Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rename login/registration/recovery/... request to flow #635

Closed
aeneasr opened this issue Aug 6, 2020 · 0 comments · Fixed by #624
Closed

Rename login/registration/recovery/... request to flow #635

aeneasr opened this issue Aug 6, 2020 · 0 comments · Fixed by #624
Assignees
@aeneasr
Labels
rfc A request for comments to discuss and share ideas.
Projects
Maintainer's Board
Milestone
v0.5.0-alpha.1

Comments

@aeneasr
Copy link
Member

aeneasr commented Aug 6, 2020

Is your feature request related to a problem? Please describe.

Currently, we initiate a login flow which yields a login request. I think this is quite confusing and a better way to talk about this would be to just deal with "login flows".

Describe the solution you'd like

Strip requests from the wording and replace them with flow. Instead of initiating a login flow which creates a login request (???) we initiate a login flow and reference the login flow in the selfservice UI and so on.

This also makes sense from an API standpoint. Right now we have URLs such as

  • /self-service/browser/flows/login
  • /self-service/browser/flows/requests/login?request=...

but instead it would make sense to initialize the flow and reference it:

  • /self-service/browser/login
  • /self-service/browser/login/flows?flow=... or /self-service/browser/login/flows?flow_id=...

Describe alternatives you've considered

None so far.

Additional context

This is a pretty huge breaking change in terms of API but it probably makes sense to do this now instead of later. Switching to the new API might be a bit of work but given that no functionality changed, only naming, it should be manageable.
@aeneasr aeneasr added the rfc A request for comments to discuss and share ideas. label Aug 6, 2020
@aeneasr aeneasr added this to the v0.5.0-alpha.1 milestone Aug 6, 2020
@aeneasr aeneasr added this to To do in Maintainer's Board via automation Aug 6, 2020
@aeneasr aeneasr self-assigned this Aug 6, 2020
@aeneasr aeneasr pinned this issue Aug 7, 2020
aeneasr added a commit that referenced this issue Aug 10, 2020
@aeneasr
refactor: rename login request to login flow
5c3ca6a 
As part of this change, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Login Request" to "Self-Service Login Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several endpoints:

- `/self-service/browser/flows/login is now `/self-service/login/browser`.
- `/self-service/browser/flows/requests/login?request=abcd` is now `/self-service/login/flows?id=abcd`.

Functionality or behavior of those endpoints did not change.

