feat: identifier first login for all first factor login methods

ory · Jul 11, 2024 · 638b274 · 638b274
1 parent 5d8e327
commit 638b274
Show file tree

Hide file tree

Showing 241 changed files with 36,676 additions and 380 deletions.
diff --git a/.schema/openapi/patches/selfservice.yaml b/.schema/openapi/patches/selfservice.yaml
@@ -52,7 +52,7 @@
     - "$ref": "#/components/schemas/updateLoginFlowWithLookupSecretMethod"
     - "$ref": "#/components/schemas/updateLoginFlowWithCodeMethod"
     - "$ref": "#/components/schemas/updateLoginFlowWithPasskeyMethod"
-    - "$ref": "#/components/schemas/updateLoginFlowWithTwoStepMethod"
+    - "$ref": "#/components/schemas/updateLoginFlowWithIdentifierFirstMethod"
 - op: add
   path: /components/schemas/updateLoginFlowBody/discriminator
   value:
@@ -65,7 +65,7 @@
       lookup_secret: "#/components/schemas/updateLoginFlowWithLookupSecretMethod"
       code: "#/components/schemas/updateLoginFlowWithCodeMethod"
       passkey: "#/components/schemas/updateLoginFlowWithPasskeyMethod"
-      two_step: "#/components/schemas/updateLoginFlowWithIdentifierFirstMethod"
+      identifier_first: "#/components/schemas/updateLoginFlowWithIdentifierFirstMethod"
 - op: add
   path: /components/schemas/loginFlowState/enum
   value:

diff --git a/Makefile b/Makefile
@@ -193,8 +193,8 @@ migrations-sync: .bin/ory
 	ory dev pop migration sync persistence/sql/migrations/templates persistence/sql/migratest/testdata
 	script/add-down-migrations.sh
 
-.PHONY: test-update-snapshots
-test-update-snapshots:
+.PHONY: test-refresh
+test-refresh:
 	UPDATE_SNAPSHOTS=true go test -tags sqlite,json1,refresh -short ./...
 
 .PHONY: post-release

diff --git a/cmd/cliclient/client.go b/cmd/cliclient/client.go
@@ -18,7 +18,7 @@ import (
 
 	"github.com/spf13/pflag"
 
-	kratos "github.com/ory/client-go"
+	kratos "github.com/ory/kratos/internal/httpclient"
 )
 
 const (

diff --git a/cmd/clidoc/main.go b/cmd/clidoc/main.go
@@ -177,6 +177,8 @@ func init() {
 		"NewErrorValidationAddressUnknown":                        text.NewErrorValidationAddressUnknown(),
 		"NewInfoSelfServiceLoginCodeMFA":                          text.NewInfoSelfServiceLoginCodeMFA(),
 		"NewInfoSelfServiceLoginCodeMFAHint":                      text.NewInfoSelfServiceLoginCodeMFAHint("{maskedIdentifier}"),
+		"NewInfoLoginPassword":                                    text.NewInfoLoginPassword(),
+		"NewErrorValidationAccountNotFound":                       text.NewErrorValidationAccountNotFound(),
 	}
 }
 

diff --git a/cmd/identities/definitions.go b/cmd/identities/definitions.go
@@ -6,7 +6,7 @@ package identities
 import (
 	"strings"
 
-	kratos "github.com/ory/client-go"
+	kratos "github.com/ory/kratos/internal/httpclient"
 
 	"github.com/ory/x/cmdx"
 )

diff --git a/cmd/identities/get.go b/cmd/identities/get.go
@@ -6,7 +6,7 @@ package identities
 import (
 	"fmt"
 
-	kratos "github.com/ory/client-go"
+	kratos "github.com/ory/kratos/internal/httpclient"
 	"github.com/ory/kratos/x"
 	"github.com/ory/x/cmdx"
 	"github.com/ory/x/stringsx"

diff --git a/cmd/identities/import.go b/cmd/identities/import.go
@@ -7,7 +7,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	kratos "github.com/ory/client-go"
+	kratos "github.com/ory/kratos/internal/httpclient"
 
 	"github.com/ory/x/cmdx"
 

diff --git a/cmd/identities/import_test.go b/cmd/identities/import_test.go
@@ -19,8 +19,8 @@ import (
 	"github.com/stretchr/testify/require"
 	"github.com/tidwall/gjson"
 
