fix: decoder regression in registration

selfservice/strategy/oidc/.schema/registration.schema.json → selfservice/strategy/oidc/.schema/link.schema.json

@@ -11,7 +11,7 @@
       "minLength": 1
     },
     "traits": {
-      "description": "This field will be overwritten in registration.go's decoder() method. Do not add anything to this field as it has no effect."
+      "description": "DO NOT DELETE THIS FIELD. This field will be overwritten in login.go's and registration.go's decoder() method. Do not add anything to this field as it has no effect."
     }
   }
 }

selfservice/strategy/oidc/schema.go

@@ -4,8 +4,5 @@ import (
 	_ "embed"
 )
 
-//go:embed .schema/login.schema.json
-var loginSchema []byte
-
-//go:embed .schema/registration.schema.json
-var registrationSchema []byte
+//go:embed .schema/link.schema.json
+var linkSchema []byte

selfservice/strategy/oidc/strategy_login.go

@@ -8,8 +8,6 @@ import (
 
 	"golang.org/x/oauth2"
 
-	"github.com/ory/x/decoderx"
-
 	"github.com/ory/kratos/session"
 
 	"github.com/ory/x/sqlcon"
@@ -70,24 +68,6 @@ type SubmitSelfServiceLoginFlowWithOidcMethodBody struct {
 	Method string `json:"method"`
 }
 
-func (s *Strategy) decodeLogin(p *SubmitSelfServiceLoginFlowWithOidcMethodBody, r *http.Request) error {
-	compiler, err := decoderx.HTTPRawJSONSchemaCompiler(loginSchema)
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	if err := s.dec.Decode(r, &p, compiler,
-		decoderx.HTTPKeepRequestBody(true),
-		decoderx.HTTPDecoderUseQueryAndBody(),
-		decoderx.HTTPDecoderAllowedMethods("POST", "GET"),
-		decoderx.HTTPDecoderSetValidatePayloads(false),
-		decoderx.HTTPDecoderJSONFollowsFormFormat()); err != nil {
-		return errors.WithStack(err)
-	}
-
-	return nil
-}
-
 func (s *Strategy) processLogin(w http.ResponseWriter, r *http.Request, a *login.Flow, token *oauth2.Token, claims *Claims, provider Provider, container *authCodeContainer) (*registration.Flow, error) {
 	i, c, err := s.d.PrivilegedIdentityPool().FindByCredentialsIdentifier(r.Context(), identity.CredentialsTypeOIDC, uid(provider.Config().ID, claims.Subject))
 	if err != nil {
@@ -146,7 +126,7 @@ func (s *Strategy) Login(w http.ResponseWriter, r *http.Request, f *login.Flow,
 	}
 
 	var p SubmitSelfServiceLoginFlowWithOidcMethodBody
-	if err := s.decodeLogin(&p, r); err != nil {
+	if err := s.newLinkDecoder(&p, r); err != nil {
 		return nil, s.handleError(w, r, f, "", nil, errors.WithStack(herodot.ErrBadRequest.WithDebug(err.Error()).WithReasonf("Unable to parse HTTP form request: %s", err.Error())))
 	}
 

selfservice/strategy/oidc/strategy_registration.go

@@ -69,8 +69,8 @@ type SubmitSelfServiceRegistrationFlowWithOidcMethodBody struct {
 	Method string `json:"method"`
 }
 
-func (s *Strategy) decodeRegistration(p *SubmitSelfServiceRegistrationFlowWithOidcMethodBody, r *http.Request) error {
-	raw, err := sjson.SetBytes(registrationSchema,
+func (s *Strategy) newLinkDecoder(p interface{}, r *http.Request) error {
+	raw, err := sjson.SetBytes(linkSchema,
 		"properties.traits.$ref", s.d.Config(r.Context()).DefaultIdentityTraitsSchemaURL().String()+"#/properties/traits")
 	if err != nil {
 		return errors.WithStack(err)
@@ -86,7 +86,8 @@ func (s *Strategy) decodeRegistration(p *SubmitSelfServiceRegistrationFlowWithOi
 		decoderx.HTTPDecoderSetValidatePayloads(false),
 		decoderx.HTTPDecoderUseQueryAndBody(),
 		decoderx.HTTPDecoderAllowedMethods("POST", "GET"),
-		decoderx.HTTPDecoderJSONFollowsFormFormat()); err != nil {
+		decoderx.HTTPDecoderJSONFollowsFormFormat(),
+	); err != nil {
 		return errors.WithStack(err)
 	}
 
@@ -95,7 +96,7 @@ func (s *Strategy) decodeRegistration(p *SubmitSelfServiceRegistrationFlowWithOi
 
 func (s *Strategy) Register(w http.ResponseWriter, r *http.Request, f *registration.Flow, i *identity.Identity) (err error) {
 	var p SubmitSelfServiceRegistrationFlowWithOidcMethodBody
-	if err := s.decodeRegistration(&p, r); err != nil {
+	if err := s.newLinkDecoder(&p, r); err != nil {
 		return s.handleError(w, r, f, "", nil, errors.WithStack(herodot.ErrBadRequest.WithDebug(err.Error()).WithReasonf("Unable to parse HTTP form request: %s", err.Error())))
 	}