mirror
/
kratos
mirror of https://github.com/ory/kratos
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: remove internal address types 

GitOrigin-RevId: 0747fafb24ad69bdee50488fdd1baa64a2988954
This commit is contained in:
Patrik 2025-12-08 16:14:08 +01:00 committed by ory-bot
parent 55963008c4
commit f7b5a646cb
31 changed files with 189 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
identity/extension_recovery_test.go
View File

@ -37,7 +37,7 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -49,14 +49,14 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
existing: []RecoveryAddress{
{
Value: "bar@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -68,24 +68,24 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "baz@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
existing: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -97,24 +97,24 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "baz@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
existing: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -132,17 +132,17 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "foo@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "foobar@ory.sh",
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -155,7 +155,7 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "+68672098006",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
},
@ -167,14 +167,14 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "+68672098006",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
},
existing: []RecoveryAddress{
{
Value: "+12 345 67890123",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
},
@ -186,19 +186,19 @@ func TestSchemaExtensionRecovery(t *testing.T) {
expect: []RecoveryAddress{
{
Value: "+68672098006",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
},
existing: []RecoveryAddress{
{
Value: "+68672098006",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
{
Value: "+33 07856952",
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: iid,
},
},

28
identity/extension_verification_test.go
View File

@ -54,7 +54,7 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -68,7 +68,7 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "bar@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -77,7 +77,7 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -91,14 +91,14 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -107,14 +107,14 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "baz@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -128,14 +128,14 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -144,14 +144,14 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: true,
Status: VerifiableAddressStatusCompleted,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "baz@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},
@ -171,21 +171,21 @@ func TestSchemaExtensionVerification(t *testing.T) {
Value: "foo@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "bar@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
{
Value: "foobar@ory.sh",
Verified: false,
Status: VerifiableAddressStatusPending,
Via: VerifiableAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: iid,
},
},

6
identity/handler_test.go
View File

@ -421,7 +421,7 @@ func TestHandler(t *testing.T) {
VerifiableAddresses: []identity.VerifiableAddress{{
Verified: true,
Value: "UpperCased@ory.sh",
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
Status: identity.VerifiableAddressStatusCompleted,
}},
RecoveryAddresses: []identity.RecoveryAddress{{Value: "UpperCased@ory.sh"}},
@ -2420,13 +2420,13 @@ func validCreateIdentityBody(t *testing.T, prefix string, i int, plainPassword b
traits.Emails = append(traits.Emails, email)
verifiableAddresses = append(verifiableAddresses, identity.VerifiableAddress{
Value: email,
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
Verified: j%2 == 0,
Status: verificationStates[j%len(verificationStates)],
})
recoveryAddresses = append(recoveryAddresses, identity.RecoveryAddress{
Value: email,
Via: identity.RecoveryAddressTypeEmail,
Via: identity.AddressTypeEmail,
})
}
traits.Username = traits.Emails[0]

24
identity/identity_recovery.go
View File

@ -10,15 +10,7 @@ import (
"github.com/gofrs/uuid"
)
const (
RecoveryAddressTypeEmail RecoveryAddressType = AddressTypeEmail
RecoveryAddressTypeSMS RecoveryAddressType = AddressTypeSMS
)
type (
// RecoveryAddressType must not exceed 16 characters as that is the limitation in the SQL Schema.
RecoveryAddressType string
// RecoveryAddressStatus must not exceed 16 characters as that is the limitation in the SQL Schema.
RecoveryAddressStatus string
@ -30,7 +22,7 @@ type (
Value string `json:"value" db:"value"`
// required: true
Via RecoveryAddressType `json:"via" db:"via"`
Via string `json:"via" db:"via"`
// IdentityID is a helper struct field for gobuffalo.pop.
IdentityID uuid.UUID `json:"-" faker:"-" db:"identity_id"`
@ -42,16 +34,6 @@ type (
}
)
func (v RecoveryAddressType) HTMLFormInputType() string {
switch v {
case RecoveryAddressTypeEmail:
return "email"
case RecoveryAddressTypeSMS:
return "tel"
}
return ""
}
func (a RecoveryAddress) TableName() string { return "identity_recovery_addresses" }
func (a RecoveryAddress) GetID() uuid.UUID { return a.ID }
@ -66,7 +48,7 @@ func NewRecoveryEmailAddress(
) *RecoveryAddress {
return &RecoveryAddress{
Value: value,
Via: RecoveryAddressTypeEmail,
Via: AddressTypeEmail,
IdentityID: identity,
}
}
@ -77,7 +59,7 @@ func NewRecoverySMSAddress(
) *RecoveryAddress {
return &RecoveryAddress{
Value: value,
Via: RecoveryAddressTypeSMS,
Via: AddressTypeSMS,
IdentityID: identity,
}
}

2
identity/identity_recovery_test.go
View File

@ -18,7 +18,7 @@ func TestNewRecoveryEmailAddress(t *testing.T) {
a := NewRecoveryEmailAddress("foo@ory.sh", iid)
assert.Equal(t, a.Value, "foo@ory.sh")
assert.Equal(t, a.Via, RecoveryAddressTypeEmail)
assert.Equal(t, a.Via, AddressTypeEmail)
assert.Equal(t, iid, a.IdentityID)
assert.Equal(t, uuid.Nil, a.ID)
}

12
identity/identity_verification.go
View File

@ -4,7 +4,6 @@
package identity
import (
"context"
"fmt"
"time"
@ -14,18 +13,11 @@ import (
)
const (
VerifiableAddressTypeEmail VerifiableAddressType = AddressTypeEmail
VerifiableAddressStatusPending VerifiableAddressStatus = "pending"
VerifiableAddressStatusSent VerifiableAddressStatus = "sent"
VerifiableAddressStatusCompleted VerifiableAddressStatus = "completed"
)
// VerifiableAddressType must not exceed 16 characters as that is the limitation in the SQL Schema
//
// swagger:model identityVerifiableAddressType
type VerifiableAddressType = string
// VerifiableAddressStatus must not exceed 16 characters as that is the limitation in the SQL Schema
//
// swagger:model identityVerifiableAddressStatus
@ -86,12 +78,12 @@ type VerifiableAddress struct {
NID uuid.UUID `json:"-" faker:"-" db:"nid"`
}
func (a VerifiableAddress) TableName(ctx context.Context) string {
func (a VerifiableAddress) TableName() string {
return "identity_verifiable_addresses"
}
func NewVerifiableEmailAddress(value string, identity uuid.UUID) *VerifiableAddress {
return NewVerifiableAddress(value, identity, VerifiableAddressTypeEmail)
return NewVerifiableAddress(value, identity, AddressTypeEmail)
}
func NewVerifiableAddress(value string, identity uuid.UUID, channel string) *VerifiableAddress {