-	kratos "github.com/ory/client-go"
 	"github.com/ory/kratos/driver/config"
+	kratos "github.com/ory/kratos/internal/httpclient"
 )
 
 func TestImportCmd(t *testing.T) {

diff --git a/driver/config/config.go b/driver/config/config.go
@@ -134,7 +134,7 @@ const (
 	ViperKeySelfServiceRegistrationAfter                     = "selfservice.flows.registration.after"
 	ViperKeySelfServiceRegistrationBeforeHooks               = "selfservice.flows.registration.before.hooks"
 	ViperKeySelfServiceLoginUI                               = "selfservice.flows.login.ui_url"
-	ViperKeySelfServiceLoginFlowTwoStepEnabled               = "selfservice.flows.login.two_step.enabled"
+	ViperKeySelfServiceLoginFlowStyle                        = "selfservice.flows.login.style"
 	ViperKeySecurityAccountEnumerationMitigate               = "security.account_enumeration.mitigate"
 	ViperKeySelfServiceLoginRequestLifespan                  = "selfservice.flows.login.lifespan"
 	ViperKeySelfServiceLoginAfter                            = "selfservice.flows.login.after"
@@ -776,20 +776,18 @@ func (p *Config) SelfServiceStrategy(ctx context.Context, strategy string) *Self
 	var err error
 	config, err = json.Marshal(pp.GetF(basePath+".config", config))
 	if err != nil {
-		p.l.WithError(err).Warn("Unable to marshal self service strategy configuration.")
+		p.l.WithError(err).Warn("Unable to marshal self-service strategy configuration.")
 		config = json.RawMessage("{}")
 	}
 
 	// The default value can easily be overwritten by setting e.g. `{"selfservice": "null"}` which means that
 	// we need to forcibly set these values here:
 	defaultEnabled := false
 	switch strategy {
-	case "identity_discovery":
-		defaultEnabled = p.SelfServiceLoginFlowTwoStepEnabled(ctx)
-		break
+	case "identifier_first":
+		defaultEnabled = p.SelfServiceLoginFlowIdentifierFirstEnabled(ctx)
 	case "code", "password", "profile":
 		defaultEnabled = true
-		break
 	}
 
 	// Backwards compatibility for the old "passwordless_enabled" key
@@ -1619,8 +1617,13 @@ func (p *Config) PasswordMigrationHook(ctx context.Context) (hook *PasswordMigra
 	return hook
 }
 
-func (p *Config) SelfServiceLoginFlowTwoStepEnabled(ctx context.Context) bool {
-	return p.GetProvider(ctx).Bool(ViperKeySelfServiceLoginFlowTwoStepEnabled)
+func (p *Config) SelfServiceLoginFlowIdentifierFirstEnabled(ctx context.Context) bool {
+	switch p.GetProvider(ctx).String(ViperKeySelfServiceLoginFlowStyle) {
+	case "identifier_first":
+		return true
+	default:
+		return false
+	}
 }
 
 func (p *Config) SecurityAccountEnumerationMitigate(ctx context.Context) bool {

diff --git a/driver/registry_default.go b/driver/registry_default.go
@@ -6,13 +6,14 @@ package driver
 import (
 	"context"
 	"crypto/sha256"
-	"github.com/ory/kratos/selfservice/strategy/multistep"
 	"net/http"
 	"strings"
 	"sync"
 	"testing"
 	"time"
 
+	"github.com/ory/kratos/selfservice/strategy/idfirst"
+
 	"github.com/cenkalti/backoff"
 	"github.com/dgraph-io/ristretto"
 	"github.com/gobuffalo/pop/v6"
@@ -325,7 +326,7 @@ func (m *RegistryDefault) selfServiceStrategies() []any {
 				passkey.NewStrategy(m),
 				webauthn.NewStrategy(m),
 				lookup.NewStrategy(m),
-				multistep.NewStrategy(m),
+				idfirst.NewStrategy(m),
 			}
 		}
 	}
@@ -381,6 +382,7 @@ nextStrategy:
 					continue nextStrategy
 				}
 			}
+
 			if m.strategyLoginEnabled(ctx, s.ID().String()) {
 				loginStrategies = append(loginStrategies, s)
 			}

diff --git a/driver/registry_default_test.go b/driver/registry_default_test.go
@@ -872,7 +872,7 @@ func TestDefaultRegistry_AllStrategies(t *testing.T) {
 	_, reg := internal.NewVeryFastRegistryWithoutDB(t)
 
 	t.Run("case=all login strategies", func(t *testing.T) {
-		expects := []string{"password", "oidc", "code", "totp", "passkey", "webauthn", "lookup_secret"}
+		expects := []string{"password", "oidc", "code", "totp", "passkey", "webauthn", "lookup_secret", "identifier_first"}
 		s := reg.AllLoginStrategies()
 		require.Len(t, s, len(expects))
 		for k, e := range expects {

diff --git a/examples/go/pkg/common.go b/examples/go/pkg/common.go
@@ -11,11 +11,9 @@ import (
 	"os"
 	"testing"
 
