feat: allow custom client IDs (#864)

2026-03-31 03:36:36 +00:00 · 2025-08-23 18:41:05 +02:00
parent 625f235740
commit a5efb95065
15 changed files with 151 additions and 56 deletions
--- a/backend/internal/service/oidc_service.go
+++ b/backend/internal/service/oidc_service.go
@@ -670,22 +670,28 @@ func (s *OidcService) ListClients(ctx context.Context, name string, sortedPagina

 func (s *OidcService) CreateClient(ctx context.Context, input dto.OidcClientCreateDto, userID string) (model.OidcClient, error) {
 	client := model.OidcClient{
+		Base: model.Base{
+			ID: input.ID,
+		},
 		CreatedByID: utils.Ptr(userID),
 	}
-	updateOIDCClientModelFromDto(&client, &input)
+	updateOIDCClientModelFromDto(&client, &input.OidcClientUpdateDto)

 	err := s.db.
 		WithContext(ctx).
 		Create(&client).
 		Error
 	if err != nil {
+		if errors.Is(err, gorm.ErrDuplicatedKey) {
+			return model.OidcClient{}, &common.ClientIdAlreadyExistsError{}
+		}
 		return model.OidcClient{}, err
 	}

 	return client, nil
 }

-func (s *OidcService) UpdateClient(ctx context.Context, clientID string, input dto.OidcClientCreateDto) (model.OidcClient, error) {
+func (s *OidcService) UpdateClient(ctx context.Context, clientID string, input dto.OidcClientUpdateDto) (model.OidcClient, error) {
 	tx := s.db.Begin()
 	defer func() {
 		tx.Rollback()
@@ -719,7 +725,7 @@ func (s *OidcService) UpdateClient(ctx context.Context, clientID string, input d
 	return client, nil
 }

-func updateOIDCClientModelFromDto(client *model.OidcClient, input *dto.OidcClientCreateDto) {
+func updateOIDCClientModelFromDto(client *model.OidcClient, input *dto.OidcClientUpdateDto) {
 	// Base fields
 	client.Name = input.Name
 	client.CallbackURLs = input.CallbackURLs
--- a/backend/internal/service/oidc_service_test.go
+++ b/backend/internal/service/oidc_service_test.go
@@ -171,8 +171,10 @@ func TestOidcService_verifyClientCredentialsInternal(t *testing.T) {
 	// Create the test clients
 	// 1. Confidential client
 	confidentialClient, err := s.CreateClient(t.Context(), dto.OidcClientCreateDto{
-		Name:         "Confidential Client",
-		CallbackURLs: []string{"https://example.com/callback"},
+		OidcClientUpdateDto: dto.OidcClientUpdateDto{
+			Name:         "Confidential Client",
+			CallbackURLs: []string{"https://example.com/callback"},
+		},
 	}, "test-user-id")
 	require.NoError(t, err)

@@ -182,20 +184,24 @@ func TestOidcService_verifyClientCredentialsInternal(t *testing.T) {

 	// 2. Public client
 	publicClient, err := s.CreateClient(t.Context(), dto.OidcClientCreateDto{
-		Name:         "Public Client",
-		CallbackURLs: []string{"https://example.com/callback"},
-		IsPublic:     true,
+		OidcClientUpdateDto: dto.OidcClientUpdateDto{
+			Name:         "Public Client",
+			CallbackURLs: []string{"https://example.com/callback"},
+			IsPublic:     true,
+		},
 	}, "test-user-id")
 	require.NoError(t, err)

 	// 3. Confidential client with federated identity
 	federatedClient, err := s.CreateClient(t.Context(), dto.OidcClientCreateDto{
-		Name:         "Federated Client",
-		CallbackURLs: []string{"https://example.com/callback"},
+		OidcClientUpdateDto: dto.OidcClientUpdateDto{
+			Name:         "Federated Client",
+			CallbackURLs: []string{"https://example.com/callback"},
+		},
 	}, "test-user-id")
 	require.NoError(t, err)

-	federatedClient, err = s.UpdateClient(t.Context(), federatedClient.ID, dto.OidcClientCreateDto{
+	federatedClient, err = s.UpdateClient(t.Context(), federatedClient.ID, dto.OidcClientUpdateDto{
 		Name:         federatedClient.Name,
 		CallbackURLs: federatedClient.CallbackURLs,
 		Credentials: dto.OidcClientCredentialsDto{