From c97f77a0388c0120f6f3b662e05d7e15abef40a3 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 00:31:24 +0530 Subject: [PATCH 01/27] add session destroy --- driver/registry_default_hooks.go | 7 ++++++- selfservice/hook/hooks.go | 5 +++-- selfservice/hook/session_destroyer.go | 30 +++++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 3 deletions(-) create mode 100644 selfservice/hook/session_destroyer.go diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index 13a664ef1d10..c9fd3bb1262b 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -16,11 +16,16 @@ func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, co for _, h := range configs { switch h.Run { - case hook.KeySessionIssuer: + case hook.KeySession: i = append( i, hook.NewSessionIssuer(m), ) + case hook.KeySessionDestroyer: + i = append( + i, + hook.NewSessionDestroyer(m), + ) case hook.KeyRedirector: var rc struct { R string `json:"default_redirect_url"` diff --git a/selfservice/hook/hooks.go b/selfservice/hook/hooks.go index dc5928dfc66a..92cfbe15994d 100644 --- a/selfservice/hook/hooks.go +++ b/selfservice/hook/hooks.go @@ -1,6 +1,7 @@ package hook const ( - KeySessionIssuer = "session" - KeyRedirector = "redirect" + KeySessionIssuer = "session" + KeyRedirector = "redirect" + KeySessionDestroyer = "session_destroyer" ) diff --git a/selfservice/hook/session_destroyer.go b/selfservice/hook/session_destroyer.go new file mode 100644 index 000000000000..e5474c56700c --- /dev/null +++ b/selfservice/hook/session_destroyer.go @@ -0,0 +1,30 @@ +package hook + +import ( + "net/http" + + "github.com/ory/kratos/selfservice/flow/login" + "github.com/ory/kratos/session" +) + +var _ login.PostHookExecutor = new(SessionDestroyer) + +type sessionDestroyerDependencies interface { + session.ManagementProvider + session.PersistenceProvider +} + +type SessionDestroyer struct { + r sessionDestroyerDependencies +} + +func NewSessionDestroyer(r sessionDestroyerDependencies) *SessionDestroyer { + return &SessionDestroyer{r: r} +} + +func (e *SessionDestroyer) ExecuteLoginPostHook(w http.ResponseWriter, r *http.Request, a *login.Request, s *session.Session) error { + if err := e.r.SessionPersister().DeleteSession(r.Context(), s.ID); err != nil { + return err + } + return ) +} From 7798e3bb3d1623fa0bca7bc334428e803b26e0f4 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 00:56:01 +0530 Subject: [PATCH 02/27] typo fix --- driver/registry_default_hooks.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index c9fd3bb1262b..23b5a544a405 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -16,7 +16,7 @@ func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, co for _, h := range configs { switch h.Run { - case hook.KeySession: + case hook.KeySessionIssuer: i = append( i, hook.NewSessionIssuer(m), From 1caf6c1bde18e66cde834e0f3a3519bbc0f5a78c Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 00:56:27 +0530 Subject: [PATCH 03/27] session destroyer init --- selfservice/hook/session_destroyer_test.go | 42 ++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 selfservice/hook/session_destroyer_test.go diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go new file mode 100644 index 000000000000..59a86d9f5ee9 --- /dev/null +++ b/selfservice/hook/session_destroyer_test.go @@ -0,0 +1,42 @@ +package hook_test + +import ( + "context" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/ory/viper" + + "github.com/ory/kratos/driver/configuration" + "github.com/ory/kratos/identity" + "github.com/ory/kratos/internal" + "github.com/ory/kratos/selfservice/hook" + "github.com/ory/kratos/session" + "github.com/ory/kratos/x" +) + +func TestSessionDestroyer(t *testing.T) { + _, reg := internal.NewRegistryDefault(t) + viper.Set(configuration.ViperKeyURLsSelfPublic, "http://localhost/") + viper.Set(configuration.ViperKeyDefaultIdentityTraitsSchemaURL, "file://./stub/stub.schema.json") + + var r http.Request + h := hook.NewSessionDestroyer(reg) + + t.Run("method=sign-in", func(t *testing.T) { + w := httptest.NewRecorder() + sid := x.NewUUID() + + i := identity.NewIdentity("") + require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) + require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) + + got, err := reg.SessionPersister().GetSession(context.Background(), sid) + require.NoError(t, err) + assert.Equal(t, sid, got.ID) + }) +} From 2369fd74e5fb817df44c9c69db19d2e1e8b4969a Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 01:35:34 +0530 Subject: [PATCH 04/27] impliment dummy ExecuteRegistrationPostHook --- docs/.kratos.yaml | 2 ++ driver/registry_default_hooks.go | 1 - selfservice/hook/hooks.go | 2 +- selfservice/hook/session_destroyer.go | 8 ++++- selfservice/hook/session_destroyer_test.go | 42 ---------------------- 5 files changed, 10 insertions(+), 45 deletions(-) delete mode 100644 selfservice/hook/session_destroyer_test.go diff --git a/docs/.kratos.yaml b/docs/.kratos.yaml index 2a7dae93ca02..c28e6a85d591 100644 --- a/docs/.kratos.yaml +++ b/docs/.kratos.yaml @@ -68,12 +68,14 @@ selfservice: after: password: - run: session + - run: revoke_active_sesions - run: redirect config: default_redirect_url: http://test.kratos.ory.sh:4000/ allow_user_defined_redirect: true oidc: - run: session + - run: revoke_active_sesions - run: redirect config: default_redirect_url: http://test.kratos.ory.sh:4000/ diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index 23b5a544a405..de9d28ae1ea7 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -13,7 +13,6 @@ import ( func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, configs []configuration.SelfServiceHook) postHooks { var i postHooks - for _, h := range configs { switch h.Run { case hook.KeySessionIssuer: diff --git a/selfservice/hook/hooks.go b/selfservice/hook/hooks.go index 92cfbe15994d..18b4fcef10ad 100644 --- a/selfservice/hook/hooks.go +++ b/selfservice/hook/hooks.go @@ -3,5 +3,5 @@ package hook const ( KeySessionIssuer = "session" KeyRedirector = "redirect" - KeySessionDestroyer = "session_destroyer" + KeySessionDestroyer = "revoke_active_sesions" ) diff --git a/selfservice/hook/session_destroyer.go b/selfservice/hook/session_destroyer.go index e5474c56700c..b1eb11887f0e 100644 --- a/selfservice/hook/session_destroyer.go +++ b/selfservice/hook/session_destroyer.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/ory/kratos/selfservice/flow/login" + "github.com/ory/kratos/selfservice/flow/registration" "github.com/ory/kratos/session" ) @@ -22,9 +23,14 @@ func NewSessionDestroyer(r sessionDestroyerDependencies) *SessionDestroyer { return &SessionDestroyer{r: r} } +func (e *SessionDestroyer) ExecuteRegistrationPostHook(w http.ResponseWriter, r *http.Request, a *registration.Request, s *session.Session) error { + + return nil +} + func (e *SessionDestroyer) ExecuteLoginPostHook(w http.ResponseWriter, r *http.Request, a *login.Request, s *session.Session) error { if err := e.r.SessionPersister().DeleteSession(r.Context(), s.ID); err != nil { return err } - return ) + return nil } diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go deleted file mode 100644 index 59a86d9f5ee9..000000000000 --- a/selfservice/hook/session_destroyer_test.go +++ /dev/null @@ -1,42 +0,0 @@ -package hook_test - -import ( - "context" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/ory/viper" - - "github.com/ory/kratos/driver/configuration" - "github.com/ory/kratos/identity" - "github.com/ory/kratos/internal" - "github.com/ory/kratos/selfservice/hook" - "github.com/ory/kratos/session" - "github.com/ory/kratos/x" -) - -func TestSessionDestroyer(t *testing.T) { - _, reg := internal.NewRegistryDefault(t) - viper.Set(configuration.ViperKeyURLsSelfPublic, "http://localhost/") - viper.Set(configuration.ViperKeyDefaultIdentityTraitsSchemaURL, "file://./stub/stub.schema.json") - - var r http.Request - h := hook.NewSessionDestroyer(reg) - - t.Run("method=sign-in", func(t *testing.T) { - w := httptest.NewRecorder() - sid := x.NewUUID() - - i := identity.NewIdentity("") - require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) - require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) - - got, err := reg.SessionPersister().GetSession(context.Background(), sid) - require.NoError(t, err) - assert.Equal(t, sid, got.ID) - }) -} From 181bfce5a622ce91194a4552efb63662b9504a6e Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 01:41:09 +0530 Subject: [PATCH 05/27] impliment test case and error fix --- driver/registry_default_hooks.go | 5 --- selfservice/hook/session_destroyer_test.go | 43 ++++++++++++++++++++++ 2 files changed, 43 insertions(+), 5 deletions(-) create mode 100644 selfservice/hook/session_destroyer_test.go diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index de9d28ae1ea7..018bf385e806 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -20,11 +20,6 @@ func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, co i, hook.NewSessionIssuer(m), ) - case hook.KeySessionDestroyer: - i = append( - i, - hook.NewSessionDestroyer(m), - ) case hook.KeyRedirector: var rc struct { R string `json:"default_redirect_url"` diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go new file mode 100644 index 000000000000..50d4ac2cd07c --- /dev/null +++ b/selfservice/hook/session_destroyer_test.go @@ -0,0 +1,43 @@ +package hook_test + +import ( + "context" + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/ory/viper" + + "github.com/ory/kratos/driver/configuration" + "github.com/ory/kratos/identity" + "github.com/ory/kratos/internal" + "github.com/ory/kratos/selfservice/hook" + "github.com/ory/kratos/session" + "github.com/ory/kratos/x" +) + +func TestSessionIssuer(t *testing.T) { + _, reg := internal.NewRegistryDefault(t) + viper.Set(configuration.ViperKeyURLsSelfPublic, "http://localhost/") + viper.Set(configuration.ViperKeyDefaultIdentityTraitsSchemaURL, "file://./stub/stub.schema.json") + + var r http.Request + h := hook.NewSessionIssuer(reg) + + t.Run("method=sign-in", func(t *testing.T) { + w := httptest.NewRecorder() + sid := x.NewUUID() + + i := identity.NewIdentity("") + require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) + require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) + + got, err := reg.SessionPersister().GetSession(context.Background(), sid) + require.NoError(t, err) + assert.Equal(t, sid, got.ID) // check if session not exist + }) + +} From 84604428d3d9bd59cd56460058b28771bd2814d0 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 01:55:56 +0530 Subject: [PATCH 06/27] test case updated --- selfservice/hook/session_destroyer.go | 2 +- selfservice/hook/session_destroyer_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/selfservice/hook/session_destroyer.go b/selfservice/hook/session_destroyer.go index b1eb11887f0e..cd991cfe8fd2 100644 --- a/selfservice/hook/session_destroyer.go +++ b/selfservice/hook/session_destroyer.go @@ -29,7 +29,7 @@ func (e *SessionDestroyer) ExecuteRegistrationPostHook(w http.ResponseWriter, r } func (e *SessionDestroyer) ExecuteLoginPostHook(w http.ResponseWriter, r *http.Request, a *login.Request, s *session.Session) error { - if err := e.r.SessionPersister().DeleteSession(r.Context(), s.ID); err != nil { + if err := e.r.SessionPersister().DeleteSession(r.Context(), s.Identity.ID); err != nil { return err } return nil diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 50d4ac2cd07c..0e494adad2c7 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -37,7 +37,7 @@ func TestSessionIssuer(t *testing.T) { got, err := reg.SessionPersister().GetSession(context.Background(), sid) require.NoError(t, err) - assert.Equal(t, sid, got.ID) // check if session not exist + assert.NoEqual(t, sid, got.ID) // check if session not exist }) } From ce285933548833e6920fba38d2bc37ff33bc2c16 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 17:48:51 +0530 Subject: [PATCH 07/27] Revert the blank line --- driver/registry_default_hooks.go | 1 + 1 file changed, 1 insertion(+) diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index 018bf385e806..13a664ef1d10 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -13,6 +13,7 @@ import ( func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, configs []configuration.SelfServiceHook) postHooks { var i postHooks + for _, h := range configs { switch h.Run { case hook.KeySessionIssuer: From 4581b83693fabb1e40a8741089015c47fa1448c8 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 17:49:31 +0530 Subject: [PATCH 08/27] Added new interface DeleteSessionsFor --- persistence/sql/persister_session.go | 12 ++++++++++++ session/persistence.go | 3 +++ 2 files changed, 15 insertions(+) diff --git a/persistence/sql/persister_session.go b/persistence/sql/persister_session.go index 1eb0ce09bf8d..d8031ad0c61b 100644 --- a/persistence/sql/persister_session.go +++ b/persistence/sql/persister_session.go @@ -4,6 +4,7 @@ import ( "context" "github.com/gofrs/uuid" + "github.com/pkg/errors" "github.com/ory/x/sqlcon" @@ -27,3 +28,14 @@ func (p *Persister) CreateSession(ctx context.Context, s *session.Session) error func (p *Persister) DeleteSession(ctx context.Context, sid uuid.UUID) error { return p.c.Destroy(&session.Session{ID: sid}) // This must not be eager or identities will be created / updated } + +func (p *Persister) DeleteSessionsFor(ctx context.Context, sid uuid.UUID) error { + count, err := p.c.RawQuery("DELETE FROM sessions WHERE identity_id =?", sid).ExecWithCount() + if err != nil { + return sqlcon.HandleError(err) + } + if count == 0 { + return errors.WithStack(sqlcon.ErrNoRows) + } + return nil +} diff --git a/session/persistence.go b/session/persistence.go index 16d39829c043..f70e20f0c8e4 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -29,6 +29,9 @@ type Persister interface { // Delete removes a session from the store DeleteSession(ctx context.Context, sid uuid.UUID) error + + // Delete removes a session the store + DeleteSessionsFor(ctx context.Context, sid uuid.UUID) error } func TestPersister(p interface { From c6f7667d55b3e3594e4de6d4b639a597e0c3ab92 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 17:50:00 +0530 Subject: [PATCH 09/27] Fix the syntax error from code --- selfservice/hook/session_destroyer.go | 3 +-- selfservice/hook/session_destroyer_test.go | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/selfservice/hook/session_destroyer.go b/selfservice/hook/session_destroyer.go index cd991cfe8fd2..cccab461c8c9 100644 --- a/selfservice/hook/session_destroyer.go +++ b/selfservice/hook/session_destroyer.go @@ -24,12 +24,11 @@ func NewSessionDestroyer(r sessionDestroyerDependencies) *SessionDestroyer { } func (e *SessionDestroyer) ExecuteRegistrationPostHook(w http.ResponseWriter, r *http.Request, a *registration.Request, s *session.Session) error { - return nil } func (e *SessionDestroyer) ExecuteLoginPostHook(w http.ResponseWriter, r *http.Request, a *login.Request, s *session.Session) error { - if err := e.r.SessionPersister().DeleteSession(r.Context(), s.Identity.ID); err != nil { + if err := e.r.SessionPersister().DeleteSessionsFor(r.Context(), s.Identity.ID); err != nil { return err } return nil diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 0e494adad2c7..63b6a4642add 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -19,7 +19,7 @@ import ( "github.com/ory/kratos/x" ) -func TestSessionIssuer(t *testing.T) { +func TestSessionDestroyer(t *testing.T) { _, reg := internal.NewRegistryDefault(t) viper.Set(configuration.ViperKeyURLsSelfPublic, "http://localhost/") viper.Set(configuration.ViperKeyDefaultIdentityTraitsSchemaURL, "file://./stub/stub.schema.json") @@ -27,7 +27,7 @@ func TestSessionIssuer(t *testing.T) { var r http.Request h := hook.NewSessionIssuer(reg) - t.Run("method=sign-in", func(t *testing.T) { + t.Run("method=ExecuteLoginPostHook", func(t *testing.T) { w := httptest.NewRecorder() sid := x.NewUUID() From f6ff26109d1c7f1303148df3e798ef4a15c27b9e Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 17:59:45 +0530 Subject: [PATCH 10/27] Testcase Added for SessionDestroyer --- selfservice/hook/session_destroyer_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 63b6a4642add..5ffe1c1be83f 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -33,6 +33,10 @@ func TestSessionDestroyer(t *testing.T) { i := identity.NewIdentity("") require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) + err := reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid, Identity: i})) + require.NoError(t, err) + err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid, Identity: i})) + require.NoError(t, err) require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) got, err := reg.SessionPersister().GetSession(context.Background(), sid) From efb6be64e3273d0612b14f0330608245d888a9a2 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 18:11:21 +0530 Subject: [PATCH 11/27] Testcase updated for SessionDestroyer --- selfservice/hook/session_destroyer_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 5ffe1c1be83f..54dc4a18ffcb 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -17,6 +17,7 @@ import ( "github.com/ory/kratos/selfservice/hook" "github.com/ory/kratos/session" "github.com/ory/kratos/x" + "github.com/ory/x/sqlcon" ) func TestSessionDestroyer(t *testing.T) { @@ -39,9 +40,8 @@ func TestSessionDestroyer(t *testing.T) { require.NoError(t, err) require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) - got, err := reg.SessionPersister().GetSession(context.Background(), sid) - require.NoError(t, err) - assert.NoEqual(t, sid, got.ID) // check if session not exist + _, err := reg.SessionPersister().GetSession(context.Background(), sid) + assert.EqualError(t, err, sqlcon.ErrNoRows) }) } From ee32a48d329b05d092ec56741d4a0448b75cb14c Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 18:15:39 +0530 Subject: [PATCH 12/27] Testcase added for DeleteSessionFor --- session/persistence.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/session/persistence.go b/session/persistence.go index f70e20f0c8e4..44592d7370b3 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -10,6 +10,7 @@ import ( "github.com/stretchr/testify/require" "github.com/ory/viper" + "github.com/ory/x/sqlcon" "github.com/ory/kratos/driver/configuration" "github.com/ory/kratos/identity" @@ -78,5 +79,16 @@ func TestPersister(p interface { _, err := p.GetSession(context.Background(), expected.ID) require.Error(t, err) }) + + t.Run("case=delete session for", func(t *testing.T) { + var expected Session + require.NoError(t, faker.FakeData(&expected)) + require.NoError(t, p.CreateIdentity(context.Background(), expected.Identity)) + require.NoError(t, p.CreateSession(context.Background(), &expected)) + + require.NoError(t, p.DeleteSessionFor(context.Background(), expected.ID)) + _, err := p.GetSession(context.Background(), expected.ID) + assert.EqualError(t, err, sqlcon.ErrNoRows) + }) } } From bfef3667bdbe4628c46e1515cc8c16724eb6a0b8 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 18:17:40 +0530 Subject: [PATCH 13/27] Testcase updated for DeleteSessionFor --- session/persistence.go | 1 + 1 file changed, 1 insertion(+) diff --git a/session/persistence.go b/session/persistence.go index 44592d7370b3..1173ae17546e 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -85,6 +85,7 @@ func TestPersister(p interface { require.NoError(t, faker.FakeData(&expected)) require.NoError(t, p.CreateIdentity(context.Background(), expected.Identity)) require.NoError(t, p.CreateSession(context.Background(), &expected)) + require.NoError(t, p.CreateSession(context.Background(), &expected)) require.NoError(t, p.DeleteSessionFor(context.Background(), expected.ID)) _, err := p.GetSession(context.Background(), expected.ID) From c9306c4ed803b623e404609066618ecabe8f3d4f Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 18:23:40 +0530 Subject: [PATCH 14/27] Fix syntax error for testcases SessionDestroyer & DeleteSessionsFor --- selfservice/hook/session_destroyer_test.go | 3 +-- session/persistence.go | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 54dc4a18ffcb..bd7fd789f286 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -17,7 +17,6 @@ import ( "github.com/ory/kratos/selfservice/hook" "github.com/ory/kratos/session" "github.com/ory/kratos/x" - "github.com/ory/x/sqlcon" ) func TestSessionDestroyer(t *testing.T) { @@ -41,7 +40,7 @@ func TestSessionDestroyer(t *testing.T) { require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) _, err := reg.SessionPersister().GetSession(context.Background(), sid) - assert.EqualError(t, err, sqlcon.ErrNoRows) + require.Error(t, err) }) } diff --git a/session/persistence.go b/session/persistence.go index 1173ae17546e..0f34641d93f5 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -10,7 +10,6 @@ import ( "github.com/stretchr/testify/require" "github.com/ory/viper" - "github.com/ory/x/sqlcon" "github.com/ory/kratos/driver/configuration" "github.com/ory/kratos/identity" @@ -87,9 +86,9 @@ func TestPersister(p interface { require.NoError(t, p.CreateSession(context.Background(), &expected)) require.NoError(t, p.CreateSession(context.Background(), &expected)) - require.NoError(t, p.DeleteSessionFor(context.Background(), expected.ID)) + require.NoError(t, p.DeleteSessionsFor(context.Background(), expected.ID)) _, err := p.GetSession(context.Background(), expected.ID) - assert.EqualError(t, err, sqlcon.ErrNoRows) + require.Error(t, err) }) } } From f46a156cd337d50843ff85dc9e7a8394019d3868 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 18:42:21 +0530 Subject: [PATCH 15/27] Added new post hook in registry_default_hooks --- driver/registry_default_hooks.