refactor: streamline, version, and improve SDK experience #1477
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aeneasr
force-pushed
the
close-1424-openapi
branch
3 times, most recently
from
1c0e08a
to
07da965
Compare
aeneasr
added a commit
that referenced
this pull request
Jul 2, 2021
aeneasr
force-pushed
the
close-1424-openapi
branch
3 times, most recently
from
07da965
to
94bb8b8
Compare
aeneasr
added a commit
that referenced
this pull request
Jul 6, 2021
aeneasr
force-pushed
the
close-1424-openapi
branch
4 times, most recently
from
0fd947f
to
65f2583
Compare
BREAKING CHANGE: This change introduces a better SDK. As part of this change, several breaking changes with regards to the SDK have been introduced. We recommend reading this section carefully to understand the changes and how they might affect you.
Before, the SDK was structured into tags `public` and `admin`. This stems from the fact that we have two ports in Ory Kratos - one administrative and one public port.
While serves as a good overview when working with Ory Kratos, it does not express:
- What module the API belongs to (e.g. self-service, identity, ...)
- What maturity the API has (e.g. experimental, alpha, beta, ...)
- What version the API has (e.g. v0alpha0, v1beta0, ...)
This patch replaces the current `admin` and `public` tags with a versioned approach indicating the maturity of the API used. For example, `initializeSelfServiceSettingsForBrowsers` would no longer be under the `public` tag but instead under the `v0alpha1` tag:
```patch
import {
Configuration,
- PublicApi
+ V0Alpha1
} from '@ory/kratos-client';
- const kratos = new PublicApi(new Configuration({ basePath: config.kratos.public }));
+ const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.public }));
```
To avoid confusion when setting up the SDK, and potentially using the wrong endpoints in your codebase and ending up with strange 404 errors, Ory Kratos now redirects you to the correct port, given that `serve.(public|admin).base_url` are configured correctly. This is a significant improvement towards a more robust API experience!
Further, all administrative functions require, in the Ory SaaS, authorization using e.g. an Ory Personal Access Token. In the open source, we do not know what developers use to protect their APIs. As such, we believe that it is ok to have admin and public functions under one common API and differentiate with an `admin` prefix. Therefore, the following patches should be made in your codebase:
```patch
import {
- AdminApi,
+ V0Alpha1,
Configuration
} from '@ory/kratos-client';
-const kratos = new AdminApi(new Configuration({ basePath: config.kratos.admin }));
+const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.admin }));
-kratos.createIdentity({
+kratos.adminCreateIdentity({
schema_id: 'default',
traits: { /* ... */ }
})
```
Further, we have introduced a [style guide for writing SDKs annotations](https://www.ory.sh/docs/ecosystem/contributing#openapi-spec-and-go-swagger) governing how naming conventions should be chosen.
We also streamlined how credentials are used. We now differentiate between:
- Per-request credentials such as the Ory Session Token / Cookie
```
- public getSelfServiceRegistrationFlow(id: string, cookie?: string, options?: any) {}
+ public getSelfServiceSettingsFlow(id: string, xSessionToken?: string, cookie?: string, options?: any) {}
```
- Global credentials such as the Ory (SaaS) Personal Access Token.
```typescript
const kratos = new V0Alpha0(new Configuration({ basePath: config.kratos.admin, accessToken: 'some-token' }));
kratosAdmin.adminCreateIdentity({
schema_id: 'default',
traits: { /* ... */ },
});
```
We hope you enjoy the vastly improved experience! There are still many things that we want to iterate on. For full context, we recommend reading the proposal and discussion around these changes at [kratos#1424](#1424).
