From 41fb673e38779cb27d4400f70458617eb7e5b93c Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Mon, 24 Aug 2020 11:28:39 +0200 Subject: [PATCH] fix: find and replace "request" references --- selfservice/strategy/password/helpers.go | 2 +- selfservice/strategy/password/helpers_test.go | 2 +- selfservice/strategy/password/login.go | 2 +- selfservice/strategy/password/login_test.go | 22 +++++++++---------- selfservice/strategy/password/registration.go | 6 +---- selfservice/strategy/password/types.go | 2 +- 6 files changed, 16 insertions(+), 20 deletions(-) diff --git a/selfservice/strategy/password/helpers.go b/selfservice/strategy/password/helpers.go index 1403a209d78..365bf442217 100644 --- a/selfservice/strategy/password/helpers.go +++ b/selfservice/strategy/password/helpers.go @@ -3,7 +3,7 @@ package password import "net/url" func tidyForm(vv url.Values) url.Values { - for _, k := range []string{"password", "csrf_token", "request"} { + for _, k := range []string{"password", "csrf_token", "flow"} { vv.Del(k) } diff --git a/selfservice/strategy/password/helpers_test.go b/selfservice/strategy/password/helpers_test.go index 5b18d2262a1..107d3be72c6 100644 --- a/selfservice/strategy/password/helpers_test.go +++ b/selfservice/strategy/password/helpers_test.go @@ -11,7 +11,7 @@ func TestTidyForm(t *testing.T) { assert.EqualValues(t, url.Values{"foobar": {"foo"}}, tidyForm(url.Values{ "password": {"some-value"}, "csrf_token": {"some-value"}, - "request": {"some-value"}, + "flow": {"some-value"}, "foobar": {"foo"}, })) } diff --git a/selfservice/strategy/password/login.go b/selfservice/strategy/password/login.go index af494a9ec3d..149cbf40048 100644 --- a/selfservice/strategy/password/login.go +++ b/selfservice/strategy/password/login.go @@ -95,7 +95,7 @@ type completeSelfServiceLoginFlowWithPasswordMethod struct { func (s *Strategy) handleLogin(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { rid := x.ParseUUID(r.URL.Query().Get("flow")) if x.IsZeroUUID(rid) { - s.handleLoginError(w, r, nil, nil, errors.WithStack(herodot.ErrBadRequest.WithReasonf("The request query parameter is missing or invalid."))) + s.handleLoginError(w, r, nil, nil, errors.WithStack(herodot.ErrBadRequest.WithReasonf("The flow query parameter is missing or invalid."))) return } diff --git a/selfservice/strategy/password/login_test.go b/selfservice/strategy/password/login_test.go index 2d445782777..f4852857731 100644 --- a/selfservice/strategy/password/login_test.go +++ b/selfservice/strategy/password/login_test.go @@ -258,8 +258,8 @@ func TestCompleteLogin(t *testing.T) { t.Run("type=browser", func(t *testing.T) { lr, res, body := run(t, false, url.Values{"identifier": {"identifier"}, - "csrf_token":{x.FakeCSRFToken}, - "password": {"password"}}.Encode()) + "csrf_token": {x.FakeCSRFToken}, + "password": {"password"}}.Encode()) require.Contains(t, res.Request.URL.Path, "login-ts") assert.NotEqual(t, lr.ID, gjson.GetBytes(body, "id")) assert.Contains(t, gjson.GetBytes(body, "messages.0").String(), "expired", "%s", body) @@ -286,7 +286,7 @@ func TestCompleteLogin(t *testing.T) { t.Run("type=browser", func(t *testing.T) { require.Contains(t, run(t, false, url.Values{ - "csrf_token":{x.FakeCSRFToken}, + "csrf_token": {x.FakeCSRFToken}, "identifier": {"identifier"}, "password": {"password"}}.Encode()).Request.URL.Path, "login-ts") }) @@ -380,7 +380,7 @@ func TestCompleteLogin(t *testing.T) { createIdentity(identifier, pwd) payload := url.Values{"identifier": {identifier}, - "csrf_token":{x.FakeCSRFToken},"password": {"not-password"}}.Encode() + "csrf_token": {x.FakeCSRFToken}, "password": {"not-password"}}.Encode() if