2
identity/identity_verification_test.go
View File

@ -25,7 +25,7 @@ func TestNewVerifiableEmailAddress(t *testing.T) {
var nullTime *sqlxx.NullTime
assert.Equal(t, a.Value, "foo@ory.sh")
assert.Equal(t, a.Via, VerifiableAddressTypeEmail)
assert.Equal(t, a.Via, AddressTypeEmail)
assert.Equal(t, a.Status, VerifiableAddressStatusPending)
assert.Equal(t, a.Verified, false)
assert.EqualValues(t, nullTime, a.VerifiedAt)

4
identity/manager_test.go
View File

@ -56,11 +56,11 @@ func TestManager(t *testing.T) {
return func(t *testing.T) {
require.Len(t, i.VerifiableAddresses, 1)
assert.EqualValues(t, expected, i.VerifiableAddresses[0].Value)
assert.EqualValues(t, identity.VerifiableAddressTypeEmail, i.VerifiableAddresses[0].Via)
assert.EqualValues(t, identity.AddressTypeEmail, i.VerifiableAddresses[0].Via)
require.Len(t, i.RecoveryAddresses, 1)
assert.EqualValues(t, expected, i.RecoveryAddresses[0].Value)
assert.EqualValues(t, identity.VerifiableAddressTypeEmail, i.RecoveryAddresses[0].Via)
assert.EqualValues(t, identity.AddressTypeEmail, i.RecoveryAddresses[0].Via)
require.NotNil(t, i.Credentials[identity.CredentialsTypePassword])
assert.Equal(t, []string{expected}, i.Credentials[identity.CredentialsTypePassword].Identifiers)

4
identity/pool.go
View File

@ -71,10 +71,10 @@ type (
GetIdentity(context.Context, uuid.UUID, sqlxx.Expandables) (*Identity, error)
// FindVerifiableAddressByValue returns a matching address or sql.ErrNoRows if no address could be found.
FindVerifiableAddressByValue(ctx context.Context, via string, address string) (*VerifiableAddress, error)
FindVerifiableAddressByValue(ctx context.Context, via, address string) (*VerifiableAddress, error)
// FindRecoveryAddressByValue returns a matching address or sql.ErrNoRows if no address could be found.
FindRecoveryAddressByValue(ctx context.Context, via RecoveryAddressType, address string) (*RecoveryAddress, error)
FindRecoveryAddressByValue(ctx context.Context, via, address string) (*RecoveryAddress, error)
// FindAllRecoveryAddressesForIdentityByRecoveryAddressValue finds all recovery addresses for an identity if at least one of its recovery addresses matches the provided value.
FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx context.Context, anyRecoveryAddress string) ([]RecoveryAddress, error)