Additionally, the Self-Service Error endpoint was updated. First, the endpoint `/self-service/errors` is now located at the public port only with the admin port redirecting to it. Second, the parameter `?error` was renamed to `?id` for better SDK compatibility. Parameter `?error` is still working but will be deprecated at some point. Third, the response no longer contains an error array in `errors` but instead just a single error under `error`:
```patch
{
"id": "60208346-3a61-4880-96ae-0419cde8fca8",
- "errors": [{
+ "error": {
"code": 404,
"status": "Not Found",
"reason": "foobar",
"message": "The requested resource could not be found"
- }],
+ },
"created_at": "2021-07-07T11:20:15.310506+02:00",
"updated_at": "2021-07-07T11:20:15.310506+02:00"
}
```
Closes #1424
aeneasr
force-pushed
the
close-1424-openapi
branch
from
65f2583
to
5feca0c
Compare
aeneasr
added a commit
to ory/kratos-selfservice-ui-node
that referenced
this pull request
Jul 8, 2021
5 tasks
aeneasr
added a commit
to ory/kratos-selfservice-ui-node
that referenced
this pull request
Jul 8, 2021
aeneasr
force-pushed
the
close-1424-openapi
branch
from
e23f587
to
7d18582
Compare
BREAKING CHANGE: This change introduces a better SDK. As part of this change, several breaking changes with regards to the SDK have been introduced. We recommend reading this section carefully to understand the changes and how they might affect you.
Before, the SDK was structured into tags `public` and `admin`. This stems from the fact that we have two ports in Ory Kratos - one administrative and one public port.
While serves as a good overview when working with Ory Kratos, it does not express:
- What module the API belongs to (e.g. self-service, identity, ...)
- What maturity the API has (e.g. experimental, alpha, beta, ...)
- What version the API has (e.g. v0alpha0, v1beta0, ...)
This patch replaces the current `admin` and `public` tags with a versioned approach indicating the maturity of the API used. For example, `initializeSelfServiceSettingsForBrowsers` would no longer be under the `public` tag but instead under the `v0alpha1` tag:
```patch
import {
Configuration,
- PublicApi
+ V0Alpha1
} from '@ory/kratos-client';
- const kratos = new PublicApi(new Configuration({ basePath: config.kratos.public }));
+ const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.public }));
```
To avoid confusion when setting up the SDK, and potentially using the wrong endpoints in your codebase and ending up with strange 404 errors, Ory Kratos now redirects you to the correct port, given that `serve.(public|admin).base_url` are configured correctly. This is a significant improvement towards a more robust API experience!
Further, all administrative functions require, in the Ory SaaS, authorization using e.g. an Ory Personal Access Token. In the open source, we do not know what developers use to protect their APIs. As such, we believe that it is ok to have admin and public functions under one common API and differentiate with an `admin` prefix. Therefore, the following patches should be made in your codebase:
```patch
import {
- AdminApi,
+ V0Alpha1,
Configuration
} from '@ory/kratos-client';
-const kratos = new AdminApi(new Configuration({ basePath: config.kratos.admin }));
+const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.admin }));
-kratos.createIdentity({
+kratos.adminCreateIdentity({
schema_id: 'default',
traits: { /* ... */ }
})
```
Further, we have introduced a [style guide for writing SDKs annotations](https://www.ory.sh/docs/ecosystem/contributing#openapi-spec-and-go-swagger) governing how naming conventions should be chosen.
We also streamlined how credentials are used. We now differentiate between:
- Per-request credentials such as the Ory Session Token / Cookie
```
- public getSelfServiceRegistrationFlow(id: string, cookie?: string, options?: any) {}
+ public getSelfServiceSettingsFlow(id: string, xSessionToken?: string, cookie?: string, options?: any) {}
```
- Global credentials such as the Ory (SaaS) Personal Access Token.
```typescript
const kratos = new V0Alpha0(new Configuration({ basePath: config.kratos.admin, accessToken: 'some-token' }));
kratosAdmin.adminCreateIdentity({
schema_id: 'default',
traits: { /* ... */ },
});
```
We hope you enjoy the vastly improved experience! There are still many things that we want to iterate on. For full context, we recommend reading the proposal and discussion around these changes at [kratos#1424](#1424).
