-
Notifications
You must be signed in to change notification settings - Fork 537
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor: Replace TOTP_NOT_ENABLED_ERROR status and make deviceName optional #729
Conversation
src/main/java/io/supertokens/webserver/api/totp/RemoveTotpDeviceAPI.java
Outdated
Show resolved
Hide resolved
@@ -2687,7 +2686,7 @@ public void insertUsedCode_Transaction(TransactionConnection con, TenantIdentifi | |||
Config.getConfig(this).getTotpUsersTable(), | |||
new String[]{"app_id", "user_id"}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see my comment in plugin interface PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe you're talking about replacing TotpNotEnabledError
with new UnknownUserIdError
. If yes, done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check and confirm.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
if (existingDevice.verified) { | ||
// device with same name exists and is verified | ||
// TODO: Should this recursion have a limit? | ||
return registerDeviceRecursive(appIdentifierWithStorage, device, ++counter); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return registerDeviceRecursive(appIdentifierWithStorage, device, ++counter); | |
return registerDeviceRecursive(appIdentifierWithStorage, device, counter+1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
if (existingDevice != null) { | ||
if (existingDevice.verified) { | ||
// device with same name exists and is verified | ||
// TODO: Should this recursion have a limit? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove TODO. Or then add a limit to recursion.. Please no PRs with TODOs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed
totpStorage.commitTransaction(con); | ||
return null; | ||
}); | ||
// TODO: Should this recursion have a limit? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
again, no TODOs..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed
// Find number of existing devices to set device name | ||
TOTPDevice[] devices = totpStorage.getDevices(appIdentifierWithStorage, userId); | ||
int verifiedDevicesCount = Arrays.stream(devices).filter(d -> d.verified).toArray().length; | ||
// device.deviceName = "TOTP Device " + (verifiedDevicesCount + 1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this comment here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed
@@ -95,30 +94,71 @@ public static TOTPDevice registerDevice(Main main, String userId, | |||
} | |||
} | |||
|
|||
private static TOTPDevice registerDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int counter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
private static TOTPDevice registerDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int counter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { | |
private static TOTPDevice registerDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int deviceNameCounter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
deviceNameCounter is a better name cause then it can be confused with recursion limiting counter (if someone adds that)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
1000; // (Default | ||
// 15 mins) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
comment is in two lines unnecessarily.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
@@ -374,7 +418,8 @@ public static void verifyCode(TenantIdentifierWithStorage tenantIdentifierWithSt | |||
// Check if the user has any devices: | |||
TOTPDevice[] devices = totpStorage.getDevices(tenantIdentifierWithStorage.toAppIdentifier(), userId); | |||
if (devices.length == 0) { | |||
throw new TotpNotEnabledException(); | |||
// No devices found. So we can't verify the code anyway. | |||
throw new InvalidTotpException(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe it's better to throw an UnknownUserIdTotpException, since the input to this API is also the userId
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would be an additional status code that is sent to the backend sdk
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
} catch (UnknownUserIdTotpException e) { | ||
// User must have deleted the device in parallel | ||
// since they cannot un-verify a device (no API exists) | ||
throw new InvalidTotpException(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe it's better to throw an UnknownUserIdTotpException, since the input to this API is also the userId
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -76,13 +70,10 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I | |||
tenantIdentifierWithStorage = getTenantIdentifierWithStorageFromRequest(req); | |||
} | |||
|
|||
Totp.verifyCode(tenantIdentifierWithStorage, main, userId, totp, allowUnverifiedDevices); | |||
Totp.verifyCode(tenantIdentifierWithStorage, main, userId, totp, false); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if we are never calling verifyCode with true, then we should just remove the allowUnverifiedDevices
boolean from the input of the function.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -2687,7 +2686,7 @@ public void insertUsedCode_Transaction(TransactionConnection con, TenantIdentifi | |||
Config.getConfig(this).getTotpUsersTable(), | |||
new String[]{"app_id", "user_id"}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check and confirm.
