search

ory / kratos

The most scalable and customizable identity server on the market. Replace your Homegrown, Auth0, Okta, Firebase with better UX and DX. Has all the tablestakes: Passkeys, Social Sign In, Multi-Factor Auth, SMS, SAML, TOTP, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
https://www.ory.sh/?utm_source=github&utm_medium=banner&utm_campaign=kratos
Apache License 2.0
11.07k stars 956 forks source link

Cannot patch identity with op: 'test', 'copy', 'move' #4032

Open fmiqbal opened 1 month ago

fmiqbal commented 1 month ago

Preflight checklist

Ory Network Project

No response

Describe the bug

As per API docs on https://www.ory.sh/docs/kratos/reference/api#tag/identity/operation/patchIdentity, there is list of jsonpatch available op, stated as

The operation to be performed. One of "add", "remove", "replace", "move", "copy", or "test".

But I can't actually do "move", "copy", or "test",
just borrowing from https://jsonpatch.com/

curl --location --request PATCH 'http://localhost:4434/admin/identities/a04e0bf8-fb7f-463a-a567-be345458df0c' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data '[
{ "op": "move", "from": "/biscuits/0", "path": "/best_biscuit" }
]'

response

{
    "error": {
        "code": 400,
        "status": "Bad Request",
        "reason": "An error occured when applying the JSON patch",
        "message": "unsupported operation: move"
    }
}

Looking at the code, the error thrown possibly from this

https://github.com/ory/kratos/blob/4f4394c1d0e2322a687520a31a25fc309f2229f3/identity/handler.go#L869-L877

and I notice that it use ory/x/jsonx, from which I found

https://github.com/ory/x/blob/52f7d778c2eea02e3e5bcf638c590c533127baa8/jsonx/patch.go#L17-L21

So at least for now I think the documentation is wrong

Reproducing the bug

From docker quickstart,

  1. create and identity
  2. do this curl
curl --location --request PATCH 'http://localhost:4434/admin/identities/a04e0bf8-fb7f-463a-a567-be345458df0c' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data '[
{ "op": "move", "from": "/biscuits/0", "path": "/best_biscuit" }
]'

Relevant log output

No response

Relevant configuration

No response

Version

1.2.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Docker Compose

Additional Context

No response

renom commented 5 days ago

Having the same issue.

jonas-jonas commented 5 days ago

What's the use case for using those operations? Isn't it easier and more stable to fetch the identity and then apply a replace operation?

renom commented 5 days ago

I'm trying to migrate schemas with copy and move ops. I need to rename some fields. Trying to do that with Postman requests. Without copy and move, I'll have to copy and paste values or write a client (migrator tool).