Additionally, the Self-Service Error endpoint was updated. First, the endpoint `/self-service/errors` is now located at the public port only with the admin port redirecting to it. Second, the parameter `?error` was renamed to `?id` for better SDK compatibility. Parameter `?error` is still working but will be deprecated at some point. Third, the response no longer contains an error array in `errors` but instead just a single error under `error`:
```patch
{
"id": "60208346-3a61-4880-96ae-0419cde8fca8",
- "errors": [{
+ "error": {
"code": 404,
"status": "Not Found",
"reason": "foobar",
"message": "The requested resource could not be found"
- }],
+ },
"created_at": "2021-07-07T11:20:15.310506+02:00",
"updated_at": "2021-07-07T11:20:15.310506+02:00"
}
```
Closes #1424
BREAKING CHANGE: Prior to this change it was not possible to specify the verification/recovery link lifetime. Instead, it was bound to the flow expiry. This patch changes that and adds the ability to configure the lifespan of the link individually:
```patch
selfservice:
methods:
link:
enabled: true
config:
+ # Defines how long a recovery link is valid for (default 1h)
+ lifespan: 15m
```
This is a breaking change because the link strategy no longer respects the recovery / verification flow expiry time and, unless set, will default to one hour.
Codecov Report
@@ Coverage Diff @@
## master #1477 +/- ##
==========================================
+ Coverage 71.58% 73.83% +2.24%
==========================================
Files 250 256 +6
Lines 10741 12425 +1684
==========================================
+ Hits 7689 9174 +1485
- Misses 2427 2628 +201
+ Partials 625 623 -2
Continue to review full report at Codecov.
|
aeneasr
added a commit
that referenced
this pull request
Jul 11, 2021
aeneasr
added a commit
that referenced
this pull request
Jul 11, 2021
aeneasr
added a commit
that referenced
this pull request
Jul 14, 2021
t-tomalak
added a commit
to Wikia/kratos
that referenced
this pull request
Jul 16, 2021
About two months ago we released Ory Kratos v0.6. Today, we are excited to announce the next iteration of Ory Kratos v0.7! This release includes 215 commits from 24 contributors with over 770 files and more than 100.000 lines of code changed! Ory Kratos v0.7 brings massive developer experience improvements: - A reworked, tested, and standardized SDK based on OpenAPI 3.0.3 ([ory#1477](ory#1477), [ory#1424](ory#1424)); - Native support of Single-Page-Apps (ReactJS, AngularJS, ...) for all self-service flows ([ory#1367](ory#1367)); - Sign in with Yandex, VK, Auth0, Slack; - An all-new, secure logout flow ([ory#1433](ory#1433)); - Important security updates to the self-service GET APIs ([ory#1458](ory#1458), [ory#1282](ory#1282)); - Built-in support for TLS ([ory#1466](ory#1466)); - Improved documentation and Go Module structure; - Resolving a case-sensitivity bug in self-service recovery and verification flows; - Improved performance for listing identities; - Support for Instant tracing ([ory#1429](ory#1429)); - Improved control for SMTPS, supporting SSL and STARTTLS ([ory#1430](ory#1430)); - Ability to run Ory Kratos in networks without outbound requests ([ory#1445](ory#1445)); - Improved control over HTTP Cookie behavior ([ory#1531](ory#1531)); - Several smaller user experience improvements and bug fixes; - Improved e2e test pipeline. In the next iteration of Ory Kratos, we will focus on providing a NextJS example application for the SPA integration as well as the long-awaited MFA flows! Please be aware that upgrading to Ory Kratos 0.7 requires you to apply SQL migrations. Make sure to back up your database before migration! For more details on breaking changes and patch notes, see below.
