chore: consistent naming

consent/strategy_default.go

@@ -459,7 +459,7 @@ func (s *DefaultStrategy) verifyAuthentication(
 			return nil, fosite.ErrAccessDenied.WithHint("The login session cookie was not found or malformed.")
 		}
 
-		loginSession.KratosSessionID = f.KratosSessionID
+		loginSession.IdentityProviderSessionID = f.IdentityProviderSessionID
 		if err := s.r.ConsentManager().ConfirmLoginSession(ctx, loginSession, sessionID, time.Time(session.AuthenticatedAt), session.Subject, session.Remember); err != nil {
 			return nil, err
 		}
@@ -1010,7 +1010,7 @@ func (s *DefaultStrategy) performBackChannelLogoutAndDeleteSession(r *http.Reque
 	} else if err != nil {
 		return err
 	} else {
-		innerErr := s.r.Kratos().DisableSession(ctx, session.KratosSessionID.String())
+		innerErr := s.r.Kratos().DisableSession(ctx, session.IdentityProviderSessionID.String())
 		if innerErr != nil {
 			s.r.Logger().WithError(innerErr).WithField("sid", sid).Error("Unable to revoke session in ORY Kratos.")
 		}

consent/strategy_default_test.go

@@ -11,21 +11,18 @@ import (
 	"net/url"
 	"testing"
 
-	hydra "github.com/ory/hydra-client-go/v2"
-
-	"github.com/stretchr/testify/require"
-
-	"github.com/ory/fosite/token/jwt"
-	"github.com/ory/x/urlx"
-
 	"github.com/google/uuid"
+	"github.com/stretchr/testify/require"
 	"github.com/tidwall/gjson"
 
+	"github.com/ory/fosite/token/jwt"
+	hydra "github.com/ory/hydra-client-go/v2"
 	"github.com/ory/hydra/v2/client"
 	. "github.com/ory/hydra/v2/consent"
 	"github.com/ory/hydra/v2/driver"
 	"github.com/ory/hydra/v2/internal/testhelpers"
 	"github.com/ory/x/ioutilx"
+	"github.com/ory/x/urlx"
 )
 
 func checkAndAcceptLoginHandler(t *testing.T, apiClient *hydra.APIClient, subject string, cb func(*testing.T, *hydra.OAuth2LoginRequest, error) hydra.AcceptOAuth2LoginRequest) http.HandlerFunc {

consent/strategy_logout_test.go

@@ -184,7 +184,7 @@ func TestLogoutFlows(t *testing.T) {
 			checkAndAcceptLoginHandler(t, adminApi, subject, func(t *testing.T, res *hydra.OAuth2LoginRequest, err error) hydra.AcceptOAuth2LoginRequest {
 				require.NoError(t, err)
 				//res.Payload.SessionID
-				return hydra.AcceptOAuth2LoginRequest{Remember: pointerx.Ptr(true), KratosSessionId: pointerx.Ptr(kratos.FakeSessionID)}
+				return hydra.AcceptOAuth2LoginRequest{Remember: pointerx.Ptr(true), IdentityProviderSessionId: pointerx.Ptr(kratos.FakeSessionID)}
 			}),
 			checkAndAcceptConsentHandler(t, adminApi, func(t *testing.T, res *hydra.OAuth2ConsentRequest, err error) hydra.AcceptOAuth2ConsentRequest {
 				require.NoError(t, err)

driver/config/provider.go

@@ -80,7 +80,7 @@ const (
 	KeyPublicURL                                 = "urls.self.public"
 	KeyAdminURL                                  = "urls.self.admin"
 	KeyIssuerURL                                 = "urls.self.issuer"
-	KeyKratosAdminURL                            = "urls.kratos.admin"
+	KeyIdentityProviderAdminURL                  = "urls.identity_provider.admin_base_url"
 	KeyAccessTokenStrategy                       = "strategies.access_token"
 	KeyJWTScopeClaimStrategy                     = "strategies.jwt.scope_claim"
 	KeyDBIgnoreUnknownTableColumns               = "db.ignore_unknown_table_columns"
@@ -105,8 +105,10 @@ const (
 
 const DSNMemory = "memory"
 
