fix: audience and empty app name (#2775)

2024-12-13 03:24:26 +00:00 · 2021-12-03 14:24:29 +01:00 · 2021-12-03 14:24:29 +01:00 · a8eed4a215
commit a8eed4a215
parent 45695d3198
4 changed files with 46 additions and 25 deletions
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
@ -131,7 +131,7 @@ func (repo *AuthRequestRepo) CreateAuthRequest(ctx context.Context, request *dom
 	if err != nil {
 		return nil, err
 	}
-	appIDs, err := repo.Query.SearchAppIDs(ctx, &query.AppSearchQueries{Queries: []query.SearchQuery{projectIDQuery}})
+	appIDs, err := repo.Query.SearchClientIDs(ctx, &query.AppSearchQueries{Queries: []query.SearchQuery{projectIDQuery}})
 	if err != nil {
 		return nil, err
 	}
--- a/internal/query/app.go
+++ b/internal/query/app.go
@ -10,6 +10,7 @@ import (
 	"github.com/lib/pq"

 	"github.com/caos/logging"
+
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/errors"
 	"github.com/caos/zitadel/internal/query/projection"
@ -231,7 +232,10 @@ func (q *Queries) AppByID(ctx context.Context, appID string) (*App, error) {
 func (q *Queries) ProjectIDFromOIDCClientID(ctx context.Context, appID string) (string, error) {
 	stmt, scan := prepareProjectIDByAppQuery()
 	query, args, err := stmt.Where(
-		sq.Eq{AppOIDCConfigColumnClientID.identifier(): appID},
+		sq.Or{
+			sq.Eq{AppOIDCConfigColumnClientID.identifier(): appID},
+			sq.Eq{AppAPIConfigColumnClientID.identifier(): appID},
+		},
 	).ToSql()
 	if err != nil {
 		return "", errors.ThrowInternal(err, "QUERY-7d92U", "Errors.Query.SQLStatement")
@ -288,8 +292,8 @@ func (q *Queries) SearchApps(ctx context.Context, queries *AppSearchQueries) (*A
 	return apps, err
 }

-func (q *Queries) SearchAppIDs(ctx context.Context, queries *AppSearchQueries) ([]string, error) {
-	query, scan := prepareAppIDsQuery()
+func (q *Queries) SearchClientIDs(ctx context.Context, queries *AppSearchQueries) ([]string, error) {
+	query, scan := prepareClientIDsQuery()
 	stmt, args, err := queries.toQuery(query).ToSql()
 	if err != nil {
 		return nil, errors.ThrowInvalidArgument(err, "QUERY-fajp8", "Errors.Query.InvalidRequest")
@ -555,22 +559,30 @@ func prepareAppsQuery() (sq.SelectBuilder, func(*sql.Rows) (*Apps, error)) {
 		}
 }

-func prepareAppIDsQuery() (sq.SelectBuilder, func(*sql.Rows) ([]string, error)) {
+func prepareClientIDsQuery() (sq.SelectBuilder, func(*sql.Rows) ([]string, error)) {
 	return sq.Select(
-			AppColumnID.identifier(),
+			AppAPIConfigColumnClientID.identifier(),
+			AppOIDCConfigColumnClientID.identifier(),
 		).From(appsTable.identifier()).
 			LeftJoin(join(AppAPIConfigColumnAppID, AppColumnID)).
 			LeftJoin(join(AppOIDCConfigColumnAppID, AppColumnID)).
-			PlaceholderFormat(sq.Dollar), func(row *sql.Rows) ([]string, error) {
+			PlaceholderFormat(sq.Dollar), func(rows *sql.Rows) ([]string, error) {
 			ids := []string{}

-			for row.Next() {
-				var id string
-				if err := row.Scan(&id); err != nil {
+			for rows.Next() {
+				var apiID sql.NullString
+				var oidcID sql.NullString
+				if err := rows.Scan(
+					&apiID,
+					&oidcID,
+				); err != nil {
 					return nil, errors.ThrowInternal(err, "QUERY-0R2Nw", "Errors.Internal")
 				}
-
-				ids = append(ids, id)
+				if apiID.Valid {
+					ids = append(ids, apiID.String)
+				} else if oidcID.Valid {
+					ids = append(ids, oidcID.String)
+				}
 			}

 			return ids, nil
--- a/internal/query/app_test.go
+++ b/internal/query/app_test.go
@ -9,9 +9,10 @@ import (
 	"testing"
 	"time"