141
identity/test/pool.go
View File

@ -31,7 +31,6 @@ import (
"github.com/ory/x/assertx"
"github.com/ory/x/contextx"
"github.com/ory/x/crdbx"
"github.com/ory/x/errorsx"
"github.com/ory/x/pagination/keysetpagination"
"github.com/ory/x/randx"
"github.com/ory/x/sqlcon"
@ -1168,8 +1167,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
}
t.Run("case=not found", func(t *testing.T) {
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "does-not-exist")
require.Equal(t, sqlcon.ErrNoRows, errorsx.Cause(err))
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "does-not-exist")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
transform := func(k int, value string) string {
@ -1244,12 +1243,12 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
i.VerifiableAddresses = append(i.VerifiableAddresses, *address)
require.NoError(t, p.CreateIdentity(ctx, &i))
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
require.NoError(t, err)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
@ -1257,23 +1256,23 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
i.VerifiableAddresses = []identity.VerifiableAddress{*address}
require.NoError(t, p.UpdateIdentity(ctx, &i))
_, err = p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
_, err = p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
require.EqualError(t, err, sqlcon.ErrNoRows.Error())
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity@ory.sh")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
actual, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity-next@ory.sh")
actual, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity-next@ory.sh")
require.NoError(t, err)
assert.Equal(t, identity.VerifiableAddressTypeEmail, actual.Via)
assert.Equal(t, identity.AddressTypeEmail, actual.Via)
assert.Equal(t, "verification.testpersister.update-identity-next@ory.sh", actual.Value)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity-next@ory.sh")
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity-next@ory.sh")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
})
@ -1286,12 +1285,12 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
i.VerifiableAddresses = append(i.VerifiableAddresses, *address)
require.NoError(t, p.CreateIdentity(ctx, &i))
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
require.NoError(t, err)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
@ -1299,23 +1298,23 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
i.VerifiableAddresses = []identity.VerifiableAddress{*address}
require.NoError(t, p.UpdateIdentity(ctx, &i))
_, err = p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
_, err = p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
require.EqualError(t, err, sqlcon.ErrNoRows.Error())
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive@ory.sh"))
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
actual, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive-next@ory.sh"))
actual, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("verification.TestPersister.Update-Identity-case-insensitive-next@ory.sh"))
require.NoError(t, err)
assert.Equal(t, identity.VerifiableAddressTypeEmail, actual.Via)
assert.Equal(t, identity.AddressTypeEmail, actual.Via)
assert.Equal(t, "verification.testpersister.update-identity-case-insensitive-next@ory.sh", actual.Value)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "verification.TestPersister.Update-Identity-case-insensitive-next@ory.sh")
_, err := p.FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "verification.TestPersister.Update-Identity-case-insensitive-next@ory.sh")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
})
@ -1364,8 +1363,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
}
t.Run("case=not found", func(t *testing.T) {
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, "does-not-exist")
require.Equal(t, sqlcon.ErrNoRows, errorsx.Cause(err))
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, "does-not-exist")
require.ErrorIs(t, err, sqlcon.ErrNoRows)
allAddresses, err := p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, "does-not-exist")
require.NoError(t, err)
@ -1427,7 +1426,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
emailLower := strings.ToLower(email)
id := createIdentityWithAddresses(t, email)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, email)
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, email)
require.NoError(t, err)
allAddresses, err := p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailLower)
@ -1439,7 +1438,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, email)
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, email)
require.ErrorIs(t, err, sqlcon.ErrNoRows)
allAddresses, err := p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailLower)
@ -1448,10 +1447,10 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
})
emailNext := randx.MustString(16, randx.AlphaLowerNum) + "@ory.sh"
id.RecoveryAddresses = []identity.RecoveryAddress{{Via: identity.RecoveryAddressTypeEmail, Value: emailNext}, {Via: identity.RecoveryAddressTypeEmail, Value: emailNext + "_other"}}
id.RecoveryAddresses = []identity.RecoveryAddress{{Via: identity.AddressTypeEmail, Value: emailNext}, {Via: identity.AddressTypeEmail, Value: emailNext + "_other"}}
require.NoError(t, p.UpdateIdentity(ctx, id))
_, err = p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, email)
_, err = p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, email)
require.EqualError(t, err, sqlcon.ErrNoRows.Error())
allAddresses, err = p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailLower)
@ -1460,7 +1459,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, email)
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, email)
require.ErrorIs(t, err, sqlcon.ErrNoRows)
allAddresses, err := p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailLower)
@ -1469,23 +1468,23 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
})
emailNextLower := strings.ToLower(emailNext)
actual, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, emailNext)
actual, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, emailNext)
require.NoError(t, err)
assert.Equal(t, identity.RecoveryAddressTypeEmail, actual.Via)
assert.Equal(t, identity.AddressTypeEmail, actual.Via)
assert.Equal(t, emailNextLower, actual.Value)
allAddresses, err = p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailNextLower)
require.NoError(t, err)
require.Len(t, allAddresses, 2)
sortAddresses(allAddresses)
assert.Equal(t, identity.RecoveryAddressTypeEmail, allAddresses[0].Via)
assert.Equal(t, identity.AddressTypeEmail, allAddresses[0].Via)
assert.Equal(t, emailNextLower, allAddresses[0].Value)
assert.Equal(t, identity.RecoveryAddressTypeEmail, allAddresses[1].Via)
assert.Equal(t, identity.AddressTypeEmail, allAddresses[1].Via)
assert.Equal(t, emailNextLower+"_other", allAddresses[1].Value)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, emailNext)
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, emailNext)
require.ErrorIs(t, err, sqlcon.ErrNoRows)
allAddresses, err := p.FindAllRecoveryAddressesForIdentityByRecoveryAddressValue(ctx, emailNextLower)
@ -1497,35 +1496,35 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
t.Run("case=create and update and find case insensitive", func(t *testing.T) {
id := createIdentityWithAddresses(t, "recovery.TestPersister.Update-case-insensitive@ory.sh")
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
require.NoError(t, err)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("Recovery.TestPersister.Update-case-insensitive@ory.sh"))
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("Recovery.TestPersister.Update-case-insensitive@ory.sh"))
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
id.RecoveryAddresses = []identity.RecoveryAddress{{Via: identity.RecoveryAddressTypeEmail, Value: "recovery.TestPersister.Update-case-insensitive-next@ory.sh"}}
id.RecoveryAddresses = []identity.RecoveryAddress{{Via: identity.AddressTypeEmail, Value: "recovery.TestPersister.Update-case-insensitive-next@ory.sh"}}
require.NoError(t, p.UpdateIdentity(ctx, id))
_, err = p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
_, err = p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
require.EqualError(t, err, sqlcon.ErrNoRows.Error())
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive@ory.sh"))
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
actual, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive-next@ory.sh"))
actual, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive-next@ory.sh"))
require.NoError(t, err)
assert.Equal(t, identity.RecoveryAddressTypeEmail, actual.Via)
assert.Equal(t, identity.AddressTypeEmail, actual.Via)
assert.Equal(t, "recovery.testpersister.update-case-insensitive-next@ory.sh", actual.Value)
t.Run("can not find if on another network", func(t *testing.T) {
_, p := testhelpers.NewNetwork(t, ctx, p)
_, err := p.FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive-next@ory.sh"))
_, err := p.FindRecoveryAddressByValue(ctx, identity.AddressTypeEmail, strings.ToUpper("recovery.TestPersister.Update-case-insensitive-next@ory.sh"))
require.ErrorIs(t, err, sqlcon.ErrNoRows)
})
})
@ -1576,7 +1575,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
new1Email := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
new2Email := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: originalEmail, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: originalEmail, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1588,8 +1587,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Add two new addresses
updated := fromDB.CopyWithoutCredentials()
updated.VerifiableAddresses = append(updated.VerifiableAddresses,
identity.VerifiableAddress{Value: new1Email, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
identity.VerifiableAddress{Value: new2Email, Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
identity.VerifiableAddress{Value: new1Email, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
identity.VerifiableAddress{Value: new2Email, Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
)
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1615,8 +1614,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
email2 := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
initial := passwordIdentity("", x.NewUUID().String())
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: email1, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: email2, Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: email1, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: email2, Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1642,8 +1641,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
addEmail := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
initial := passwordIdentity("", x.NewUUID().String())
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: keepEmail, Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: removeEmail, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: keepEmail, Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: removeEmail, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1663,7 +1662,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
}
updated.VerifiableAddresses = []identity.VerifiableAddress{
keptAddress,
{Value: addEmail, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusSent},
{Value: addEmail, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusSent},
}
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1680,7 +1679,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
changeEmail := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
initial := passwordIdentity("", x.NewUUID().String())
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: changeEmail, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: changeEmail, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1694,7 +1693,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Change the address value - this should be treated as removal + addition
updated := fromDB.CopyWithoutCredentials()
updated.VerifiableAddresses = []identity.VerifiableAddress{
{Value: changeEmail, Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: changeEmail, Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
}
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1713,9 +1712,9 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
old3Email := "dev+" + uuid.Must(uuid.NewV4()).String() + "+@ory.com"
initial := passwordIdentity("", x.NewUUID().String())
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: old1Email, Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: old2Email, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: old3Email, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusSent},
{Value: old1Email, Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: old2Email, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: old3Email, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusSent},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1729,8 +1728,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Replace all addresses with new ones
updated := fromDB.CopyWithoutCredentials()
updated.VerifiableAddresses = []identity.VerifiableAddress{
{Value: new1Email, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: new2Email, Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: new1Email, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: new2Email, Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
}
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1752,7 +1751,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
initial := passwordIdentity("", x.NewUUID().String())
initial.RecoveryAddresses = []identity.RecoveryAddress{
{Value: initialEmail, Via: identity.RecoveryAddressTypeEmail},
{Value: initialEmail, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1764,8 +1763,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Add two new addresses
updated := fromDB.CopyWithoutCredentials()
updated.RecoveryAddresses = append(updated.RecoveryAddresses,
identity.RecoveryAddress{Value: recovery1Email, Via: identity.RecoveryAddressTypeEmail},
identity.RecoveryAddress{Value: recovery2Email, Via: identity.RecoveryAddressTypeEmail},
identity.RecoveryAddress{Value: recovery1Email, Via: identity.AddressTypeEmail},
identity.RecoveryAddress{Value: recovery2Email, Via: identity.AddressTypeEmail},
)
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1784,8 +1783,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
initial := passwordIdentity("", x.NewUUID().String())
initial.RecoveryAddresses = []identity.RecoveryAddress{
{Value: remove1Email, Via: identity.RecoveryAddressTypeEmail},
{Value: remove2Email, Via: identity.RecoveryAddressTypeEmail},
{Value: remove1Email, Via: identity.AddressTypeEmail},
{Value: remove2Email, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1812,8 +1811,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
initial := passwordIdentity("", x.NewUUID().String())
initial.RecoveryAddresses = []identity.RecoveryAddress{
{Value: keepEmail, Via: identity.RecoveryAddressTypeEmail},
{Value: removeEmail, Via: identity.RecoveryAddressTypeEmail},
{Value: keepEmail, Via: identity.AddressTypeEmail},
{Value: removeEmail, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1833,7 +1832,7 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
}
updated.RecoveryAddresses = []identity.RecoveryAddress{
keptAddress,
{Value: addEmail, Via: identity.RecoveryAddressTypeEmail},
{Value: addEmail, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -1855,9 +1854,9 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
initial := passwordIdentity("", x.NewUUID().String())
initial.RecoveryAddresses = []identity.RecoveryAddress{
{Value: old1Email, Via: identity.RecoveryAddressTypeEmail},
{Value: old2Email, Via: identity.RecoveryAddressTypeEmail},
{Value: old3Email, Via: identity.RecoveryAddressTypeEmail},
{Value: old1Email, Via: identity.AddressTypeEmail},
{Value: old2Email, Via: identity.AddressTypeEmail},
{Value: old3Email, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -1869,8 +1868,8 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Replace all addresses with new ones
updated := fromDB.CopyWithoutCredentials()
updated.RecoveryAddresses = []identity.RecoveryAddress{
{Value: new1Email, Via: identity.RecoveryAddressTypeEmail},
{Value: new2Email, Via: identity.RecoveryAddressTypeEmail},
{Value: new1Email, Via: identity.AddressTypeEmail},
{Value: new2Email, Via: identity.AddressTypeEmail},
}
require.NoError(t, p.UpdateIdentity(ctx, updated, identity.DiffAgainst(fromDB)))
@ -2190,10 +2189,10 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
t.Run("case=update addresses and credentials simultaneously", func(t *testing.T) {
initial := passwordIdentity("", x.NewUUID().String())
initial.VerifiableAddresses = []identity.VerifiableAddress{
{Value: "combined-verify@ory.sh", Via: identity.VerifiableAddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
{Value: "combined-verify@ory.sh", Via: identity.AddressTypeEmail, Verified: false, Status: identity.VerifiableAddressStatusPending},
}
initial.RecoveryAddresses = []identity.RecoveryAddress{
{Value: "combined-recovery@ory.sh", Via: identity.RecoveryAddressTypeEmail},
{Value: "combined-recovery@ory.sh", Via: identity.AddressTypeEmail},
}
require.NoError(t, p.CreateIdentity(ctx, initial))
createdIDs = append(createdIDs, initial.ID)
@ -2204,10 +2203,10 @@ func TestPool(ctx context.Context, p persistence.Persister, m *identity.Manager,
// Change everything at once
updated := *fromDB
updated.VerifiableAddresses = []identity.VerifiableAddress{
{Value: "combined-verify-new@ory.sh", Via: identity.VerifiableAddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
{Value: "combined-verify-new@ory.sh", Via: identity.AddressTypeEmail, Verified: true, Status: identity.VerifiableAddressStatusCompleted},
}
updated.RecoveryAddresses = []identity.RecoveryAddress{
{Value: "combined-recovery-new@ory.sh", Via: identity.RecoveryAddressTypeEmail},
{Value: "combined-recovery-new@ory.sh", Via: identity.AddressTypeEmail},
}
updated.SetCredentials(identity.CredentialsTypeTOTP, identity.Credentials{
Type: identity.CredentialsTypeTOTP,
@ -2253,13 +2252,13 @@ func NewTestIdentity(numAddresses int, prefix string, i int) *identity.Identity
traits.Emails = append(traits.Emails, email)
verifiableAddresses = append(verifiableAddresses, identity.VerifiableAddress{
Value: email,
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
Verified: j%2 == 0,
Status: verificationStates[j%len(verificationStates)],
})
recoveryAddresses = append(recoveryAddresses, identity.RecoveryAddress{
Value: email,
Via: identity.RecoveryAddressTypeEmail,
Via: identity.AddressTypeEmail,
})
}
traits.Username = traits.Emails[0]