-var _ hasherx.PBKDF2Configurator = (*DefaultProvider)(nil)
-var _ hasherx.BCryptConfigurator = (*DefaultProvider)(nil)
+var (
+	_ hasherx.PBKDF2Configurator = (*DefaultProvider)(nil)
+	_ hasherx.BCryptConfigurator = (*DefaultProvider)(nil)
+)
 
 type DefaultProvider struct {
 	l *logrusx.Logger
@@ -395,7 +397,7 @@ func (p *DefaultProvider) IssuerURL(ctx context.Context) *url.URL {
 }
 
 func (p *DefaultProvider) KratosAdminURL(ctx context.Context) (*url.URL, bool) {
-	u := p.getProvider(ctx).RequestURIF(KeyKratosAdminURL, nil)
+	u := p.getProvider(ctx).RequestURIF(KeyIdentityProviderAdminURL, nil)
 
 	return u, u != nil
 }

flow/consent_types.go

@@ -42,12 +42,12 @@ type OAuth2RedirectTo struct {
 
 // swagger:ignore
 type LoginSession struct {
-	ID              string           `db:"id"`
-	NID             uuid.UUID        `db:"nid"`
-	AuthenticatedAt sqlxx.NullTime   `db:"authenticated_at"`
-	Subject         string           `db:"subject"`
-	KratosSessionID sqlxx.NullString `db:"kratos_session_id"`
-	Remember        bool             `db:"remember"`
+	ID                        string           `db:"id"`
+	NID                       uuid.UUID        `db:"nid"`
+	AuthenticatedAt           sqlxx.NullTime   `db:"authenticated_at"`
+	Subject                   string           `db:"subject"`
+	IdentityProviderSessionID sqlxx.NullString `db:"identity_provider_session_id"`
+	Remember                  bool             `db:"remember"`
 }
 
 func (LoginSession) TableName() string {
@@ -293,11 +293,11 @@ type HandledLoginRequest struct {
 	// required: true
 	Subject string `json:"subject"`
 
-	// KratosSessionID is the session ID of the end-user that authenticated.
+	// IdentityProviderSessionID is the session ID of the end-user that authenticated.
 	// If specified, we will use this value to propagate the logout.
 	//
 	// required: false
-	KratosSessionID string `json:"kratos_session_id,omitempty"`
+	IdentityProviderSessionID string `json:"identity_provider_session_id,omitempty"`
 
 	// ForceSubjectIdentifier forces the "pairwise" user ID of the end-user that authenticated. The "pairwise" user ID refers to the
 	// (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID

flow/flow.go

@@ -136,7 +136,9 @@ type Flow struct {
 	// channel logout. Its value can generally be used to associate consecutive login requests by a certain user.
 	SessionID sqlxx.NullString `db:"login_session_id"`
 
-	KratosSessionID sqlxx.NullString `db:"kratos_session_id"`
+	// IdentityProviderSessionID is the session ID of the end-user that authenticated.
+	// If specified, we will use this value to propagate the logout.
+	IdentityProviderSessionID sqlxx.NullString `db:"identity_provider_session_id"`
 
 	LoginVerifier string `db:"login_verifier"`
 	LoginCSRF     string `db:"login_csrf"`
@@ -293,7 +295,7 @@ func (f *Flow) HandleLoginRequest(h *HandledLoginRequest) error {
 	f.ForceSubjectIdentifier = h.ForceSubjectIdentifier
 	f.LoginError = h.Error
 