+	"github.com/lib/pq"
+
 	"github.com/caos/zitadel/internal/domain"
 	errs "github.com/caos/zitadel/internal/errors"
-	"github.com/lib/pq"
 )

 var (
@ -80,7 +81,8 @@ var (
 		` FROM zitadel.projections.apps` +
 		` LEFT JOIN zitadel.projections.apps_api_configs ON zitadel.projections.apps.id = zitadel.projections.apps_api_configs.app_id` +
 		` LEFT JOIN zitadel.projections.apps_oidc_configs ON zitadel.projections.apps.id = zitadel.projections.apps_oidc_configs.app_id`)
-	expectedAppIDsQuery = regexp.QuoteMeta(`SELECT zitadel.projections.apps.id` +
+	expectedAppIDsQuery = regexp.QuoteMeta(`SELECT zitadel.projections.apps_api_configs.client_id,` +
+		` zitadel.projections.apps_oidc_configs.client_id` +
 		` FROM zitadel.projections.apps` +
 		` LEFT JOIN zitadel.projections.apps_api_configs ON zitadel.projections.apps.id = zitadel.projections.apps_api_configs.app_id` +
 		` LEFT JOIN zitadel.projections.apps_oidc_configs ON zitadel.projections.apps.id = zitadel.projections.apps_oidc_configs.app_id`)
@ -1363,8 +1365,8 @@ func Test_AppIDsPrepare(t *testing.T) {
 		object  interface{}
 	}{
 		{
-			name:    "prepareAppIDsQuery no result",
-			prepare: prepareAppIDsQuery,
+			name:    "prepareClientIDsQuery no result",
+			prepare: prepareClientIDsQuery,
 			want: want{
 				sqlExpectations: mockQueries(
 					expectedAppIDsQuery,
@ -1375,15 +1377,16 @@ func Test_AppIDsPrepare(t *testing.T) {
 			object: []string{},
 		},
 		{
-			name:    "prepareAppIDsQuery one result",
-			prepare: prepareAppIDsQuery,
+			name:    "prepareClientIDsQuery one result",
+			prepare: prepareClientIDsQuery,
 			want: want{
 				sqlExpectations: mockQueries(
 					expectedAppIDsQuery,
-					[]string{"id"},
+					[]string{"client_id", "client_id"},
 					[][]driver.Value{
 						{
 							"app-id",
+							nil,
 						},
 					},
 				),
@ -1391,18 +1394,20 @@ func Test_AppIDsPrepare(t *testing.T) {
 			object: []string{"app-id"},
 		},
 		{
-			name:    "prepareAppIDsQuery multiple result",
-			prepare: prepareAppIDsQuery,
+			name:    "prepareClientIDsQuery multiple result",
+			prepare: prepareClientIDsQuery,
 			want: want{
 				sqlExpectations: mockQueries(
 					expectedAppIDsQuery,
-					[]string{"id"},
+					[]string{"client_id", "client_id"},
 					[][]driver.Value{
 						{
+							nil,
 							"oidc-app-id",
 						},
 						{
 							"api-app-id",
+							nil,
 						},
 					},
 				),
@ -1410,8 +1415,8 @@ func Test_AppIDsPrepare(t *testing.T) {
 			object: []string{"oidc-app-id", "api-app-id"},
 		},
 		{
-			name:    "prepareAppIDsQuery sql err",
-			prepare: prepareAppIDsQuery,
+			name:    "prepareClientIDsQuery sql err",
+			prepare: prepareClientIDsQuery,
 			want: want{
 				sqlExpectations: mockQueryErr(
 					expectedAppIDsQuery,
--- a/internal/query/projection/app.go
+++ b/internal/query/projection/app.go
@ -4,13 +4,14 @@ import (
 	"context"

 	"github.com/caos/logging"
+	"github.com/lib/pq"
+
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/errors"
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/handler"
 	"github.com/caos/zitadel/internal/eventstore/handler/crdb"
 	"github.com/caos/zitadel/internal/repository/project"
-	"github.com/lib/pq"
 )

 type AppProjection struct {
@ -152,6 +153,9 @@ func (p *AppProjection) reduceAppChanged(event eventstore.EventReader) (*handler
 		logging.LogWithFields("HANDL-4Fjh2", "seq", event.Sequence(), "expectedType", project.ApplicationChangedType).Error("wrong event type")
 		return nil, errors.ThrowInvalidArgument(nil, "HANDL-ZJ8JA", "reduce.wrong.event.type")
 	}
+	if e.Name == "" {
+		return crdb.NewNoOpStatement(event), nil
+	}
 	return crdb.NewUpdateStatement(
 		e,
 		[]handler.Column{