Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-22521

OAuth2: we shouldn't be able to register 2 clients with the same id

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 9.2
    • Component/s: OAuth

      Description

      Currently, nothing is preventing this when going through the JSF UI.
      Possible solutions:
      1. Add a JSF validation.
      2. Use the clientId as a primary key in the oauth2Clients directory (currently the primary key is the autoincremented id field).

      The problem with 1. is that it will only work for JSF, not for Web UI, the REST API or any other way of creating an entry in the directory.

      The only good way seems to be 2. but it means breaking some existing data.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 3 hours
                  3h

                    PagerDuty

                    Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.