fix: cleanup

ory · Oct 23, 2023 · 5cb2ea8 · 5cb2ea8
1 parent 76fa5b0
commit 5cb2ea8
Show file tree

Hide file tree

Showing 13 changed files with 97 additions and 154 deletions.
diff --git a/cmd/clidoc/main.go b/cmd/clidoc/main.go
@@ -144,6 +144,7 @@ func init() {
 		"NewErrorValidationRecoveryStateFailure":                  text.NewErrorValidationRecoveryStateFailure(),
 		"NewInfoNodeInputEmail":                                   text.NewInfoNodeInputEmail(),
 		"NewInfoNodeResendOTP":                                    text.NewInfoNodeResendOTP(),
+		"NewInfoNodeLoginAndLinkCredential":                       text.NewInfoNodeLoginAndLinkCredential(),
 		"NewInfoNodeLabelContinue":                                text.NewInfoNodeLabelContinue(),
 		"NewInfoSelfServiceSettingsRegisterWebAuthn":              text.NewInfoSelfServiceSettingsRegisterWebAuthn(),
 		"NewInfoLoginWebAuthnPasswordless":                        text.NewInfoLoginWebAuthnPasswordless(),
@@ -163,7 +164,6 @@ func init() {
 		"NewInfoSelfServiceLoginCode":                             text.NewInfoSelfServiceLoginCode(),
 		"NewErrorValidationRegistrationRetrySuccessful":           text.NewErrorValidationRegistrationRetrySuccessful(),
 		"NewInfoSelfServiceRegistrationRegisterCode":              text.NewInfoSelfServiceRegistrationRegisterCode(),
-		"NewInfoSelfServiceLoginLinkCredentials":                  text.NewInfoSelfServiceLoginLinkCredentials(),
 		"NewErrorValidationLoginLinkedCredentialsDoNotMatch":      text.NewErrorValidationLoginLinkedCredentialsDoNotMatch(),
 	}
 }

diff --git a/selfservice/flow/flow.go b/selfservice/flow/flow.go
@@ -21,7 +21,6 @@ import (
 )
 
 const InternalContextDuplicateCredentialsPath = "registration_duplicate_credentials"
-const InternalContextLinkCredentialsPath = "link_credentials"
 
 type RegistrationDuplicateCredentials struct {
 	CredentialsType     identity.CredentialsType

diff --git a/selfservice/flow/login/flow.go b/selfservice/flow/login/flow.go
@@ -232,7 +232,7 @@ func (f *Flow) EnsureInternalContext() {
 }
 
 func (f *Flow) duplicateCredentials() (*flow.RegistrationDuplicateCredentials, error) {
-	raw := gjson.GetBytes(f.InternalContext, flow.InternalContextLinkCredentialsPath)
+	raw := gjson.GetBytes(f.InternalContext, flow.InternalContextDuplicateCredentialsPath)
 	if !raw.IsObject() {
 		return nil, nil
 	}

diff --git a/selfservice/flow/login/handler.go b/selfservice/flow/login/handler.go
@@ -5,16 +5,13 @@ package login
 
 import (
 	_ "embed"
-	"encoding/json"
 	"net/http"
 	"net/url"
 	"time"
 
 	"github.com/gofrs/uuid"
 	"github.com/julienschmidt/httprouter"
 	"github.com/pkg/errors"
-	"github.com/tidwall/gjson"
-	"github.com/tidwall/sjson"
 
 	"github.com/ory/herodot"
 	hydraclientgo "github.com/ory/hydra-client-go/v2"
@@ -104,6 +101,12 @@ func WithFlowReturnTo(returnTo string) FlowOption {
 	}
 }
 
+func WithInternalContext(internalContext []byte) FlowOption {
+	return func(f *Flow) {
+		f.InternalContext = internalContext
+	}
+}
+
 func WithFormErrorMessage(messages []text.Message) FlowOption {
 	return func(f *Flow) {
 		for i := range messages {
@@ -776,35 +779,35 @@ continueLogin:
 		return
 	}
 
-	internalContextDuplicateCredentials := gjson.GetBytes(f.InternalContext, flow.InternalContextDuplicateCredentialsPath)
-	if internalContextDuplicateCredentials.IsObject() {
-		var linkCredentials flow.RegistrationDuplicateCredentials
-		if err := json.Unmarshal([]byte(internalContextDuplicateCredentials.Raw), &linkCredentials); err != nil {
-			h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
-			return
-		}
+	/*	internalContextDuplicateCredentials := gjson.GetBytes(f.InternalContext, flow.InternalContextDuplicateCredentialsPath)
+		if internalContextDuplicateCredentials.IsObject() {
+			var linkCredentials flow.RegistrationDuplicateCredentials
+			if err := json.Unmarshal([]byte(internalContextDuplicateCredentials.Raw), &linkCredentials); err != nil {
+				h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
+				return
+			}
 
