) => {
-                    warn!("Could not log in: {error}");
-                    let obj = self.obj();
-                    toast!(obj, error.to_user_facing());
-                    self.navigation.pop();
-                }
-            }
+            self.navigation.push_by_tag(LoginPage::InBrowser.as_ref());
         }
 
         /// Handle the given response after successfully logging in.
@@ -595,8 +539,8 @@ impl Login {
     }
 
     /// Show the appropriate login screen given the current login types.
-    fn show_login_screen(&self) {
-        self.imp().show_login_screen();
+    fn show_login_page(&self) {
+        self.imp().show_login_page();
     }
 
     /// Freeze the login screen.
diff --git a/src/login/mod.ui b/src/login/mod.ui
index 941fdc56..81740f92 100644
--- a/src/login/mod.ui
+++ b/src/login/mod.ui
@@ -17,7 +17,9 @@
           </object>
         </child>
         <child>
-          <object class="LoginSsoPage" id="sso_page"/>
+          <object class="LoginInBrowserPage" id="in_browser_page">
+            <property name="login">Login</property>
+          </object>
         </child>
         <child>
           <object class="AdwNavigationPage">
diff --git a/src/login/idp_button.rs b/src/login/sso_idp_button.rs
similarity index 59%
rename from src/login/idp_button.rs
rename to src/login/sso_idp_button.rs
index f6512d77..eafea1f1 100644
--- a/src/login/idp_button.rs
+++ b/src/login/sso_idp_button.rs
@@ -13,20 +13,26 @@ mod imp {
     use super::*;
 
     #[derive(Debug, Default, CompositeTemplate, glib::Properties)]
-    #[template(resource = "/org/gnome/Fractal/ui/login/idp_button.ui")]
-    #[properties(wrapper_type = super::IdpButton)]
-    pub struct IdpButton {
-        /// The identity provider brand of this button.
-        brand: OnceCell<IdentityProviderBrand>,
-        /// The identity provider brand of this button, as a string.
+    #[template(resource = "/org/gnome/Fractal/ui/login/sso_idp_button.ui")]
+    #[properties(wrapper_type = super::SsoIdpButton)]
+    pub struct SsoIdpButton {
+        /// The identity provider of this button.
+        identity_provider: OnceCell<IdentityProvider>,
+        /// The ID of the identity provider.
+        #[property(get = Self::id)]
+        id: PhantomData<String>,
+        /// The name of the identity provider.
+        #[property(get = Self::name)]
+        name: PhantomData<String>,
+        /// The brand of the identity provider, as a string.
         #[property(get = Self::brand_string)]
         brand_string: PhantomData<String>,
     }
 
     #[glib::object_subclass]
-    impl ObjectSubclass for IdpButton {
-        const NAME: &'static str = "IdpButton";
-        type Type = super::IdpButton;
+    impl ObjectSubclass for SsoIdpButton {
+        const NAME: &'static str = "SsoIdpButton";
+        type Type = super::SsoIdpButton;
         type ParentType = gtk::Button;
 
         fn class_init(klass: &mut Self::Class) {
@@ -41,15 +47,15 @@ mod imp {
     }
 
     #[glib::derived_properties]
-    impl ObjectImpl for IdpButton {}
+    impl ObjectImpl for SsoIdpButton {}
 
-    impl WidgetImpl for IdpButton {}
-    impl ButtonImpl for IdpButton {}
+    impl WidgetImpl for SsoIdpButton {}
+    impl ButtonImpl for SsoIdpButton {}
 
-    impl IdpButton {
-        /// Set the identity provider brand of this button.
-        pub(super) fn set_brand(&self, brand: IdentityProviderBrand) {
-            let brand = self.brand.get_or_init(|| brand);
+    impl SsoIdpButton {
+        /// Set the identity provider of this button.
+        pub(super) fn set_identity_provider(&self, identity_provider: IdentityProvider) {
+            let identity_provider = self.identity_provider.get_or_init(|| identity_provider);
 
             adw::StyleManager::default().connect_dark_notify(clone!(
                 #[weak(rename_to = imp)]
@@ -58,29 +64,49 @@ mod imp {
             ));
             self.update_icon();
 
-            let obj = self.obj();
-            obj.set_action_target_value(Some(&Some(&brand.as_str()).to_variant()));
-            obj.set_tooltip_text(Some(&gettext_f(
+            self.obj()
+                .set_action_target_value(Some(&Some(&identity_provider.id).to_variant()));
+            self.obj().set_tooltip_text(Some(&gettext_f(
                 // Translators: Do NOT translate the content between '{' and '}', this is a
                 // variable name.
                 // This is the tooltip text on buttons to log in via Single Sign-On.
                 // The brand is something like Facebook, Apple, GitHub…
                 "Log in with {brand}",
-                &[("brand", brand.as_str())],
+                &[("brand", &identity_provider.name)],
             )));
         }
 
-        /// The identity provider brand of this button.
+        /// The identity provider of this button.
+        fn identity_provider(&self) -> &IdentityProvider {
+            self.identity_provider
+                .get()
+                .expect("identity provider is initialized")
+        }
+
+        /// The ID of the identity provider.
+        fn id(&self) -> String {
+            self.identity_provider().id.clone()
+        }
+
+        /// The name of the identity provider.
+        fn name(&self) -> String {
+            self.identity_provider().name.clone()
+        }
+
+        /// The brand of the identity provider.
         fn brand(&self) -> &IdentityProviderBrand {
-            self.brand.get().expect("brand is initialized")
+            self.identity_provider()
+                .brand
+                .as_ref()
+                .expect("identity provider has a brand")
         }
 
