Skip to content

Commit

Permalink
fix: incorrect override in identity hydrate (#3368)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aeneasr
aeneasr committed Jul 6, 2023
1 parent 9b95693 commit eaa3f3c
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 14 deletions.
18 changes: 6 additions & 12 deletions persistence/sql/identity/persister_identity.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -482,11 +482,8 @@ func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *
defer otelx.End(span, &err)

var (
con = p.GetConnection(ctx)
nid = p.NetworkID(ctx)
credentials map[identity.CredentialsType]identity.Credentials
verifiableAddresses []identity.VerifiableAddress
recoveryAddresses []identity.RecoveryAddress
con = p.GetConnection(ctx)
nid = p.NetworkID(ctx)
)

eg, ctx := errgroup.WithContext(ctx)
Expand All @@ -499,7 +496,7 @@ func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *
if err := con.WithContext(ctx).
Where("identity_id = ? AND nid = ?", i.ID, nid).
Order("id ASC").
All(&recoveryAddresses); err != nil {
All(&i.RecoveryAddresses); err != nil {
return sqlcon.HandleError(err)
}
return nil
Expand All @@ -514,7 +511,8 @@ func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *
// https://github.com/gobuffalo/pop/issues/723
if err := con.WithContext(ctx).
Order("id ASC").
Where("identity_id = ? AND nid = ?", i.ID, nid).All(&verifiableAddresses); err != nil {
Where("identity_id = ? AND nid = ?", i.ID, nid).
All(&i.VerifiableAddresses); err != nil {
return sqlcon.HandleError(err)
}
return nil
Expand All @@ -533,7 +531,7 @@ func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *
if err != nil {
return err
}
credentials = creds[i.ID]
i.Credentials = creds[i.ID]
return
})
}
Expand All @@ -542,10 +540,6 @@ func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *
return err
}

i.VerifiableAddresses = verifiableAddresses
i.RecoveryAddresses = recoveryAddresses
i.Credentials = credentials

if err := i.Validate(); err != nil {
return err
}
Expand Down
18 changes: 17 additions & 1 deletion session/handler_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ func TestSessionWhoAmI(t *testing.T) {

// set this intermediate because kratos needs some valid url for CRUDE operations
conf.MustSet(ctx, config.ViperKeyPublicBaseURL, "http://example.com")
email := "foo" + uuid.Must(uuid.NewV4()).String() + "@bar.sh"
i := &identity.Identity{
ID: x.NewUUID(),
State: identity.StateActive,
Expand All @@ -76,9 +77,21 @@ func TestSessionWhoAmI(t *testing.T) {
Config: []byte(`{"hashed_password":"$argon2id$v=19$m=32,t=2,p=4$cm94YnRVOW5jZzFzcVE4bQ$MNzk5BtR2vUhrp6qQEjRNw"}`),
},
},
Traits: identity.Traits(`{"baz":"bar","foo":true,"bar":2.5}`),
Traits: identity.Traits(`{"email": "` + email + `","baz":"bar","foo":true,"bar":2.5}`),
MetadataAdmin: []byte(`{"admin":"ma"}`),
MetadataPublic: []byte(`{"public":"mp"}`),
RecoveryAddresses: []identity.RecoveryAddress{
{
Value: email,
Via: identity.AddressTypeEmail,
},
},
VerifiableAddresses: []identity.VerifiableAddress{
{
Value: email,
Via: identity.AddressTypeEmail,
},
},
}
h, _ := testhelpers.MockSessionCreateHandlerWithIdentity(t, reg, i)

Expand Down Expand Up @@ -182,6 +195,9 @@ func TestSessionWhoAmI(t *testing.T) {
assert.Empty(t, gjson.GetBytes(body, "identity.credentials"))
assert.Equal(t, "mp", gjson.GetBytes(body, "identity.metadata_public.public").String(), "%s", body)
assert.False(t, gjson.GetBytes(body, "identity.metadata_admin").Exists())

assert.NotEmpty(t, gjson.GetBytes(body, "identity.recovery_addresses").String(), "%s", body)
assert.NotEmpty(t, gjson.GetBytes(body, "identity.verifiable_addresses").String(), "%s", body)
})
}
}
Expand Down
24 changes: 23 additions & 1 deletion session/stub/identity.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,27 @@
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Person",
"type": "object",
"properties": {}
"properties": {
"traits": {
"type": "object",
"properties": {
"email": {
"type": "string",
"ory.sh/kratos": {
"credentials": {
"password": {
"identifier": true
}
},
"verification": {
"via": "email"
},
"recovery": {
"via": "email"
}
}
}
}
}
}
}

0 comments on commit eaa3f3c

Please sign in to comment.