From e0a4010b84b43f364be14414a380c872b166274d Mon Sep 17 00:00:00 2001 From: hackerman <3372410+aeneasr@users.noreply.github.com> Date: Tue, 16 Jul 2024 17:24:09 +0200 Subject: [PATCH] fix: add continue with only for json browser requests (#4002) --- selfservice/flow/login/hook.go | 2 +- ...teLogin-case=totp_payload_is_set_when_identity_has_totp.json | 1 - selfservice/strategy/totp/login.go | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/selfservice/flow/login/hook.go b/selfservice/flow/login/hook.go index f662290d598b..a94b3291f4a3 100644 --- a/selfservice/flow/login/hook.go +++ b/selfservice/flow/login/hook.go @@ -159,7 +159,7 @@ func (e *HookExecutor) PostLoginHook( "redirect_reason": "login successful", })...) - if f.Type == flow.TypeBrowser { + if f.Type == flow.TypeBrowser && x.IsJSONRequest(r) { f.AddContinueWith(flow.NewContinueWithRedirectBrowserTo(returnTo.String())) } diff --git a/selfservice/strategy/totp/.snapshots/TestCompleteLogin-case=totp_payload_is_set_when_identity_has_totp.json b/selfservice/strategy/totp/.snapshots/TestCompleteLogin-case=totp_payload_is_set_when_identity_has_totp.json index 23611d1c2255..afae3de49f05 100644 --- a/selfservice/strategy/totp/.snapshots/TestCompleteLogin-case=totp_payload_is_set_when_identity_has_totp.json +++ b/selfservice/strategy/totp/.snapshots/TestCompleteLogin-case=totp_payload_is_set_when_identity_has_totp.json @@ -15,7 +15,6 @@ { "attributes": { "disabled": false, - "maxlength": 6, "name": "totp_code", "node_type": "input", "required": true, diff --git a/selfservice/strategy/totp/login.go b/selfservice/strategy/totp/login.go index 7b4564cb165d..2aaface8dc5c 100644 --- a/selfservice/strategy/totp/login.go +++ b/selfservice/strategy/totp/login.go @@ -50,7 +50,7 @@ func (s *Strategy) PopulateLoginMethod(r *http.Request, requestedAAL identity.Au } sr.UI.SetCSRF(s.d.GenerateCSRFToken(r)) - sr.UI.SetNode(node.NewInputField("totp_code", "", node.TOTPGroup, node.InputAttributeTypeText, node.WithRequiredInputAttribute, node.WithMaxLengthInputAttribute(int(digits))).WithMetaLabel(text.NewInfoLoginTOTPLabel())) + sr.UI.SetNode(node.NewInputField("totp_code", "", node.TOTPGroup, node.InputAttributeTypeText, node.WithRequiredInputAttribute).WithMetaLabel(text.NewInfoLoginTOTPLabel())) sr.UI.GetNodes().Append(node.NewInputField("method", s.ID(), node.TOTPGroup, node.InputAttributeTypeSubmit).WithMetaLabel(text.NewInfoLoginTOTP())) return nil