Missing weak password error message when updating Kratos

ORY Kratos
#1

Hi! I was using Kratos v0.4.6-alpha.1 and I’m trying to get up to date with the last few versions, specifically 0.5.0-alpha.1, which made a lot of changes…

Following the Registration Flow with Username/Email Password Method, the error messages (e.g. user already taken) no longer comes directly in the response but in the registration context. However, when you type a weak password (e.g. password), the registration fails but I’m not getting the error details (given by argon2, I guess) in either the response or the context, and I cannot give any feedback to the user. Am I missing anything? Is this information still available?

Thanks!

#2

Hm, these error messages should be included. Can you provide a bit more details (payloads for example)? We have tests that cover this so I would expect this to work.

#3

Ok, this is embarrassing… I was looking at a higher level in the response structure. I was just examining the raw context response (RegistrationFlow) to post it here and I saw the error message in methods.password.config.fields. I’ll need to make some more changes in my code :slight_smile:

{
    "id": "7aaff080-26ab-4244-94c6-53053def0ff4",
    "type": "browser",
    "expires_at": "2020-11-16T13:27:57.602835Z",
    "issued_at": "2020-11-16T13:17:57.602835Z",
    "request_url": "http://127.0.0.1:4433/self-service/registration/browser",
    "active": "password",
    "messages": null,
    "methods": {
        "password": {
            "method": "password",
            "config": {
                "action": "http://kratos:4433/self-service/registration/methods/password?flow=7aaff080-26ab-4244-94c6-53053def0ff4",
                "method": "POST",
                "fields": [
                    {
                        "name": "csrf_token",
                        "type": "hidden",
                        "required": true,
                        "value": "ajueQgxl4iriGDxNTz2yRdZWZakXU2rOVLBoqcgrgWm6Bti0D8xChQO8D2ZSFJ3wv4ighB0Ll526E7hlb9pY9Q=="
                    },
                    {
                        "name": "password",
                        "type": "password",
                        "required": true,
                        "messages": [
                            {
                                "id": 4000005,
                                "text": "The password can not be used because the password has been found in at least 3759315 data breaches and must no longer be used..",
                                "type": "error",
                                "context": {
                                    "reason": "the password has been found in at least 3759315 data breaches and must no longer be used."
                                }
                            }
                        ]
                    },
                    {
                        "name": "traits.username",
                        "type": "text",
                        "pattern": "^[a-z][a-z0-9]*$",
                        "value": "foobar"
                    },
                    {
                        "name": "traits.email",
                        "type": "email",
                        "value": "[email protected]"
                    },
                    {
                        "name": "traits.name",
                        "type": "text"
                    },
                    {
                        "name": "traits.last_name",
                        "type": "text"
                    }
                ]
            }
        }
    }
}

Sorry for bothering and thank you!

1 Like
#4

Any time!