Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Registration flow fixed #23064

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mposolda merged 6 commits into from
Sep 8, 2023
Merged

Registration flow fixed #23064

mposolda merged 6 commits into from
Sep 8, 2023

Conversation

@mposolda
Copy link
Contributor

@mposolda mposolda commented Sep 7, 2023
edited by ahus1
Loading

Closes #17644
Closes #21514

This is different version of the PR #19556

@ahus1 @sguilhen @vilmosnagy Please see my comment here for the details #19556 (comment)

@mposolda mposolda requested review from a team as code owners September 7, 2023 14:20
@mposolda mposolda requested a review from a team September 7, 2023 14:20
@mposolda mposolda requested a review from a team as a code owner September 7, 2023 14:20
@mposolda mposolda mentioned this pull request Sep 7, 2023
Closed
@mposolda mposolda self-assigned this Sep 7, 2023
@mposolda mposolda requested review from ahus1 and sguilhen September 7, 2023 14:22
ahus1
ahus1 approved these changes Sep 7, 2023
View reviewed changes
Copy link
Contributor

@ahus1 ahus1 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @mposolda - I've testing this change and I see that the registration page doesn't show any more, which is a great UX improvement. Looking at the code, it is still checked on submission, so we're extra safe here.

Changes should be squashed once they are merged.

@ahus1
Copy link
Contributor

ahus1 commented Sep 7, 2023

@mposolda - might be a good idea to mark issue #21514 to be backported to KC22 once this is merged, leaving the decision to you as it is core releated.

@ahus1 ahus1 self-assigned this Sep 7, 2023
@vilmosnagy
Copy link
Contributor

vilmosnagy commented Sep 7, 2023

@mposolda looks great, thanks for all the changes.

One small question though: shouldn't the whole registration flow run in one transaction? If an Exception happens in any "step" (either builtin or custom flow step) of them is it a correct state that we end in? Is there any way to handle rollbacks then?

@mposolda
Copy link
Contributor Author

mposolda commented Sep 8, 2023

@ahus1 Thanks! Would you please mind to approve if it looks good to you?

@vilmosnagy The default registration flow runs in one transaction by default after click "Register" button AFAIK. Or more accurately, I think that it works like this:

  • When the user clicks Register on login screen and the registration form is shown, there is call to buildPage for all FormAction steps under the registration form top subflow. This all happens in one transaction
  • When user fills the form and clicks Register button, there is another transaction where all the validate and success steps of all FormAction are triggered.

So typically, there is one transaction for each HTTP request.

It is possible to re-configure registration flow to involve multiple transactions if administrator decides to add multiple steps under top flow (EG. if he wants something like "wizard" of multiple steps for registering user) and in this case it could be multiple transactions.

I think that throwing AuthenticationFlowException doesn't mean rollback of transaction, which is likely also why the user was created in DB. As a follow-up, we can consider throwing an AuthenticationFlowException to also do transaction rollback though, however I am not yet sure about all the side-effects on this, so it currently doesn't work this way. Especially during normal authentication, there are also updates to authenticationSession and we need to make sure that those are not lost. In other words, even if some step in the authentication flow is not successful - like for instance user failed to add proper username/password - the authenticationSession may still need to be updated in the particular HTTP request.)

@mposolda mposolda merged commit 506e253 into keycloak:main Sep 8, 2023
mposolda added a commit to mposolda/keycloak that referenced this pull request Sep 8, 2023
@mposolda @vilmosnagy @ahus1
Registration flow fixed (keycloak#23064)
efb3e9f 
Closes keycloak#21514

Co-authored-by: Vilmos Nagy <[email protected]>
Co-authored-by: Alexander Schwartz <[email protected]>
Co-authored-by: Marek Posolda <[email protected]>
(cherry picked from commit 506e253)
@mposolda mposolda mentioned this pull request Sep 8, 2023
Merged
mposolda added a commit that referenced this pull request Sep 8, 2023
@mposolda @vilmosnagy @ahus1
Registration flow fixed (#23064)
47b97b9 
Closes #21514

Co-authored-by: Vilmos Nagy <[email protected]>
Co-authored-by: Alexander Schwartz <[email protected]>
Co-authored-by: Marek Posolda <[email protected]>
(cherry picked from commit 506e253)
@vilmosnagy
Copy link
Contributor

vilmosnagy commented Sep 8, 2023

I think that throwing AuthenticationFlowException doesn't mean rollback of transaction, which is likely also why the user was created in DB.

Thanks, that answer's all my questions.

@stianst stianst mentioned this pull request Sep 11, 2023
Closed
@stianst stianst mentioned this pull request Nov 14, 2023
Closed
@stianst stianst mentioned this pull request May 6, 2024
Merged
@vilmosnagy vilmosnagy mentioned this pull request Sep 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ahus1 ahus1 ahus1 approved these changes

@sguilhen sguilhen Awaiting requested review from sguilhen

Assignees

@mposolda mposolda

@ahus1 ahus1

Labels

team/cloud-native

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Can create a user without the registration flow finished properly (reopened #17644) Can create a user without the registration flow finished properly

3 participants

@mposolda @ahus1 @vilmosnagy