fix: find and replace "request" references

selfservice/strategy/password/helpers.go

@@ -3,7 +3,7 @@ package password
 import "net/url"
 
 func tidyForm(vv url.Values) url.Values {
-	for _, k := range []string{"password", "csrf_token", "request"} {
+	for _, k := range []string{"password", "csrf_token", "flow"} {
 		vv.Del(k)
 	}
 

selfservice/strategy/password/helpers_test.go

@@ -11,7 +11,7 @@ func TestTidyForm(t *testing.T) {
 	assert.EqualValues(t, url.Values{"foobar": {"foo"}}, tidyForm(url.Values{
 		"password":   {"some-value"},
 		"csrf_token": {"some-value"},
-		"request":    {"some-value"},
+		"flow":       {"some-value"},
 		"foobar":     {"foo"},
 	}))
 }

selfservice/strategy/password/login.go

@@ -95,7 +95,7 @@ type completeSelfServiceLoginFlowWithPasswordMethod struct {
 func (s *Strategy) handleLogin(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 	rid := x.ParseUUID(r.URL.Query().Get("flow"))
 	if x.IsZeroUUID(rid) {
-		s.handleLoginError(w, r, nil, nil, errors.WithStack(herodot.ErrBadRequest.WithReasonf("The request query parameter is missing or invalid.")))
+		s.handleLoginError(w, r, nil, nil, errors.WithStack(herodot.ErrBadRequest.WithReasonf("The flow query parameter is missing or invalid.")))
 		return
 	}
 

selfservice/strategy/password/login_test.go

@@ -258,8 +258,8 @@ func TestCompleteLogin(t *testing.T) {
 
 		t.Run("type=browser", func(t *testing.T) {
 			lr, res, body := run(t, false, url.Values{"identifier": {"identifier"},
-				"csrf_token":{x.FakeCSRFToken},
-				"password": {"password"}}.Encode())
+				"csrf_token": {x.FakeCSRFToken},
+				"password":   {"password"}}.Encode())
 			require.Contains(t, res.Request.URL.Path, "login-ts")
 			assert.NotEqual(t, lr.ID, gjson.GetBytes(body, "id"))
 			assert.Contains(t, gjson.GetBytes(body, "messages.0").String(), "expired", "%s", body)
@@ -286,7 +286,7 @@ func TestCompleteLogin(t *testing.T) {
 
 		t.Run("type=browser", func(t *testing.T) {
 			require.Contains(t, run(t, false, url.Values{
-				"csrf_token":{x.FakeCSRFToken},
+				"csrf_token": {x.FakeCSRFToken},
 				"identifier": {"identifier"}, "password": {"password"}}.Encode()).Request.URL.Path, "login-ts")
 		})
 
@@ -380,7 +380,7 @@ func TestCompleteLogin(t *testing.T) {
 			createIdentity(identifier, pwd)
 
 			payload := url.Values{"identifier": {identifier},
-				"csrf_token":{x.FakeCSRFToken},"password": {"not-password"}}.Encode()
+				"csrf_token": {x.FakeCSRFToken}, "password": {"not-password"}}.Encode()
 			if isAPI {
 				payload = x.MustEncodeJSON(t, &password.LoginFormPayload{
 					Identifier: identifier, Password: "not-password"})
@@ -419,7 +419,7 @@ func TestCompleteLogin(t *testing.T) {
 			createIdentity(identifier, pwd)
 
 			payload := url.Values{"identifier": {identifier},
-				"csrf_token":{x.FakeCSRFToken}, "password": {pwd}}.Encode()
+				"csrf_token": {x.FakeCSRFToken}, "password": {pwd}}.Encode()
 			if isAPI {
 				payload = x.MustEncodeJSON(t, &password.LoginFormPayload{
 					Identifier: identifier, Password: pwd})
@@ -449,8 +449,8 @@ func TestCompleteLogin(t *testing.T) {
 			createIdentity(identifier, pwd)
 			payload := url.Values{
 				"identifier": {identifier},
-				"password": {pwd},
-				"csrf_token":{x.FakeCSRFToken},
+				"password":   {pwd},
+				"csrf_token": {x.FakeCSRFToken},
 			}.Encode()
 
 			jar, _ := cookiejar.New(nil)
@@ -614,15 +614,15 @@ func TestCompleteLogin(t *testing.T) {
 		_, body1 := fakeRequest(t, nlr(time.Hour, false), false, url.Values{
 			"identifier": {identifier},
 			"password":   {pwd},
-			"csrf_token":{x.FakeCSRFToken},
+			"csrf_token": {x.FakeCSRFToken},
 		}.Encode(), nil, jar, http.StatusOK)
 
 		lr2 := nlr(time.Hour, false)
 		lr2.Forced = true
 		res, body2 := fakeRequest(t, lr2, false, url.Values{
 			"identifier": {identifier},
 			"password":   {pwd},
-			"csrf_token":{x.FakeCSRFToken},
+			"csrf_token": {x.FakeCSRFToken},
 		}.Encode(), nil, jar, http.StatusOK)
 
 		require.Contains(t, res.Request.URL.Path, "return-ts", "%s", res.Request.URL.String())
@@ -638,13 +638,13 @@ func TestCompleteLogin(t *testing.T) {
 		require.NoError(t, err)
 		_, body1 := fakeRequest(t, nlr(time.Hour, false), false, url.Values{
 			"identifier": {identifier},
-			"csrf_token":{x.FakeCSRFToken},
+			"csrf_token": {x.FakeCSRFToken},
 			"password":   {pwd},
 		}.Encode(), nil, jar, http.StatusOK)
 
 		lr2 := nlr(time.Hour, false)
 		res, body2 := fakeRequest(t, lr2, false, url.Values{
-			"csrf_token":{x.FakeCSRFToken},
+			"csrf_token": {x.FakeCSRFToken},
 			"identifier": {identifier}, "password": {pwd}}.Encode(), nil, jar, http.StatusOK)
 
 		require.Contains(t, res.Request.URL.Path, "return-ts", "%s", res.Request.URL.String())

selfservice/strategy/password/registration.go

@@ -3,7 +3,6 @@ package password
 import (
 	"encoding/json"
 	"net/http"
-	"net/url"
 
 	"github.com/ory/kratos/driver/configuration"
 
@@ -211,10 +210,7 @@ func (s *Strategy) validateCredentials(i *identity.Identity, pw string) error {
 }
 
 func (s *Strategy) PopulateRegistrationMethod(r *http.Request, sr *registration.Flow) error {
-	action := urlx.CopyWithQuery(
-		urlx.AppendPaths(s.c.SelfPublicURL(), RouteRegistration),
-		url.Values{"request": {sr.ID.String()}},
-	)
+	action := sr.AppendTo(urlx.AppendPaths(s.c.SelfPublicURL(), RouteRegistration))
 
 	htmlf, err := form.NewHTMLFormFromJSONSchema(action.String(), s.c.DefaultIdentityTraitsSchemaURL().String(), "", nil)
 	if err != nil {

selfservice/strategy/password/types.go

@@ -12,7 +12,7 @@ type (
 	// LoginFormPayload is used to decode the login form payload.
 	LoginFormPayload struct {
 		// The user's password.
-		Password   string `form:"password" json:"password,omitempty"`
+		Password string `form:"password" json:"password,omitempty"`
 
 		// Identifier is the email or username of the user trying to log in.
 		Identifier string `form:"identifier" json:"identifier,omitempty"`