6
persistence/sql/identity/persister_identity.go
View File

@ -1369,7 +1369,7 @@ func (p *IdentityPersister) FindIdentityByExternalID(ctx context.Context, extern
return nil, sqlcon.HandleError(err)
}
if err := p.HydrateIdentityAssociations(ctx, &i, identity.ExpandEverything); err != nil {
if err := p.HydrateIdentityAssociations(ctx, &i, expand); err != nil {
return nil, err
}
@ -1390,7 +1390,7 @@ func (p *IdentityPersister) FindVerifiableAddressByValue(ctx context.Context, vi
return &address, nil
}
func (p *IdentityPersister) FindRecoveryAddressByValue(ctx context.Context, via identity.RecoveryAddressType, value string) (_ *identity.RecoveryAddress, err error) {
func (p *IdentityPersister) FindRecoveryAddressByValue(ctx context.Context, via, value string) (_ *identity.RecoveryAddress, err error) {
ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindRecoveryAddressByValue",
trace.WithAttributes(
attribute.Stringer("network.id", p.NetworkID(ctx))))
@ -1459,7 +1459,7 @@ func (p *IdentityPersister) VerifyAddress(ctx context.Context, code string) (err
// #nosec G201 -- TableName is static
fmt.Sprintf(
"UPDATE %s SET status = ?, verified = true, verified_at = ?, code = ? WHERE nid = ? AND code = ? AND expires_at > ?",
new(identity.VerifiableAddress).TableName(ctx),
new(identity.VerifiableAddress).TableName(),
),
identity.VerifiableAddressStatusCompleted,
time.Now().UTC().Round(time.Second),