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/driver/registry_default_hooks.go b/driver/registry_default_hooks.go index 13a664ef1d10..23b5a544a405 100644 --- a/driver/registry_default_hooks.go +++ b/driver/registry_default_hooks.go @@ -21,6 +21,11 @@ func (m *RegistryDefault) hooksPost(credentialsType identity.CredentialsType, co i, hook.NewSessionIssuer(m), ) + case hook.KeySessionDestroyer: + i = append( + i, + hook.NewSessionDestroyer(m), + ) case hook.KeyRedirector: var rc struct { R string `json:"default_redirect_url"` From 8ff2dd45fb77e383722478d1ba52bb0de1158fb9 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 21:12:32 +0530 Subject: [PATCH 16/27] PostHook added for registration --- selfservice/hook/session_destroyer.go | 1 + 1 file changed, 1 insertion(+) diff --git a/selfservice/hook/session_destroyer.go b/selfservice/hook/session_destroyer.go index cccab461c8c9..f89159f68dc1 100644 --- a/selfservice/hook/session_destroyer.go +++ b/selfservice/hook/session_destroyer.go @@ -9,6 +9,7 @@ import ( ) var _ login.PostHookExecutor = new(SessionDestroyer) +var _ registration.PostHookExecutor = new(SessionIssuer) type sessionDestroyerDependencies interface { session.ManagementProvider From 11222acf1d02fd0b9728950dcd4f95c94346d565 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 21:20:24 +0530 Subject: [PATCH 17/27] Fix typo error --- docs/.kratos.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/.kratos.yaml b/docs/.kratos.yaml index c28e6a85d591..73643cd14851 100644 --- a/docs/.kratos.yaml +++ b/docs/.kratos.yaml @@ -68,14 +68,14 @@ selfservice: after: password: - run: session - - run: revoke_active_sesions + - run: revoke_active_sessions - run: redirect config: default_redirect_url: http://test.kratos.ory.sh:4000/ allow_user_defined_redirect: true oidc: - run: session - - run: revoke_active_sesions + - run: revoke_active_sessions - run: redirect config: default_redirect_url: http://test.kratos.ory.sh:4000/ From f87b120a4c94c53a839c9d6ced67a39457949158 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 21:21:26 +0530 Subject: [PATCH 18/27] Remove ExecWithCount with Exec --- persistence/sql/persister_session.go | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/persistence/sql/persister_session.go b/persistence/sql/persister_session.go index d8031ad0c61b..1b5514c4e3b4 100644 --- a/persistence/sql/persister_session.go +++ b/persistence/sql/persister_session.go @@ -4,7 +4,6 @@ import ( "context" "github.com/gofrs/uuid" - "github.com/pkg/errors" "github.com/ory/x/sqlcon" @@ -30,12 +29,9 @@ func (p *Persister) DeleteSession(ctx context.Context, sid uuid.UUID) error { } func (p *Persister) DeleteSessionsFor(ctx context.Context, sid uuid.UUID) error { - count, err := p.c.RawQuery("DELETE FROM sessions WHERE identity_id =?", sid).ExecWithCount() + count, err := p.c.RawQuery("DELETE FROM sessions WHERE identity_id =?", sid).Exec() if err != nil { return sqlcon.HandleError(err) } - if count == 0 { - return errors.WithStack(sqlcon.ErrNoRows) - } return nil } From 74f224890099de763071cf543062bcaa5c8a2677 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 21:26:19 +0530 Subject: [PATCH 19/27] Testcase update to test session_destroyer --- selfservice/hook/session_destroyer_test.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index bd7fd789f286..30cf130b95a5 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -29,17 +29,18 @@ func TestSessionDestroyer(t *testing.T) { t.Run("method=ExecuteLoginPostHook", func(t *testing.T) { w := httptest.NewRecorder() - sid := x.NewUUID() + sid1 := x.NewUUID() + sid2 := x.NewUUID() i := identity.NewIdentity("") require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) - err := reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid, Identity: i})) + err := reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid1, Identity: i})) require.NoError(t, err) - err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid, Identity: i})) + err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid2, Identity: i})) require.NoError(t, err) require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) - _, err := reg.SessionPersister().GetSession(context.Background(), sid) + _, err := reg.SessionPersister().GetSession(context.Background(), i) require.Error(t, err) }) From 0e9dd4d4731b3f5c30c1de591952b5280730a9ee Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 21:36:49 +0530 Subject: [PATCH 20/27] Syntax error fix in DeleteSessionsFor sql query --- persistence/sql/persister_session.