Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Recovery flow breaks with emails containing uppercase characters #2426

Closed
5 of 6 tasks
nkeenan38 opened this issue Apr 26, 2022 · 3 comments
Closed
5 of 6 tasks

Recovery flow breaks with emails containing uppercase characters #2426

nkeenan38 opened this issue Apr 26, 2022 · 3 comments
Labels
bug Something is not working. good first issue A good issue to tackle when being a novice to the project. taken

Comments

@nkeenan38
Copy link

Preflight checklist

Describe the bug

When an identity is created with an email containing uppercase characters, most self-service flow correctly behave and ignore casing. It seems that uppercase letter break the recovery flow. No matter the casing of the input, the recovery flow always sends the invalid recovery email template. This happens even when the value in identity_recovery_addresses has the same casing as the trait in the email.

Reproducing the bug

  1. Create a new user with an email containing uppercase characters through self-service registration.
  2. Verify the email if necessary in the configuration.
  3. Try the self service recovery flow with the email used.

The email in question should receive the invalid recovery email template.

Relevant log output

No response

Relevant configuration

No response

Version

v0.9.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Kubernetes

Additional Context

No response
@nkeenan38 nkeenan38 added the bug Something is not working. label Apr 26, 2022
@aeneasr
Copy link
Member

aeneasr commented Apr 26, 2022

Thank you for the report - I believe that this was fixed but it is possible that it wasn't. Are you 100% certain to be on the latest version of Ory Kratos? You can confirm this using kratos version. Thanks!

@kszafran
Copy link
Contributor

kszafran commented Apr 28, 2022
edited
Loading

I have just encountered a similar problem. It worked in 0.8.2. I suspect the problem is that the code has been changed in 0.9.0 to store recovery and verifiable email addresses in lowercase, but migrations haven't converted existing addresses. So users created with uppercase chars before upgrading to 0.9.0 can't go through the recovery flow. It can be fixed by updating addresses in the DB:

update identity_recovery_addresses set value=lower(value);
update identity_verifiable_addresses set value=lower(value);

Users created in 0.9.0 don't exhibit this problem.

@fokoenecke
Copy link

fokoenecke commented May 16, 2022
edited
Loading

We just updated from 0.8.2 to 0.9.0-alpha.3 and encountered the same problem for new users. (not able to reproduce in 0.8.2).

@aeneasr aeneasr added good first issue A good issue to tackle when being a novice to the project. taken labels Jun 8, 2022
@flxbk flxbk mentioned this issue Jun 10, 2022
Merged
7 tasks
@aeneasr aeneasr closed this as completed in c058e23 Jul 5, 2022
peturgeorgievv pushed a commit to senteca/kratos-fork that referenced this issue Jun 30, 2023
@flxbk
fix(identity): migrate identity_addresses to lower case (ory#2517)
c9473c3 
Closes ory#2426
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something is not working. good first issue A good issue to tackle when being a novice to the project. taken
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kszafran @aeneasr @fokoenecke @nkeenan38