@@ -95,30 +94,71 @@ public static TOTPDevice registerDevice(Main main, String userId, | |||
} | |||
} | |||
|
|||
private static TOTPDevice registerDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int counter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
private static TOTPDevice registerDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int counter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { | |
private static TOTPDevice registerUnnamedDeviceRecursive(AppIdentifierWithStorage appIdentifierWithStorage, TOTPDevice device, int counter) throws StorageQueryException, DeviceAlreadyExistsException, TenantOrAppNotFoundException, StorageTransactionLogicException { |
TOTPSQLStorage totpStorage = appIdentifierWithStorage.getTOTPStorage(); | ||
|
||
if (deviceName != null) { | ||
totpStorage.createDevice(appIdentifierWithStorage, device); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if this throws a device already exists error, but that device is not verified, we just replace that with the input device.
* adds connection uri and tenant id based resource distributor * removes unnecessary file * adds a bunch of todos * adds storage layer function and also laod all configs function * implements core config merging across tenants * restructures code related to config checking in core * changes storage layer to take json instead of config file path * small refactor * adds ability to create new storage instances on the fly * in mem db function impl for user pool ID and config conflict checking * small change * adds checks for conflicting core configs * adds a few tests for multi tenant config * adds more tests * more tests * adds function to get connection pool ID * adds skeleton for loading storage layers for tenants * fixes compile error * adds code to load multiple storage layers as well * deletes info across all tenants during testing * adds one test for storage layer * fixes a test * fixes bug in setting resource in resource distributor * fixes bugs * loads signing keys for all tenants * fixes bug * adds new test and modifies the testing kill process to clear databases across mulitple user pools * implements more test * small change to formatting * small change to formatting * modifies cron jobs to run per unique user pool ID * fixes a few bugs * disallows different argon2 pool size across tenants * changes server api key check to be based on connection uri as well * adds function for getTenantId * modfies delete user API as well * makes tests compile * marked getStorageLayer older version as testonly * fixes a few tests * removes unused storage layer when loading them for all tenants * makes storagelayer.getAuthRecipeStorage testonly * makes storagelayer.getSession testonly * makes storagelayer.getEmailPasswordStorage testonly * makes storagelayer.getEmailVerificationStorage testonly * makes storagelayer.getThirdPartyStorage testonly * makes storagelayer.getPasswordlessStorage testonly * more updates to storage layer functions and reciope * completes all storage layer function changes * makes Config.getConfig testonly * implements custom routing class for api requests * fixes a few bugs * adds test cases * adds tenant not found logic * adds new exception * fixes all tests * removes unnecessary exception catching * fixes bug * adds test for path router * adds more tests * adds more tests * adds more tests * changes defaulttenantid to public * adds appId as a identifier for a unique tenant * adds extracting appId from request path * small change * fixes bug with extarcting tenantid with appid * fixes bug * adds more tests * starts working on multitenancy class and utils functions * more changes to multitenancy file * fixes a bug * small change * ads crud functions for multi tenancy * changes to use of quiteprogramexception from in mem db * adds skeleton for multitenancy functions in in mem db * adds a few todos * small change * small change * adds more functions to multi tenancy impl * adds multi tenancy functions to delete and get info * fixes tests * adds a few exception cases * updates exception import * small change to make debugging easier * fixes logging related issue in test * checks for permission when creating a new app * simplifies delete of app and connectionuridomain * adds sync to respirce distributor * small change * small changes * checks if multi tenancy is enabled in license key during tenant creation * adds FeatureNotEnabledException exception * small refactor * fixes deadlock condition * fixes in memory db issue * does deep equals in tenant refresh function * small change * adds more checks when adding or updating a tenant * adds tenantIdentifier for emailpassword and useridmapping recipes * enforces unique user pool id per connectionuridomain * small bug fix for refreshing cronjobs * makes cronjob run per user pool, but pass list of tenants within that pool to the doTask function * changes to incorporate tenantIndetifier for key value storage * changes to session receipe to add tenantIdentifier * adds a todo * introduces the concept of appIdentifier vs tenantIdentifier * fixes test compilation issues * fixes bugs from existing tests * adds appidentifier to user metadata functions * modifes user roles functions to add tenantidentifier and appidentifiers * small refactor * modifies session recipe to add tenantId as part of the access token and refresh token * small change * fixes a bug * modifies emailpassword functions * changes to a few functions * adds appidentifier to email verfication * adds tenant identifier to third party * adds tenantidentifier to passwordless * changes how tenant configs are checked * fixes tests * small bug fixes * fix: config tests (#568) * fix: added a config test * fix: added few config tests * fix: pr comments * fix: pr comments * fix: new exceptions and tests (#573) * fix: added a config test * fix: added few config tests * fix: pr comments * fix: pr comments * fix: new exceptions and tests * fix: new tests and moved race condition test to postgres plugin * fix: new tests * fix: updated tests * fix: concurrent test * fix: typos * fix: random test * fix: random test * makes telemetry and feature flag multi tenant as well - per app * refactors crontask to be better suited for multi tenancy * fix: Email password and user id mapping multi tenancy changes (#580) * fix: ep recipe impl * fix: updated as per plugin interface * fix: pr comments * fix: fixed unknown user handling * fix: update useridmapping * fix: updated the way storage is passed * fix: updated the way storage is passed * fix: smaller changes * fix: smaller changes * fix: pr comments * fix: cleanup * fix: cleanup * fix: pr comments * fix: fix compile * fix: pr comments and test fixes * fix: revert delete user * fix: updated deleteUserAPI * fix: test fix * fix: plugin interface related * fix: pr comments * fix: pr comments * fix: removed getTenantIdentifierFromRequest * fix: app identifier with storage * fixes test * fix: Multitenant userroles (#600) * fix: user roles impl * fix: handling fkey * fix: pr comments * fix: pr comments * fix: Multitenant usermetadata (#605) * fix: user roles impl * fix: handling fkey * fix: usermetadata impl * fix: user metadata impl * fix: api updates * fix: emailpassword storage (#607) * fix: uid mapping storage (#608) * fix: multitenant ep tests (#609) * fix: Multitenant user id mapping tests (#611) * fix: uid mapping tests * fix: uid mapping tests * fix: uid mapping tests * fix: uid mapping tests * fix: uid mapping tests * fix: uid mapping tests * fix: pr comments * fix: pr comments * fix: pr comments * fix: Multitenant API, storage and tests (#614) * fix: passwordless storage * fix: passwordless changes and tests * fix: passwordless changes and tests * fix: passwordless changes and tests * fix: pr comments * fix: Multitenant thirdparty API, storage and tests (#616) * fix: thirdparty storage and API * fix: thirdparty tests * fix: thirdparty changes * fix: pr comments * fix: Multitenant emailverification (#618) * fix: thirdparty storage and API * fix: thirdparty tests * fix: emailverification storage * fix: emailverification changes * fix: emailverification test * fix: comment * fix: token tenant specific * fix: Multitenant session (#619) * fix: session changes * fix: session changes * fix: session API * fix: updated comments * fix: minor fixes * fix: minor fixes * fix: minor fixes * fix: minor fixes * fix: minor fixes * fix: session tests * fix: fixed tests * fix: pr comments * fix: pr comments * fix: pr comments * fix: pr comments * fix: removed unused param * fix: pr comments * merges with latest (#622) * merges with latest - tests not fixed * fixes a