chore: synchronize workspaces

Makefile

@@ -83,7 +83,13 @@ test-short:
 
 .PHONY: test-coverage
 test-coverage: .bin/go-acc .bin/goveralls
-	go-acc -o coverage.out ./... -- -v -failfast -timeout=20m -tags sqlite
+	go-acc -o coverage.out ./... -- -v -failfast -timeout=20m -tags sqlite,json1
+
+.PHONY: test-coverage-next
+test-coverage-next: .bin/go-acc .bin/goveralls
+	go test -short -failfast -timeout=20m -tags sqlite,json1 -cover ./... --args test.gocoverdir="$$PWD/coverage"
+	go tool covdata percent -i=coverage
+	go tool covdata textfmt -i=./coverage -o coverage.new.out
 
 # Generates the SDK
 .PHONY: sdk

coverage/.gitignore

@@ -0,0 +1 @@
+*

selfservice/strategy/code/strategy_login.go

@@ -6,6 +6,7 @@ package code
 import (
 	"context"
 	"net/http"
+	"strings"
 
 	"github.com/gofrs/uuid"
 	"github.com/pkg/errors"
@@ -161,6 +162,8 @@ func (s *Strategy) loginSendEmail(ctx context.Context, w http.ResponseWriter, r
 		return errors.WithStack(schema.NewRequiredError("#/identifier", "identifier"))
 	}
 
+	p.Identifier = maybeNormalizeEmail(p.Identifier)
+
 	// Step 1: Get the identity
 	i, _, err := s.getIdentity(ctx, p.Identifier)
 	if err != nil {
@@ -206,6 +209,14 @@ func (s *Strategy) loginSendEmail(ctx context.Context, w http.ResponseWriter, r
 	return errors.WithStack(flow.ErrCompletedByStrategy)
 }
 
+// If identifier is an email, we lower case it because on mobile phones the first letter sometimes is capitalized.
+func maybeNormalizeEmail(input string) string {
+	if strings.Contains(input, "@") {
+		return strings.ToLower(input)
+	}
+	return input
+}
+
 func (s *Strategy) loginVerifyCode(ctx context.Context, r *http.Request, f *login.Flow, p *updateLoginFlowWithCodeMethod) (_ *identity.Identity, err error) {
 	ctx, span := s.deps.Tracer(ctx).Tracer().Start(ctx, "selfservice.strategy.code.strategy.loginVerifyCode")
 	defer otelx.End(span, &err)
@@ -220,6 +231,8 @@ func (s *Strategy) loginVerifyCode(ctx context.Context, r *http.Request, f *logi
 		return nil, errors.WithStack(schema.NewRequiredError("#/identifier", "identifier"))
 	}
 
+	p.Identifier = maybeNormalizeEmail(p.Identifier)
+
 	// Step 1: Get the identity
 	i, _, err := s.getIdentity(ctx, p.Identifier)
 	if err != nil {

selfservice/strategy/code/strategy_login_test.go

@@ -12,6 +12,8 @@ import (
 	"net/url"
 	"testing"
 
+	"github.com/ory/x/stringsx"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/tidwall/gjson"
@@ -162,6 +164,27 @@ func TestLoginCodeStrategy(t *testing.T) {
 		},
 	} {
 		t.Run("test="+tc.d, func(t *testing.T) {
+			t.Run("case=email identifier should be case insensitive", func(t *testing.T) {
+				// create login flow
+				s := createLoginFlow(ctx, t, public, tc.isSPA)
+
+				// submit email
+				s = submitLogin(ctx, t, s, tc.isSPA, func(v *url.Values) {
+					v.Set("identifier", stringsx.ToUpperInitial(s.identityEmail))
+				}, false, nil)
+
+				message := testhelpers.CourierExpectMessage(ctx, t, reg, s.identityEmail, "Login to your account")
+				assert.Contains(t, message.Body, "please login to your account by entering the following code")
+
+				loginCode := testhelpers.CourierExpectCodeInMessage(t, message, 1)
+				assert.NotEmpty(t, loginCode)
+
+				// 3. Submit OTP
+				submitLogin(ctx, t, s, tc.isSPA, func(v *url.Values) {
+					v.Set("code", loginCode)
+				}, true, nil)
+			})
+
 			t.Run("case=should be able to log in with code", func(t *testing.T) {
 				// create login flow
 				s := createLoginFlow(ctx, t, public, tc.isSPA)
@@ -331,7 +354,7 @@ func TestLoginCodeStrategy(t *testing.T) {
 				})
 			})
 