2
selfservice/flow/registration/handler_test.go
View File

@ -551,7 +551,7 @@ func TestOIDCStrategyOrder(t *testing.T) {
require.Equal(t, http.StatusOK, resp.StatusCode, "%s", ioutilx.MustReadAll(resp.Body))
verifiableAddress, err := reg.PrivilegedIdentityPool().FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, email)
verifiableAddress, err := reg.PrivilegedIdentityPool().FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, email)
require.NoError(t, err)
require.Equal(t, strings.ToLower(email), verifiableAddress.Value)

6
selfservice/hook/require_verified_address_test.go
View File

@ -144,7 +144,7 @@ func TestAddressVerifier(t *testing.T) {
ID: x.NewUUID(),
Value: "user@example.com",
Verified: false,
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
},
},
}
@ -204,7 +204,7 @@ func TestAddressVerifier(t *testing.T) {
ID: x.NewUUID(),
Value: "user2@example.com",
Verified: false,
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
},
},
}
@ -243,7 +243,7 @@ func TestAddressVerifier(t *testing.T) {
ID: x.NewUUID(),
Value: "verified@example.com",
Verified: true,
Via: identity.VerifiableAddressTypeEmail,
Via: identity.AddressTypeEmail,
},
},
}

10
selfservice/hook/verification_test.go
View File

@ -177,15 +177,15 @@ func TestVerifier(t *testing.T) {
i.Traits = identity.Traits(`{"emails":["foo@ory.sh","bar@ory.sh","baz@ory.sh"]}`)
require.NoError(t, reg.IdentityManager().Create(context.Background(), i))
actual, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, "foo@ory.sh")
actual, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, "foo@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, "foo@ory.sh", actual.Value)
actual, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, "bar@ory.sh")
actual, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, "bar@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, "bar@ory.sh", actual.Value)
actual, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, "baz@ory.sh")
actual, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, "baz@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, "baz@ory.sh", actual.Value)
@ -228,10 +228,10 @@ func TestVerifier(t *testing.T) {
assert.NotContains(t, recipients, "baz@ory.sh")
// these addresses will be marked as sent and won't be sent again by the settings hook
address1, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, "foo@ory.sh")
address1, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, "foo@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, identity.VerifiableAddressStatusSent, address1.Status)
address2, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, "bar@ory.sh")
address2, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, "bar@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, identity.VerifiableAddressStatusSent, address2.Status)

27
selfservice/strategy/code/code_sender.go
View File

@ -6,6 +6,7 @@ package code
import (
"context"
"net/url"
"strings"
"github.com/gofrs/uuid"
"github.com/pkg/errors"
@ -197,7 +198,7 @@ func (s *Sender) SendCode(ctx context.Context, f flow.Flow, id *identity.Identit
// If the address does not exist in the store and dispatching invalid emails is enabled (CourierEnableInvalidDispatch is
// true), an email is still being sent to prevent account enumeration attacks. In that case, this function returns the
// ErrUnknownAddress error.
func (s *Sender) SendRecoveryCode(ctx context.Context, f *recovery.Flow, via identity.RecoveryAddressType, to string) error {
func (s *Sender) SendRecoveryCode(ctx context.Context, f *recovery.Flow, via, to string) error {
s.deps.Logger().
WithField("via", via).
WithSensitiveField("address", to).
@ -208,7 +209,7 @@ func (s *Sender) SendRecoveryCode(ctx context.Context, f *recovery.Flow, via ide
notifyUnknownRecipients := s.deps.Config().SelfServiceFlowRecoveryNotifyUnknownRecipients(ctx)
s.deps.Audit().
WithField("via", via).
WithSensitiveField("address", address).
WithSensitiveField("address", to).
WithField("strategy", "code").
WithField("was_notified", notifyUnknownRecipients).
Info("Account recovery was requested for an unknown address.")
@ -220,11 +221,11 @@ func (s *Sender) SendRecoveryCode(ctx context.Context, f *recovery.Flow, via ide
// We only send a notification if the configuration allows it *and* the channel is email.
// That's because we pay per SMS sent (typically) so we want to avoid that, contrary to email.
shouldNotifyOfUnkownRecipient := notifyUnknownRecipients && via == identity.RecoveryAddressTypeEmail
shouldNotifyOfUnkownRecipient := notifyUnknownRecipients && via == identity.AddressTypeEmail
if !shouldNotifyOfUnkownRecipient {
// do nothing
} else if err := s.send(ctx, string(via), email.NewRecoveryCodeInvalid(s.deps, &email.RecoveryCodeInvalidModel{
} else if err := s.send(ctx, via, email.NewRecoveryCodeInvalid(s.deps, &email.RecoveryCodeInvalidModel{
To: to,
RequestURL: f.RequestURL,
TransientPayload: transientPayload,
@ -284,7 +285,7 @@ func (s *Sender) SendRecoveryCodeTo(ctx context.Context, i *identity.Identity, c
var t courier.Template
switch code.RecoveryAddress.Via {
case identity.RecoveryAddressTypeEmail:
case identity.AddressTypeEmail:
t = email.NewRecoveryCodeValid(s.deps, &email.RecoveryCodeValidModel{
To: code.RecoveryAddress.Value,
RecoveryCode: codeString,
@ -293,7 +294,7 @@ func (s *Sender) SendRecoveryCodeTo(ctx context.Context, i *identity.Identity, c
TransientPayload: transientPayload,
ExpiresInMinutes: int(s.deps.Config().SelfServiceCodeMethodLifespan(ctx).Minutes()),
})
case identity.RecoveryAddressTypeSMS:
case identity.AddressTypeSMS:
u, err := url.Parse(f.GetRequestURL())
if err != nil {
return err
@ -312,7 +313,7 @@ func (s *Sender) SendRecoveryCodeTo(ctx context.Context, i *identity.Identity, c
return errors.WithStack(herodot.ErrInternalServerError.WithReasonf("Expected email or sms but got %s", code.RecoveryAddress.Via))
}
return s.send(ctx, string(code.RecoveryAddress.Via), t)
return s.send(ctx, code.RecoveryAddress.Via, t)
}
// SendVerificationCode sends a verification code & link to the specified address
@ -469,3 +470,15 @@ func (s *Sender) send(ctx context.Context, via string, t courier.Template) error
return f.ToUnknownCaseErr()
}
}
// hackyInferChannel infers the channel (email or sms) based on the address format.
// Once we support arbitrary custom channels, we need to refactor the recovery/verification
// flow to first look up the address, and let the user select the channel if multiple are available.
func hackyInferChannel(addr string) string {
// Inferring the address type like this is a bit hacky, and actually not really necessary.
// That's because `SendRecoveryCode` expects it, but not because it fundamentally is required.
if strings.ContainsRune(addr, '@') {
return identity.AddressTypeEmail
}
return identity.AddressTypeSMS
}

