Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: passkeys! #3748

Merged
merged 73 commits into from
Mar 11, 2024
Merged

feat: passkeys! #3748

merged 73 commits into from
Mar 11, 2024

Conversation

hperl
Copy link
Contributor

@hperl hperl commented Feb 8, 2024
edited 

BREAKING CHANGES: This feature enables two-step registration per default. Two-step registration is a significantly improved sign up flow and recommended when using more than one sign up methods. To disable two-step registration, set `selfservice.flows.registration.enable_legacy_flow` to `true`. This value defaults to `false`.

TODOs

  • Submit button is on the top of the UI nodes list (should be last item) for API and browser flows
  • Social sign in needs to be an option on the first step, not the second one
  • Add test case for missing traits with OIDC
  • Do not use 422 but instead 400 for API flows and Browser + JSON flows
  • Add tests for mobile app
  • Back button for sign up with code
  • Rename config option to enable_legacy_one_step

Related issue(s)

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    security@ory.sh) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

hperl and others added 30 commits October 30, 2023 07:48
@hperl
WIP
5ce38ce
@hperl
WIP
95a1c92
@hperl
WIP
4a4bad4
@hperl
WIP: passkey registration
ef339c9
@hperl
WIP registration
71c76d5
@hperl
WIP: login
bb16686
@hperl
WIP: passwordless login
03c1424
@hperl
WIP: settings
309ac30
@hperl
test: update snapshots
b190bfa
@hperl
fix passkey registration
b35a205
@hperl
test: add registration tests
f47ceea
@hperl
test: add login tests
82839e1
@hperl
WIP: settings tests
41f28f0
@hperl
chore: cleanup
ace0a57
@hperl
make all tests pass
599ba09
@hperl
make all tests pass
3d38b98
@hperl
chore: formatting
d8f024c
@hperl
Merge remote-tracking branch 'origin/master' into hperl/passwordless-…
97685a8 
…strategy
@hperl
chore: lint
08ef9de
@hperl @jonas-jonas
Update embedx/config.schema.json
21ec7cb 
Co-authored-by: Jonas Hungershausen <jonas.hungershausen@ory.sh>
@aeneasr
chore: code review (#3679)
e25f614
@hperl
test: add Cypress E2E test
4a54fec
@hperl
Merge branch 'hperl/passwordless-strategy' of ssh://github.com/ory/kr…
0df44f8 
…atos into hperl/passwordless-strategy
@hperl
chore: regen sdk
60a1817
@hperl
fix: address code review comments
031d208
@hperl
fix: remove webauthn node attr
04f8ad2
@hperl
fix: tests and lints
604a4b6
@hperl
test: add refresh test
751da9b
@hperl
Merge remote-tracking branch 'origin/master' into hperl/passwordless-…
62c6118 
…strategy
@hperl
fix: submit form instead of clicking
53e5e55
aeneasr and others added 19 commits February 12, 2024 13:03
@aeneasr
Copy link
Member

aeneasr commented Feb 22, 2024

To do:

  1. Submit button is on the top of the UI nodes list (should be last item) for API and browser flows
  2. Social sign in needs to be an option on the first step, not the second one:
    • Add test case for missing traits
  3. Do not use 422 but instead 400 for API flows and Browser + JSON flows
  4. Add tests for mobile app
  5. Back button for sign up with code

@aeneasr
Copy link
Member

aeneasr commented Feb 22, 2024

I unfortunately still receive an error when both passkeys + webauthn with passwordless are enabled and I try to sign up using webauthn:

Screenshot 2024-02-22 at 13 44 40

@hperl hperl requested a review from aeneasr March 5, 2024 19:20
aeneasr
aeneasr approved these changes Mar 11, 2024
View reviewed changes
Copy link
Member

@aeneasr aeneasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amazing job

@aeneasr aeneasr merged commit 3621411 into master Mar 11, 2024
28 of 29 checks passed
@aeneasr aeneasr deleted the hperl/glorious-passkeys branch March 11, 2024 10:31
@bcspragu
Copy link

Hi there,

First time Ory-er (Kratos-er?) here, thanks for building great software! I think some of the docs need to be updated (example), because they show the createRegistrationFlow response containing a password field, and I could not figure out for the life of me why I wasn't getting a password field in my response with the default identity schema.

After enabling selfservice.flows.registration.enable_legacy_one_step, the password field showed up in the response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeneasr aeneasr aeneasr approved these changes

@zepatrik zepatrik Awaiting requested review from zepatrik zepatrik is a code owner

Assignees

@hperl hperl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@hperl @aeneasr @bcspragu @zepatrik