fix(auth): always get token by id and user id (#4371)

Co-authored-by: Florian Forster <florian@zitadel.com>

internal/auth/repository/eventsourcing/eventstore/token.go

@@ -23,7 +23,7 @@ type TokenRepo struct {
 }
 
 func (repo *TokenRepo) IsTokenValid(ctx context.Context, userID, tokenID string) (bool, error) {
-	token, err := repo.TokenByID(ctx, userID, tokenID)
+	token, err := repo.TokenByIDs(ctx, userID, tokenID)
 	if err == nil {
 		return token.Expiration.After(time.Now().UTC()), nil
 	}
@@ -33,8 +33,8 @@ func (repo *TokenRepo) IsTokenValid(ctx context.Context, userID, tokenID string)
 	return false, err
 }
 
-func (repo *TokenRepo) TokenByID(ctx context.Context, userID, tokenID string) (*usr_model.TokenView, error) {
-	token, viewErr := repo.View.TokenByID(tokenID, authz.GetInstance(ctx).InstanceID())
+func (repo *TokenRepo) TokenByIDs(ctx context.Context, userID, tokenID string) (*usr_model.TokenView, error) {
+	token, viewErr := repo.View.TokenByIDs(tokenID, userID, authz.GetInstance(ctx).InstanceID())
 	if viewErr != nil && !errors.IsNotFound(viewErr) {
 		return nil, viewErr
 	}

internal/auth/repository/eventsourcing/view/token.go

@@ -12,8 +12,8 @@ const (
 	tokenTable = "auth.tokens"
 )
 
-func (v *View) TokenByID(tokenID, instanceID string) (*model.TokenView, error) {
-	return usr_view.TokenByID(v.Db, tokenTable, tokenID, instanceID)
+func (v *View) TokenByIDs(tokenID, userID, instanceID string) (*model.TokenView, error) {
+	return usr_view.TokenByIDs(v.Db, tokenTable, tokenID, userID, instanceID)
 }
 
 func (v *View) TokensByUserID(userID, instanceID string) ([]*model.TokenView, error) {

internal/auth/repository/token.go

@@ -8,5 +8,5 @@ import (
 
 type TokenRepository interface {
 	IsTokenValid(ctx context.Context, userID, tokenID string) (bool, error)
-	TokenByID(ctx context.Context, userID, tokenID string) (*usr_model.TokenView, error)
+	TokenByIDs(ctx context.Context, userID, tokenID string) (*usr_model.TokenView, error)
 }