jess-sheneberger
added a commit
to jess-sheneberger/kratos
that referenced
this pull request
Jul 21, 2021
About two months ago we released Ory Kratos v0.6. Today, we are excited to announce the next iteration of Ory Kratos v0.7! This release includes 215 commits from 24 contributors with over 770 files and more than 100.000 lines of code changed! Ory Kratos v0.7 brings massive developer experience improvements: - A reworked, tested, and standardized SDK based on OpenAPI 3.0.3 ([ory#1477](ory#1477), [ory#1424](ory#1424)); - Native support of Single-Page-Apps (ReactJS, AngularJS, ...) for all self-service flows ([ory#1367](ory#1367)); - Sign in with Yandex, VK, Auth0, Slack; - An all-new, secure logout flow ([ory#1433](ory#1433)); - Important security updates to the self-service GET APIs ([ory#1458](ory#1458), [ory#1282](ory#1282)); - Built-in support for TLS ([ory#1466](ory#1466)); - Improved documentation and Go Module structure; - Resolving a case-sensitivity bug in self-service recovery and verification flows; - Improved performance for listing identities; - Support for Instant tracing ([ory#1429](ory#1429)); - Improved control for SMTPS, supporting SSL and STARTTLS ([ory#1430](ory#1430)); - Ability to run Ory Kratos in networks without outbound requests ([ory#1445](ory#1445)); - Improved control over HTTP Cookie behavior ([ory#1531](ory#1531)); - Several smaller user experience improvements and bug fixes; - Improved e2e test pipeline. In the next iteration of Ory Kratos, we will focus on providing a NextJS example application for the SPA integration as well as the long-awaited MFA flows! Please be aware that upgrading to Ory Kratos 0.7 requires you to apply SQL migrations. Make sure to back up your database before migration! For more details on breaking changes and patch notes, see below.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BREAKING CHANGE: This change introduces a better SDK. As part of this change, several breaking changes with regards to the SDK have been introduced. We recommend reading this section carefully to understand the changes and how they might affect you.
Before, the SDK was structured into tags
publicandadmin. This stems from the fact that we have two ports in Ory Kratos - one administrative and one public port.While serves as a good overview when working with Ory Kratos, it does not express:
This patch replaces the current
adminandpublictags with a versioned approach indicating the maturity of the API used. For example,initializeSelfServiceSettingsForBrowserswould no longer be under thepublictag but instead under thev0alpha1tag:import { Configuration, - PublicApi + V0Alpha1 } from '@ory/kratos-client'; - const kratos = new PublicApi(new Configuration({ basePath: config.kratos.public })); + const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.public }));To avoid confusion when setting up the SDK, and potentially using the wrong endpoints in your codebase and ending up with strange 404 errors, Ory Kratos now redirects you to the correct port, given that
serve.(public|admin).base_urlare configured correctly. This is a significant improvement towards a more robust API experience!Further, all administrative functions require, in the Ory SaaS, authorization using e.g. an Ory Personal Access Token. In the open source, we do not know what developers use to protect their APIs. As such, we believe that it is ok to have admin and public functions under one common API and differentiate with an
adminprefix. Therefore, the following patches should be made in your codebase:import { - AdminApi, + V0Alpha1, Configuration } from '@ory/kratos-client'; -const kratos = new AdminApi(new Configuration({ basePath: config.kratos.admin })); +const kratos = new V0Alpha1(new Configuration({ basePath: config.kratos.admin })); -kratos.createIdentity({ +kratos.adminCreateIdentity({ schema_id: 'default', traits: { /* ... */ } })Further, we have introduced a style guide for writing SDKs annotations governing how naming conventions should be chosen.
We also streamlined how credentials are used. We now differentiate between:
We hope you enjoy the vastly improved experience! There are still many things that we want to iterate on. For full context, we recommend reading the proposal and discussion around these changes at kratos#1424.
Additionally, the Self-Service Error endpoint was updated. First, the endpoint
/self-service/errorsis now located at the public port only with the admin port redirecting to it. Second, the parameter?errorwas renamed to?idfor better SDK compatibility. Parameter?erroris still working but will be deprecated at some point. Third, the response no longer contains an error array inerrorsbut instead just a single error undererror:{ "id": "60208346-3a61-4880-96ae-0419cde8fca8", - "errors": [{ + "error": { "code": 404, "status": "Not Found", "reason": "foobar", "message": "The requested resource could not be found" - }], + }, "created_at": "2021-07-07T11:20:15.310506+02:00", "updated_at": "2021-07-07T11:20:15.310506+02:00" }Closes #1424