The Login UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new PublicApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserLoginRequest(req.query.request)
+ kratos.getSelfServiceLoginFlow(req.query.flow)
```

This patch requires you to run SQL migrations.
@aeneasr aeneasr mentioned this issue Aug 12, 2020
Merged
aeneasr added a commit that referenced this issue Aug 13, 2020
@aeneasr
refactor: rename login request to login flow
caa30bc 
As part of this change, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Login Request" to "Self-Service Login Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important login flow endpoints:

- `/self-service/browser/flows/login` is now `/self-service/login/browser`.
- `/self-service/browser/flows/requests/login?request=abcd` is now `/self-service/login/flows?id=abcd`.

Additionally, the URL for completing the password login method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/login/strategies/password?request=abcd` is now `/self-service/login/methods/password?flow=abcd`

Functionality or behavior of those endpoints did not change.

The Login UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new PublicApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserLoginRequest(req.query.request)
+ kratos.getSelfServiceLoginFlow(req.query.flow)

  // You will most likely not be using this:
- kratos.completeSelfServiceLoginFlowWithPassword //...
- kratos.completeSelfServiceLoginFlowWithPasswordMethod //..
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 13, 2020
@aeneasr
refactor: rename login request to login flow
cf911c3 
As part of this change, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Login Request" to "Self-Service Login Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important login flow endpoints:

- `/self-service/browser/flows/login` is now `/self-service/login/browser` without functional changes.
- `/self-service/browser/flows/requests/login?request=abcd` is now `/self-service/login/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password login method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/login/strategies/password?request=abcd` is now `/self-service/login/methods/password?flow=abcd` without functional changes.

The Login UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserLoginRequest(req.query.request)
+ kratos.getSelfServiceLoginFlow(req.query.flow)

  // You will most likely not be using this:
  const kratos = new PublicApi(config.kratos.public)
- kratos.completeSelfServiceLoginFlowWithPassword //...
- kratos.completeSelfServiceLoginFlowWithPasswordMethod //..
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 13, 2020
@aeneasr
refactor: rename registration request to registration flow
a005b82 
As part of this change, fetching a registration flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Registration Request" to "Self-Service Registration Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important registration flow endpoints:

- `/self-service/browser/flows/registration` is now `/self-service/registration/browser` without functional changes.
- `/self-service/browser/flows/requests/registration?request=abcd` is now `/self-service/registration/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

The Login UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserRegistrationRequest(req.query.request)
+ kratos.getSelfServiceRegistrationFlow(req.query.flow)
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 17, 2020
@aeneasr
refactor: rename registration request to registration flow
9aa0e30 
As part of this change, fetching a registration flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Registration Request" to "Self-Service Registration Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important registration flow endpoints:

- `/self-service/browser/flows/registration` is now `/self-service/registration/browser` without behavioral change.
- `/self-service/browser/flows/requests/registration?request=abcd` is now `/self-service/registration/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password registration method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/registration/strategies/password?request=abcd` is now `/self-service/registration/methods/password?flow=abcd` without functional changes.

The Registration UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserRegistrationRequest(req.query.request)
+ kratos.getSelfServiceRegistrationFlow(req.query.flow)

  // You will most likely not be using this:
  const kratos = new PublicApi(config.kratos.public)
- kratos.completeSelfServiceRegistrationFlowWithPassword //...
- kratos.completeSelfServiceRegistrationFlowWithPasswordMethod //..
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 17, 2020
@aeneasr
refactor: rename registration request to registration flow
d3562c2 
As part of this change, fetching a registration flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Registration Request" to "Self-Service Registration Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important registration flow endpoints:

- `/self-service/browser/flows/registration` is now `/self-service/registration/browser` without behavioral change.
- `/self-service/browser/flows/requests/registration?request=abcd` is now `/self-service/registration/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password registration method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/registration/strategies/password?request=abcd` is now `/self-service/registration/methods/password?flow=abcd` without functional changes.

The Registration UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserRegistrationRequest(req.query.request)
+ kratos.getSelfServiceRegistrationFlow(req.query.flow)

  // You will most likely not be using this:
  const kratos = new PublicApi(config.kratos.public)
- kratos.completeSelfServiceRegistrationFlowWithPassword //...
+ kratos.completeSelfServiceRegistrationFlowWithPasswordMethod //..
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 25, 2020
@aeneasr
refactor: rename login request to login flow
9369d1b 
As part of this change, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Login Request" to "Self-Service Login Flow" to follow community feedback and practice already applied in the documentation. Additionally, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

This patch renames several important login flow endpoints:

- `/self-service/browser/flows/login` is now `/self-service/login/browser` without functional changes.
- `/self-service/browser/flows/requests/login?request=abcd` is now `/self-service/login/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password and oidc login method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/login/strategies/password?request=abcd` is now `/self-service/login/methods/password?flow=abcd` without functional changes.
- `/self-service/browser/flows/strategies/oidc?request=abcd` is now `/self-service/methods/oidc?flow=abcd` without functional changes.

The Login UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserLoginRequest(req.query.request)
+ kratos.getSelfServiceLoginFlow(req.query.flow)
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 25, 2020
@aeneasr
refactor: rename registration request to registration flow
0470956 
As part of this change, fetching a registration flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Registration Request" to "Self-Service Registration Flow" to follow community feedback and practice already applied in the documentation. Additionally, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

This patch renames several important registration flow endpoints:

- `/self-service/browser/flows/registration` is now `/self-service/registration/browser` without behavioral change.
- `/self-service/browser/flows/requests/registration?request=abcd` is now `/self-service/registration/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password registration method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/registration/strategies/password?request=abcd` is now `/self-service/registration/methods/password?flow=abcd` without functional changes.
- `/self-service/browser/flows/strategies/oidc?request=abcd` is now `/self-service/methods/oidc?flow=abcd` without functional changes.

The Registration UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserRegistrationRequest(req.query.request)
+ kratos.getSelfServiceRegistrationFlow(req.query.flow)
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 25, 2020
@aeneasr
As part of this change, fetching a settings flow over the public API …
31d560e 
…no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Settings Request" to "Self-Service Settings Flow" to follow community feedback and practice already applied in the documentation.

This patch renames several important settings flow endpoints:

- `/self-service/browser/flows/settings` is now `/self-service/settings/browser` without functional changes.
- `/self-service/browser/flows/requests/settings?request=abcd` is now `/self-service/settings/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password, profile, and oidc settings method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/login/strategies/password?request=abcd` is now `/self-service/login/methods/password?flow=abcd` without functional changes.
- `/self-service/browser/flows/strategies/oidc?request=abcd` is now `/self-service/methods/oidc?flow=abcd` without functional changes.
- `/self-service/browser/flows/settings/strategies/profile?request=abcd` is now `/self-service/settings/methods/profile?flow=abcd` without functional changes.

The Settings UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.getSelfServiceBrowserSettingsRequest(req.query.request)
+ kratos.getSelfServiceSettingsFlow(req.query.flow)

  // You will most likely not be using this:
  const kratos = new PublicApi(config.kratos.public)
- kratos.completeSelfServiceBrowserSettingsPasswordStrategyFlow //...
- kratos.completeSelfServiceSettingsFlowWithPasswordMethod //..
- kratos.completeSelfServiceBrowserSettingsProfileStrategyFlow //...
- kratos.completeSelfServiceSettingsFlowWithProfileMethod //..
```

