kratos
kratos copied to clipboard
Webhook problem in version v0.9.0-alpha
Preflight checklist
- [X] I could not find a solution in the existing issues, docs, nor discussions.
- [X] I agree to follow this project's Code of Conduct.
- [X] I have read and am following this repository's Contribution Guidelines.
- [ ] This issue affects my Ory Cloud project.
- [ ] I have joined the Ory Community Slack.
- [ ] I am signed up to the Ory Security Patch Newsletter.
Describe the bug
Webhook not working in "password" method in register flow, oicd flow still works. It happens when I put "session" key on the head of "hooks" array, but when I move "web_hook" go to the head of the array, so it's working. This is only a temporary resolution.
Reproducing the bug
- Set hooks in for "password" in the registration flow
- Using both web_hook and session key
- Put the "session" key on the top of the "hooks" array
- Go to the registration form and manual register 1 account.
- Tracking your web hook endpoint, it will not be received any request from kratos server.
Relevant log output
No response
Relevant configuration
registration:
ui_url:
after:
oidc:
hooks:
- hook: web_hook
config:
url: <your-endpoint>
method: POST
body: file:///etc/config/body.jsonnet
auth:
type: basic_auth
config:
user: 'user'
password: 'password'
response:
ignore: false
- hook: session
password:
hooks:
- hook: session
- hook: web_hook
config:
url: <your-endpoint>
method: POST
body: file:///etc/config/body.jsonnet
auth:
type: basic_auth
config:
user: 'user'
password: 'password'
response:
ignore: false
Version
v0.9.0-alpha from 1 to 3
On which operating system are you observing this issue?
Linux
In which environment are you deploying?
Docker
Additional Context
No response
Thank you for the report! I believe the problem is that some hooks exit early, canceling any follow up hooks.
I am also affected by this :/
How does your body.jsonnet
look?
@carlbordum the problem here is the order of the hooks, not the body JsonNet!
For me, this is also an issue regardless of order of the hooks
Then you’re facing a configuration issue most likely, please open a separate discussion or inquire on Slack, thanks!
https://github.com/ory/kratos/discussions
This also affects global hooks. Currently I think they are put after the flow specific hooks so it's not possible to do something like:
password:
hooks:
- hook: session
oidc:
hooks:
- hook: session
hooks:
- hook: web_hook
config:
url: http://host.docker.internal:6000/webhook/kratos/registration
method: POST
body: file:///etc/config/kratos/webhooks/registration.jsonnet
And since it's not possible to put session
in global hooks, it renders them pretty much useless.
Specific hooks will always override global hooks. They are not merged! If you do distinguish between the two, please define the webhook in both as well :)