-		loginFlow, _, err := h.NewLoginFlow(w, r, f.Type, func(newFlow *Flow) {
-			newFlow.ReturnTo = f.ReturnTo
-			newFlow.HydraLoginRequest = f.HydraLoginRequest
-			newFlow.OAuth2LoginChallenge = f.OAuth2LoginChallenge
-			newFlow.OrganizationID = f.OrganizationID
-			newFlow.UI.Messages.Add(text.NewInfoSelfServiceLoginLinkCredentials())
-			newFlow.InternalContext, err = sjson.SetBytes(
-				newFlow.InternalContext, flow.InternalContextLinkCredentialsPath, linkCredentials)
+			loginFlow, _, err := h.NewLoginFlow(w, r, f.Type, func(newFlow *Flow) {
+				newFlow.ReturnTo = f.ReturnTo
+				newFlow.HydraLoginRequest = f.HydraLoginRequest
+				newFlow.OAuth2LoginChallenge = f.OAuth2LoginChallenge
+				newFlow.OrganizationID = f.OrganizationID
+				newFlow.UI.Messages.Add(text.NewInfoSelfServiceLoginLinkCredentials())
+				newFlow.InternalContext, err = sjson.SetBytes(
+					newFlow.InternalContext, flow.InternalContextLinkCredentialsPath, linkCredentials)
+				if err != nil {
+					h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
+					return
+				}
+			})
 			if err != nil {
 				h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
 				return
 			}
-		})
-		if err != nil {
-			h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
-			return
-		}
 
-		http.Redirect(w, r, loginFlow.AppendTo(h.d.Config().SelfServiceFlowLoginUI(r.Context())).String(), http.StatusSeeOther)
-		return
-	}
+			http.Redirect(w, r, loginFlow.AppendTo(h.d.Config().SelfServiceFlowLoginUI(r.Context())).String(), http.StatusSeeOther)
+			return
+		} */
 
 	var i *identity.Identity
 	var group node.UiNodeGroup

diff --git a/selfservice/flow/registration/handler.go b/selfservice/flow/registration/handler.go
@@ -4,16 +4,13 @@
 package registration
 
 import (
-	"encoding/json"
 	"net/http"
 	"net/url"
 	"time"
 
 	"github.com/gofrs/uuid"
 	"github.com/julienschmidt/httprouter"
 	"github.com/pkg/errors"
-	"github.com/tidwall/gjson"
-	"github.com/tidwall/sjson"
 
 	"github.com/ory/herodot"
 	"github.com/ory/kratos/driver/config"
@@ -602,37 +599,6 @@ func (h *Handler) updateRegistrationFlow(w http.ResponseWriter, r *http.Request,
 		return
 	}
 
-	internalContextDuplicateCredentials := gjson.GetBytes(f.InternalContext, flow.InternalContextDuplicateCredentialsPath)
-	if internalContextDuplicateCredentials.IsObject() {
-		// If return_to was set before, we need to preserve it.
-		var opts []login.FlowOption
-		if len(f.ReturnTo) > 0 {
-			opts = append(opts, login.WithFlowReturnTo(f.ReturnTo))
-		}
-		opts = append(opts, func(newFlow *login.Flow) {
-			newFlow.UI.Messages.Add(text.NewInfoSelfServiceLoginLinkCredentials())
-			var linkCredentials flow.RegistrationDuplicateCredentials
-			if err := json.Unmarshal([]byte(internalContextDuplicateCredentials.Raw), &linkCredentials); err != nil {
-				h.d.RegistrationFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
-				return
-			}
-			newFlow.InternalContext, err = sjson.SetBytes(newFlow.InternalContext, flow.InternalContextLinkCredentialsPath,
-				linkCredentials)
-			if err != nil {
-				h.d.RegistrationFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
-				return
-			}
-		})
-		loginFlow, _, err := h.d.LoginHandler().NewLoginFlow(w, r, flow.TypeBrowser, opts...)
-		if err != nil {
-			h.d.RegistrationFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
-			return
-		}
-
-		http.Redirect(w, r, loginFlow.AppendTo(h.d.Config().SelfServiceFlowLoginUI(r.Context())).String(), http.StatusSeeOther)
-		return
-	}
-
 	i := identity.NewIdentity(h.d.Config().DefaultIdentityTraitsSchemaID(r.Context()))
 	var s Strategy
 	for _, ss := range h.d.AllRegistrationStrategies() {