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/persistence/sql/persister_session.go b/persistence/sql/persister_session.go index 1b5514c4e3b4..8956dc57fe90 100644 --- a/persistence/sql/persister_session.go +++ b/persistence/sql/persister_session.go @@ -29,8 +29,7 @@ func (p *Persister) DeleteSession(ctx context.Context, sid uuid.UUID) error { } func (p *Persister) DeleteSessionsFor(ctx context.Context, sid uuid.UUID) error { - count, err := p.c.RawQuery("DELETE FROM sessions WHERE identity_id =?", sid).Exec() - if err != nil { + if err := p.c.RawQuery("DELETE FROM sessions WHERE identity_id =?", sid).Exec(); err != nil { return sqlcon.HandleError(err) } return nil From 0c1653ada4834b3b48750784e1c3aee78f3634f5 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 22:06:43 +0530 Subject: [PATCH 21/27] Testcase updated for session_destroyer & ExecuteLoginPostHook --- selfservice/hook/session_destroyer_test.go | 4 +++- session/persistence.go | 22 +++++++++++++++------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index 30cf130b95a5..c07703857ff4 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -40,7 +40,9 @@ func TestSessionDestroyer(t *testing.T) { require.NoError(t, err) require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) - _, err := reg.SessionPersister().GetSession(context.Background(), i) + _, err := reg.SessionPersister().GetSession(context.Background(), sid1) + require.Error(t, err) + _, err := reg.SessionPersister().GetSession(context.Background(), sid2) require.Error(t, err) }) diff --git a/session/persistence.go b/session/persistence.go index 0f34641d93f5..7f082b46a002 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -80,14 +80,22 @@ func TestPersister(p interface { }) t.Run("case=delete session for", func(t *testing.T) { - var expected Session - require.NoError(t, faker.FakeData(&expected)) - require.NoError(t, p.CreateIdentity(context.Background(), expected.Identity)) - require.NoError(t, p.CreateSession(context.Background(), &expected)) - require.NoError(t, p.CreateSession(context.Background(), &expected)) + var expected1 Session + var expected2 Session + require.NoError(t, faker.FakeData(&expected1)) + require.NoError(t, p.CreateIdentity(context.Background(), expected1.Identity)) - require.NoError(t, p.DeleteSessionsFor(context.Background(), expected.ID)) - _, err := p.GetSession(context.Background(), expected.ID) + require.NoError(t, p.CreateSession(context.Background(), &expected1)) + + require.NoError(t, faker.FakeData(&expected2)) + expected2.Identity = expected1.Identity + expected2.IdentityID = expected1.IdentityID + require.NoError(t, p.CreateSession(context.Background(), &expected2)) + + require.NoError(t, p.DeleteSessionsFor(context.Background(), identity.ID)) + _, err := p.GetSession(context.Background(), expected1.ID) + require.Error(t, err) + _, err := p.GetSession(context.Background(), expected2.ID) require.Error(t, err) }) } From 7bcf0edd12ca6b32ec8caa73752848e361029190 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 22:09:00 +0530 Subject: [PATCH 22/27] Fix type error revoke_active_sessions --- selfservice/hook/hooks.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/selfservice/hook/hooks.go b/selfservice/hook/hooks.go index 18b4fcef10ad..28b13fe6392d 100644 --- a/selfservice/hook/hooks.go +++ b/selfservice/hook/hooks.go @@ -3,5 +3,5 @@ package hook const ( KeySessionIssuer = "session" KeyRedirector = "redirect" - KeySessionDestroyer = "revoke_active_sesions" + KeySessionDestroyer = "revoke_active_sessions" ) From dc508a75c24a2b6a69e12c0363a2e3884d365cf1 Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 22:10:44 +0530 Subject: [PATCH 23/27] Fix type error in session/persistence.go --- session/persistence.