ory / kratos

Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!

Home Page:https://www.ory.sh/kratos/?utm_source=github&utm_medium=banner&utm_campaign=kratos

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

OpenAPI spec does not allow nullable `identity` in `session` model

ngc7293 opened this issue · comments

Preflight checklist

Ory Network Project

No response

Describe the bug

When contacting the PATCH /session/:id/extend endpoint, the identity field of the session object is not expanded and is serialized as null. This is does not align with the generated OpenAPI spec since null is not of type Identity.

This is especially problematic for autogenerated SDKs that will raise an unexpected error when deserializing the response.

Reproducing the bug

  1. docker compose -f quickstart up
  2. Using the Python SDK this code can systematically reproduce the issue:
from ory_kratos_client.api_client import ApiClient
from ory_kratos_client.configuration import Configuration
from ory_kratos_client.api.identity_api import IdentityApi
from ory_kratos_client.api.frontend_api import FrontendApi

from ory_kratos_client.model.create_identity_body import CreateIdentityBody
from ory_kratos_client.model.identity_with_credentials import IdentityWithCredentials
from ory_kratos_client.model.identity_with_credentials_password import IdentityWithCredentialsPassword
from ory_kratos_client.model.identity_with_credentials_password_config import IdentityWithCredentialsPasswordConfig
from ory_kratos_client.model.update_login_flow_body import UpdateLoginFlowBody

public = FrontendApi(ApiClient(Configuration(host="http://localhost:4433")))
admin = IdentityApi(ApiClient(Configuration(host="http://localhost:4434")))

identity = admin.create_identity(create_identity_body=CreateIdentityBody(
    schema_id="default",
    traits={
        "email": "test@example.com",
        "name": {
            "first": "Foo",
            "last": "bar"
        },
    },
    credentials=IdentityWithCredentials(
        password=IdentityWithCredentialsPassword(
            config=IdentityWithCredentialsPasswordConfig(
                password="password"
            )
        )
    )
))


flow = public.create_native_login_flow()
login = public.update_login_flow(
    flow=flow.id,
    update_login_flow_body=UpdateLoginFlowBody(
        method="password",
        identifier="test@example.com",
        password="password"
    )
)

try:
    admin.extend_session(login.session.id)
except Exception as e:
    print(e)  # Will 

admin.delete_identity(identity.id)

The print statement will output

Invalid type for variable 'identity'. Required value type is Identity and passed type was NoneType at ['received_data']['identity']

Relevant log output

No response

Relevant configuration

No response

Version

master, 1.1.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Binary

Additional Context

No response