ss/profile: Improve success and error flows

This patch completes the profile management flow by implementing proper error and success states and adding several data integrity tests.

Closes #112

docs/api.swagger.json

@@ -335,18 +335,10 @@
  }
  }
  },
- "ErrorParser": {
+ "RWMutex": {
+ "description": "A RWMutex must not be copied after first use.\n\nIf a goroutine holds a RWMutex for reading and another goroutine might\ncall Lock, no goroutine should expect to be able to acquire a read lock\nuntil the initial read lock is released. In particular, this prohibits\nrecursive read locking. This is to ensure that the lock eventually becomes\navailable; a blocked Lock call excludes new readers from acquiring the\nlock.",
  "type": "object",
- "title": "ErrorParser is capable of parsing and processing errors."
- },
- "FieldSetter": {
- "type": "object"
- },
- "Resetter": {
- "type": "object"
- },
- "ValueSetter": {
- "type": "object"
+ "title": "A RWMutex is a reader/writer mutual exclusion lock.\nThe lock can be held by an arbitrary number of readers or a single writer.\nThe zero value for a RWMutex is an unlocked mutex."
  },
  "form": {
  "description": "HTMLForm represents a HTML Form. The container can work with both HTTP Form and JSON requests",
@@ -523,7 +515,7 @@
  "format": "date-time"
  },
  "id": {
- "description": "ID represents the request's unique ID. When performing the login flow, this\nrepresents the id in the login ui's query parameter: http://login-ui/?request=\u003cid\u003e",
+ "description": "ID represents the request's unique ID. When performing the login flow, this\nrepresents the id in the login ui's query parameter: http://\u003curls.login_ui\u003e/?request=\u003cid\u003e",
  "type": "string"
  },
  "issued_at": {
@@ -618,24 +610,32 @@
  "title": "Request presents a profile management request",
  "properties": {
  "expires_at": {
+ "description": "ExpiresAt is the time (UTC) when the request expires. If the user still wishes to update the profile,\na new request has to be initiated.",
  "type": "string",
  "format": "date-time"
  },
  "form": {
  "$ref": "#/definitions/form"
  },
  "id": {
+ "description": "ID represents the request's unique ID. When performing the profile management flow, this\nrepresents the id in the profile ui's query parameter: http://\u003curls.profile_ui\u003e?request=\u003cid\u003e",
  "type": "string"
  },
  "identity": {
  "$ref": "#/definitions/identity"
  },
  "issued_at": {
+ "description": "IssuedAt is the time (UTC) when the request occurred.",
  "type": "string",
  "format": "date-time"
  },
  "request_url": {
+ "description": "RequestURL is the initial URL that was requested from ORY Kratos. It can be used\nto forward information contained in the URL's path or query for example.",
  "type": "string"
+ },
+ "update_successful": {
+ "description": "UpdateSuccessful, if true, indicates that the profile has been updated successfully with the provided data.\nDone will stay true when repeatedly checking. If set to true, done will revert back to false only\nwhen a request with invalid (e.g. \"please use a valid phone number\") data was sent.",
+ "type": "boolean"
  }
  }
  },

identity/identity.go

@@ -58,6 +58,18 @@ func (i *Identity) SetCredentials(t CredentialsType, c Credentials) {
  i.Credentials[t] = c
 }
 
+func (i *Identity) CopyCredentials() map[CredentialsType]Credentials {
+ result := make(map[CredentialsType]Credentials)
+ for id, credential := range i.Credentials {
+ result[id] = Credentials{
+ ID: credential.ID,
+ Identifiers: append([]string{}, credential.Identifiers...),
+ Config: append([]byte{}, credential.Config...),
+ }
+ }
+ return result
+}
+
 func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool) {
  i.lock().RLock()
  defer i.lock().RUnlock()

identity/identity_test.go

@@ -1,9 +1,11 @@
 package identity
 
 import (
+ "encoding/json"
  "testing"
 
  "github.com/stretchr/testify/assert"
+ "github.com/stretchr/testify/require"
 )
 
 func TestNewIdentity(t *testing.T) {
@@ -13,3 +15,28 @@ func TestNewIdentity(t *testing.T) {
  assert.NotEmpty(t, i.Traits)
  assert.NotNil(t, i.Credentials)
 }
+
+func TestCopyCredentials(t *testing.T) {
+ i := NewIdentity("")
+ i.Credentials = map[CredentialsType]Credentials{
+ "foo": {
+ ID: "foo",
+ Identifiers: []string{"bar"},
+ Config: json.RawMessage(`{"foo":"bar"}`),
+ },
+ }
+
+ creds := i.CopyCredentials()
+ creds["bar"] = Credentials{
+ ID: "bar",
+ Identifiers: []string{"bar"},
+ Config: json.RawMessage(`{"foo":"bar"}`),
+ }
+
+ conf := creds["foo"].Config
+ require.NoError(t, json.Unmarshal([]byte(`{"bar":"bar"}`), &conf))
+
+ assert.Empty(t, i.Credentials["bar"])
+ assert.Equal(t, `{"foo":"bar"}`, string(i.Credentials["foo"].Config))
+ assert.Equal(t, `{"bar":"bar"}`, string(creds["foo"].Config))
+}

selfservice/flow/login/request.go

@@ -34,7 +34,7 @@ type RequestMethodConfig interface {
 // swagger:model loginRequest
 type Request struct {
  // ID represents the request's unique ID. When performing the login flow, this
- // represents the id in the login ui's query parameter: http://login-ui/?request=<id>
+ // represents the id in the login ui's query parameter: http://<urls.login_ui>/?request=<id>
  ID string `json:"id"`
 
  // ExpiresAt is the time (UTC) when the request expires. If the user still wishes to log in,