-        /// The identity provider brand of this button, as a string.
+        /// The brand of the identity provider, as a string.
         fn brand_string(&self) -> String {
             self.brand().to_string()
         }
 
-        /// The icon name of the current brand, according to the current theme.
+        /// The icon name of the brand, according to the current theme.
         fn brand_icon(&self) -> &str {
             let is_dark = adw::StyleManager::default().is_dark();
 
@@ -123,13 +149,13 @@ mod imp {
 
 glib::wrapper! {
     /// A button to represent an SSO identity provider.
-    pub struct IdpButton(ObjectSubclass<imp::IdpButton>)
+    pub struct SsoIdpButton(ObjectSubclass<imp::SsoIdpButton>)
         @extends gtk::Widget, gtk::Button,
         @implements gtk::Accessible, gtk::Actionable;
 }
 
-impl IdpButton {
-    /// The supported SSO identity provider brands of `IdpButton`.
+impl SsoIdpButton {
+    /// The supported SSO identity provider brands of `SsoIdpButton`.
     const SUPPORTED_IDP_BRANDS: &[IdentityProviderBrand] = &[
         IdentityProviderBrand::Apple,
         IdentityProviderBrand::Facebook,
@@ -139,18 +165,18 @@ impl IdpButton {
         IdentityProviderBrand::Twitter,
     ];
 
-    /// Create a new `IdpButton` with the given identity provider.
+    /// Create a new `SsoIdpButton` with the given identity provider.
     ///
     /// Returns `None` if the identity provider's brand is not supported.
-    pub fn new(idp: &IdentityProvider) -> Option<Self> {
+    pub fn new(identity_provider: IdentityProvider) -> Option<Self> {
         // If this is not a supported brand, return `None`.
-        let brand = idp.brand.as_ref()?;
+        let brand = identity_provider.brand.as_ref()?;
         if !Self::SUPPORTED_IDP_BRANDS.contains(brand) {
             return None;
         }
 
         let obj = glib::Object::new::<Self>();
-        obj.imp().set_brand(brand.clone());
+        obj.imp().set_identity_provider(identity_provider);
 
         Some(obj)
     }
diff --git a/src/login/idp_button.ui b/src/login/sso_idp_button.ui
similarity index 80%
rename from src/login/idp_button.ui
rename to src/login/sso_idp_button.ui
index 732a1dc3..f5942f94 100644
--- a/src/login/idp_button.ui
+++ b/src/login/sso_idp_button.ui
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <interface>
-  <template class="IdpButton" parent="GtkButton">
+  <template class="SsoIdpButton" parent="GtkButton">
     <style>
       <class name="card"/>
       <class name="sso-button"/>
diff --git a/src/login/sso_page.rs b/src/login/sso_page.rs
deleted file mode 100644
index 7c81743c..00000000
--- a/src/login/sso_page.rs
+++ /dev/null
@@ -1,48 +0,0 @@
-use adw::subclass::prelude::*;
-use gtk::{self, glib, CompositeTemplate};
-
-mod imp {
-    use glib::subclass::InitializingObject;
-
-    use super::*;
-
-    #[derive(Debug, Default, CompositeTemplate)]
-    #[template(resource = "/org/gnome/Fractal/ui/login/sso_page.ui")]
-    pub struct LoginSsoPage {}
-
-    #[glib::object_subclass]
-    impl ObjectSubclass for LoginSsoPage {
-        const NAME: &'static str = "LoginSsoPage";
-        type Type = super::LoginSsoPage;
-        type ParentType = adw::NavigationPage;
-
-        fn class_init(klass: &mut Self::Class) {
-            Self::bind_template(klass);
-        }
-
-        fn instance_init(obj: &InitializingObject<Self>) {
-            obj.init_template();
-        }
-    }
-
-    impl ObjectImpl for LoginSsoPage {}
-    impl WidgetImpl for LoginSsoPage {}
-
-    impl NavigationPageImpl for LoginSsoPage {
-        fn shown(&self) {
-            self.grab_focus();
-        }
-    }
-}
-
-glib::wrapper! {
-    /// A page shown while the user is logging in via SSO.
-    pub struct LoginSsoPage(ObjectSubclass<imp::LoginSsoPage>)
-        @extends gtk::Widget, adw::NavigationPage, @implements gtk::Accessible;
-}
-
-impl LoginSsoPage {
-    pub fn new() -> Self {
-        glib::Object::new()
-    }
-}
diff --git a/src/ui-resources.gresource.xml b/src/ui-resources.gresource.xml
index 76f50de1..d8be9546 100644
--- a/src/ui-resources.gresource.xml
+++ b/src/ui-resources.gresource.xml
@@ -57,11 +57,11 @@
     <file compressed="true" preprocess="xml-stripblanks">login/advanced_dialog.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">login/greeter.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">login/homeserver_page.ui</file>
-    <file compressed="true" preprocess="xml-stripblanks">login/idp_button.ui</file>
+    <file compressed="true" preprocess="xml-stripblanks">login/in_browser_page.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">login/method_page.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">login/mod.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">login/session_setup_view.ui</file>
-    <file compressed="true" preprocess="xml-stripblanks">login/sso_page.ui</file>
+    <file compressed="true" preprocess="xml-stripblanks">login/sso_idp_button.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">session/view/account_settings/general_page/change_password_subpage.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">session/view/account_settings/general_page/deactivate_account_subpage.ui</file>
     <file compressed="true" preprocess="xml-stripblanks">session/view/account_settings/general_page/log_out_subpage.ui</file>