Is there example code that executes a password based non bro Ory Community #talk-kratos

Is there example code that executes a password-bas...

plain-lunch-50969

08/01/2022, 7:44 PM

Is there example code that executes a password-based non-browser login flow using the client-go API? This is the sample code, but it's pretty opaque.

Copy code

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    flow := "flow_example" // string | The Login Flow ID  The value for this parameter comes from `flow` URL Query parameter sent to your application (e.g. `/login?flow=abcde`).
    submitSelfServiceLoginFlowBody := openapiclient.submitSelfServiceLoginFlowBody{SubmitSelfServiceLoginFlowWithLookupSecretMethodBody: openapiclient.NewSubmitSelfServiceLoginFlowWithLookupSecretMethodBody("LookupSecret_example", "Method_example")} // SubmitSelfServiceLoginFlowBody | 
    xSessionToken := "xSessionToken_example" // string | The Session Token of the Identity performing the settings flow. (optional)
    cookie := "cookie_example" // string | HTTP Cookies  When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected. (optional)

    configuration := openapiclient.NewConfiguration()
    apiClient := openapiclient.NewAPIClient(configuration)
    resp, r, err := apiClient.V0alpha2Api.SubmitSelfServiceLoginFlow(context.Background()).Flow(flow).SubmitSelfServiceLoginFlowBody(submitSelfServiceLoginFlowBody).XSessionToken(xSessionToken).Cookie(cookie).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `V0alpha2Api.SubmitSelfServiceLoginFlow``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `SubmitSelfServiceLoginFlow`: SuccessfulSelfServiceLoginWithoutBrowser
    fmt.Fprintf(os.Stdout, "Response from `V0alpha2Api.SubmitSelfServiceLoginFlow`: %v\n", resp)
}

plain-lunch-50969

08/01/2022, 8:31 PM

Well this is not right as it crashes Kratos:

Copy code

cli := KratosPublicCli()

// init the flow
flow, r, err := cli.V0alpha2Api.InitializeSelfServiceLoginFlowWithoutBrowser(context.Background()).Execute()
if err != nil {
    // handle error
}

b := client.SubmitSelfServiceLoginFlowBody{
    SubmitSelfServiceLoginFlowWithPasswordMethodBody: &client.SubmitSelfServiceLoginFlowWithPasswordMethodBody{
        Password:   pw,
        Identifier: uid,
    },
}

login, resp, err := cli.V0alpha2Api.SubmitSelfServiceLoginFlow(context.Background()).Flow(flow.Id).SubmitSelfServiceLoginFlowBody(b).Execute()

plain-lunch-50969

08/01/2022, 8:35 PM

First few lines of the error stack:

Copy code

<http://github.com/ory/kratos/selfservice/flow/login.(*Handler).submitFlow|github.com/ory/kratos/selfservice/flow/login.(*Handler).submitFlow>            
        /project/selfservice/flow/login/handler.go:615                        
<http://github.com/ory/kratos/x.NoCacheHandle.func1|github.com/ory/kratos/x.NoCacheHandle.func1>                                   
        /project/x/nocache.go:18                                              
<http://github.com/ory/kratos/x.NoCacheHandle.func1|github.com/ory/kratos/x.NoCacheHandle.func1>                                   
        /project/x/nocache.go:18                                              
<http://github.com/julienschmidt/httprouter.(*Router).ServeHTTP|github.com/julienschmidt/httprouter.(*Router).ServeHTTP>                       
        /go/pkg/mod/github.com/julienschmidt/httprouter@v1.3.0/router.go:387  
<http://github.com/ory/nosurf.(*CSRFHandler).handleSuccess|github.com/ory/nosurf.(*CSRFHandler).handleSuccess>                            
        /go/pkg/mod/github.com/ory/nosurf@v1.2.7/handler.go:234

plain-lunch-50969

08/01/2022, 8:43 PM

The goal here is to login via a command line client.

red-machine-69654

08/01/2022, 9:22 PM

@plain-lunch-50969 you are almost there

red-machine-69654

08/01/2022, 9:22 PM

i think all you need is

Method: "password"

red-machine-69654

08/01/2022, 9:24 PM

use the flow you create (btw, check that error)

Copy code

ctx := context.TODO();
    result, _, err := a.client.V0alpha2Api.SubmitSelfServiceLoginFlow(ctx).Flow(flow.Id).SubmitSelfServiceLoginFlowBody(
		ory.SubmitSelfServiceLoginFlowWithPasswordMethodBodyAsSubmitSelfServiceLoginFlowBody(
			&ory.SubmitSelfServiceLoginFlowWithPasswordMethodBody{
				Method:     "password",
				Password:   password,
				Identifier: username,
			}),
	).Execute()

my import is:

Copy code

import(
  ory "<http://github.com/ory/client-go|github.com/ory/client-go>"
)

red-machine-69654

08/01/2022, 9:25 PM

yeah, the builder is a bit odd 🤷 — but it works

red-machine-69654

08/01/2022, 9:25 PM

i adapted most of this from the node example and use vscode's autocompletion 😄

plain-lunch-50969

08/01/2022, 10:20 PM

woo thanks till. I'll give that a shot. I suppose I assumed that password was implied by the

WithPassword

. Maybe that's an easy PR for Kratos.

plain-lunch-50969

08/01/2022, 10:22 PM

(I do check the flow error - just removed it for the paste into slack.)

plain-lunch-50969

08/01/2022, 10:24 PM

That did it @red-machine-69654. Thanks.

4 Views

Open in Slack

Previous Next