diff --git a/selfservice/flow/registration/hook.go b/selfservice/flow/registration/hook.go
@@ -21,6 +21,7 @@ import (
 	"github.com/ory/kratos/selfservice/flow/login"
 	"github.com/ory/kratos/selfservice/sessiontokenexchange"
 	"github.com/ory/kratos/session"
+	"github.com/ory/kratos/text"
 	"github.com/ory/kratos/ui/node"
 	"github.com/ory/kratos/x"
 	"github.com/ory/kratos/x/events"
@@ -175,29 +176,6 @@ func (e *HookExecutor) PostRegistrationHook(w http.ResponseWriter, r *http.Reque
 					CredentialsConfig:   i.Credentials[ct].Config,
 					DuplicateIdentifier: duplicateIdentifier,
 				}
-				loginFlowID, err := a.GetOuterLoginFlowID()
-				if err != nil {
-					return err
-				}
-				if loginFlowID != nil {
-					loginFlow, err := e.d.LoginFlowPersister().GetLoginFlow(r.Context(), *loginFlowID)
-					if err != nil {
-						return err
-					}
-					loginFlow.InternalContext, err = sjson.SetBytes(loginFlow.InternalContext, flow.InternalContextDuplicateCredentialsPath,
-						registrationDuplicateCredentials)
-					if err != nil {
-						return err
-					}
-					loginFlow.UI.SetNode(node.NewInputField(
-						"method",
-						node.LoginAndLinkCredentials,
-						node.DefaultGroup,
-						node.InputAttributeTypeSubmit))
-					if err := e.d.LoginFlowPersister().UpdateLoginFlow(r.Context(), loginFlow); err != nil {
-						return err
-					}
-				}
 
 				a.InternalContext, err = sjson.SetBytes(a.InternalContext, flow.InternalContextDuplicateCredentialsPath,
 					registrationDuplicateCredentials)
@@ -208,10 +186,7 @@ func (e *HookExecutor) PostRegistrationHook(w http.ResponseWriter, r *http.Reque
 					"method",
 					node.LoginAndLinkCredentials,
 					node.DefaultGroup,
-					node.InputAttributeTypeSubmit))
-				if err := e.d.RegistrationFlowPersister().UpdateRegistrationFlow(r.Context(), a); err != nil {
-					return err
-				}
+					node.InputAttributeTypeSubmit).WithMetaLabel(text.NewInfoNodeLoginAndLinkCredential()))
 			}
 		}
 		return err

diff --git a/selfservice/strategy/oidc/strategy.go b/selfservice/strategy/oidc/strategy.go
@@ -543,17 +543,19 @@ func (s *Strategy) handleError(w http.ResponseWriter, r *http.Request, f flow.Fl
 		// Reset all nodes to not confuse users.
 		// This is kinda hacky and will probably need to be updated at some point.
 
-		var loginAndLinkCredentialsNode *node.Node
-		for _, n := range rf.UI.Nodes {
-			if n.ID() == "method" && n.GetValue() == node.LoginAndLinkCredentials {
-				loginAndLinkCredentialsNode = n
-				break
+		if dup := new(identity.ErrDuplicateCredentials); errors.As(err, &dup) {
+			rf.UI.Messages.Add(text.NewErrorValidationDuplicateCredentialsOnOIDCLink())
+			lf, err := s.registrationToLogin(w, r, rf, provider)
+			if err != nil {
+				return err
 			}
+			// return a new login flow with the error message embedded in the login flow.
+			x.AcceptToRedirectOrJSON(w, r, s.d.Writer(), lf, lf.AppendTo(s.d.Config().SelfServiceFlowLoginUI(r.Context())).String())
+			// ensure the function does not continue to execute
+			return registration.ErrHookAbortFlow
 		}
+
 		rf.UI.Nodes = node.Nodes{}
-		if loginAndLinkCredentialsNode != nil {
-			rf.UI.Nodes.Upsert(loginAndLinkCredentialsNode)
-		}
 
 		// Adds the "Continue" button
 		rf.UI.SetCSRF(s.d.GenerateCSRFToken(r))

diff --git a/selfservice/strategy/oidc/strategy_registration.go b/selfservice/strategy/oidc/strategy_registration.go
@@ -261,6 +261,10 @@ func (s *Strategy) registrationToLogin(w http.ResponseWriter, r *http.Request, r
 		opts = append(opts, login.WithFormErrorMessage(rf.UI.Messages))
 	}
 
+	if len(rf.InternalContext) > 0 {
+		opts = append(opts, login.WithInternalContext(rf.InternalContext))
+	}
+
 	lf, _, err := s.d.LoginHandler().NewLoginFlow(w, r, rf.Type, opts...)
 	if err != nil {
 		return nil, err