diff --git a/src/components/auth/permissions/PermissionsBody.jsx b/src/components/auth/permissions/PermissionsBody.jsx
index b569652..e58bb44 100644
--- a/src/components/auth/permissions/PermissionsBody.jsx
+++ b/src/components/auth/permissions/PermissionsBody.jsx
@@ -1,5 +1,7 @@
 import React from 'react';
 
+import { FormattedMessage as Message } from 'react-intl';
+
 import icons from 'components/ui/icons.scss';
 import { PanelBodyHeader } from 'components/ui/Panel';
 import BaseAuthBody from 'components/auth/BaseAuthBody';
diff --git a/src/components/auth/permissions/permissions.scss b/src/components/auth/permissions/permissions.scss
index 19c0658..4929318 100644
--- a/src/components/auth/permissions/permissions.scss
+++ b/src/components/auth/permissions/permissions.scss
@@ -71,7 +71,7 @@
             line-height: 9px;
             position: absolute;
             top: 6px;
-            left: 0;
+            left: -4px;
         }
     }
 }
diff --git a/src/components/ui/form/Button.jsx b/src/components/ui/form/Button.jsx
index dbe4ef0..253431e 100644
--- a/src/components/ui/form/Button.jsx
+++ b/src/components/ui/form/Button.jsx
@@ -17,7 +17,7 @@ export default class Button extends FormComponent {
             PropTypes.string
         ]).isRequired,
         block: PropTypes.bool,
-        color: PropTypes.oneOf(['green', 'blue', 'red', 'lightViolet', 'darkBlue', 'violet'])
+        color: PropTypes.oneOf(['green', 'blue', 'red', 'lightViolet', 'darkBlue', 'violet', 'orange'])
     };
 
     render() {
diff --git a/src/services/authFlow/AuthFlow.js b/src/services/authFlow/AuthFlow.js
index d39f559..bc09c1e 100644
--- a/src/services/authFlow/AuthFlow.js
+++ b/src/services/authFlow/AuthFlow.js
@@ -83,7 +83,7 @@ export default class AuthFlow {
             this.run('setOAuthRequest', {});
         }
 
-        switch (path.replace(/(.)\/.+/, '$1')) { // use only first part of an url
+        switch (path) { // use only first part of an url
             case '/oauth':
                 this.setState(new OAuthState());
                 break;
@@ -92,10 +92,6 @@ export default class AuthFlow {
                 this.setState(new RegisterState());
                 break;
 
-            case '/recover-password':
-                this.setState(new RecoverPasswordState());
-                break;
-
             case '/forgot-password':
                 this.setState(new ForgotPasswordState());
                 break;
@@ -115,7 +111,14 @@ export default class AuthFlow {
                 break;
 
             default:
-                throw new Error(`Unsupported request: ${path}`);
+                switch (path.replace(/(.)\/.+/, '$1')) { // use only first part of an url
+                    case '/recover-password':
+                        this.setState(new RecoverPasswordState());
+                        break;
+
+                    default:
+                        throw new Error(`Unsupported request: ${path}`);
+                }
         }
     }
 }
diff --git a/tests/services/authFlow/AuthFlow.test.js b/tests/services/authFlow/AuthFlow.test.js
index 768a94b..51ecd4d 100644
--- a/tests/services/authFlow/AuthFlow.test.js
+++ b/tests/services/authFlow/AuthFlow.test.js
@@ -1,6 +1,13 @@
 import AuthFlow from 'services/authFlow/AuthFlow';
 import AbstractState from 'services/authFlow/AbstractState';
 
+import OAuthState from 'services/authFlow/OAuthState';
+import RegisterState from 'services/authFlow/RegisterState';
+import RecoverPasswordState from 'services/authFlow/RecoverPasswordState';
+import ForgotPasswordState from 'services/authFlow/ForgotPasswordState';
+import ResendActivationState from 'services/authFlow/ResendActivationState';
+import LoginState from 'services/authFlow/LoginState';
+
 // TODO: navigate and state switching
 
 describe('AuthFlow', () => {
@@ -140,4 +147,45 @@ describe('AuthFlow', () => {
             sinon.assert.calledWithExactly(state.reject, flow, expectedPayload);
         });
     });
+
+    describe('#handleRequest()', () => {
+        beforeEach(() => {
+            sinon.stub(flow, 'setState');
+            sinon.stub(flow, 'run');
+        });
+
+        Object.entries({
+            '/': LoginState,
+            '/login': LoginState,
+            '/password': LoginState,
+            '/activation': LoginState,
+            '/change-password': LoginState,
+            '/oauth/permissions': LoginState,
+            '/oauth/finish': LoginState,
+            '/oauth': OAuthState,
+            '/register': RegisterState,
+            '/recover-password': RecoverPasswordState,
+            '/recover-password/key123': RecoverPasswordState,
+            '/forgot-password': ForgotPasswordState,
+            '/resend-activation': ResendActivationState
+        }).forEach(([path, type]) => {
+            it(`should transition to ${type.name} if ${path}`, () => {
+                flow.handleRequest(path);
+
+                sinon.assert.calledOnce(flow.setState);
+                sinon.assert.calledWithExactly(flow.setState, sinon.match.instanceOf(type));
+            });
+        });
+
+        it('should run setOAuthRequest if /', () => {
+            flow.handleRequest('/');
+
+            sinon.assert.calledOnce(flow.run);
+            sinon.assert.calledWithExactly(flow.run, 'setOAuthRequest', {});
+        });
+
+        it('throws if unsupported request', () => {
+            expect(() => flow.handleRequest('/foo/bar')).to.throw('Unsupported request: /foo/bar');
+        });
+    });
 });