u

ory · Jun 17, 2022 · b7fea62 · b7fea62
1 parent 92236d9
commit b7fea62
Show file tree

Hide file tree

Showing 44 changed files with 913 additions and 1,018 deletions.
diff --git a/client/.snapshots/TestClientSDK-case=id_can_not_be_set.json b/client/.snapshots/TestClientSDK-case=id_can_not_be_set.json
@@ -0,0 +1,6 @@
+{
+ "Payload": {
+ "error": "The request was malformed or contained invalid parameters",
+ "error_description": "It is no longer possible to set an OAuth2 Client ID as a user. The system will generate a unique ID for you."
+ }
+}
diff --git a/...s/TestHandler-common-case=create_clients-case=1-description=basic_admin_registration.json b/...s/TestHandler-common-case=create_clients-case=1-description=basic_admin_registration.json
@@ -1,5 +1,4 @@
 {
- "client_id": "0f1bb84e-4405-4e93-950b-cdae88c5dbf6",
  "client_name": "",
  "client_secret": "averylongsecret",
  "redirect_uris": [
@@ -23,6 +22,5 @@
  "userinfo_signed_response_alg": "none",
  "metadata": {
  "foo": "bar"
- },
- "registration_client_uri": "http://localhost:4444/oauth2/register/0f1bb84e-4405-4e93-950b-cdae88c5dbf6"
+ }
 }
diff --git a/.../.snapshots/TestHandler-common-case=create_clients-case=4-description=non-uuid_fails.json b/.../.snapshots/TestHandler-common-case=create_clients-case=4-description=non-uuid_fails.json
@@ -1,4 +1,4 @@
 {
  "error": "The request was malformed or contained invalid parameters",
- "error_description": "Only UUID V4 (e.g. 8dcd6868-e294-4180-aa36-fbad26de79a6) can be chosen as OAuth2 Client IDs but got: not-a-uuid"
+ "error_description": "It is no longer possible to set an OAuth2 Client ID as a user. The system will generate a unique ID for you."
 }
diff --git a/...dler-common-case=create_clients-case=5-description=basic_dynamic_client_registration.json b/...dler-common-case=create_clients-case=5-description=basic_dynamic_client_registration.json
diff --git a/...ts/TestHandler-common-case=create_clients-case=5-description=setting_client_id_fails.json b/...ts/TestHandler-common-case=create_clients-case=5-description=setting_client_id_fails.json
@@ -0,0 +1,4 @@
+{
+ "error": "The request was malformed or contained invalid parameters",
+ "error_description": "It is no longer possible to set an OAuth2 Client ID as a user. The system will generate a unique ID for you."
+}
diff --git a/...on=basic_dynamic_client_registration.json → ...on=basic_dynamic_client_registration.json b/...on=basic_dynamic_client_registration.json → ...on=basic_dynamic_client_registration.json
diff --git a/...case=6-description=empty_ID_succeeds.json → ...case=7-description=empty_ID_succeeds.json b/...case=6-description=empty_ID_succeeds.json → ...case=7-description=empty_ID_succeeds.json
diff --git a/client/.snapshots/TestHandler-common-case=fetching_existing_client-endpoint=admin.json b/client/.snapshots/TestHandler-common-case=fetching_existing_client-endpoint=admin.json
@@ -1,6 +1,5 @@
 {
  "body": {
- "client_id": "0e837115-5105-4da7-a85e-ac286c2ef50e",
  "client_name": "",
  "redirect_uris": [
  "http://localhost:3000/cb"

diff --git a/client/.snapshots/TestHandler-common-case=fetching_existing_client-endpoint=selfservice.json b/client/.snapshots/TestHandler-common-case=fetching_existing_client-endpoint=selfservice.json
@@ -1,6 +1,5 @@
 {
  "body": {
- "client_id": "0e837115-5105-4da7-a85e-ac286c2ef50e",
  "client_name": "",
  "redirect_uris": [
  "http://localhost:3000/cb"

diff --git a/client/.snapshots/TestHandler-common-case=updating_existing_client-endpoint=admin.json b/client/.snapshots/TestHandler-common-case=updating_existing_client-endpoint=admin.json
@@ -1,6 +1,5 @@
 {
  "body": {
- "client_id": "c614c65a-72f3-4dd4-8217-f4c6343533dc",
  "client_name": "",
  "client_secret": "averylongsecret",
  "redirect_uris": [