-	f.KratosSessionID = sqlxx.NullString(h.KratosSessionID)
+	f.IdentityProviderSessionID = sqlxx.NullString(h.IdentityProviderSessionID)
 	f.LoginRemember = h.Remember
 	f.LoginRememberFor = h.RememberFor
 	f.LoginExtendSessionLifespan = h.ExtendSessionLifespan
@@ -307,21 +309,21 @@ func (f *Flow) HandleLoginRequest(h *HandledLoginRequest) error {
 
 func (f *Flow) GetHandledLoginRequest() HandledLoginRequest {
 	return HandledLoginRequest{
-		ID:                     f.ID,
-		Remember:               f.LoginRemember,
-		RememberFor:            f.LoginRememberFor,
-		ExtendSessionLifespan:  f.LoginExtendSessionLifespan,
-		ACR:                    f.ACR,
-		AMR:                    f.AMR,
-		Subject:                f.Subject,
-		KratosSessionID:        f.KratosSessionID.String(),
-		ForceSubjectIdentifier: f.ForceSubjectIdentifier,
-		Context:                f.Context,
-		WasHandled:             f.LoginWasUsed,
-		Error:                  f.LoginError,
-		LoginRequest:           f.GetLoginRequest(),
-		RequestedAt:            f.RequestedAt,
-		AuthenticatedAt:        f.LoginAuthenticatedAt,
+		ID:                        f.ID,
+		Remember:                  f.LoginRemember,
+		RememberFor:               f.LoginRememberFor,
+		ExtendSessionLifespan:     f.LoginExtendSessionLifespan,
+		ACR:                       f.ACR,
+		AMR:                       f.AMR,
+		Subject:                   f.Subject,
+		IdentityProviderSessionID: f.IdentityProviderSessionID.String(),
+		ForceSubjectIdentifier:    f.ForceSubjectIdentifier,
+		Context:                   f.Context,
+		WasHandled:                f.LoginWasUsed,
+		Error:                     f.LoginError,
+		LoginRequest:              f.GetLoginRequest(),
+		RequestedAt:               f.RequestedAt,
+		AuthenticatedAt:           f.LoginAuthenticatedAt,
 	}
 }
 

flow/flow_test.go

@@ -42,7 +42,7 @@ func (f *Flow) setHandledLoginRequest(r *HandledLoginRequest) {
 	f.ACR = r.ACR
 	f.AMR = r.AMR
 	f.Subject = r.Subject
-	f.KratosSessionID = sqlxx.NullString(r.KratosSessionID)
+	f.IdentityProviderSessionID = sqlxx.NullString(r.IdentityProviderSessionID)
 	f.ForceSubjectIdentifier = r.ForceSubjectIdentifier
 	f.Context = r.Context
 	f.LoginWasUsed = r.WasHandled

internal/httpclient/api/openapi.yaml

@@ -1989,9 +1989,10 @@ components:
             \ the proper value, then authentication processes which have id_token_hint\
             \ set might fail."
           type: string
-        kratos_session_id:
-          description: "KratosSessionID is the session ID of the end-user that authenticated.\n\
-            If specified, we will use this value to propagate the logout."
+        identity_provider_session_id:
+          description: "IdentityProviderSessionID is the session ID of the end-user\
+            \ that authenticated.\nIf specified, we will use this value to propagate\
+            \ the logout."
           type: string
         remember:
           description: "Remember, if set to true, tells ORY Hydra to remember this\

