search

openiddict / openiddict-core

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET
https://openiddict.com/
Apache License 2.0
4.43k stars 520 forks source link

Possible bug: ClientId and Scope Name are not unique #2156

Closed nachoRSK closed 3 months ago

nachoRSK commented 3 months ago

Confirm you've already contributed to this project or that you sponsor it

Version

5.6.0

Question

Hi, I don't know if this is a bug or if there is a reason for it. I have noticed that after running EF Core migrations, the ClientId and the Scope name columns are not constrained to be unique. Is there a reason for this?

I used the Velusia sample, but the one responsible for this seems to be the OpenIddictEFCore package.

kevinchalet commented 3 months ago

Hi @nachoRSK,

I don't know if this is a bug or if there is a reason for it. I have noticed that after running EF Core migrations, the ClientId and the Scope name columns are not constrained to be unique. Is there a reason for this?

What provider are you using? I tried to reproduce that locally with SQLite and SQL Server but in both cases, the indexes seem to be correctly created:

SQLite:

CREATE UNIQUE INDEX "IX_OpenIddictApplications_ClientId" ON "OpenIddictApplications" ("ClientId")
CREATE UNIQUE INDEX "IX_OpenIddictScopes_Name" ON "OpenIddictScopes" ("Name")

SQL Server:

CREATE UNIQUE NONCLUSTERED INDEX [IX_OpenIddictApplications_ClientId]
    ON [dbo].[OpenIddictApplications]([ClientId] ASC) WHERE ([ClientId] IS NOT NULL);
CREATE UNIQUE NONCLUSTERED INDEX [IX_OpenIddictScopes_Name]
    ON [dbo].[OpenIddictScopes]([Name] ASC) WHERE ([Name] IS NOT NULL);
nachoRSK commented 3 months ago

I'm sorry; I was looking at the constraints all the time, and I missed the indexes. Many thanks for the quick response.

kevinchalet commented 3 months ago

No problem 😄