13
selfservice/strategy/code/strategy_recovery.go
View File

@ -639,19 +639,10 @@ func (s *Strategy) recoveryV2HandleStateConfirmingAddress(r *http.Request, f *re
f.TransientPayload = body.TransientPayload
var addressType identity.RecoveryAddressType
// Inferring the address type like this is a bit hacky, and actually not really necessary.
// That's because `SendRecoveryCode` expects it, but not because it fundamentally is required.
if strings.ContainsRune(body.RecoveryConfirmAddress, '@') {
addressType = identity.RecoveryAddressTypeEmail
} else {
addressType = identity.RecoveryAddressTypeSMS
}
// NOTE: We do not fetch the db address here. We only (try to) send the code to the user provided address.
// That way we avoid information exfiltration.
// `SendRecoveryCode` will anyway check by itself if the provided address is a known address or not.
if err := s.deps.CodeSender().SendRecoveryCode(r.Context(), f, addressType, body.RecoveryConfirmAddress); err != nil {
if err := s.deps.CodeSender().SendRecoveryCode(r.Context(), f, hackyInferChannel(body.RecoveryConfirmAddress), body.RecoveryConfirmAddress); err != nil {
if !errors.Is(err, ErrUnknownAddress) {
return err
}
@ -774,7 +765,7 @@ func (s *Strategy) recoveryHandleFormSubmission(w http.ResponseWriter, r *http.R
}
f.TransientPayload = body.TransientPayload
if err := s.deps.CodeSender().SendRecoveryCode(ctx, f, identity.RecoveryAddressTypeEmail, body.Email); err != nil {
if err := s.deps.CodeSender().SendRecoveryCode(ctx, f, identity.AddressTypeEmail, body.Email); err != nil {
if !errors.Is(err, ErrUnknownAddress) {
return s.HandleRecoveryError(w, r, f, body, err)
}

2
selfservice/strategy/code/strategy_recovery_admin_test.go
View File

@ -109,7 +109,7 @@ func TestAdminStrategy(t *testing.T) {
}
assertEmailNotVerified := func(t *testing.T, email string) {
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)

22
selfservice/strategy/code/strategy_recovery_test.go
View File

@ -135,7 +135,7 @@ func createIdentityToRecover(t *testing.T, reg *driver.RegistryDefault, email st
}
require.NoError(t, reg.IdentityManager().Create(context.Background(), id, identity.ManagerAllowWriteProtectedTraits))
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -229,7 +229,7 @@ func TestRecovery(t *testing.T) {
ExpectVerfiableAddressStatus := func(t *testing.T, email string, status identity.VerifiableAddressStatus) {
addr, err := reg.IdentityPool().
FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.Equal(t, status, addr.Status, "verifiable address %s was not %s. instead %s", email, status, addr.Status)
}
@ -614,7 +614,7 @@ func TestRecovery(t *testing.T) {
cl := testhelpers.NewClientWithCookies(t)
body := submitRecovery(t, cl, flowType.ClientType, values, http.StatusOK)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
emailText := testhelpers.CourierExpectMessage(ctx, t, reg, email, "Use code")
@ -806,7 +806,7 @@ func TestRecovery(t *testing.T) {
assert.NotContains(t, res.Request.URL.String(), "flow="+rs.Id)
assert.Contains(t, res.Request.URL.String(), conf.SelfServiceFlowRecoveryUI(ctx).String())
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -842,7 +842,7 @@ func TestRecovery(t *testing.T) {
testhelpers.AssertMessage(t, []byte(body), "The recovery flow expired 0.00 minutes ago, please try again.")
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
require.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -1090,7 +1090,7 @@ func TestRecovery_WithContinueWith(t *testing.T) {
expectVerfiableAddressStatus := func(t *testing.T, email string, status identity.VerifiableAddressStatus) {
addr, err := reg.IdentityPool().
FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.Equal(t, status, addr.Status, "verifiable address %s was not %s. instead %s", email, status, addr.Status)
}
@ -1443,7 +1443,7 @@ func TestRecovery_WithContinueWith(t *testing.T) {
cl := testhelpers.NewClientWithCookies(t)
body := submitRecoveryForm(t, cl, testCase.ClientType, values, http.StatusOK)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
emailText := testhelpers.CourierExpectMessage(ctx, t, reg, email, "Use code")
@ -1728,7 +1728,7 @@ func TestRecovery_WithContinueWith(t *testing.T) {
require.NotEmpty(t, flowId, "%s", body)
}
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -1773,7 +1773,7 @@ func TestRecovery_WithContinueWith(t *testing.T) {
assert.Equal(t, "self_service_flow_expired", gjson.Get(body, "error.id").String())
}
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
require.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -2024,7 +2024,7 @@ func TestRecovery_V2_WithContinueWith_OneAddress_Email(t *testing.T) {
expectVerifiableAddressStatus := func(t *testing.T, email string, status identity.VerifiableAddressStatus) {
addr, err := reg.IdentityPool().
FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.Equal(t, status, addr.Status, "verifiable address %s was not %s. instead %s", email, status, addr.Status)
}
@ -2378,7 +2378,7 @@ func TestRecovery_V2_WithContinueWith_OneAddress_Email(t *testing.T) {
cl := testhelpers.NewClientWithCookies(t)
body := submitRecoveryFormInitial(t, cl, testCase.ClientType, values, http.StatusOK)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, address)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, address)
assert.NoError(t, err)
checkRecoveryScreenAskForCode(t, address, body)