-	"github.com/ory/kratos/x"
-
-	"github.com/ory/kratos/internal/testhelpers"
-
 	ory "github.com/ory/client-go"
+	"github.com/ory/kratos/internal/testhelpers"
+	"github.com/ory/kratos/x"
 )
 
 func PrintJSONPretty(v interface{}) {

diff --git a/examples/go/selfservice/recovery/main_test.go b/examples/go/selfservice/recovery/main_test.go
@@ -10,8 +10,8 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
-	ory "github.com/ory/client-go"
 	"github.com/ory/kratos/examples/go/pkg"
+	ory "github.com/ory/kratos/internal/httpclient"
 	"github.com/ory/kratos/internal/testhelpers"
 )
 

diff --git a/examples/go/selfservice/settings/main_test.go b/examples/go/selfservice/settings/main_test.go
@@ -6,7 +6,7 @@ package main
 import (
 	"testing"
 
-	ory "github.com/ory/client-go"
+	ory "github.com/ory/kratos/internal/httpclient"
 
 	"github.com/stretchr/testify/assert"
 

diff --git a/examples/go/selfservice/verification/main_test.go b/examples/go/selfservice/verification/main_test.go
@@ -10,8 +10,8 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
-	ory "github.com/ory/client-go"
 	"github.com/ory/kratos/examples/go/pkg"
+	ory "github.com/ory/kratos/internal/httpclient"
 	"github.com/ory/kratos/internal/testhelpers"
 )
 

diff --git a/identity/credentials.go b/identity/credentials.go
@@ -88,8 +88,6 @@ const (
 	CredentialsTypeCodeAuth CredentialsType = "code"
 	CredentialsTypePasskey  CredentialsType = "passkey"
 	CredentialsTypeProfile  CredentialsType = "profile"
-
-	TwoStep CredentialsType = "identity_discovery" // TODO move this somewhere else
 )
 
 func (c CredentialsType) String() string {

diff --git a/internal/client-go/.openapi-generator/FILES b/internal/client-go/.openapi-generator/FILES
@@ -100,6 +100,7 @@ docs/UiText.md
 docs/UpdateIdentityBody.md
 docs/UpdateLoginFlowBody.md
 docs/UpdateLoginFlowWithCodeMethod.md
+docs/UpdateLoginFlowWithIdentifierFirstMethod.md
 docs/UpdateLoginFlowWithLookupSecretMethod.md
 docs/UpdateLoginFlowWithOidcMethod.md
 docs/UpdateLoginFlowWithPasskeyMethod.md
@@ -221,6 +222,7 @@ model_ui_text.go
 model_update_identity_body.go
 model_update_login_flow_body.go
 model_update_login_flow_with_code_method.go
+model_update_login_flow_with_identifier_first_method.go
 model_update_login_flow_with_lookup_secret_method.go
 model_update_login_flow_with_oidc_method.go
 model_update_login_flow_with_passkey_method.go

diff --git a/internal/client-go/README.md b/internal/client-go/README.md
@@ -223,6 +223,7 @@ Class | Method | HTTP request | Description
  - [UpdateIdentityBody](docs/UpdateIdentityBody.md)
  - [UpdateLoginFlowBody](docs/UpdateLoginFlowBody.md)
  - [UpdateLoginFlowWithCodeMethod](docs/UpdateLoginFlowWithCodeMethod.md)
+ - [UpdateLoginFlowWithIdentifierFirstMethod](docs/UpdateLoginFlowWithIdentifierFirstMethod.md)
  - [UpdateLoginFlowWithLookupSecretMethod](docs/UpdateLoginFlowWithLookupSecretMethod.md)
  - [UpdateLoginFlowWithOidcMethod](docs/UpdateLoginFlowWithOidcMethod.md)
  - [UpdateLoginFlowWithPasskeyMethod](docs/UpdateLoginFlowWithPasskeyMethod.md)

diff --git a/internal/client-go/model_identity_credentials.go b/internal/client-go/model_identity_credentials.go
diff --git a/internal/client-go/model_login_flow.go b/internal/client-go/model_login_flow.go
diff --git a/internal/client-go/model_registration_flow.go b/internal/client-go/model_registration_flow.go
diff --git a/internal/client-go/model_ui_node.go b/internal/client-go/model_ui_node.go
diff --git a/internal/client-go/model_update_login_flow_body.go b/internal/client-go/model_update_login_flow_body.go
-Original file line number
+Diff line change
@@ Expand Up / @@ -18,7 +18,7 @@ import ( @@
     	"github.com/spf13/pflag"
-    	kratos "github.com/ory/client-go"
+    	kratos "github.com/ory/kratos/internal/httpclient"
     )
     const (
@@ Expand Down @@