From 05256232bf85d68e068eece6c883f46a447ba5bd Mon Sep 17 00:00:00 2001 From: Nanik Date: Fri, 30 Jul 2021 19:23:54 +1000 Subject: [PATCH] fix: add new message when refresh parameter is true (#1560) Closes #1117 Co-authored-by: aeneasr <3372410+aeneasr@users.noreply.github.com> --- selfservice/flow/login/handler.go | 6 ++++++ selfservice/flow/login/handler_test.go | 9 +++++++++ selfservice/strategy/password/login_test.go | 10 ++++++++++ text/message_login.go | 16 +++++++++++++--- 4 files changed, 38 insertions(+), 3 deletions(-) diff --git a/selfservice/flow/login/handler.go b/selfservice/flow/login/handler.go index 49f1af77fed6..847e15d90d08 100644 --- a/selfservice/flow/login/handler.go +++ b/selfservice/flow/login/handler.go @@ -4,6 +4,8 @@ import ( "net/http" "time" + "github.com/ory/kratos/text" + "github.com/ory/nosurf" "github.com/ory/kratos/identity" @@ -93,6 +95,10 @@ func (h *Handler) NewLoginFlow(w http.ResponseWriter, r *http.Request, flow flow return nil, err } + if f.Forced { + f.UI.Messages.Set(text.NewInfoLoginReAuth()) + } + if err := h.d.LoginHookExecutor().PreLoginHook(w, r, f); err != nil { return nil, err } diff --git a/selfservice/flow/login/handler_test.go b/selfservice/flow/login/handler_test.go index b6ec5d0a1b79..80068342175b 100644 --- a/selfservice/flow/login/handler_test.go +++ b/selfservice/flow/login/handler_test.go @@ -9,6 +9,8 @@ import ( "testing" "time" + "github.com/ory/kratos/text" + "github.com/gobuffalo/httptest" "github.com/gofrs/uuid" @@ -124,6 +126,13 @@ func TestInitFlow(t *testing.T) { assert.Contains(t, res.Request.URL.String(), login.RouteInitAPIFlow) assertion(body, true, true) }) + + t.Run("case=check info message on authenticated request with refresh=true", func(t *testing.T) { + res, body := initAuthenticatedFlow(t, url.Values{"refresh": {"true"}}, true) + assert.Contains(t, res.Request.URL.String(), login.RouteInitAPIFlow) + assertion(body, true, true) + assert.Equal(t, gjson.GetBytes(body, "ui.messages.0.text").String(), text.NewInfoLoginReAuth().Text) + }) }) t.Run("flow=browser", func(t *testing.T) { diff --git a/selfservice/strategy/password/login_test.go b/selfservice/strategy/password/login_test.go index 2684373cc0e3..fb172450ec74 100644 --- a/selfservice/strategy/password/login_test.go +++ b/selfservice/strategy/password/login_test.go @@ -535,6 +535,16 @@ func TestCompleteLogin(t *testing.T) { assert.Equal(t, identifier, gjson.GetBytes(body, "ui.nodes.#(attributes.name==password_identifier).attributes.value").String(), "%s", body) assert.Empty(t, gjson.GetBytes(body, "ui.nodes.#(attributes.name==password).attributes.value").String(), "%s", body) }) + + t.Run("show verification confirmation when refresh is set to true", func(t *testing.T) { + res, err := c.Do(testhelpers.NewHTTPGetJSONRequest(t, publicTS.URL+login.RouteInitAPIFlow+"?refresh=true")) + require.NoError(t, err) + defer res.Body.Close() + body := ioutilx.MustReadAll(res.Body) + + assert.True(t, gjson.GetBytes(body, "forced").Bool()) + assert.Contains(t, gjson.GetBytes(body, "ui.messages.0.text").String(), "verifying that", "%s", body) + }) }) }) }) diff --git a/text/message_login.go b/text/message_login.go index 939c12b9127a..d47b8744c736 100644 --- a/text/message_login.go +++ b/text/message_login.go @@ -6,9 +6,10 @@ import ( ) const ( - InfoSelfServiceLoginRoot ID = 1010000 + iota // 1010000 - InfoSelfServiceLogin // 1010001 - InfoSelfServiceLoginWith // 1010002 + InfoSelfServiceLoginRoot ID = 1010000 + iota // 1010000 + InfoSelfServiceLogin // 1010001 + InfoSelfServiceLoginWith // 1010002 + InfoSelfServiceLoginReAuth // 1010003 ) const ( @@ -21,6 +22,15 @@ const ( ErrorValidationVerificationNoStrategyFound // 4010006 ) +func NewInfoLoginReAuth() *Message { + return &Message{ + ID: InfoSelfServiceLoginReAuth, + Type: Info, + Text: "Please confirm this action by verifying that it's you.", + Context: context(nil), + } +} + func NewInfoLogin() *Message { return &Message{ ID: InfoSelfServiceLogin,