[Golang SDK] Hydra 1.10.6 PatchOAuth2Client always updates the client secret

[xiaofei-du]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [ ] This issue affects my Ory Cloud project.
• [X] I have joined the Ory Community Slack.
• [ ] I am signed up to the Ory Security Patch Newsletter.

Describe the bug

Hi, I am using the Golang SDK hydra-client-go v1.10.6, when I update a client's name, the client secret is also updated.

Expected result: Only the client name is updated.

Actual result: Both the client name and client secret are updated.

Reproducing the bug

My code:

op := "replace"
path := "/client_name"

r, e := client.Admin.PatchOAuth2Client(admin.NewPatchOAuth2ClientParams().WithID(id).WithBody(
    models.PatchRequest{{
    Op: &op,
    Path: &path,
    Value: "updated_client_name",
  }}))

The returned r.Payload.ClientSecret is not empty, and is updated to a random string like$2a$10$5hcxpBVqwgcSfm05Oxbr2uHflURwD.AUcICYmRwPTXRlSgqoCs33q.

I read the document saying

Patch an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated 
and returned via the API. This is the only time you will be able to retrieve the client secret, 
so write it down and keep it safe.

But still not sure if I am doing something wrong here. Did I accidentally pass the client_secret?

Relevant log output

No response

Relevant configuration

No response

Version

Golang SDK hydra-client-go v1.10.6

On which operating system are you observing this issue?

macOS

In which environment are you deploying?

No response

Additional Context

No response

[aeneasr]

Thank you for the report - that looks like a bug in Ory Hydra!

[xiaofei-du]

Thank you for the report - that looks like a bug in Ory Hydra!

Thanks for your quick reply. May I ask if this will be fixed soon? so I can decide whether to wait or not include this in my code.

[aeneasr]

It will be fixed at some point! Contributions welcomed :)

[xiaofei-du]

Just saw that this has been fixed in https://github.com/ory/hydra/issues/2869#issue-1061139829 by nice people 👍 !