fix: always issue session after verification after registration

ory · Aug 30, 2023 · e505f04 · e505f04
1 parent dda19e8
commit e505f04
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 6 deletions.
diff --git a/selfservice/flow/registration/hook.go b/selfservice/flow/registration/hook.go
@@ -172,7 +172,8 @@ func (e *HookExecutor) PostRegistrationHook(w http.ResponseWriter, r *http.Reque
 		return err
 	}
 
-	if err != nil {
+	// We persist the session here so that subsequent hooks (like verification) can use it.
+	if err := e.d.SessionPersister().UpsertSession(r.Context(), s); err != nil {
 		return err
 	}
 

diff --git a/selfservice/flow/verification/handler.go b/selfservice/flow/verification/handler.go
@@ -463,6 +463,20 @@ func (h *Handler) updateVerificationFlow(w http.ResponseWriter, r *http.Request,
 				return
 			}
 
+			if _, err = h.d.SessionManager().FetchFromRequest(ctx, r); errors.As(err, session.NewErrNoActiveSessionFound()) {
+				// No session was set yet for this request, but we need a session for the consent UI.
+				sess, err := h.d.SessionPersister().GetSession(ctx, f.SessionID.UUID, session.ExpandDefault)
+				if err != nil {
+					h.d.VerificationFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
+					return
+				}
+				err = h.d.SessionManager().IssueCookie(ctx, w, r, sess)
+				if err != nil {
+					h.d.VerificationFlowErrorHandler().WriteFlowError(w, r, f, node.DefaultGroup, err)
+					return
+				}
+			}
+
 			http.Redirect(w, r, callbackURL, http.StatusSeeOther)
 			return
 		}

diff --git a/selfservice/flow/verification/handler_test.go b/selfservice/flow/verification/handler_test.go
@@ -20,11 +20,9 @@ import (
 
 	"github.com/ory/kratos/driver/config"
 	"github.com/ory/kratos/hydra"
-	"github.com/ory/kratos/identity"
 	"github.com/ory/kratos/internal"
 	"github.com/ory/kratos/internal/testhelpers"
 	"github.com/ory/kratos/selfservice/flow/verification"
-	"github.com/ory/kratos/session"
 	"github.com/ory/kratos/x"
 )
 
@@ -216,16 +214,18 @@ func TestPostFlow(t *testing.T) {
 
 	t.Run("suite=with OIDC login challenge", func(t *testing.T) {
 		t.Run("case=succeeds with a session", func(t *testing.T) {
+			s := testhelpers.CreateSession(t, reg)
+
 			f := &verification.Flow{
 				ID:                   uuid.Must(uuid.NewV4()),
 				Type:                 "browser",
 				ExpiresAt:            time.Now().Add(1 * time.Hour),
 				IssuedAt:             time.Now(),
 				OAuth2LoginChallenge: hydra.FakeValidLoginChallenge,
 				OAuth2LoginChallengeParams: verification.OAuth2LoginChallengeParams{
-					SessionID:  uuid.NullUUID{UUID: uuid.Must(uuid.NewV4()), Valid: true},
-					IdentityID: uuid.NullUUID{UUID: uuid.Must(uuid.NewV4()), Valid: true},
-					AMR:        session.AuthenticationMethods{{Method: identity.CredentialsTypePassword}},
+					SessionID:  uuid.NullUUID{UUID: s.ID, Valid: true},
+					IdentityID: uuid.NullUUID{UUID: s.IdentityID, Valid: true},
+					AMR:        s.AMR,
 				},
 			}
 			require.NoError(t, reg.VerificationFlowPersister().CreateVerificationFlow(ctx, f))