Giters

ory / kratos

The most scalable and customizable identity server on the market. Replace your Homegrown, Auth0, Okta, Firebase with better UX and DX. Has all the tablestakes: Passkeys, Social Sign In, Multi-Factor Auth, SMS, SAML, TOTP, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

Home Page:https://www.ory.sh/?utm_source=github&utm_medium=banner&utm_campaign=kratos

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Kratos Java client 1.1.0 throws exception on parsing response from `updateRegistrationFlow`

kamilkloch opened this issue · comments

commented

Preflight checklist

Ory Network Project

No response

Describe the bug

Kratos Java client 1.1.0 throws exception on parsing response from updateRegistrationFlow.

Reproducing the bug

val registrationFlow = frontendApi.createNativeRegistrationFlow(false, null)

Kratos logs (all OK, 200):

{"http_request":{"headers":{"accept":"application/json","accept-encoding":"gzip","connection":"close","user-agent":"OpenAPI-Generator/v1.1.0/java","x-forwarded-for":"192.168.93.61","x-forwarded-port":"443","x-forwarded-proto":"https"},"host":"_redacted_","method":"GET","path":"/self-service/registration/api","query":"return_session_token_exchange_code=false","remote":"172.19.0.11:35398","scheme":"http"},"level":"info","msg":"started handling request","time":"2024-03-08T08:55:02.21148157Z"}
[cors] 2024/03/08 08:55:02 ServeHTTP: Actual request
[cors] 2024/03/08 08:55:02   Actual request no headers added: missing origin
{"http_request":{"headers":{"accept":"application/json","accept-encoding":"gzip","connection":"close","user-agent":"OpenAPI-Generator/v1.1.0/java","x-forwarded-for":"192.168.93.61","x-forwarded-port":"443","x-forwarded-proto":"https"},"host":"_redacted_","method":"GET","path":"/self-service/registration/api","query":"return_session_token_exchange_code=false","remote":"172.19.0.11:35398","scheme":"http"},"http_response":{"headers":{"cache-control":"private, no-cache, no-store, must-revalidate","content-type":"application/json; charset=utf-8","vary":"Origin"},"size":1381,"status":200,"text_status":"OK","took":3820889},"level":"info","msg":"completed handling request","time":"2024-03-08T08:55:02.21528678Z"}


val flow = new UpdateRegistrationFlowBody(
      new UpdateRegistrationFlowWithPasswordMethod()
        .traits(...)
        .password(...)
        .method("password")
    )

frontendApi.updateRegistrationFlow(registrationFlow.getId, flow, null)

Kratos logs (all OK, 200):

{"http_request":{"headers":{"accept":"application/json","accept-encoding":"gzip","connection":"close","content-length":"91","content-type":"application/json; charset=utf-8","user-agent":"OpenAPI-Generator/v1.1.0/java","x-forwarded-for":"192.168.93.61","x-forwarded-port":"443","x-forwarded-proto":"https"},"host":"_redacted_","method":"POST","path":"/self-service/registration","query":"flow=2edb5990-62a3-4eb9-9448-43cc12168182","remote":"172.19.0.11:47624","scheme":"http"},"http_response":{"headers":{"cache-control":"private, no-cache, no-store, must-revalidate","content-type":"application/json; charset=utf-8","vary":"Origin"},"size":970,"status":200,"text_status":"OK","took":57765999},"level":"info","msg":"completed handling request","time":"2024-03-08T08:54:07.913009096Z"}

Java client fails to parse the response:

java.io.IOException: The JSON string is invalid for ContinueWith with oneOf schemas: ContinueWithRecoveryUi, ContinueWithSetOrySessionToken, ContinueWithSettingsUi, ContinueWithVerificationUi. 3 class(es) match the result, expected 1. Detailed failure message for oneOf schemas: [Deserialization for ContinueWithSetOrySessionToken failed with `The required field `ory_session_token` is not found in the JSON string: {"action":"show_verification_ui","flow":{"id":"de6aa395-89c2-4641-955c-385f6105737d","verifiable_address":"a@aubbxjxjner.com"}}`.]. JSON: {"action":"show_verification_ui","flow":{"id":"de6aa395-89c2-4641-955c-385f6105737d","verifiable_address":"a@aubbxjxjner.com"}}
com.google.gson.JsonSyntaxException: java.io.IOException: The JSON string is invalid for ContinueWith with oneOf schemas: ContinueWithRecoveryUi, ContinueWithSetOrySessionToken, ContinueWithSettingsUi, ContinueWithVerificationUi. 3 class(es) match the result, expected 1. Detailed failure message for oneOf schemas: [Deserialization for ContinueWithSetOrySessionToken failed with `The required field `ory_session_token` is not found in the JSON string: {"action":"show_verification_ui","flow":{"id":"de6aa395-89c2-4641-955c-385f6105737d","verifiable_address":"a@aubbxjxjner.com"}}`.]. JSON: {"action":"show_verification_ui","flow":{"id":"de6aa395-89c2-4641-955c-385f6105737d","verifiable_address":"a@aubbxjxjner.com"}}
	at com.google.gson.Gson.fromJson(Gson.java:1073)
	at com.google.gson.Gson.fromJson(Gson.java:1016)
	at com.google.gson.Gson.fromJson(Gson.java:959)
	at sh.ory.kratos.JSON.deserialize(JSON.java:374)
	at sh.ory.kratos.ApiClient.deserialize(ApiClient.java:847)
	at sh.ory.kratos.ApiClient.handleResponse(ApiClient.java:1057)
	at sh.ory.kratos.ApiClient.execute(ApiClient.java:981)
	at sh.ory.kratos.api.FrontendApi.updateRegistrationFlowWithHttpInfo(FrontendApi.java:4168)
	at sh.ory.kratos.api.FrontendApi.updateRegistrationFlow(FrontendApi.java:4142)

Relevant log output

No response

Relevant configuration

No response

Version

1.1.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Docker Compose

Additional Context

No response

commented

Would this be fixed by #3727 ?

commented

I would not know, we will see once it is merged. Hopefully soon.

commented

same happens for go client

commented

Quite a bit disappointing lack of follow-up on the broken kratos clients from the ory team.

commented

Hi, se appreciate help in fixing this as we lack Java experts and use an automated generator for this. Maybe upgrading the generator can already fix this!

commented

ps: For the Go client we have identified a fix

commented

And @kamilkloch we are actively working on this problem as you can see with several PRs and merges. So not sure what exactly you find disappointing but let's look at the facts.

commented

Are there perhaps any estimates on the patch release, or do you advise to generate the client from the sources?

commented

Hey @aeneasr - is there anything we can do to help move the Java client fix along? I commented here asking for visibility on where the PRs are which are being worked on, but got no response.

I'm not a Java person, but if there is something I can do to help I'd spend some time on it as our team is severely blocked by the inop Java SDK.

EDIT: And some visibility on what the Ory team is currently looking at/not looking at would help me focus effort.

commented

Is there any ETA of the fix?

commented

I was actually looking into it this morning, and I'm trying to understand why in ory/sdk#344 useOneOfDiscriminatorLookup is enabled to fix the Go SDK (#3807 (comment)) but not included in the Java config. I feel as though this should fix the issue but without direction from @aeneasr it's difficult to know whether this has been tried or not.

Similarly, I would be interested to know why in ory/sdk@c2fbcd5 the Java openapi-generator was downgraded from 7.4.0 to 7.3.0.

I will try to generate the SDK myself and see if the discriminator config makes a difference.

commented

So it appears to work for me by setting useOneOfDiscriminatorLookup. I'll open a PR in the sdk repo.