From 83a23b0f1251d1458e7e85276ffa81f89903d4b7 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Mon, 12 Feb 2024 13:03:34 +0100 Subject: [PATCH] chore: code review Also renames the settings for two step registration --- .../quickstart/kratos/all-strategies/kratos.yml | 4 ++++ driver/config/config.go | 17 +++++++++++++++++ embedx/config.schema.json | 12 ++++++++++++ identity/credentials_webauthn_test.go | 14 ++++++++++++++ .../passkey/identity.traits.schema.json | 10 ++++++++++ test/e2e/profiles/two-steps/.kratos.yml | 4 ++++ 6 files changed, 61 insertions(+) diff --git a/contrib/quickstart/kratos/all-strategies/kratos.yml b/contrib/quickstart/kratos/all-strategies/kratos.yml index 7e08ec231f61..184762ac3dbe 100644 --- a/contrib/quickstart/kratos/all-strategies/kratos.yml +++ b/contrib/quickstart/kratos/all-strategies/kratos.yml @@ -75,7 +75,11 @@ selfservice: lifespan: 10m registration: +<<<<<<< Updated upstream two_steps: true +======= + enable_legacy_flow: true +>>>>>>> Stashed changes lifespan: 10m ui_url: http://localhost:4455/registration after: diff --git a/driver/config/config.go b/driver/config/config.go index 62e747c7207b..21ce294c6190 100644 --- a/driver/config/config.go +++ b/driver/config/config.go @@ -126,7 +126,14 @@ const ( ViperKeyURLsAllowedReturnToDomains = "selfservice.allowed_return_urls" ViperKeySelfServiceRegistrationEnabled = "selfservice.flows.registration.enabled" ViperKeySelfServiceRegistrationLoginHints = "selfservice.flows.registration.login_hints" +<<<<<<< Updated upstream ViperKeySelfServiceRegistrationTwoSteps = "selfservice.flows.registration.two_steps" +======= +<<<<<<< Updated upstream +======= + ViperKeySelfServiceRegistrationTwoSteps = "selfservice.flows.registration.enable_legacy_flow" +>>>>>>> Stashed changes +>>>>>>> Stashed changes ViperKeySelfServiceRegistrationUI = "selfservice.flows.registration.ui_url" ViperKeySelfServiceRegistrationRequestLifespan = "selfservice.flows.registration.lifespan" ViperKeySelfServiceRegistrationAfter = "selfservice.flows.registration.after" @@ -670,10 +677,20 @@ func (p *Config) SelfServiceFlowRegistrationLoginHints(ctx context.Context) bool return p.GetProvider(ctx).Bool(ViperKeySelfServiceRegistrationLoginHints) } +<<<<<<< Updated upstream func (p *Config) SelfServiceFlowRegistrationTwoSteps(ctx context.Context) bool { return p.GetProvider(ctx).BoolF(ViperKeySelfServiceRegistrationTwoSteps, false) } +======= +<<<<<<< Updated upstream +======= +func (p *Config) SelfServiceFlowRegistrationTwoSteps(ctx context.Context) bool { + return !p.GetProvider(ctx).BoolF(ViperKeySelfServiceRegistrationTwoSteps, false) +} + +>>>>>>> Stashed changes +>>>>>>> Stashed changes func (p *Config) SelfServiceFlowVerificationEnabled(ctx context.Context) bool { return p.GetProvider(ctx).Bool(ViperKeySelfServiceVerificationEnabled) } diff --git a/embedx/config.schema.json b/embedx/config.schema.json index 5edc7b8a564e..9b0cbcd15bd4 100644 --- a/embedx/config.schema.json +++ b/embedx/config.schema.json @@ -1238,12 +1238,24 @@ }, "after": { "$ref": "#/definitions/selfServiceAfterRegistration" +<<<<<<< Updated upstream }, "two_steps": { "type": "boolean", "title": "Two-step registration", "description": "When set to true, the user first fills in the traits in the first screen and then chooses a credential to sign up with in the second screen.", "default": false +======= +<<<<<<< Updated upstream +======= + }, + "enable_legacy_flow": { + "type": "boolean", + "title": "Disable two-step registration", + "description": "Two-step registration is a significantly improved sign up flow and recommended when using more than one sign up methods. To revert to one-step registration, set this to `true`.", + "default": true +>>>>>>> Stashed changes +>>>>>>> Stashed changes } } }, diff --git a/identity/credentials_webauthn_test.go b/identity/credentials_webauthn_test.go index 7a8123d1c3e3..7f4a451ff159 100644 --- a/identity/credentials_webauthn_test.go +++ b/identity/credentials_webauthn_test.go @@ -4,6 +4,7 @@ package identity import ( + "github.com/stretchr/testify/require" "testing" "github.com/go-webauthn/webauthn/webauthn" @@ -47,3 +48,16 @@ func TestCredentialConversion(t *testing.T) { fromWebAuthn = CredentialFromWebAuthn(expected, false) assert.Equal(t, "Google Password Manager", fromWebAuthn.DisplayName) } + +func TestPasswordlessOnly(t *testing.T) { + a := *CredentialFromWebAuthn(&webauthn.Credential{ID: []byte("a")}, false) + b := *CredentialFromWebAuthn(&webauthn.Credential{ID: []byte("b")}, false) + c := *CredentialFromWebAuthn(&webauthn.Credential{ID: []byte("c")}, true) + d := *CredentialFromWebAuthn(&webauthn.Credential{ID: []byte("d")}, false) + e := *CredentialFromWebAuthn(&webauthn.Credential{ID: []byte("e")}, true) + expected := CredentialsWebAuthn{a, b, c, d, e} + + actual := expected.PasswordlessOnly() + require.Len(t, actual, 2) + assert.Equal(t, []webauthn.Credential{*c.ToWebAuthn(), *e.ToWebAuthn()}, actual) +} diff --git a/test/e2e/profiles/passkey/identity.traits.schema.json b/test/e2e/profiles/passkey/identity.traits.schema.json index 4f0f4d18eb20..5026a941fa92 100644 --- a/test/e2e/profiles/passkey/identity.traits.schema.json +++ b/test/e2e/profiles/passkey/identity.traits.schema.json @@ -17,6 +17,12 @@ "password": { "identifier": true }, +<<<<<<< Updated upstream +======= + "webauthn": { + "identifier": true + }, +>>>>>>> Stashed changes "passkey": { "display_name": true } @@ -30,7 +36,11 @@ "minLength": 10 } }, +<<<<<<< Updated upstream "required": ["email", "website"], +======= + "required": ["email"], +>>>>>>> Stashed changes "additionalProperties": false } } diff --git a/test/e2e/profiles/two-steps/.kratos.yml b/test/e2e/profiles/two-steps/.kratos.yml index 3ecb93d96806..946f0e7f6409 100644 --- a/test/e2e/profiles/two-steps/.kratos.yml +++ b/test/e2e/profiles/two-steps/.kratos.yml @@ -10,7 +10,11 @@ selfservice: default_browser_return_url: http://localhost:4455/login registration: +<<<<<<< Updated upstream two_steps: true +======= + enable_legacy_flow: false +>>>>>>> Stashed changes ui_url: http://localhost:4455/registration after: password: