feat: pass and handle auth request context for email links (#7815)

* pass and handle auth request context * tests and cleanup * cleanup
2025-08-11 21:37:32 +00:00 · 2024-04-24 17:50:58 +02:00
parent ac985e2dfb
commit d016379e2a
38 changed files with 851 additions and 2018 deletions
--- a/internal/repository/user/human.go
+++ b/internal/repository/user/human.go
@@ -157,6 +157,8 @@ type HumanRegisteredEvent struct {
 	Secret         *crypto.CryptoValue `json:"secret,omitempty"` // legacy
 	EncodedHash    string              `json:"encodedHash,omitempty"`
 	ChangeRequired bool                `json:"changeRequired,omitempty"`
+
+	UserAgentID string `json:"userAgentID,omitempty"`
 }

 func (e *HumanRegisteredEvent) Payload() interface{} {
@@ -208,6 +210,7 @@ func NewHumanRegisteredEvent(
 	gender domain.Gender,
 	emailAddress domain.EmailAddress,
 	userLoginMustBeDomain bool,
+	userAgentID string,
 ) *HumanRegisteredEvent {
 	return &HumanRegisteredEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
@@ -224,6 +227,7 @@ func NewHumanRegisteredEvent(
 		Gender:                gender,
 		EmailAddress:          emailAddress,
 		userLoginMustBeDomain: userLoginMustBeDomain,
+		UserAgentID:           userAgentID,
 	}
 }

@@ -244,6 +248,7 @@ type HumanInitialCodeAddedEvent struct {
 	Code                 *crypto.CryptoValue `json:"code,omitempty"`
 	Expiry               time.Duration       `json:"expiry,omitempty"`
 	TriggeredAtOrigin    string              `json:"triggerOrigin,omitempty"`
+	AuthRequestID        string              `json:"authRequestID,omitempty"`
 }

 func (e *HumanInitialCodeAddedEvent) Payload() interface{} {
@@ -263,6 +268,7 @@ func NewHumanInitialCodeAddedEvent(
 	aggregate *eventstore.Aggregate,
 	code *crypto.CryptoValue,
 	expiry time.Duration,
+	authRequestID string,
 ) *HumanInitialCodeAddedEvent {
 	return &HumanInitialCodeAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
@@ -273,6 +279,7 @@ func NewHumanInitialCodeAddedEvent(
 		Code:              code,
 		Expiry:            expiry,
 		TriggeredAtOrigin: http.ComposedOrigin(ctx),
+		AuthRequestID:     authRequestID,
 	}
 }

--- a/internal/repository/user/human_email.go
+++ b/internal/repository/user/human_email.go
@@ -126,6 +126,8 @@ type HumanEmailCodeAddedEvent struct {
 	URLTemplate       string              `json:"url_template,omitempty"`
 	CodeReturned      bool                `json:"code_returned,omitempty"`
 	TriggeredAtOrigin string              `json:"triggerOrigin,omitempty"`
+	// AuthRequest is only used in V1 Login UI
+	AuthRequestID string `json:"authRequestID,omitempty"`
 }

 func (e *HumanEmailCodeAddedEvent) Payload() interface{} {
@@ -145,8 +147,19 @@ func NewHumanEmailCodeAddedEvent(
 	aggregate *eventstore.Aggregate,
 	code *crypto.CryptoValue,
 	expiry time.Duration,
+	authRequestID string,
 ) *HumanEmailCodeAddedEvent {
-	return NewHumanEmailCodeAddedEventV2(ctx, aggregate, code, expiry, "", false)
+	return &HumanEmailCodeAddedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			HumanEmailCodeAddedType,
+		),
+		Code:              code,
+		Expiry:            expiry,
+		TriggeredAtOrigin: http.ComposedOrigin(ctx),
+		AuthRequestID:     authRequestID,
+	}
 }

 func NewHumanEmailCodeAddedEventV2(
--- a/internal/repository/user/human_password.go
+++ b/internal/repository/user/human_password.go
@@ -87,6 +87,8 @@ type HumanPasswordCodeAddedEvent struct {
 	URLTemplate       string                  `json:"url_template,omitempty"`
 	CodeReturned      bool                    `json:"code_returned,omitempty"`
 	TriggeredAtOrigin string                  `json:"triggerOrigin,omitempty"`
+	// AuthRequest is only used in V1 Login UI
+	AuthRequestID string `json:"authRequestID,omitempty"`
 }

 func (e *HumanPasswordCodeAddedEvent) Payload() interface{} {
@@ -107,8 +109,20 @@ func NewHumanPasswordCodeAddedEvent(
 	code *crypto.CryptoValue,
 	expiry time.Duration,
 	notificationType domain.NotificationType,
+	authRequestID string,
 ) *HumanPasswordCodeAddedEvent {
-	return NewHumanPasswordCodeAddedEventV2(ctx, aggregate, code, expiry, notificationType, "", false)
+	return &HumanPasswordCodeAddedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			HumanPasswordCodeAddedType,
+		),
+		Code:              code,
+		Expiry:            expiry,
+		NotificationType:  notificationType,
+		TriggeredAtOrigin: http.ComposedOrigin(ctx),
+		AuthRequestID:     authRequestID,
+	}
 }

 func NewHumanPasswordCodeAddedEventV2(