adminListIdentitySessions missing pagination headers Link and X-Total-Count in its response

[brahmlower]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• This issue affects my Ory Cloud project.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Describe the bug

Responses to the /admin/identities/{id}/sessions endpoint don't include the pagination headers Link and X-Total-Count as described in the API Design documentation. The endpoint does respect the page and per_page query parameters as expected, so this is just a matter of the headers missing from the response.

Reproducing the bug

This can be reproduced by requesting the /admin/identities/{id}/sessions endpoint and looking at the response headers. With the environment variable IDENTITY_ID set to a valid identity ID, and with a kratos instance running at localhost with the admin port accessible at the default 4434, you can easily view the response headers by running:

curl --verbose --location --request GET "http://localhost:4434/admin/identities/$IDENTITY_ID/sessions" > /dev/null

You should see some result similar to:

Note: Unnecessary use of -X or --request, GET is already inferred.
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 127.0.0.1:4434...
* Connected to localhost (127.0.0.1) port 4434 (#0)
> GET /admin/identities/6254a9f5-574a-427b-9e44-5366d5cb6715/sessions HTTP/1.1
> Host: localhost:4434
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Cache-Control: private, no-cache, no-store, must-revalidate
< Content-Type: application/json; charset=utf-8
< Date: Wed, 28 Sep 2022 01:46:35 GMT
< Transfer-Encoding: chunked
<
{ [10083 bytes data]
100 10070    0 10070    0     0   236k      0 --:--:-- --:--:-- --:--:--  297k
* Connection #0 to host localhost left intact

Notice that the response headers don't include Link, nor X-Total-Count, in contrast to the response from the /admin/identities route which does include the headers like so:

brahmlower@Brahms-MacBook-Pro kratos % curl --verbose --location --request GET "http://localhost:4434/admin/identities" > /dev/null
Note: Unnecessary use of -X or --request, GET is already inferred.
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 127.0.0.1:4434...
* Connected to localhost (127.0.0.1) port 4434 (#0)
> GET /admin/identities HTTP/1.1
> Host: localhost:4434
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Cache-Control: private, no-cache, no-store, must-revalidate
< Content-Type: application/json; charset=utf-8
< Link: <http://kratos:4434/identities?page=0&per_page=21>; rel="first"
< X-Total-Count: 21
< Date: Wed, 28 Sep 2022 01:49:21 GMT
< Transfer-Encoding: chunked
<
{ [18321 bytes data]
100 18308    0 18308    0     0   426k      0 --:--:-- --:--:-- --:--:--  541k
* Connection #0 to host localhost left intact

Relevant log output

When I make the request to kratos, I see the following log statements. This is while running the service at the Debug log level:

local-dev-kratos-1  | time=2022-09-28T02:01:33Z level=info msg=started handling request func=github.com/ory/x/reqlog.(*Middleware).ServeHTTP file=/go/pkg/mod/github.com/ory/x@v0.0.392/reqlog/middleware.go:131 http_request=map[headers:map[accept:*/* accept-encoding:gzip, deflate, br cache-control:no-cache connection:keep-alive cookie:[csrf_token_3e376245852fba0b1b02b1665a77eb11f19bbc07e51f8d351295b7e5728f11e0=ZRyJaw6Tchz1l2IfSvOWXU3vv8PhNww6gN1xAsLWFuA=] postman-token:8789621b-3605-4685-a420-c7beef7b9772 user-agent:PostmanRuntime/7.29.2] host:localhost:4434 method:GET path:/admin/identities/6254a9f5-574a-427b-9e44-5366d5cb6715/sessions query:<nil> remote:172.30.0.1:57268 scheme:http]
local-dev-kratos-1  | time=2022-09-28T02:01:33Z level=info msg=completed handling request func=github.com/ory/x/reqlog.(*Middleware).ServeHTTP file=/go/pkg/mod/github.com/ory/x@v0.0.392/reqlog/middleware.go:139 http_request=map[headers:map[accept:*/* accept-encoding:gzip, deflate, br cache-control:no-cache connection:keep-alive cookie:[csrf_token_3e376245852fba0b1b02b1665a77eb11f19bbc07e51f8d351295b7e5728f11e0=ZRyJaw6Tchz1l2IfSvOWXU3vv8PhNww6gN1xAsLWFuA=] postman-token:8789621b-3605-4685-a420-c7beef7b9772 user-agent:PostmanRuntime/7.29.2] host:localhost:4434 method:GET path:/admin/identities/6254a9f5-574a-427b-9e44-5366d5cb6715/sessions query:<nil> remote:172.30.0.1:57268 scheme:http] http_response=map[headers:map[cache-control:private, no-cache, no-store, must-revalidate content-type:application/json; charset=utf-8] size:10070 status:200 text_status:OK took:17.411042ms]

Relevant configuration

not applicable

Version

0.10.1

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Docker Compose

Additional Context

I'm running this locally on MacOS Monterey 12.5.1, using Docker Compose with the Kratos image: oryd/kratos:v0.10.1 with the short hash dc617204d990. I answered "Linux" to the question "On which operating system are you observing this issue?" because I assume container is running some variant of Linux (I haven't taken the time to check for sure, but it seems out of scope for this issue).

[brahmlower]

I took the time to debug this actually (I had nothing better going on so I figured why not).

I looked at the handler for the admin identity list endpoint and found that the pagination headers are added here: https://github.com/ory/kratos/blob/master/identity/handler.go#L138

This call to x.PaginationHeader is missing from the session list endpoint: https://github.com/ory/kratos/blob/master/session/handler.go#L312

The persistence layer requires a function for counting sessions in order to call the PaginationHeader function though, similar to the counting function for Identities here: https://github.com/ory/kratos/blob/master/persistence/sql/persister_identity.go#L303