Skip to content

fix: code strategy should not reset UI messages when populating login flow (PS-557) #4190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
splaunov wants to merge 3 commits into
base: master
Choose a base branch
from
Open

fix: code strategy should not reset UI messages when populating login flow (PS-557) #4190

splaunov wants to merge 3 commits into from

Conversation

@splaunov
Copy link
Contributor

@splaunov splaunov commented Nov 5, 2024

This PR fixes an issue when duplicate credentials error added by OIDC strategy into new login flow is lost because code strategy clears all messages when populating login flow.

This is where OIDC strategy adds duplicate credentials error into flow ui messages list:

kratos/selfservice/strategy/oidc/strategy.go

Lines 581 to 590 in 234b6f2

if validationErr := new(schema.ValidationError); errors.As(err, &validationErr) {
for _, m := range validationErr.Messages {
m := m
rf.UI.Messages.Add(&m)
}
} else {
rf.UI.Messages.Add(text.NewErrorValidationDuplicateCredentialsOnOIDCLink())
}
lf, err := s.registrationToLogin(ctx, w, r, rf)

Related issue(s)

Checklist

  • [ x] I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • [x ] I am following the
    contributing code guidelines.
  • [ x] I have read the security policy.
  • [ x] I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    [email protected]) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

@aeneasr
feat: support android webauthn origins
b11d76e 
This patch adds the ability to verify Android APK origins used during WebAuthn/Passkey exchange.

Upgrades go-webauthn and includes fixes for Go 1.23 and workarounds for Swagger.
@aeneasr
autogen: pin v1.3.1 release commit
36e624c
@github-actions @maoanran
Squashed commit of the following:
4b2929e 
commit 8b52622
Author: splaunov <[email protected]>
Date:   Mon Oct 28 09:40:40 2024 +0300

    fix: code strategy should not reset UI messages when populating login flow (PS-557)
@maoanran maoanran requested a review from a team as a code owner March 14, 2025 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aeneasr aeneasr Awaiting requested review from aeneasr aeneasr is a code owner

@zepatrik zepatrik Awaiting requested review from zepatrik

@hperl hperl Awaiting requested review from hperl

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@splaunov @aeneasr