Mart van Santen
--- a/login/kratos.py

+ 7

− 4
+++ b/login/kratos.py

+ 7

− 4
 @@ -241,11 +241,14 @@ class KratosUser():
            # We override the default Redirect handler with our custom handler to
            # be able to catch the cookies.
            opener = urllib.request.build_opener(RedirectFilter)
-            print(f"Opening: {recovery_url}")
+
+            # We rewrite the URL we got. It can be we run this from an enviroment
+            # with different KRATUS_PUBLIC_URL API endpoint then kratos provide
+            # itself. For example in the case running as a job to create an admin
+            # account before TLS is setup/working
            search = re.match(r'.*(self-service.recovery.flow.*)$', recovery_url)
            if search:
                recovery_url = api_url + "/" + search.group(1)
-            print(f"Opening: {recovery_url}")
            opener.open(recovery_url)
        # If we do not have a 2xx status, urllib throws an error, as we "stopped"
        # at our redirect, we expect a 3xx status
 @@ -254,9 +257,9 @@ class KratosUser():
                cookies = req.headers.get_all('Set-Cookie')
                url =  req.headers.get('Location')
            else:
-                raise BackendError(f'Unable to fetch recovery link {recovery_url}') from req
+                raise BackendError('Unable to fetch recovery link') from req
        else:
-            raise BackendError(f'Unable to fetch recovery link: {recovery_url}')
+            raise BackendError('Unable to fetch recovery link')

        # Step 2: Extract cookies and data for next step. We expect to have an
        #         authorized session now. We need the cookies for followup calls