fix: remove unique constraint on OAuth2 provider app names (#18669)

# Remove unique constraint on OAuth2 provider app names This PR removes the unique constraint on the `name` field in the `oauth2_provider_apps` table to comply with RFC 7591, which only requires unique client IDs, not unique client names. Changes include: - Removing the unique constraint from the database schema - Adding migration files for both up and down migrations - Removing the name uniqueness check in the in-memory database implementation - Updating the unique constraint constants Change-Id: Iae7a1a06546fbc8de541a52e291f8a4510d57e8a Signed-off-by: Thomas Kosiewski <tk@coder.com>
2025-07-13 21:36:50 +00:00 · 2025-07-03 19:13:13 +02:00
parent 90a875d916
commit 60b08f0960
6 changed files with 66 additions and 27 deletions
--- a/coderd/database/migrations/000348_remove_oauth2_app_name_unique_constraint.down.sql
+++ b/coderd/database/migrations/000348_remove_oauth2_app_name_unique_constraint.down.sql
@ -0,0 +1,3 @@
+-- Restore unique constraint on oauth2_provider_apps.name for rollback
+-- Note: This rollback may fail if duplicate names exist in the database
+ALTER TABLE oauth2_provider_apps ADD CONSTRAINT oauth2_provider_apps_name_key UNIQUE (name);
--- a/coderd/database/migrations/000348_remove_oauth2_app_name_unique_constraint.up.sql
+++ b/coderd/database/migrations/000348_remove_oauth2_app_name_unique_constraint.up.sql
@ -0,0 +1,3 @@
+-- Remove unique constraint on oauth2_provider_apps.name to comply with RFC 7591
+-- RFC 7591 does not require unique client names, only unique client IDs
+ALTER TABLE oauth2_provider_apps DROP CONSTRAINT oauth2_provider_apps_name_key;