few tests * fixes test compilation issue * fixes tests * adds load testing basics --------- Co-authored-by: Sattvik Chakravarthy <[email protected]> * several fixes * fix: Multitenant jwt (#629) * fix: jwt changes * fix: undo * fix: Multitenant Auth Recipe (#633) * fix: auth recipe storage * fix: auth recipe changes * fix: updated API * fix: pr comments * fix: pr comments * fix: Multitenant dashboard (#636) * fix: dashboard changes * fix: dashboard test * fix: Multitenant totp (#637) * fix: totp changes * fix: handling fk * fix: updated comments * fix: multitenant test * fix: pr comment * merges (#638) * adds new config (#639) * makes test more reliable * removes unnecessary deprecated annotation (#640) * fix: multitenancy changes (#641) * fix: api implementations * fix: after merge * fix: test fix * fix: test fix * fix: working cud tests * fix: db config protection * fix: add user to tenant * fix: tests * fix: pr comment * fix: cleanup * fix: input parsing * fix: PR comments * fix: remove DeletionInProgressException * fix: removeUserIdFromTenant * fix: protected fields * fix: pr comment * fix: more tests and fixes * fix: fixed validation * fix: remove api permission checks * fix: fixed permission logic and added tests * fix: thirdparty config tests and fixes * fix: thirdparty config tests and fixes * fix: tests * fix: pr comments * fix: pr comments * fix: pr comments * fix: pr comment * fix: Misc changes (#645) * fix: api implementations * fix: after merge * fix: test fix * fix: test fix * fix: working cud tests * fix: db config protection * fix: add user to tenant * fix: tests * fix: pr comment * fix: cleanup * fix: input parsing * fix: PR comments * fix: remove DeletionInProgressException * fix: removeUserIdFromTenant * fix: protected fields * fix: pr comment * fix: more tests and fixes * fix: fixed validation * fix: remove api permission checks * fix: fixed permission logic and added tests * fix: thirdparty config tests and fixes * fix: thirdparty config tests and fixes * fix: tests * fix: config api * fix: active users * fix: test only code in production * fix: Tenantid logging (#646) * fix: tenant id in logging * fix: pr comment * fix: Rate limiting hello (#647) * fix: rate limiting hello api * fix: pr comments * fix: multitenancy stats (#649) * fix: multitenancy stats * fix: pr comment and test * fix: pr comment * fix: pr comment * fix: Tenantid in userobjects (#650) * fix: create user type * fix: test fixes * fix: added test * fix: refactored ep and tp * fix: refactor pless * fix: test fix * fix: pr comment * feat: Introduce MFA recipe * fix: Ip filter per tenant (#652) * fix: ip filter impl * fix: ip filter impl * fix: ip filter impl * fix: jwt fix * fix: updated console log (#653) * fix: API key per app (#654) * feat: Add EE feature for MFA functions * fix: Fix didExist of factor disable API * fix: Startup log (#655) * fix: tenant id in loadConfig * fix: remove repeat log * fix: added test * fix: License tests (#656) * fix: license tests * fix: added test * fix: pr comment * test: Config normalisation test (#658) * fix: added tests for config normalisation * fix: fixed comment * fix: fixed comment * feat: Suggested changes along with tests * fix: delete non auth user in deleteUserIdFromTenantId (#659) * fix: delete user in non auth recipe * fix: pr comments * fix: thirdparty related tests (#661) * fix: tp changes * fix: pr comment * feat: Add MFA EE features and user id mapping related tests * fix: Remove irrelevant multitenancy change * fix: Config validation (#662) * fix: config validation * fix: config validation * fix: pr comment * fix: pr comment * fix: pr comment * fix: pr comment * fix: config per tenant, per app annotations and validation (#666) * fix: pagination test (#667) * fix: added version check for multitenant apis (#669) * fix: added version check for multitenant apis * fix: pr comment * fix: clean up init keys (#670) * fix: clean up init keys * fix: pr comment * fix: removed isTesting check in prod code (#671) * fix: Suggested changes * test: Improve MFA delete user test * test: Fix all tests and inherit from MFaTestBase * feat: Add function to delete user from a tenant and test it * fix: resource reloading (#673) * fix: resource reloading * fix: license test task reloading * fix: reload revert * fix: impl * fix: pr comments * fix: pr comments * fix: pr comment * fix: pr comments * fix: fixed missing log (#678) * fix: fixed logging * fix: pr comments * fix: pr comments * Overload deleteMfaInfoForUser and set factor column size to 64 * fix: merge issues (#680) * fix: session v4 (#683) * fix: session v4 * fix: tests * fix: pr comments and tests * fix: test * fix: pr comments * fix: Postgres migration (#685) * fix: changelog * fix: changelog * fix: pr comments * fix: fixed tests for active user storage (#686) * refactor: Remove irrelevant changes from merge conflict * chores: Mention new MFA recipe in CHANGELOG * chores: Bring back ActiveUsers function implementation * fix: tests * refactor: Replace TOTP_NOT_ENABLED_ERROR status and make deviceName optional (#729) * refactor: Dont send TOTP_NOT_ENABLED_ERROR status * refactor: Add comments * chores: Remove extra comments * refactor: Completely replace totp not enabled error with unknown device error * refactor: Remove Totp not enabled error * feat: Make device name optional and generate it from number of existing devices * Replace TotpNotEnabledError with UnknownUserIdTotpError * refactor: Recursively generate device name when it already exists * refactor: Remove redundant arguments * feat: Remove the param to allow unverified devices from the verify totp API * feat: Reject unverified devices * feat: Add UNKNOWN_USER_ID_ERROR to verify totp api * feat: Throw Unknown user id error when device gets deleted during verification * fix: core fixes * fix: cleanup * fix: tests --------- Co-authored-by: Sattvik Chakravarthy <[email protected]> * fix: tests * fix: mfa and totp queries * fix: flaky tests * fix: mfa cleanup (#837) * fix: mfa cleanup * fix: mfa cleanup * fix: test * fix: pr comments * Mfa multitenancy (#841) * fix: multitenancy changes * fix: mfa cleanup * fix: mfa cleanup * fix: test * fix: api * fix: mfa multitenancy updates * fix: tests * fix: mfa * fix: tests * fix: tests * fix: pr comments * fix: pr comments * fix: pr comments * fix: tests * fix: tests * fix: pr comments * Mfa accountlinking (#867) * fix: multitenancy changes * fix: mfa cleanup * fix: mfa cleanup * fix: test * fix: api * fix: mfa multitenancy updates * fix: tests * fix: mfa * fix: tests * fix: tests * fix: accountlinking APIs for MFA * fix: pr comments * fix: pr comments * fix: pr comments * fix: tests * fix: tests * fix: pr comments * fix: refactor and tests * Mfa firstfactor in sign in or up (#868) * fix: multitenancy changes * fix: mfa cleanup * fix: mfa cleanup * fix: test * fix: api * fix: mfa multitenancy updates * fix: tests * fix: mfa * fix: tests * fix: tests * fix: accountlinking APIs for MFA * fix: pr comments * fix: pr comments * fix: pr comments * fix: tests * fix: tests * fix: pr comments * fix: refactor and tests * fix: sign in/up API updates * fix: some tests and fixes * fix: more tests * fix: sign in up apis * fix: pr comment * fix: import totp device API (#869) * fix: import totp device API * fix: remove extra api * fix: add createdat to totp device (#870) * fix: mfa stats * fix: active users data saved into public tenant storage * fix: pr comments * fix: pr comments * fix: pr comment * Mfa inmemory (#874) * fix: add createdat to totp device * fix: inmemory changes for mfa * fix: mfa stats queries * fix: test * fix: totp APIs and flaky tests fix (#879) * fix: totp APIs and flaky tests fix * fix: PR comment * fix: response * fix: version update * fix: changelog * fix: remove MFA apis * fix: remove isValidFirstFactor * fix: revert account linking api * Mfa changes (#901) * fix: remove tenant config and rename secondary factors * fix: version prefix in logging * fix: remove totp enabled * fix: firstFactors and requiredSecondaryFactors validation * fix: remove totpEnabled * fix: more validation * fix: version in core logs * fix: error message * fix: createNewRecipeUser input in consume code API (#910) * fix: createNewRecipeUser flag in consume code API * fix: more tests * fix: update test * fix: pr comments * feat: make refresh sync signing key setting (#909) * feat: make refresh update the signing key type of sessions * feat: make the refresh and create session apis consistent * test: remove test log * chore: update changelog * test: update tests to use new param * fix: totp import api (#915) * fix: totp import api * fix: refactor * fix: Fake