Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: incorrect append of code credential identifier #4102

Merged
merged 2 commits into from
Sep 16, 2024
Merged

fix: incorrect append of code credential identifier #4102

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ef351c9
fix: incorrect append of code credential identifier
aeneasr Sep 16, 2024
d4465fe
chore: synchronize workspaces
aeneasr Sep 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions identity/.snapshots/TestSchemaExtensionCredentials-case=12.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "code",
"config": {
"addresses": [
{
"channel": "sms",
"address": "+4917667111638"
},
{
"channel": "email",
"address": "[email protected]"
},
{
"channel": "email",
"address": "[email protected]"
}
]
},
"version": 0,
"created_at": "0001-01-01T00:00:00Z",
"updated_at": "0001-01-01T00:00:00Z"
}
20 changes: 6 additions & 14 deletions identity/extension_credentials.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,10 @@ import (
)

type SchemaExtensionCredentials struct {
i *Identity
v map[CredentialsType][]string
l sync.Mutex
i *Identity
v map[CredentialsType][]string
addresses []CredentialsCodeAddress
l sync.Mutex
}

func NewSchemaExtensionCredentials(i *Identity) *SchemaExtensionCredentials {
Expand Down Expand Up @@ -79,17 +80,7 @@ func (r *SchemaExtensionCredentials) Run(ctx jsonschema.ValidationContext, s sch
})

var conf CredentialsCode
if len(cred.Config) > 0 {
// Only decode the config if it is not empty.
if err := json.Unmarshal(cred.Config, &conf); err != nil {
return &jsonschema.ValidationError{Message: "unable to unmarshal identity credentials"}
}
}

if conf.Addresses == nil {
conf.Addresses = []CredentialsCodeAddress{}
}

conf.Addresses = r.addresses
value, err := x.NormalizeIdentifier(fmt.Sprintf("%s", value), string(via))
if err != nil {
return &jsonschema.ValidationError{Message: err.Error()}
Expand Down Expand Up @@ -120,6 +111,7 @@ func (r *SchemaExtensionCredentials) Run(ctx jsonschema.ValidationContext, s sch
return item.Address
})...,
))
r.addresses = conf.Addresses

cred.Identifiers = r.v[CredentialsTypeCodeAuth]
cred.Config, err = json.Marshal(conf)
Expand Down
112 changes: 64 additions & 48 deletions identity/extension_credentials_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ import (
"fmt"
"testing"

"github.com/ory/x/sqlxx"

"github.com/ory/x/snapshotx"

"github.com/ory/jsonschema/v3"
Expand All @@ -25,103 +27,117 @@ var ctx = context.Background()