This patch requires you to run SQL migrations.
aeneasr added a commit that referenced this issue Aug 27, 2020
@aeneasr
refactor: rename recovery request to recovery flow
b0f433d 
As part of this change, fetching a login flow over the public API no longer requires Anti-CSRF cookies to be sent.

Partially closes #635

BREAKING CHANGE: Wording has changed from "Self-Service Recovery Request" to "Self-Service Recovery Flow" to follow community feedback and practice already applied in the documentation. Additionally, fetching a recovery flow over the public API no longer requires Anti-CSRF cookies to be sent.

This patch renames several important recovery flow endpoints:

- `/self-service/browser/flows/recovery` is now `/self-service/recovery/browser` without functional changes.
- `/self-service/browser/flows/requests/recovery?request=abcd` is now `/self-service/recovery/flows?id=abcd` and no longer needs anti-CSRF cookies to be available.

Additionally, the URL for completing the password and oidc recovery method has been moved. Given that this endpoint is typically not manually called, you can probably ignore this change:

- `/self-service/browser/flows/recovery/link?request=abcd` is now `/self-service/recovery/methods/link?flow=abcd` without functional changes.

The Recovery UI Endpoint no longer receives a `?request=abcde` query parameter but instead a `?flow=abcde` query parameter. Functionality did not change however.

As part of this change SDK methods have been renamed:

```
  const kratos = new CommonApi(config.kratos.public)
  // ...
- kratos.completeSelfServiceBrowserRecoveryLinkStrategyFlow(req.query.request)
+ kratos.completeSelfServiceRecoveryFlowWithLinkMethod(req.query.flow)
```

This patch requires you to run SQL migrations.
@marcinkoziej marcinkoziej mentioned this issue Sep 10, 2020
Closed
Maintainer's Board automation moved this from To do to Done Sep 15, 2020
@aeneasr aeneasr unpinned this issue Nov 7, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aeneasr aeneasr

Labels
rfc A request for comments to discuss and share ideas.
Projects
Maintainer's Board
  
Done
Milestone
v0.5.0-alpha.1
Development

Successfully merging a pull request may close this issue.

feat: implement API-based self-service flows ory/kratos
1 participant
@aeneasr