email verified for emailpassword sign up (#913) * fix: mark fake email as verified in emailpassword sign up * fix: add tests * fix: pr comments * fix: clean * Merge 7.0 (#940) * fix: adds test for user pagination from old version (#893) * adding dev-v7.0.15 tag to this commit to ensure building * fix: core config validation (#894) * fix: core config validation * fix: core config validation * fix: PR comments * fix: PR comments * fix: test * fix: startup test * fix: using ConfigMapper * fix: test * fix: config mapper * fix: core config * adding dev-v7.0.16 tag to this commit to ensure building * fix: null handling in config mapper (#897) * fix: core config validation * fix: core config validation * fix: PR comments * fix: PR comments * fix: test * fix: startup test * fix: using ConfigMapper * fix: test * fix: config mapper * fix: core config * fix: null handling * fix: test defaults * adding dev-v7.0.16 tag to this commit to ensure building * Add t4-app in release checklist (#899) * Update README.md * Add Dockerfile for ubuntu 22.04 (#904) * fix: error logs should be printed to StdErr (#918) * fix: Load only cud (#917) * fix: update config and validateAndNormalize * fix: impl * fix: PR comments * fix: cleanup * fix: cleanup * fix: pr comments * fix: pr comments * fix: tests * fix: changelog * fix: 400 error * fix: cuds from db * fix: connection pool issue (#919) * adding dev-v7.0.17 tag to this commit to ensure building * fix: Test fix (#921) * fix: test * fix: tests * adding dev-v7.0.17 tag to this commit to ensure building * fix: CICD tests (#925) * fix: tests * fix: adding retry * fix: kill * fix: typo * fix: cicd * fix: cicd * adding dev-v7.0.17 tag to this commit to ensure building * fix: Vulnerability fix (#928) * fix: updated dependencies * fix: updated dependencies * chore: version and changelog * fix: update impl deps * fix: telemetry data * fix: changelog * fix: cleanup * fix: active user storage * fix: active users storage test * fix: changelog * fix: versions * adding dev-v7.0.18 tag to this commit to ensure building * fix: Cicd tests fix (#932) * fix: CICD fix * fix: test fix * fix: test for mongo * adding dev-v7.0.18 tag to this commit to ensure building * fix: dependencies (#933) * fix: dependency fix * fix: dep fix * adding dev-v7.0.18 tag to this commit to ensure building * fix: dependencies (#934) * adding dev-v7.0.18 tag to this commit to ensure building * fix: 31 days of mau (#936) * fix: MAU computation (#937) * fix: mau * fix: typo * adding dev-v7.0.18 tag to this commit to ensure building * fix: mau related tests (#938) * adding dev-v7.0.18 tag to this commit to ensure building * fix: Tests (#939) * fix: mau related tests * fix: test * adding dev-v7.0.18 tag to this commit to ensure building --------- Co-authored-by: rishabhpoddar <[email protected]> Co-authored-by: Ankit Tiwari <[email protected]> * merge latest (#947) * fix: adds test for user pagination from old version (#893) * adding dev-v7.0.15 tag to this commit to ensure building * fix: core config validation (#894) * fix: core config validation * fix: core config validation * fix: PR comments * fix: PR comments * fix: test * fix: startup test * fix: using ConfigMapper * fix: test * fix: config mapper * fix: core config * adding dev-v7.0.16 tag to this commit to ensure building * fix: null handling in config mapper (#897) * fix: core config validation * fix: core config validation * fix: PR comments * fix: PR comments * fix: test * fix: startup test * fix: using ConfigMapper * fix: test * fix: config mapper * fix: core config * fix: null handling * fix: test defaults * adding dev-v7.0.16 tag to this commit to ensure building * Add t4-app in release checklist (#899) * Update README.md * Add Dockerfile for ubuntu 22.04 (#904) * fix: error logs should be printed to StdErr (#918) * fix: Load only cud (#917) * fix: update config and validateAndNormalize * fix: impl * fix: PR comments * fix: cleanup * fix: cleanup * fix: pr comments * fix: pr comments * fix: tests * fix: changelog * fix: 400 error * fix: cuds from db * fix: connection pool issue (#919) * adding dev-v7.0.17 tag to this commit to ensure building * fix: Test fix (#921) * fix: test * fix: tests * adding dev-v7.0.17 tag to this commit to ensure building * fix: CICD tests (#925) * fix: tests * fix: adding retry * fix: kill * fix: typo * fix: cicd * fix: cicd * adding dev-v7.0.17 tag to this commit to ensure building * fix: Vulnerability fix (#928) * fix: updated dependencies * fix: updated dependencies * chore: version and changelog * fix: update impl deps * fix: telemetry data * fix: changelog * fix: cleanup * fix: active user storage * fix: active users storage test * fix: changelog * fix: versions * adding dev-v7.0.18 tag to this commit to ensure building * fix: Cicd tests fix (#932) * fix: CICD fix * fix: test fix * fix: test for mongo * adding dev-v7.0.18 tag to this commit to ensure building * fix: dependencies (#933) * fix: dependency fix * fix: dep fix * adding dev-v7.0.18 tag to this commit to ensure building * fix: dependencies (#934) * adding dev-v7.0.18 tag to this commit to ensure building * fix: 31 days of mau (#936) * fix: MAU computation (#937) * fix: mau * fix: typo * adding dev-v7.0.18 tag to this commit to ensure building * fix: mau related tests (#938) * adding dev-v7.0.18 tag to this commit to ensure building * fix: Tests (#939) * fix: mau related tests * fix: test * adding dev-v7.0.18 tag to this commit to ensure building * fix: fixes storage handling for non-auth recipes (#942) * fix: non auth recipe stuff * fix: user roles * fix: half done * fix: thirdparty changes * fix: passwordless changes * fix: active users * fix: session changes * fix: user metadata * fix: user roles * fix: totp * fix: email verification * fix: multitenancy and other minor fixes * fix: compile errors * fix: bugs and tests * fix: bugs and tests * fix: func rename * fix: PR comments * fix: pr comments * fix: pr comments * fix: pr comments * fix: user role multitenant tests * fix: email verification tests * fix: user role deletion * fix: user roles * fix: user roles * fix: get tenant identifier refactor * fix: pr comments * fix: query * fix: tests version and changelog * Update CHANGELOG.md Co-authored-by: Rishabh Poddar <[email protected]> * fix: pr comments --------- Co-authored-by: Rishabh Poddar <[email protected]> * adding dev-v8.0.0 tag to this commit to ensure building * fix: plugin interface version (#945) * adding dev-v8.0.0 tag to this commit to ensure building * fix: cicd tests (#946) * fix: cicd tests * fix: cicd tests * fix: cicd tests * fix: cicd tests * fix: cicd tests * adding dev-v8.0.0 tag to this commit to ensure building --------- Co-authored-by: rishabhpoddar <[email protected]> Co-authored-by: Ankit Tiwari <[email protected]> * fix: add check code API and update delete code API (#948) * fix: verify code API * pr comments * fix: cleanup * fix: PR comments * fix: pr comment * fix: revert formatting * fix: revert formatting * feat: merge last active times when linking users (#954) * feat: merge last active times when linking users * fix: pr comments * fix: cleanup * fix: pr comments * fix: cleanup --------- Co-authored-by: Sattvik Chakravarthy <[email protected]> * Remaining changes (#956) * fix: enforce public tenant * fix: enforce public tenant >= 5.0 * fix: pass appId to getUserIdMappingForSuperTokensIds * fix: create session with useridmapping * fix: consumed device * fix: list and remove tenant api enforcement * fix: firstFactors and secondFactors in multitenancy stats * fix: tests * fix: tests * fix: versions * fix: PR coments * fix: pr comments * fix: null handling * fix: fixme --------- Co-authored-by: rishabhpoddar <[email protected]> Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: Mihály Lengyel <[email protected]> Co-authored-by: Ankit Tiwari <[email protected]>
Summary of change
TOTP_NOT_ENABLED_ERROR
response status with more relevant messages for each API.Checklist for important updates
coreDriverInterfaceSupported.json
file has been updated (if needed)pluginInterfaceSupported.json
file has been updated (if needed)build.gradle
getPaidFeatureStats
function in FeatureFlag.java filebuild.gradle
, please make sure to add themin
implementationDependencies.json
.getValidFields
inio/supertokens/config/CoreConfig.java
if new aliases were added for any core config (similar to theaccess_token_signing_key_update_interval
config alias).git tag
) in the formatvX.Y.Z
, and then find thelatest branch (
git branch --all
) whoseX.Y
is greater than the latest released tag.Remaining TODOs for this PR
TOTP_NOT_ENABLED
WITHINVALID_TOTP_CODE_ERROR
doesn't feel correct.