diff --git a/...estHandler-common-case=updating_existing_client-endpoint=dynamic_client_registration.json b/...estHandler-common-case=updating_existing_client-endpoint=dynamic_client_registration.json
@@ -1,6 +1,5 @@
 {
  "body": {
- "client_id": "b33d7cff-ecc9-4acf-9ce7-67436bc763d4",
  "client_name": "",
  "redirect_uris": [
  "http://localhost:3000/cb",

diff --git a/...stration_tokens-case=0-dynamic=false.json → ...istration_tokens-case=0-dynamic=true.json b/...stration_tokens-case=0-dynamic=false.json → ...istration_tokens-case=0-dynamic=true.json
diff --git a/...istration_tokens-case=1-dynamic=true.json → ...stration_tokens-case=1-dynamic=false.json b/...istration_tokens-case=1-dynamic=true.json → ...stration_tokens-case=1-dynamic=false.json
diff --git a/client/.snapshots/TestHandler-create_client_registration_tokens-case=2-dynamic=false.json b/client/.snapshots/TestHandler-create_client_registration_tokens-case=2-dynamic=false.json
@@ -1,5 +1,6 @@
 {
  "client_name": "",
+ "client_secret": "01bbf13a-ae3e-44d5-b4b4-dd78137041be",
  "redirect_uris": null,
  "grant_types": null,
  "response_types": null,

diff --git a/client/.snapshots/TestHandler-create_client_registration_tokens-case=3-dynamic=false.json b/client/.snapshots/TestHandler-create_client_registration_tokens-case=3-dynamic=false.json
diff --git a/client/.snapshots/TestHandler-create_client_registration_tokens-case=4-dynamic=true.json b/client/.snapshots/TestHandler-create_client_registration_tokens-case=4-dynamic=true.json
diff --git a/client/client.go b/client/client.go
@@ -49,6 +49,8 @@ type Client struct {
  NID uuid.UUID `db:"nid" faker:"-" json:"-"`
 
  // ID is the id for this client.
+ //
+ // The ID is autogenerated and immutable.
  LegacyClientID string `json:"client_id" db:"id"`
 
  // DEPRECATED: This field is deprecated and will be removed. It serves

diff --git a/client/handler.go b/client/handler.go
@@ -28,8 +28,6 @@ import (
  "net/http"
  "time"
 
- "github.com/gofrs/uuid"
-
  "github.com/ory/x/uuidx"
 
  "github.com/ory/x/urlx"
@@ -152,26 +150,22 @@ func (h *Handler) CreateDynamicRegistration(w http.ResponseWriter, r *http.Reque
 
 func (h *Handler) CreateClient(r *http.Request, validator func(context.Context, *Client) error, isDynamic bool) (*Client, error) {
  var c Client
-
  if err := json.NewDecoder(r.Body).Decode(&c); err != nil {
  return nil, err
  }
 
  if isDynamic {
- c.LegacyClientID = ""
  if c.Secret != "" {
  return nil, errorsx.WithStack(herodot.ErrBadRequest.WithReasonf("It is not allowed to choose your own OAuth2 Client secret."))
  }
  }
 
- c.ID = uuidx.NewV4()
- if c.LegacyClientID == "" {
- c.LegacyClientID = c.ID.String()
+ if len(c.LegacyClientID) > 0 {
+ return nil, errorsx.WithStack(herodot.ErrBadRequest.WithReason("It is no longer possible to set an OAuth2 Client ID as a user. The system will generate a unique ID for you."))
  }
 
- if _, err := uuid.FromString(c.LegacyClientID); err != nil {
- return nil, errorsx.WithStack(herodot.ErrBadRequest.WithReasonf("Only UUID V4 (e.g. 8dcd6868-e294-4180-aa36-fbad26de79a6) can be chosen as OAuth2 Client IDs but got: %s", c.LegacyClientID))
- }
+ c.ID = uuidx.NewV4()
+ c.LegacyClientID = c.ID.String()
 
  if len(c.Secret) == 0 {
  secretb, err := x.GenerateSecret(26)
@@ -497,7 +491,6 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par
 // default: jsonError
 func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
  var id = ps.ByName("id")
-
  c, err := h.r.ClientManager().GetConcreteClient(r.Context(), id)
  if err != nil {
  h.r.Writer().WriteError(w, r, err)