fix(oidc apps): correctly remove last additional origin, redirect uri and post logout redirect uri (#9209)

# Which Problems Are Solved A customer reached out to support, that the (last) `additional origin` could not be removed. While testing / implementation it was discovered, that the same applied to `redirect_uris` and `post_logout_redirect_uris` # How the Problems Are Solved - Correctly set the corresponding array to empty in the event so it can be differentiated to `null` / not set in case of no change. # Additional Changes Replaced `reflect.DeepEqual` with `slices.Equal` # Additional Context - Reported to support
2025-08-11 18:57:32 +00:00 · 2025-01-22 08:37:37 +01:00
parent 1915d35605
commit c9aa5db2a5
2 changed files with 18 additions and 6 deletions
--- a/internal/command/project_application_oidc_model.go
+++ b/internal/command/project_application_oidc_model.go
@@ -2,7 +2,7 @@ package command

 import (
 	"context"
-	"reflect"
+	"slices"
 	"time"

 	"github.com/zitadel/zitadel/internal/crypto"
@@ -276,13 +276,13 @@ func (wm *OIDCApplicationWriteModel) NewChangedEvent(
 	changes := make([]project.OIDCConfigChanges, 0)
 	var err error

-	if !reflect.DeepEqual(wm.RedirectUris, redirectURIS) {
+	if !slices.Equal(wm.RedirectUris, redirectURIS) {
 		changes = append(changes, project.ChangeRedirectURIs(redirectURIS))
 	}
-	if !reflect.DeepEqual(wm.ResponseTypes, responseTypes) {
+	if !slices.Equal(wm.ResponseTypes, responseTypes) {
 		changes = append(changes, project.ChangeResponseTypes(responseTypes))
 	}
-	if !reflect.DeepEqual(wm.GrantTypes, grantTypes) {
+	if !slices.Equal(wm.GrantTypes, grantTypes) {
 		changes = append(changes, project.ChangeGrantTypes(grantTypes))
 	}
 	if wm.ApplicationType != appType {
@@ -291,7 +291,7 @@ func (wm *OIDCApplicationWriteModel) NewChangedEvent(
 	if wm.AuthMethodType != authMethodType {
 		changes = append(changes, project.ChangeAuthMethodType(authMethodType))
 	}
-	if !reflect.DeepEqual(wm.PostLogoutRedirectUris, postLogoutRedirectURIs) {
+	if !slices.Equal(wm.PostLogoutRedirectUris, postLogoutRedirectURIs) {
 		changes = append(changes, project.ChangePostLogoutRedirectURIs(postLogoutRedirectURIs))
 	}
 	if wm.OIDCVersion != oidcVersion {
@@ -315,7 +315,7 @@ func (wm *OIDCApplicationWriteModel) NewChangedEvent(
 	if wm.ClockSkew != clockSkew {
 		changes = append(changes, project.ChangeClockSkew(clockSkew))
 	}
-	if !reflect.DeepEqual(wm.AdditionalOrigins, additionalOrigins) {
+	if !slices.Equal(wm.AdditionalOrigins, additionalOrigins) {
 		changes = append(changes, project.ChangeAdditionalOrigins(additionalOrigins))
 	}
 	if wm.SkipNativeAppSuccessPage != skipNativeAppSuccessPage {