feat: add return_url to verification flow #1149
Conversation
mattbonnell
force-pushed
the
mattbonnell/feat/verification-return-to
branch
3 times, most recently
from
8e92ce2
to
217d4e3
Compare
| returnTo, err := x.SecureRedirectTo(r, nil, | ||
| x.SecureRedirectAllowSelfServiceURLs(s.d.Config(r.Context()).SelfPublicURL(r)), | ||
| x.SecureRedirectAllowURLs(s.d.Config(r.Context()).SelfServiceBrowserWhitelistedReturnToDomains()), | ||
| x.SecureRedirectUseReturnToKey("after_verification"), | ||
| ) | ||
| if err != nil { | ||
| s.d.SelfServiceErrorManager().Forward(r.Context(), w, r, err) | ||
| return | ||
| } | ||
| if returnTo != nil { | ||
| http.Redirect(w, r, returnTo.String(), http.StatusFound) | ||
| return | ||
| } | ||
|
|
||
| returnTo, err = x.SecureRedirectTo(r, s.d.Config(r.Context()).SelfServiceFlowVerificationReturnTo(f.AppendTo(s.d.Config(r.Context()).SelfServiceFlowVerificationUI())), | ||
| x.SecureRedirectAllowSelfServiceURLs(s.d.Config(r.Context()).SelfPublicURL(r)), | ||
| x.SecureRedirectAllowURLs(s.d.Config(r.Context()).SelfServiceBrowserWhitelistedReturnToDomains()), | ||
| ) | ||
| if err != nil { | ||
| s.d.SelfServiceErrorManager().Forward(r.Context(), w, r, err) | ||
| return | ||
| } | ||
|
|
||
| http.Redirect(w, r, returnTo.String(), http.StatusFound) |
There was a problem hiding this comment.
This looks like duplication and can probably be refactored. It also needs tests!
There was a problem hiding this comment.
Yeah, will refactor.
Where would be the best place to add tests? As new cases in TestVerification in selfservice/strategy/link/strategy_verification_test.go?
There was a problem hiding this comment.
Sorry, I missed this - do you still need guidance on this?
There was a problem hiding this comment.
Hey, all good for this bit I think, thanks :)
mattbonnell
force-pushed
the
mattbonnell/feat/verification-return-to
branch
from
dffb625
to
b732722
Compare
|
hey @aeneasr, what's the best way to debug the e2e test? I'm failing a couple of the Cypress test cases but all I get from those logs is that the server returned a 500. When I try to run the end-to-end tests locally, for example the sqlite ones, the test script hangs on Do you have any insight you could share in how you go about debugging failures in the e2e tests? Perhaps there's a way to have the server logs included in the output when tests fail. |
|
@mattbonnell sorry my week was really really hectic, I hope it tones down starting wed next week. I will try to address your PRs and questions latest then! |
|
@aeneasr hey, no worries. Thanks for letting me know :) |
There was a problem hiding this comment.
What I would suggest also is an e2e test to cover the full thing from start to finish. Basically copying https://github.com/ory/kratos/blob/master/test/e2e/cypress/integration/profiles/verification/registration/success.spec.js and setting the new parameter and at the end of the flow expect that we end up at what we specified during registration. You might need to add a new parameter to cy.register
mattbonnell
force-pushed
the
mattbonnell/feat/verification-return-to
branch
2 times, most recently
from
44e9120
to
a04b09b
Compare
|
Looks like you got lots of work done :) Let me know when you want another 👀 |
Will do! Just going to add a few more tests this morning and then will ask you to take another look. |
|
Hmm, failing some courier unit test now, didn't change anything which courier touches though, I don't think. |
mattbonnell
force-pushed
the
mattbonnell/feat/verification-return-to
branch
from
be80f1b
to
dc30ad1
Compare
hey just wanted to echo this question, still something I'm struggling with. |
|
Hm not sure what's going on - do you have some logs for me? The logs are in the e2e directory |
Hey, ended up fixing that first issue, now I'm getting stuck here: I tried following their steps to obtain the record key for the Kratos project but it seems my access is limited. also weirdly, it seems in CI this lack of record key doesn't cause failure. Going to remove the |
mattbonnell
force-pushed
the
mattbonnell/feat/verification-return-to
branch
from
329c60a
to
b9a7083
Compare
|
I believe e2e tests fail on master currently as well... |
|
I will take a look at the e2e now |
|
I have resolved the e2e tests so this should work again - rerunning tests now. |
Seems there's some issue with reading from the CI cache. Perhaps clearing the cache would resolve. |
|
@aeneasr nice, passing :D thanks for unblocking |
|
e2e failing on timeout waiting for resources now 🤕 this might have been transitive, going to trigger a re-run |
…mattbonnell/kratos into mattbonnell/feat/verification-return-to
|
@aeneasr okay yep, it was transitive, things look good here |
Related issue
#1123, #1133
Proposed changes
Adds "return_to" parameter support to the verification flow. If supplied, the user-agent will be redirected there after clicking the email link.
Additionally, add support for passing an "after_verification_return_to" query parameter to flows which have a verification post hook (eg registration), which the user-agent will be redirected to after the post hook verification flow is completed.
Eg: initialize a registration flow with /self-service/registration/browser?return_to=[url1]&after_verification_return_to=[url2]
After completing the registration, the user will be redirected to url1, and a verification email will be sent to them.
After clicking the link in the verification email, they'll be redirected to url2.
Checklist
vulnerability. If this pull request addresses a security. vulnerability, I
confirm that I got green light (please contact
security@ory.sh) from the maintainers to push
the changes.
works.
Further comments
I need to add some tests here, but I'm not sure where the best places to add them would be. Any pointers there?
Additionally, will need to add some documentation for the
after_verificationparameter, but just wanted to get some feedback on that part before I do.