isAPI { payload = x.MustEncodeJSON(t, &password.LoginFormPayload{ Identifier: identifier, Password: "not-password"}) @@ -419,7 +419,7 @@ func TestCompleteLogin(t *testing.T) { createIdentity(identifier, pwd) payload := url.Values{"identifier": {identifier}, - "csrf_token":{x.FakeCSRFToken}, "password": {pwd}}.Encode() + "csrf_token": {x.FakeCSRFToken}, "password": {pwd}}.Encode() if isAPI { payload = x.MustEncodeJSON(t, &password.LoginFormPayload{ Identifier: identifier, Password: pwd}) @@ -449,8 +449,8 @@ func TestCompleteLogin(t *testing.T) { createIdentity(identifier, pwd) payload := url.Values{ "identifier": {identifier}, - "password": {pwd}, - "csrf_token":{x.FakeCSRFToken}, + "password": {pwd}, + "csrf_token": {x.FakeCSRFToken}, }.Encode() jar, _ := cookiejar.New(nil) @@ -614,7 +614,7 @@ func TestCompleteLogin(t *testing.T) { _, body1 := fakeRequest(t, nlr(time.Hour, false), false, url.Values{ "identifier": {identifier}, "password": {pwd}, - "csrf_token":{x.FakeCSRFToken}, + "csrf_token": {x.FakeCSRFToken}, }.Encode(), nil, jar, http.StatusOK) lr2 := nlr(time.Hour, false) @@ -622,7 +622,7 @@ func TestCompleteLogin(t *testing.T) { res, body2 := fakeRequest(t, lr2, false, url.Values{ "identifier": {identifier}, "password": {pwd}, - "csrf_token":{x.FakeCSRFToken}, + "csrf_token": {x.FakeCSRFToken}, }.Encode(), nil, jar, http.StatusOK) require.Contains(t, res.Request.URL.Path, "return-ts", "%s", res.Request.URL.String()) @@ -638,13 +638,13 @@ func TestCompleteLogin(t *testing.T) { require.NoError(t, err) _, body1 := fakeRequest(t, nlr(time.Hour, false), false, url.Values{ "identifier": {identifier}, - "csrf_token":{x.FakeCSRFToken}, + "csrf_token": {x.FakeCSRFToken}, "password": {pwd}, }.Encode(), nil, jar, http.StatusOK) lr2 := nlr(time.Hour, false) res, body2 := fakeRequest(t, lr2, false, url.Values{ - "csrf_token":{x.FakeCSRFToken}, + "csrf_token": {x.FakeCSRFToken}, "identifier": {identifier}, "password": {pwd}}.Encode(), nil, jar, http.StatusOK) require.Contains(t, res.Request.URL.Path, "return-ts", "%s", res.Request.URL.String()) diff --git a/selfservice/strategy/password/registration.go b/selfservice/strategy/password/registration.go index 4794088205e..4820ecb577d 100644 --- a/selfservice/strategy/password/registration.go +++ b/selfservice/strategy/password/registration.go @@ -3,7 +3,6 @@ package password import ( "encoding/json" "net/http" - "net/url" "github.com/ory/kratos/driver/configuration" @@ -211,10 +210,7 @@ func (s *Strategy) validateCredentials(i *identity.Identity, pw string) error { } func (s *Strategy) PopulateRegistrationMethod(r *http.Request, sr *registration.Flow) error { - action := urlx.CopyWithQuery( - urlx.AppendPaths(s.c.SelfPublicURL(), RouteRegistration), - url.Values{"request": {sr.ID.String()}}, - ) + action := sr.AppendTo(urlx.AppendPaths(s.c.SelfPublicURL(), RouteRegistration)) htmlf, err := form.NewHTMLFormFromJSONSchema(action.String(), s.c.DefaultIdentityTraitsSchemaURL().String(), "", nil) if err != nil { diff --git a/selfservice/strategy/password/types.go b/selfservice/strategy/password/types.go index c06570e81dc..5ab5bd1d489 100644 --- a/selfservice/strategy/password/types.go +++ b/selfservice/strategy/password/types.go @@ -12,7 +12,7 @@ type ( // LoginFormPayload is used to decode the login form payload. LoginFormPayload struct { // The user's password. - Password string `form:"password" json:"password,omitempty"` + Password string `form:"password" json:"password,omitempty"` // Identifier is the email or username of the user trying to log in. Identifier string `form:"identifier" json:"identifier,omitempty"`