-			t.Run("case=resend code shoud invalidate previous code", func(t *testing.T) {
+			t.Run("case=resend code should invalidate previous code", func(t *testing.T) {
 				ctx := context.Background()
 
 				s := createLoginFlow(ctx, t, public, tc.isSPA)

selfservice/strategy/code/strategy_registration_test.go

@@ -32,10 +32,11 @@ import (
 )
 
 type state struct {
-	flowID     string
-	client     *http.Client
-	email      string
-	testServer *httptest.Server
+	flowID         string
+	client         *http.Client
+	email          string
+	testServer     *httptest.Server
+	resultIdentity *identity.Identity
 }
 
 func TestRegistrationCodeStrategyDisabled(t *testing.T) {
@@ -130,15 +131,16 @@ func TestRegistrationCodeStrategy(t *testing.T) {
 	registerNewUser := func(ctx context.Context, t *testing.T, s *state, isSPA bool, submitAssertion onSubmitAssertion) *state {
 		t.Helper()
 
-		email := testhelpers.RandomEmail()
-		s.email = email
+		if s.email == "" {
+			s.email = testhelpers.RandomEmail()
+		}
 
 		rf, resp, err := testhelpers.NewSDKCustomClient(s.testServer, s.client).FrontendApi.GetRegistrationFlow(context.Background()).Id(s.flowID).Execute()
 		require.NoError(t, err)
 		require.EqualValues(t, http.StatusOK, resp.StatusCode)
 
 		values := testhelpers.SDKFormFieldsToURLValues(rf.Ui.Nodes)
-		values.Set("traits.email", email)
+		values.Set("traits.email", s.email)
 		values.Set("method", "code")
 
 		body, resp := testhelpers.RegistrationMakeRequest(t, false, isSPA, rf, s.client, testhelpers.EncodeFormAsJSON(t, false, values))
@@ -155,7 +157,7 @@ func TestRegistrationCodeStrategy(t *testing.T) {
 		}
 		csrfToken := gjson.Get(body, "ui.nodes.#(attributes.name==csrf_token).attributes.value").String()
 		assert.NotEmptyf(t, csrfToken, "%s", body)
-		require.Equal(t, email, gjson.Get(body, "ui.nodes.#(attributes.name==traits.email).attributes.value").String())
+		require.Equal(t, s.email, gjson.Get(body, "ui.nodes.#(attributes.name==traits.email).attributes.value").String())
 
 		return s
 	}
@@ -186,7 +188,7 @@ func TestRegistrationCodeStrategy(t *testing.T) {
 
 		verifiableAddress, err := reg.PrivilegedIdentityPool().FindVerifiableAddressByValue(ctx, identity.VerifiableAddressTypeEmail, s.email)
 		require.NoError(t, err)
-		require.Equal(t, s.email, verifiableAddress.Value)
+		require.Equal(t, strings.ToLower(s.email), verifiableAddress.Value)
 
 		id, err := reg.PrivilegedIdentityPool().GetIdentityConfidential(ctx, verifiableAddress.IdentityID)
 		require.NoError(t, err)
@@ -195,6 +197,7 @@ func TestRegistrationCodeStrategy(t *testing.T) {
 		_, ok := id.GetCredentials(identity.CredentialsTypeCodeAuth)
 		require.True(t, ok)
 
+		s.resultIdentity = id
 		return s
 	}
 
@@ -239,6 +242,35 @@ func TestRegistrationCodeStrategy(t *testing.T) {
 					}, tc.isSPA, nil)
 				})
 
+				t.Run("case=should normalize email address on sign up", func(t *testing.T) {
+					ctx := context.Background()
+
+					// 1. Initiate flow
+					state := createRegistrationFlow(ctx, t, public, tc.isSPA)
+					sourceMail := testhelpers.RandomEmail()
+					state.email = strings.ToUpper(sourceMail)
+					assert.NotEqual(t, sourceMail, state.email)
+
+					// 2. Submit Identifier (email)
+					state = registerNewUser(ctx, t, state, tc.isSPA, nil)
+
+					message := testhelpers.CourierExpectMessage(ctx, t, reg, sourceMail, "Complete your account registration")
+					assert.Contains(t, message.Body, "please complete your account registration by entering the following code")
+
+					registrationCode := testhelpers.CourierExpectCodeInMessage(t, message, 1)
+					assert.NotEmpty(t, registrationCode)
+
+					// 3. Submit OTP
+					state = submitOTP(ctx, t, reg, state, func(v *url.Values) {
+						v.Set("code", registrationCode)
+					}, tc.isSPA, nil)
+
+					creds, ok := state.resultIdentity.GetCredentials(identity.CredentialsTypeCodeAuth)
+					require.True(t, ok)
+					require.Len(t, creds.Identifiers, 1)
+					assert.Equal(t, sourceMail, creds.Identifiers[0])
+				})
+
 				t.Run("case=should be able to resend the code", func(t *testing.T) {
 					ctx := context.Background()