diff --git a/crates/cli/src/sync.rs b/crates/cli/src/sync.rs index 36f9568e8..9cc94d2b0 100644 --- a/crates/cli/src/sync.rs +++ b/crates/cli/src/sync.rs @@ -357,6 +357,7 @@ pub async fn config_sync( } let client_secret = client.client_secret.as_deref(); + let client_name = client.client_name.as_ref(); let client_auth_method = client.client_auth_method(); let jwks = client.jwks.as_ref(); let jwks_uri = client.jwks_uri.as_ref(); @@ -369,6 +370,7 @@ pub async fn config_sync( repo.oauth2_client() .upsert_static( client.client_id, + client_name.cloned(), client_auth_method, encrypted_client_secret, jwks.cloned(), diff --git a/crates/config/src/sections/clients.rs b/crates/config/src/sections/clients.rs index 84aa55a22..2a0469677 100644 --- a/crates/config/src/sections/clients.rs +++ b/crates/config/src/sections/clients.rs @@ -79,6 +79,10 @@ pub struct ClientConfig { /// Authentication method used for this client client_auth_method: ClientAuthMethodConfig, + /// Name of the `OAuth2` client + #[serde(skip_serializing_if = "Option::is_none")] + pub client_name: Option, + /// The client secret, used by the `client_secret_basic`, /// `client_secret_post` and `client_secret_jwt` authentication methods #[serde(skip_serializing_if = "Option::is_none")] diff --git a/crates/storage-pg/.sqlx/query-5236305c49b1ee99a00e32df3727ebe97b523b6836e1696d8b8e2a0ef70bfa44.json b/crates/storage-pg/.sqlx/query-5236305c49b1ee99a00e32df3727ebe97b523b6836e1696d8b8e2a0ef70bfa44.json deleted file mode 100644 index 23b06789c..000000000 --- a/crates/storage-pg/.sqlx/query-5236305c49b1ee99a00e32df3727ebe97b523b6836e1696d8b8e2a0ef70bfa44.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "db_name": "PostgreSQL", - "query": "\n INSERT INTO oauth2_clients\n ( oauth2_client_id\n , encrypted_client_secret\n , redirect_uris\n , grant_type_authorization_code\n , grant_type_refresh_token\n , grant_type_client_credentials\n , grant_type_device_code\n , token_endpoint_auth_method\n , jwks\n , jwks_uri\n , is_static\n )\n VALUES\n ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, TRUE)\n ON CONFLICT (oauth2_client_id)\n DO\n UPDATE SET encrypted_client_secret = EXCLUDED.encrypted_client_secret\n , redirect_uris = EXCLUDED.redirect_uris\n , grant_type_authorization_code = EXCLUDED.grant_type_authorization_code\n , grant_type_refresh_token = EXCLUDED.grant_type_refresh_token\n , grant_type_client_credentials = EXCLUDED.grant_type_client_credentials\n , grant_type_device_code = EXCLUDED.grant_type_device_code\n , token_endpoint_auth_method = EXCLUDED.token_endpoint_auth_method\n , jwks = EXCLUDED.jwks\n , jwks_uri = EXCLUDED.jwks_uri\n , is_static = TRUE\n ", - "describe": { - "columns": [], - "parameters": { - "Left": [ - "Uuid", - "Text", - "TextArray", - "Bool", - "Bool", - "Bool", - "Bool", - "Text", - "Jsonb", - "Text" - ] - }, - "nullable": [] - }, - "hash": "5236305c49b1ee99a00e32df3727ebe97b523b6836e1696d8b8e2a0ef70bfa44" -} diff --git a/crates/storage-pg/.sqlx/query-da02f93d7346992a9795f12b900f91ac0b326dd751c0d374d6ef4d19f671d22e.json b/crates/storage-pg/.sqlx/query-da02f93d7346992a9795f12b900f91ac0b326dd751c0d374d6ef4d19f671d22e.json new file mode 100644 index 000000000..378ca2d78 --- /dev/null +++ b/crates/storage-pg/.sqlx/query-da02f93d7346992a9795f12b900f91ac0b326dd751c0d374d6ef4d19f671d22e.json @@ -0,0 +1,24 @@ +{ + "db_name": "PostgreSQL", + "query": "\n INSERT INTO oauth2_clients\n ( oauth2_client_id\n , encrypted_client_secret\n , redirect_uris\n , grant_type_authorization_code\n , grant_type_refresh_token\n , grant_type_client_credentials\n , grant_type_device_code\n , token_endpoint_auth_method\n , jwks\n , client_name\n , jwks_uri\n , is_static\n )\n VALUES\n ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, TRUE)\n ON CONFLICT (oauth2_client_id)\n DO\n UPDATE SET encrypted_client_secret = EXCLUDED.encrypted_client_secret\n , redirect_uris = EXCLUDED.redirect_uris\n , grant_type_authorization_code = EXCLUDED.grant_type_authorization_code\n , grant_type_refresh_token = EXCLUDED.grant_type_refresh_token\n , grant_type_client_credentials = EXCLUDED.grant_type_client_credentials\n , grant_type_device_code = EXCLUDED.grant_type_device_code\n , token_endpoint_auth_method = EXCLUDED.token_endpoint_auth_method\n , jwks = EXCLUDED.jwks\n , client_name = EXCLUDED.client_name\n , jwks_uri = EXCLUDED.jwks_uri\n , is_static = TRUE\n ", + "describe": { + "columns": [], + "parameters": { + "Left": [ + "Uuid", + "Text", + "TextArray", + "Bool", + "Bool", + "Bool", + "Bool", + "Text", + "Jsonb", + "Text", + "Text" + ] + }, + "nullable": [] + }, + "hash": "da02f93d7346992a9795f12b900f91ac0b326dd751c0d374d6ef4d19f671d22e" +} diff --git a/crates/storage-pg/.sqlx/query-fcd8b4b9e003d1540357c6bf1ff9c715560d011d4c01112703a9c046170c84f1.json b/crates/storage-pg/.sqlx/query-fcd8b4b9e003d1540357c6bf1ff9c715560d011d4c01112703a9c046170c84f1.json index f5503fa0e..ef1ac0372 100644 --- a/crates/storage-pg/.sqlx/query-fcd8b4b9e003d1540357c6bf1ff9c715560d011d4c01112703a9c046170c84f1.json +++ b/crates/storage-pg/.sqlx/query-fcd8b4b9e003d1540357c6bf1ff9c715560d011d4c01112703a9c046170c84f1.json @@ -23,7 +23,7 @@ "Left": [] }, "nullable": [ - false, + true, true, null ] diff --git a/crates/storage-pg/src/oauth2/client.rs b/crates/storage-pg/src/oauth2/client.rs index 02e57a01a..60e1ebb54 100644 --- a/crates/storage-pg/src/oauth2/client.rs +++ b/crates/storage-pg/src/oauth2/client.rs @@ -554,6 +554,7 @@ impl OAuth2ClientRepository for PgOAuth2ClientRepository<'_> { async fn upsert_static( &mut self, client_id: Ulid, + client_name: Option, client_auth_method: OAuthClientAuthenticationMethod, encrypted_client_secret: Option, jwks: Option, @@ -581,11 +582,12 @@ impl OAuth2ClientRepository for PgOAuth2ClientRepository<'_> { , grant_type_device_code , token_endpoint_auth_method , jwks + , client_name , jwks_uri , is_static ) VALUES - ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, TRUE) + ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, TRUE) ON CONFLICT (oauth2_client_id) DO UPDATE SET encrypted_client_secret = EXCLUDED.encrypted_client_secret @@ -596,6 +598,7 @@ impl OAuth2ClientRepository for PgOAuth2ClientRepository<'_> { , grant_type_device_code = EXCLUDED.grant_type_device_code , token_endpoint_auth_method = EXCLUDED.token_endpoint_auth_method , jwks = EXCLUDED.jwks + , client_name = EXCLUDED.client_name , jwks_uri = EXCLUDED.jwks_uri , is_static = TRUE "#, @@ -608,6 +611,7 @@ impl OAuth2ClientRepository for PgOAuth2ClientRepository<'_> { true, client_auth_method, jwks_json, + client_name, jwks_uri.as_ref().map(Url::as_str), ) .traced() @@ -633,7 +637,7 @@ impl OAuth2ClientRepository for PgOAuth2ClientRepository<'_> { GrantType::RefreshToken, GrantType::ClientCredentials, ], - client_name: None, + client_name, logo_uri: None, client_uri: None, policy_uri: None, diff --git a/crates/storage/src/oauth2/client.rs b/crates/storage/src/oauth2/client.rs index aa5a82a2a..33b92d189 100644 --- a/crates/storage/src/oauth2/client.rs +++ b/crates/storage/src/oauth2/client.rs @@ -157,6 +157,7 @@ pub trait OAuth2ClientRepository: Send + Sync { async fn upsert_static( &mut self, client_id: Ulid, + client_name: Option, client_auth_method: OAuthClientAuthenticationMethod, encrypted_client_secret: Option, jwks: Option, @@ -237,6 +238,7 @@ repository_impl!(OAuth2ClientRepository: async fn upsert_static( &mut self, client_id: Ulid, + client_name: Option, client_auth_method: OAuthClientAuthenticationMethod, encrypted_client_secret: Option, jwks: Option, diff --git a/docs/config.schema.json b/docs/config.schema.json index 165cf947d..313e672c5 100644 --- a/docs/config.schema.json +++ b/docs/config.schema.json @@ -239,6 +239,10 @@ } ] }, + "client_name": { + "description": "Name of the `OAuth2` client", + "type": "string" + }, "client_secret": { "description": "The client secret, used by the `client_secret_basic`, `client_secret_post` and `client_secret_jwt` authentication methods", "type": "string"