2
selfservice/strategy/code/strategy_registration_test.go
View File

@ -238,7 +238,7 @@ func TestRegistrationCodeStrategy(t *testing.T) {
require.Equal(t, http.StatusOK, resp.StatusCode, body)
verifiableAddress, err := reg.PrivilegedIdentityPool().FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, s.email)
verifiableAddress, err := reg.PrivilegedIdentityPool().FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, s.email)
require.NoError(t, err)
require.Equal(t, strings.ToLower(s.email), verifiableAddress.Value)

2
selfservice/strategy/code/strategy_verification.go
View File

@ -212,7 +212,7 @@ func (s *Strategy) verificationHandleFormSubmission(ctx context.Context, w http.
return s.handleVerificationError(r, f, body, err)
}
if err := s.deps.CodeSender().SendVerificationCode(ctx, f, identity.VerifiableAddressTypeEmail, body.Email); err != nil {
if err := s.deps.CodeSender().SendVerificationCode(ctx, f, identity.AddressTypeEmail, body.Email); err != nil {
if !errors.Is(err, ErrUnknownAddress) {
return s.handleVerificationError(r, f, body, err)
}

2
selfservice/strategy/code/test/persistence.go
View File

@ -47,7 +47,7 @@ func TestPersister(ctx context.Context, p interface {
var i identity.Identity
require.NoError(t, faker.FakeData(&i))
address := &identity.RecoveryAddress{Value: email, Via: identity.RecoveryAddressTypeEmail, IdentityID: i.ID}
address := &identity.RecoveryAddress{Value: email, Via: identity.AddressTypeEmail, IdentityID: i.ID}
i.RecoveryAddresses = append(i.RecoveryAddresses, *address)
require.NoError(t, p.CreateIdentity(ctx, &i))

6
selfservice/strategy/link/sender.go
View File

@ -56,13 +56,13 @@ func NewSender(r senderDependencies) *Sender {
// If the address does not exist in the store and dispatching invalid emails is enabled (CourierEnableInvalidDispatch is
// true), an email is still being sent to prevent account enumeration attacks. In that case, this function returns the
// ErrUnknownAddress error.
func (s *Sender) SendRecoveryLink(ctx context.Context, f *recovery.Flow, via identity.VerifiableAddressType, to string) error {
func (s *Sender) SendRecoveryLink(ctx context.Context, f *recovery.Flow, via, to string) error {
s.r.Logger().
WithField("via", via).
WithSensitiveField("address", to).
Debug("Preparing recovery link.")
address, err := s.r.IdentityPool().FindRecoveryAddressByValue(ctx, identity.RecoveryAddressTypeEmail, to)
address, err := s.r.IdentityPool().FindRecoveryAddressByValue(ctx, via, to)
if errors.Is(err, sqlcon.ErrNoRows) {
notifyUnknownRecipients := s.r.Config().SelfServiceFlowRecoveryNotifyUnknownRecipients(ctx)
s.r.Audit().
@ -114,7 +114,7 @@ func (s *Sender) SendRecoveryLink(ctx context.Context, f *recovery.Flow, via ide
// If the address does not exist in the store and dispatching invalid emails is enabled (CourierEnableInvalidDispatch is
// true), an email is still being sent to prevent account enumeration attacks. In that case, this function returns the
// ErrUnknownAddress error.
func (s *Sender) SendVerificationLink(ctx context.Context, f *verification.Flow, via identity.VerifiableAddressType, to string) error {
func (s *Sender) SendVerificationLink(ctx context.Context, f *verification.Flow, via, to string) error {
s.r.Logger().
WithField("via", via).
WithSensitiveField("address", to).

2
selfservice/strategy/link/sender_test.go
View File

@ -182,7 +182,7 @@ func TestManager(t *testing.T) {
assert.EqualValues(t, "not-tracked@ory.sh", messages[1].Recipient)
assert.Contains(t, messages[1].Subject, "tried to verify")
assert.NotContains(t, messages[1].Body, tc.verificationURL)
address, err := reg.IdentityPool().FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, "tracked@ory.sh")
address, err := reg.IdentityPool().FindVerifiableAddressByValue(ctx, identity.AddressTypeEmail, "tracked@ory.sh")
require.NoError(t, err)
assert.EqualValues(t, identity.VerifiableAddressStatusSent, address.Status)
})

2
selfservice/strategy/link/strategy_recovery.go
View File

@ -476,7 +476,7 @@ func (s *Strategy) recoveryHandleFormSubmission(w http.ResponseWriter, r *http.R
return s.HandleRecoveryError(w, r, f, body, err)
}
if err := s.d.LinkSender().SendRecoveryLink(r.Context(), f, identity.VerifiableAddressTypeEmail, body.Email); err != nil {
if err := s.d.LinkSender().SendRecoveryLink(r.Context(), f, identity.AddressTypeEmail, body.Email); err != nil {
if !errors.Is(err, ErrUnknownAddress) {
return s.HandleRecoveryError(w, r, f, body, err)
}

