Open rbnbr opened 1 year ago
I just noticed that when using the "Accept: application/json" header, the error messages are being returned in the response ui body. However, they are still not a part of the flows UI Nodes when retrieving the flow using the SDK and only exist in the json response.
If they were returned with the flow itself, we could render the error messages server-side while using only standard html form post action without requiring any custom Javascript logic (as I do for the messages that work as described above).
Okay, I did some debugging and as it turns out, the UI messages are actually returned and exist in the server response. However, when unmarshaling the response into the ResponseFlowObject, the UI nodes are all just nil. So the bug lies in the auto-generated SDK of the the kratos client where the response is unmarshaled.
Thank you for the report! There is indeed an issue in the Go SDK which is causing this and it is related to the openapi Go generator template having a serious bug in the discriminator type when "additionalProperties" is allowed. It's going to be a bit of work to fix that :(
I just checked and it looks like I can still read the original body of the response which is luckily returned together with the Flow Object. So I'll do the parsing of the UI attributes in the backend myself for now. Nevertheless, it would be obviously more convenient if it would just work out of the box ;)
Preflight checklist
Ory Network Project
No response
Describe the bug
The registration flow doesn't seem to be properly updated with the error context on failed password validation. While it is showing error messages like "the registration flow has expired .. ago", or "an account with this identifier already exists", the returned UI Messages of the Flow are empty if the password validation has failed. However, looking into the self-hosted kratos container logs, I can find the log message containing:
[..] the password does not fulfill the password policy because: password length must be at least 8 characters but only got 3 [..]
.EDIT: The same seems to happen for webhook errors. They are ignored in the error output and I cannot find them in the flow context.
Reproducing the bug
Run kratos in docker compose and perform the registration self-service flow with an invalid or already pwned password.
Captcha Webhook Handler on Mismatch:
with structs defined as:
Relevant log output
Relevant configuration
Version
v1.0.0
On which operating system are you observing this issue?
Windows
In which environment are you deploying?
Docker Compose
Additional Context
No response