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/session/persistence.go b/session/persistence.go index 7f082b46a002..32ad90c01b7c 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -92,7 +92,7 @@ func TestPersister(p interface { expected2.IdentityID = expected1.IdentityID require.NoError(t, p.CreateSession(context.Background(), &expected2)) - require.NoError(t, p.DeleteSessionsFor(context.Background(), identity.ID)) + require.NoError(t, p.DeleteSessionsFor(context.Background(), expected2.IdentityID)) _, err := p.GetSession(context.Background(), expected1.ID) require.Error(t, err) _, err := p.GetSession(context.Background(), expected2.ID) From a1bcc3ba0da4c4e20e88772cb30faee4f69fd5eb Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Wed, 11 Dec 2019 22:12:41 +0530 Subject: [PATCH 24/27] Fix type error in session/persistence.go --- session/persistence.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/session/persistence.go b/session/persistence.go index 32ad90c01b7c..150424a96e3d 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -95,7 +95,7 @@ func TestPersister(p interface { require.NoError(t, p.DeleteSessionsFor(context.Background(), expected2.IdentityID)) _, err := p.GetSession(context.Background(), expected1.ID) require.Error(t, err) - _, err := p.GetSession(context.Background(), expected2.ID) + _, err = p.GetSession(context.Background(), expected2.ID) require.Error(t, err) }) } From ec0d0c17a1ecc54e91fcd7cdc0985b437419cc7b Mon Sep 17 00:00:00 2001 From: Yuvraj <10830562+evalsocket@users.noreply.github.com> Date: Wed, 11 Dec 2019 22:36:36 +0530 Subject: [PATCH 25/27] Update session/persistence.go Co-Authored-By: hackerman <3372410+aeneasr@users.noreply.github.com> --- session/persistence.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/session/persistence.go b/session/persistence.go index 150424a96e3d..88e389d78761 100644 --- a/session/persistence.go +++ b/session/persistence.go @@ -30,7 +30,7 @@ type Persister interface { // Delete removes a session from the store DeleteSession(ctx context.Context, sid uuid.UUID) error - // Delete removes a session the store + // DeleteSessionsFor removes all active session from the store for the given identity. DeleteSessionsFor(ctx context.Context, sid uuid.UUID) error } From f5f8d0a3119711780be10c4f81902d767c923cc5 Mon Sep 17 00:00:00 2001 From: Yuvraj <10830562+evalsocket@users.noreply.github.com> Date: Thu, 12 Dec 2019 14:48:18 +0530 Subject: [PATCH 26/27] Fix SessionDestroyer test error undefined sid --- selfservice/hook/session_destroyer_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index c07703857ff4..b8280f8aaf25 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -38,7 +38,7 @@ func TestSessionDestroyer(t *testing.T) { require.NoError(t, err) err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid2, Identity: i})) require.NoError(t, err) - require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid, Identity: i})) + require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid1, Identity: i})) _, err := reg.SessionPersister().GetSession(context.Background(), sid1) require.Error(t, err) From 3b579b8b2c802cb4e63f2676a430f9f0b6d49066 Mon Sep 17 00:00:00 2001 From: Yuvraj <10830562+evalsocket@users.noreply.github.com> Date: Thu, 12 Dec 2019 18:19:17 +0530 Subject: [PATCH 27/27] Fix error in TestSessionDestroyer --- selfservice/hook/session_destroyer_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/selfservice/hook/session_destroyer_test.go b/selfservice/hook/session_destroyer_test.go index b8280f8aaf25..e7e2e40f599b 100644 --- a/selfservice/hook/session_destroyer_test.go +++ b/selfservice/hook/session_destroyer_test.go @@ -34,9 +34,9 @@ func TestSessionDestroyer(t *testing.T) { i := identity.NewIdentity("") require.NoError(t, reg.IdentityPool().CreateIdentity(context.Background(), i)) - err := reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid1, Identity: i})) + err := reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid1, Identity: i}) require.NoError(t, err) - err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid2, Identity: i})) + err = reg.SessionPersister().CreateSession(context.Background(), &session.Session{ID: sid2, Identity: i}) require.NoError(t, err) require.NoError(t, h.ExecuteLoginPostHook(w, &r, nil, &session.Session{ID: sid1, Identity: i}))