func TestSchemaExtensionCredentials(t *testing.T) {
for k, tc := range []struct {
expectErr error
schema string
doc string
expect []string
existing *identity.Credentials
ct identity.CredentialsType
expectErr error
schema string
doc string
expectedIdentifiers []string
existing *identity.Credentials
ct identity.CredentialsType
}{
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/schema.json",
expect: []string{"[email protected]"},
ct: identity.CredentialsTypePassword,
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/schema.json",
expectedIdentifiers: []string{"[email protected]"},
ct: identity.CredentialsTypePassword,
},
{
doc: `{"emails":["[email protected]","[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expect: []string{"[email protected]", "[email protected]", "foobar"},
ct: identity.CredentialsTypePassword,
doc: `{"emails":["[email protected]","[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expectedIdentifiers: []string{"[email protected]", "[email protected]", "foobar"},
ct: identity.CredentialsTypePassword,
},
{
doc: `{"emails":["[email protected]","[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expect: []string{"[email protected]", "[email protected]"},
ct: identity.CredentialsTypeWebAuthn,
doc: `{"emails":["[email protected]","[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expectedIdentifiers: []string{"[email protected]", "[email protected]"},
ct: identity.CredentialsTypeWebAuthn,
},
{
doc: `{"emails":["[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expect: []string{"[email protected]", "[email protected]", "foobar"},
doc: `{"emails":["[email protected]","[email protected]"], "username": "foobar"}`,
schema: "file://./stub/extension/credentials/multi.schema.json",
expectedIdentifiers: []string{"[email protected]", "[email protected]", "foobar"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]"},
},
ct: identity.CredentialsTypePassword,
},
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/webauthn.schema.json",
expect: []string{"[email protected]"},
ct: identity.CredentialsTypeWebAuthn,
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/webauthn.schema.json",
expectedIdentifiers: []string{"[email protected]"},
ct: identity.CredentialsTypeWebAuthn,
},
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/webauthn.schema.json",
expect: []string{"[email protected]"},
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/webauthn.schema.json",
expectedIdentifiers: []string{"[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]"},
},
ct: identity.CredentialsTypeWebAuthn,
},
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expect: []string{"[email protected]"},
ct: identity.CredentialsTypeCodeAuth,
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expectedIdentifiers: []string{"[email protected]"},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expect: []string{"[email protected]"},
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expectedIdentifiers: []string{"[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]"},
},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expect: []string{"[email protected]"},
doc: `{"email":"[email protected]"}`,
schema: "file://./stub/extension/credentials/code.schema.json",
expectedIdentifiers: []string{"[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]", "[email protected]"},
Config: sqlxx.JSONRawMessage(`{"addresses":[{"channel":"email","address":"[email protected]"}]}`),
},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expect: []string{"+4917667111638", "[email protected]"},
doc: `{"email":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expectedIdentifiers: []string{"+4917667111638", "[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]", "[email protected]"},
Config: sqlxx.JSONRawMessage(`{"addresses":[{"channel":"email","address":"[email protected]"}]}`),
},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expect: []string{"+4917667111638", "[email protected]"},
doc: `{"email":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expectedIdentifiers: []string{"+4917667111638", "[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]", "[email protected]"},
Config: sqlxx.JSONRawMessage(`{"addresses":[{"channel":"email","address":"[email protected]"}]}`),
},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]","email2":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expectedIdentifiers: []string{"+4917667111638", "[email protected]"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]", "[email protected]"},
Config: sqlxx.JSONRawMessage(`{"addresses":[{"channel":"email","address":"[email protected]"}]}`),
},
ct: identity.CredentialsTypeCodeAuth,
},
{
doc: `{"email":"[email protected]","email2":"[email protected]","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expect: []string{"+4917667111638", "[email protected]"},
doc: `{"email":"[email protected]","email2":"FOO@ory.sh","email3":"bar@ory.sh","phone":"+49 176 671 11 638"}`,
schema: "file://./stub/extension/credentials/code-phone-email.schema.json",
expectedIdentifiers: []string{"+4917667111638", "foo@ory.sh", "bar@ory.sh"},
existing: &identity.Credentials{
Identifiers: []string{"[email protected]", "[email protected]"},
Config: sqlxx.JSONRawMessage(`{"addresses":[{"channel":"email","address":"[email protected]"}]}`),
},
ct: identity.CredentialsTypeCodeAuth,
},
Expand All @@ -148,7 +164,7 @@ func TestSchemaExtensionCredentials(t *testing.T) {

credentials, ok := i.GetCredentials(tc.ct)
require.True(t, ok)
assert.ElementsMatch(t, tc.expect, credentials.Identifiers)
assert.ElementsMatch(t, tc.expectedIdentifiers, credentials.Identifiers)
snapshotx.SnapshotT(t, credentials, snapshotx.ExceptPaths("identifiers"))
})
}
Expand Down
4 changes: 2 additions & 2 deletions identity/handler_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -762,9 +762,9 @@ func TestHandler(t *testing.T) {
t.Run("case=fails all on a bad identity", func(t *testing.T) {
// Test setup: we have a list of valid identitiy patches and a list of invalid ones.
// Each run adds one invalid patch to the list and sends it to the server.
// --> we expect the server to fail all patches in the list.
// --> we expectedIdentifiers the server to fail all patches in the list.
// Finally, we send just the valid patches
// --> we expect the server to succeed all patches in the list.
// --> we expectedIdentifiers the server to succeed all patches in the list.
validPatches := []*identity.BatchIdentityPatch{
{Create: validCreateIdentityBody("valid-patch", 0)},
{Create: validCreateIdentityBody("valid-patch", 1)},
Expand Down
18 changes: 18 additions & 0 deletions identity/stub/extension/credentials/code-phone-email.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,24 @@
}
}
},
"email3": {
"type": "string",
"format": "email",
"ory.sh/kratos": {
"credentials": {
"password": {
"identifier": true
},
"webauthn": {
"identifier": true
},
"code": {
"identifier": true,
"via": "email"
}
}
}
},
"phone": {
"type": "string",
"format": "tel",
Expand Down
1 change: 1 addition & 0 deletions internal/client-go/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
Expand Down
Loading