kratos-selfservice-ui-react-nextjs icon indicating copy to clipboard operation
kratos-selfservice-ui-react-nextjs copied to clipboard

Published 20 hours ago verified publisher icon ory

Problem with return_to and default_browser_return_url

Open lukaszxion opened this issue 2 years ago • 1 comments

In this reference React/NextJS implementation the configured overrides default_browser_return_url are not used.

    registration:
      lifespan: 10m
      ui_url: http://127.0.0.1:3000/registration
      after:
        default_browser_return_url: http://127.0.0.1:3000/registration/activation

In a registration flow the redirect at the end of the flow happens only if the return_to query param is set.

The NodeJs reference implementation gets redirected (by HTTP 303 with Location header) just fine. However, here the JSON property return_to in response for GET http://127.0.0.1:3000/api/.ory/self-service/registration/browser is not set from default_browser_return_url.

Is this a bug? If this is the correct behaviour then where is it documented? Should the frontend always set the return_to query param in all flows?

lukaszxion avatar Dec 09 '22 09:12 lukaszxion

I don't have this issue with registration, but it's an issue with verification on my end.

Self-hosting and here's my contrib/kratos/cloud/kratos.yml:

version: v0.8.0-alpha.3

dsn: memory

serve:
  public:
    base_url: http://localhost:4455/
    cors:
      enabled: true
  admin:
    base_url: http://kratos:4434/

selfservice:
  default_browser_return_url: http://localhost:4455/
  allowed_return_urls:
    - http://localhost:4455

  methods:
    password:
      enabled: true

  flows:
    error:
      ui_url: http://localhost:4455/error

    settings:
      ui_url: http://localhost:4455/settings
      privileged_session_max_age: 15m

    recovery:
      enabled: true
      ui_url: http://localhost:4455/recovery

    verification:
      enabled: true
      ui_url: http://localhost:4455/verification
      after:
        default_browser_return_url: http://localhost:4455

    logout:
      after:
        default_browser_return_url: http://localhost:4455/login

    login:
      ui_url: http://localhost:4455/login

    registration:
      ui_url: http://localhost:4455/registration
      after:
        password:
          hooks:
            -
              hook: session

log:
  level: info
  format: text

secrets:
  cookie:
    - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE

hashers:
  algorithm: bcrypt
  bcrypt:
    cost: 8

identity:
  default_schema_id: preset://email
  schemas:
    - id: preset://email
      url: file:///etc/config/kratos/identity.schema.json

courier:
  smtp:
    connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true

I changed the quickstart.yml to not use Caddy/the self-service ui node:

version: '3.7'

services:
  kratos:
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./contrib/quickstart/kratos/cloud
        target: /etc/config/kratos
  kratos-migrate:
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./contrib/quickstart/kratos/cloud
        target: /etc/config/kratos

So, when I run the Next.js UI on port 4455, all redirects work except after entering the verification code.

The link in the mail server is also wrong:

http://localhost:4455/self-service/verification?code=224134&flow=8e3eba95-1287-4fa7-945f-51d93c03a02c just leads to 404.

Fix:

I had the wrong source filepaths in my quickstart.yml (I had a separate folder for my configs contrib/kratos/custom-ui. Redirects now are properly updated! But, the mail server link still doesn't work :(

  • If I set the mail server link to port 4433 (to point to the kratos API), then it works.

jchen42703 avatar Dec 22 '22 02:12 jchen42703