refactor(login): rename forced -> refresh

ory · Oct 19, 2021 · 8d1e54b · 8d1e54b
1 parent 7108e65
commit 8d1e54b
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 18 deletions.
diff --git a/selfservice/flow/login/flow.go b/selfservice/flow/login/flow.go
@@ -80,8 +80,8 @@ type Flow struct {
 	// CSRFToken contains the anti-csrf token associated with this flow. Only set for browser flows.
 	CSRFToken string `json:"-" db:"csrf_token"`
 
-	// Forced stores whether this login flow should enforce re-authentication.
-	Forced bool `json:"forced" db:"forced"`
+	// Refresh stores whether this login flow should enforce re-authentication.
+	Refresh bool `json:"forced" db:"forced"`
 }
 
 func NewFlow(conf *config.Config, exp time.Duration, csrf string, r *http.Request, flowType flow.Type) *Flow {
@@ -95,10 +95,10 @@ func NewFlow(conf *config.Config, exp time.Duration, csrf string, r *http.Reques
 			Method: "POST",
 			Action: flow.AppendFlowTo(urlx.AppendPaths(conf.SelfPublicURL(r), RouteSubmitFlow), id).String(),
 		},
-		RequestURL: x.RequestURL(r).String(),
-		CSRFToken:  csrf,
-		Type:       flowType,
-		Forced:     r.URL.Query().Get("refresh") == "true",
+		RequestURL:   x.RequestURL(r).String(),
+		CSRFToken:    csrf,
+		Type:         flowType,
+		Refresh:      r.URL.Query().Get("refresh") == "true",
 	}
 }
 
@@ -130,7 +130,7 @@ func (f Flow) GetID() uuid.UUID {
 }
 
 func (f *Flow) IsForced() bool {
-	return f.Forced
+	return f.Refresh
 }
 
 func (f *Flow) AppendTo(src *url.URL) *url.URL {

diff --git a/selfservice/flow/login/flow_test.go b/selfservice/flow/login/flow_test.go
@@ -41,7 +41,7 @@ func TestNewFlow(t *testing.T) {
 		}, flow.TypeBrowser)
 		assert.EqualValues(t, r.IssuedAt, r.ExpiresAt)
 		assert.Equal(t, flow.TypeBrowser, r.Type)
-		assert.False(t, r.Forced)
+		assert.False(t, r.Refresh)
 		assert.Equal(t, "https://ory.sh/", r.RequestURL)
 	})
 
@@ -51,7 +51,7 @@ func TestNewFlow(t *testing.T) {
 			Host: "ory.sh"}, flow.TypeAPI)
 		assert.Equal(t, r.IssuedAt, r.ExpiresAt)
 		assert.Equal(t, flow.TypeAPI, r.Type)
-		assert.True(t, r.Forced)
+		assert.True(t, r.Refresh)
 		assert.Equal(t, "http://ory.sh/?refresh=true", r.RequestURL)
 	})
 

diff --git a/selfservice/flow/login/handler.go b/selfservice/flow/login/handler.go
@@ -95,7 +95,7 @@ func (h *Handler) NewLoginFlow(w http.ResponseWriter, r *http.Request, flow flow
 		return nil, err
 	}
 
-	if f.Forced {
+	if f.Refresh {
 		f.UI.Messages.Set(text.NewInfoLoginReAuth())
 	}
 
@@ -173,7 +173,7 @@ func (h *Handler) initAPIFlow(w http.ResponseWriter, r *http.Request, _ httprout
 		return
 	}
 
-	if a.Forced {
+	if a.Refresh {
 		if err := h.d.LoginFlowPersister().ForceLoginFlow(r.Context(), a.ID); err != nil {
 			h.d.Writer().WriteError(w, r, err)
 			return
@@ -225,7 +225,7 @@ func (h *Handler) initBrowserFlow(w http.ResponseWriter, r *http.Request, ps htt
 		return
 	}
 
-	if a.Forced {
+	if a.Refresh {
 		if err := h.d.LoginFlowPersister().ForceLoginFlow(r.Context(), a.ID); err != nil {
 			h.d.SelfServiceErrorManager().Forward(r.Context(), w, r, err)
 			return
@@ -417,7 +417,7 @@ func (h *Handler) submitFlow(w http.ResponseWriter, r *http.Request, _ httproute
 		return
 	}
 
-	if _, err := h.d.SessionManager().FetchFromRequest(r.Context(), r); err == nil && !f.Forced {
+	if _, err := h.d.SessionManager().FetchFromRequest(r.Context(), r); err == nil && !f.Refresh {
 		if f.Type == flow.TypeBrowser {
 			http.Redirect(w, r, h.d.Config(r.Context()).SelfServiceBrowserDefaultReturnTo().String(), http.StatusFound)
 			return
@@ -453,7 +453,20 @@ func (h *Handler) submitFlow(w http.ResponseWriter, r *http.Request, _ httproute
 		return
 	}
 
-	// TODO Handle n+1 authentication factor
+	for _, ss := range h.d.AllLoginStrategies() {
+		interim, err := ss.Login(w, r, f)
+		if errors.Is(err, flow.ErrStrategyNotResponsible) {
+			continue
+		} else if errors.Is(err, flow.ErrCompletedByStrategy) {
+			return
+		} else if err != nil {
+			h.d.LoginFlowErrorHandler().WriteFlowError(w, r, f, ss.NodeGroup(), err)
+			return
+		}
+
+		i = interim
+		break
+	}
 
 	if err := h.d.LoginHookExecutor().PostLoginHook(w, r, f, i); err != nil {
 		if err == ErrAddressNotVerified {

diff --git a/selfservice/flow/login/test/persistence.go b/selfservice/flow/login/test/persistence.go
@@ -72,7 +72,7 @@ func TestFlowPersister(ctx context.Context, p persistence.Persister) func(t *tes
 
 		t.Run("case=should properly set the flow type", func(t *testing.T) {
 			expected := newFlow(t)
-			expected.Forced = true
+			expected.Refresh = true
 			expected.Type = flow.TypeAPI
 			expected.UI = container.New("ory-sh")
 
@@ -85,14 +85,14 @@ func TestFlowPersister(ctx context.Context, p persistence.Persister) func(t *tes
 
 			actual.UI = container.New("not-ory-sh")
 			actual.Type = flow.TypeBrowser
-			actual.Forced = true
+			actual.Refresh = true
 
 			require.NoError(t, p.UpdateLoginFlow(ctx, actual))
 
 			actual, err = p.GetLoginFlow(ctx, actual.ID)
 			require.NoError(t, err)
 			assert.Equal(t, flow.TypeBrowser, actual.Type)
-			assert.True(t, actual.Forced)
+			assert.True(t, actual.Refresh)
 			assert.Equal(t, "not-ory-sh", actual.UI.Action)
 		})
 
@@ -152,7 +152,7 @@ func TestFlowPersister(ctx context.Context, p persistence.Persister) func(t *tes
 
 				actual, err := p.GetLoginFlow(ctx, id)
 				require.NoError(t, err)
-				require.False(t, actual.Forced)
+				require.False(t, actual.Refresh)
 			})
 
 			t.Run("can not update on another network", func(t *testing.T) {