fix: add missing SessionIssued event for api flows (#3348)

* fix: missing SessionIssued event for api flows * chore: add SessionIssued event to post registration hook * chore: format * chore: move sessionissued event to persister
ory · Jun 26, 2023 · adf78e0 · adf78e0
1 parent a6d3d5b
commit adf78e0
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 5 deletions.
diff --git a/persistence/sql/persister_session.go b/persistence/sql/persister_session.go
@@ -11,10 +11,12 @@ import (
 	"github.com/gobuffalo/pop/v6"
 	"github.com/gofrs/uuid"
 	"github.com/pkg/errors"
+	"go.opentelemetry.io/otel/trace"
 	"golang.org/x/sync/errgroup"
 
 	"github.com/ory/kratos/identity"
 	"github.com/ory/kratos/session"
+	"github.com/ory/kratos/x/events"
 	"github.com/ory/x/otelx"
 	"github.com/ory/x/pagination/keysetpagination"
 	"github.com/ory/x/sqlcon"
@@ -193,7 +195,11 @@ func (p *Persister) UpsertSession(ctx context.Context, s *session.Session) (err
 		if exists {
 			// This must not be eager or identities will be created / updated
 			// Only update session and not corresponding session device records
-			return sqlcon.HandleError(tx.Update(s))
+			if err := tx.Update(s); err != nil {
+				return sqlcon.HandleError(err)
+			}
+			trace.SpanFromContext(ctx).AddEvent(events.NewSessionChanged(ctx, string(s.AuthenticatorAssuranceLevel), s.ID, s.IdentityID))
+			return nil
 		}
 
 		// This must not be eager or identities will be created / updated
@@ -218,6 +224,7 @@ func (p *Persister) UpsertSession(ctx context.Context, s *session.Session) (err
 			}
 		}
 
+		trace.SpanFromContext(ctx).AddEvent(events.NewSessionIssued(ctx, string(s.AuthenticatorAssuranceLevel), s.ID, s.IdentityID))
 		return nil
 	}))
 }

diff --git a/selfservice/flow/login/hook.go b/selfservice/flow/login/hook.go
@@ -190,11 +190,14 @@ func (e *HookExecutor) PostLoginHook(
 			Info("Identity authenticated successfully and was issued an Ory Kratos Session Token.")
 
 		trace.SpanFromContext(r.Context()).AddEvent(events.NewLoginSucceeded(r.Context(), &events.LoginSucceededOpts{
-			SessionID:  s.ID,
-			IdentityID: i.ID, FlowType: string(a.Type), RequestedAAL: string(a.RequestedAAL), IsRefresh: a.Refresh, Method: a.Active.String(),
-			SSOProvider: provider,
+			SessionID:    s.ID,
+			IdentityID:   i.ID,
+			FlowType:     string(a.Type),
+			RequestedAAL: string(a.RequestedAAL),
+			IsRefresh:    a.Refresh,
+			Method:       a.Active.String(),
+			SSOProvider:  provider,
 		}))
-
 		if handled, err := e.d.SessionManager().MaybeRedirectAPICodeFlow(w, r, a, s.ID, g); err != nil {
 			return errors.WithStack(err)
 		} else if handled {