fix: return 400 instead of 404 on admin recovery

Closes #1664
ory · Feb 24, 2022 · 27891c2 · 27891c2
1 parent 7ceb1bc
commit 27891c2
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 3 deletions.
diff --git a/selfservice/strategy/link/strategy_recovery.go b/selfservice/strategy/link/strategy_recovery.go
@@ -121,8 +121,8 @@ type selfServiceRecoveryLink struct {
 //
 //     Responses:
 //       200: selfServiceRecoveryLink
-//       404: jsonError
 //       400: jsonError
+//       404: jsonError
 //       500: jsonError
 func (s *Strategy) createRecoveryLink(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 	var p adminCreateSelfServiceRecoveryLinkBody
@@ -159,10 +159,14 @@ func (s *Strategy) createRecoveryLink(w http.ResponseWriter, r *http.Request, _
 	}
 
 	id, err := s.d.IdentityPool().GetIdentity(r.Context(), p.IdentityID)
-	if err != nil {
+	if errors.Is(err, herodot.ErrNotFound) {
+		s.d.Writer().WriteError(w, r, errors.WithStack(herodot.ErrBadRequest.WithReasonf("The requested identity id does not exist.").WithWrap(err)))
+		return
+	} else if err != nil {
 		s.d.Writer().WriteError(w, r, err)
 		return
 	}
+
 	token := NewRecoveryToken(id.ID, expiresIn)
 	if err := s.d.RecoveryTokenPersister().CreateRecoveryToken(r.Context(), token); err != nil {
 		s.d.Writer().WriteError(w, r, err)

diff --git a/selfservice/strategy/link/strategy_recovery_test.go b/selfservice/strategy/link/strategy_recovery_test.go
@@ -93,7 +93,7 @@ func TestAdminStrategy(t *testing.T) {
 			IdentityId: x.NewUUID().String(),
 		}).Execute()
 		require.IsType(t, err, new(kratos.GenericOpenAPIError), "%T", err)
-		assert.EqualError(t, err.(*kratos.GenericOpenAPIError), "404 Not Found")
+		assert.EqualError(t, err.(*kratos.GenericOpenAPIError), "400 Bad Request")
 	})
 
 	t.Run("description=should create a valid recovery link without email", func(t *testing.T) {