16
selfservice/strategy/link/strategy_recovery_test.go
View File

@ -59,7 +59,7 @@ func createIdentityToRecover(t *testing.T, reg *driver.RegistryDefault, email st
}
require.NoError(t, reg.IdentityManager().Create(context.Background(), id, identity.ManagerAllowWriteProtectedTraits))
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, email)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, email)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -155,7 +155,7 @@ func TestAdminStrategy(t *testing.T) {
// We end up here because the link is expired.
assert.Contains(t, res.Request.URL.Path, "/recover", rl.RecoveryLink)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -188,7 +188,7 @@ func TestAdminStrategy(t *testing.T) {
require.Len(t, f.UI.Messages, 1)
assert.Equal(t, "You successfully recovered your account. Please change your password or set up an alternative login method (e.g. social sign in) within the next 60.00 minutes.", f.UI.Messages[0].Text)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -443,7 +443,7 @@ func TestRecovery(t *testing.T) {
t.Run("description=should not be able to recover an inactive account", func(t *testing.T) {
check := func(t *testing.T, recoverySubmissionResponse, recoveryEmail string, isAPI bool) {
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
recoveryLink := testhelpers.CourierExpectLinkInMessage(t, testhelpers.CourierExpectMessage(ctx, t, reg, recoveryEmail, "Recover access to your account"), 1)
@ -494,7 +494,7 @@ func TestRecovery(t *testing.T) {
t.Run("description=should recover an account", func(t *testing.T) {
check := func(t *testing.T, recoverySubmissionResponse, recoveryEmail, returnTo string) {
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -526,7 +526,7 @@ func TestRecovery(t *testing.T) {
gjson.GetBytes(body, "ui.messages.0.text").String())
assert.Equal(t, returnTo, gjson.GetBytes(body, "return_to").String())
addr, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err = reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.True(t, addr.Verified)
assert.NotEqual(t, sqlxx.NullTime{}, addr.VerifiedAt)
@ -778,7 +778,7 @@ func TestRecovery(t *testing.T) {
assert.NotContains(t, res.Request.URL.String(), "flow="+rs.Id)
assert.Contains(t, res.Request.URL.String(), conf.SelfServiceFlowRecoveryUI(ctx).String())
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)
@ -818,7 +818,7 @@ func TestRecovery(t *testing.T) {
require.Len(t, rs.Ui.Messages, 1)
assert.Contains(t, rs.Ui.Messages[0].Text, "The recovery flow expired")
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.VerifiableAddressTypeEmail, recoveryEmail)
addr, err := reg.IdentityPool().FindVerifiableAddressByValue(context.Background(), identity.AddressTypeEmail, recoveryEmail)
assert.NoError(t, err)
assert.False(t, addr.Verified)
assert.Nil(t, addr.VerifiedAt)

2
selfservice/strategy/link/strategy_verification.go
View File

@ -179,7 +179,7 @@ func (s *Strategy) verificationHandleFormSubmission(ctx context.Context, r *http
return s.handleVerificationError(r, f, body, err)
}
if err := s.d.LinkSender().SendVerificationLink(ctx, f, identity.VerifiableAddressTypeEmail, body.Email); err != nil {
if err := s.d.LinkSender().SendVerificationLink(ctx, f, identity.AddressTypeEmail, body.Email); err != nil {
if !errors.Is(err, ErrUnknownAddress) {
return s.handleVerificationError(r, f, body, err)
}

4
selfservice/strategy/link/test/persistence.go
View File

@ -46,7 +46,7 @@ func TestPersister(ctx context.Context, p interface {
var i identity.Identity
require.NoError(t, faker.FakeData(&i))
address := &identity.RecoveryAddress{Value: email, Via: identity.RecoveryAddressTypeEmail, IdentityID: i.ID}
address := &identity.RecoveryAddress{Value: email, Via: identity.AddressTypeEmail, IdentityID: i.ID}
i.RecoveryAddresses = append(i.RecoveryAddresses, *address)
require.NoError(t, p.CreateIdentity(ctx, &i))
@ -134,7 +134,7 @@ func TestPersister(ctx context.Context, p interface {
var i identity.Identity
require.NoError(t, faker.FakeData(&i))
address := &identity.VerifiableAddress{Value: email, Via: identity.VerifiableAddressTypeEmail}
address := &identity.VerifiableAddress{Value: email, Via: identity.AddressTypeEmail}
i.VerifiableAddresses = append(i.VerifiableAddresses, *address)
require.NoError(t, p.CreateIdentity(ctx, &i))

6
selfservice/strategy/oidc/strategy_registration.go
View File

@ -49,8 +49,8 @@ var jsonnetCache, _ = ristretto.NewCache(&ristretto.Config[[]byte, []byte]{
type MetadataType string
type VerifiedAddress struct {
Value string `json:"value"`
Via identity.VerifiableAddressType `json:"via"`
Value string `json:"value"`
Via string `json:"via"`
}
const (
@ -489,7 +489,7 @@ func (s *Strategy) extractVerifiedAddresses(evaluated string) ([]VerifiedAddress
for i := range va {
va := &va[i]
if va.Via == identity.VerifiableAddressTypeEmail {
if va.Via == identity.AddressTypeEmail {
va.Value = strings.ToLower(strings.TrimSpace(va.Value))
}
}

2
selfservice/strategy/profile/strategy_test.go
View File

@ -64,7 +64,7 @@ func newIdentityWithPassword(email string) *identity.Identity {
Traits: identity.Traits(`{"email":"` + email + `","stringy":"foobar","booly":false,"numby":2.5,"should_long_string":"asdfasdfasdfasdfasfdasdfasdfasdf","should_big_number":2048}`),
SchemaID: config.DefaultIdentityTraitsSchemaID,
State: identity.StateActive,
VerifiableAddresses: []identity.VerifiableAddress{{Value: email, Via: identity.VerifiableAddressTypeEmail}},
VerifiableAddresses: []identity.VerifiableAddress{{Value: email, Via: identity.AddressTypeEmail}},
// TO ADD - RECOVERY EMAIL,
}
}

6
spec/api.json
View File

@ -452,10 +452,6 @@
},
"type": "object"
},
"RecoveryAddressType": {
"title": "RecoveryAddressType must not exceed 16 characters as that is the limitation in the SQL Schema.",
"type": "string"
},
"Time": {
"format": "date-time",
"type": "string"
@ -1906,7 +1902,7 @@
"type": "string"
},
"via": {
"$ref": "#/components/schemas/RecoveryAddressType"
"type": "string"
}
},
"required": [

6
spec/swagger.json
View File

@ -3855,10 +3855,6 @@
}
}
},
"RecoveryAddressType": {
"type": "string",
"title": "RecoveryAddressType must not exceed 16 characters as that is the limitation in the SQL Schema."
},
"UUID": {"type": "string", "format": "uuid4"},
"UpdateFedcmFlowBody": {
"type": "object",
@ -5242,7 +5238,7 @@
"type": "string"
},
"via": {
"$ref": "#/definitions/RecoveryAddressType"
"type": "string"
}
}
},