internal/httpclient/docs/AcceptOAuth2LoginRequest.md

@@ -9,7 +9,7 @@ Name | Type | Description | Notes
 **Context** | Pointer to **interface{}** |  | [optional] 
 **ExtendSessionLifespan** | Pointer to **bool** | Extend OAuth2 authentication session lifespan  If set to `true`, the OAuth2 authentication cookie lifespan is extended. This is for example useful if you want the user to be able to use `prompt=none` continuously.  This value can only be set to `true` if the user has an authentication, which is the case if the `skip` value is `true`. | [optional] 
 **ForceSubjectIdentifier** | Pointer to **string** | ForceSubjectIdentifier forces the \"pairwise\" user ID of the end-user that authenticated. The \"pairwise\" user ID refers to the (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID Connect specification. It allows you to set an obfuscated subject (\"user\") identifier that is unique to the client.  Please note that this changes the user ID on endpoint /userinfo and sub claim of the ID Token. It does not change the sub claim in the OAuth 2.0 Introspection.  Per default, ORY Hydra handles this value with its own algorithm. In case you want to set this yourself you can use this field. Please note that setting this field has no effect if `pairwise` is not configured in ORY Hydra or the OAuth 2.0 Client does not expect a pairwise identifier (set via `subject_type` key in the client's configuration).  Please also be aware that ORY Hydra is unable to properly compute this value during authentication. This implies that you have to compute this value on every authentication process (probably depending on the client ID or some other unique value).  If you fail to compute the proper value, then authentication processes which have id_token_hint set might fail. | [optional] 
-**KratosSessionId** | Pointer to **string** | KratosSessionID is the session ID of the end-user that authenticated. If specified, we will use this value to propagate the logout. | [optional] 
+**IdentityProviderSessionId** | Pointer to **string** | IdentityProviderSessionID is the session ID of the end-user that authenticated. If specified, we will use this value to propagate the logout. | [optional] 
 **Remember** | Pointer to **bool** | Remember, if set to true, tells ORY Hydra to remember this user by telling the user agent (browser) to store a cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, he/she will not be asked to log in again. | [optional] 
 **RememberFor** | Pointer to **int64** | RememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the authorization will be remembered for the duration of the browser session (using a session cookie). | [optional] 
 **Subject** | **string** | Subject is the user ID of the end-user that authenticated. | 
@@ -168,30 +168,30 @@ SetForceSubjectIdentifier sets ForceSubjectIdentifier field to given value.
 
 HasForceSubjectIdentifier returns a boolean if a field has been set.
 
-### GetKratosSessionId
+### GetIdentityProviderSessionId
 
-`func (o *AcceptOAuth2LoginRequest) GetKratosSessionId() string`
+`func (o *AcceptOAuth2LoginRequest) GetIdentityProviderSessionId() string`
 
-GetKratosSessionId returns the KratosSessionId field if non-nil, zero value otherwise.
+GetIdentityProviderSessionId returns the IdentityProviderSessionId field if non-nil, zero value otherwise.
 
-### GetKratosSessionIdOk
+### GetIdentityProviderSessionIdOk
 
-`func (o *AcceptOAuth2LoginRequest) GetKratosSessionIdOk() (*string, bool)`
+`func (o *AcceptOAuth2LoginRequest) GetIdentityProviderSessionIdOk() (*string, bool)`
 
-GetKratosSessionIdOk returns a tuple with the KratosSessionId field if it's non-nil, zero value otherwise
+GetIdentityProviderSessionIdOk returns a tuple with the IdentityProviderSessionId field if it's non-nil, zero value otherwise
 and a boolean to check if the value has been set.
 
-### SetKratosSessionId
+### SetIdentityProviderSessionId
 
-`func (o *AcceptOAuth2LoginRequest) SetKratosSessionId(v string)`
+`func (o *AcceptOAuth2LoginRequest) SetIdentityProviderSessionId(v string)`
 
-SetKratosSessionId sets KratosSessionId field to given value.
+SetIdentityProviderSessionId sets IdentityProviderSessionId field to given value.
 
-### HasKratosSessionId
+### HasIdentityProviderSessionId
 
-`func (o *AcceptOAuth2LoginRequest) HasKratosSessionId() bool`
+`func (o *AcceptOAuth2LoginRequest) HasIdentityProviderSessionId() bool`
 
-HasKratosSessionId returns a boolean if a field has been set.
+HasIdentityProviderSessionId returns a boolean if a field has been set.
 
 ### GetRemember
 

internal/kratos/fake_kratos.go

@@ -22,9 +22,9 @@ func NewFake() *FakeKratos {
 	return &FakeKratos{}
 }
 
-func (f *FakeKratos) DisableSession(_ context.Context, kratosSessionID string) error {
+func (f *FakeKratos) DisableSession(ctx context.Context, identityProviderSessionID string) error {
 	f.DisableSessionWasCalled = true
-	f.LastDisabledSession = kratosSessionID
+	f.LastDisabledSession = identityProviderSessionID
 
 	return nil
 }