diff --git a/consent/handler.go b/consent/handler.go index b989ec9e389..4af6a9751a3 100644 --- a/consent/handler.go +++ b/consent/handler.go @@ -172,9 +172,9 @@ func (h *Handler) GetConsentSessions(w http.ResponseWriter, r *http.Request, ps h.H.WriteError(w, r, errors.WithStack(fosite.ErrInvalidRequest.WithDebug("Parameter user is not defined"))) return } - limit, offset := pagination.Parse(r, 100, 0, 500) - sessions, err := h.M.FindPreviouslyGrantedConsentRequestsByUser(r.Context(), user, limit, offset) + limit, offset := pagination.Parse(r, 100, 0, 500) + s, err := h.M.FindPreviouslyGrantedConsentRequestsByUser(r.Context(), user, limit, offset) if errors.Cause(err) == ErrNoPreviousConsentFound { h.H.Write(w, r, []PreviousConsentSession{}) return @@ -185,7 +185,7 @@ func (h *Handler) GetConsentSessions(w http.ResponseWriter, r *http.Request, ps var a []PreviousConsentSession - for _, session := range sessions { + for _, session := range s { session.ConsentRequest.Client = sanitizeClient(session.ConsentRequest.Client) a = append(a, PreviousConsentSession(session)) } diff --git a/consent/manager_sql.go b/consent/manager_sql.go index d8e2acf9ace..aae750a5dd1 100644 --- a/consent/manager_sql.go +++ b/consent/manager_sql.go @@ -409,7 +409,8 @@ WHERE r.subject=? AND r.client_id=? AND r.skip=FALSE AND (h.error='{}' AND h.remember=TRUE) -`), subject, client); err != nil { +ORDER BY h.requested_at +LIMIT 1`), subject, client); err != nil { if err == sql.ErrNoRows { return nil, errors.WithStack(ErrNoPreviousConsentFound) } @@ -430,6 +431,7 @@ WHERE r.subject=? AND r.skip=FALSE AND (h.error='{}' AND h.remember=TRUE) +ORDER BY h.requested_at LIMIT ? OFFSET ? `), subject, limit, offset); err != nil { return nil, sqlcon.HandleError(err)