feat(authentik): Add MFA (TOTP) support (#1440)

This change adds support for optional usage of MFA authenticator for IdP Authentik, Without this change it is not possible to use authentik provider when MFA like TOTP is configured for a user. Without this added support the only workaround is to use browser.

Author: ThimDeveloper

pkg/provider/authentik/authentik.go

@@ -215,11 +215,14 @@ func getLoginJSON(loginDetails *creds.LoginDetails, payload *authentikPayload) (
 	switch component {
 	case "ak-stage-identification":
 		m["uid_field"] = loginDetails.Username
-		if payload.HasPassowrdField {
+		if payload.HasPasswordField {
 			m["password"] = loginDetails.Password
 		}
 	case "ak-stage-password":
 		m["password"] = loginDetails.Password
+
+	case "ak-stage-authenticator-validate":
+		m["code"] = loginDetails.MFAToken
 	default:
 		return []byte(""), errors.New("unknown component: " + component)
 	}
@@ -260,6 +263,9 @@ func prepareErrors(component string, errs map[string][]map[string]string) string
 	if field == "password" {
 		key = "password"
 	}
+	if field == "authenticator-validate" {
+		key = "code"
+	}
 	msgs := make([]string, 0, len(errs[key]))
 	for _, err := range errs[key] {
 		msgs = append(msgs, fmt.Sprintf("%s %s: %s", field, err["code"], err["string"]))