From 3fd38ed1075f77dd244f2dde089b1a99559e7304 Mon Sep 17 00:00:00 2001
From: Julien Veyssier <julien-nc@posteo.net>
Date: Mon, 16 Jan 2023 09:35:51 +0100
Subject: [PATCH 1/3] avoid empty string for scope when inserting/updating
 because oracle replaces it with null

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
---
 lib/Controller/LoginController.php    | 3 ++-
 lib/Controller/SettingsController.php | 8 ++++----
 lib/Db/Provider.php                   | 2 +-
 lib/Db/ProviderMapper.php             | 4 ++--
 4 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/lib/Controller/LoginController.php b/lib/Controller/LoginController.php
index b3814546..e488da88 100644
--- a/lib/Controller/LoginController.php
+++ b/lib/Controller/LoginController.php
@@ -260,10 +260,11 @@ public function login(int $providerId, string $redirectUrl = null) {
 			}
 		}
 
+		$scope = $provider->getScope();
 		$data = [
 			'client_id' => $provider->getClientId(),
 			'response_type' => 'code',
-			'scope' => $provider->getScope(),
+			'scope' => $scope === ' ' ? '' : $scope,
 			'redirect_uri' => $this->urlGenerator->linkToRouteAbsolute(Application::APP_ID . '.login.code'),
 			'claims' => json_encode($claims),
 			'state' => $state,
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
index 6db2a12c..b2dd19fc 100644
--- a/lib/Controller/SettingsController.php
+++ b/lib/Controller/SettingsController.php
@@ -59,7 +59,7 @@ public function __construct(
 	}
 
 	public function createProvider(string $identifier, string $clientId, string $clientSecret, string $discoveryEndpoint,
-								   array $settings = [], string $scope = "openid email profile"): JSONResponse {
+								   array $settings = [], string $scope = 'openid email profile'): JSONResponse {
 		if ($this->providerService->getProviderByIdentifier($identifier) !== null) {
 			return new JSONResponse(['message' => 'Provider with the given identifier already exists'], Http::STATUS_CONFLICT);
 		}
@@ -69,7 +69,7 @@ public function createProvider(string $identifier, string $clientId, string $cli
 		$provider->setClientId($clientId);
 		$provider->setClientSecret($clientSecret);
 		$provider->setDiscoveryEndpoint($discoveryEndpoint);
-		$provider->setScope($scope);
+		$provider->setScope($scope ?: ' ');
 		$provider = $this->providerMapper->insert($provider);
 
 		$providerSettings = $this->providerService->setSettings($provider->getId(), $settings);
@@ -78,7 +78,7 @@ public function createProvider(string $identifier, string $clientId, string $cli
 	}
 
 	public function updateProvider(int $providerId, string $identifier, string $clientId, string $discoveryEndpoint, string $clientSecret = null,
-								   array $settings = [], string $scope = "openid email profile"): JSONResponse {
+								   array $settings = [], string $scope = 'openid email profile'): JSONResponse {
 		$provider = $this->providerMapper->getProvider($providerId);
 
 		if ($this->providerService->getProviderByIdentifier($identifier) === null) {
@@ -91,7 +91,7 @@ public function updateProvider(int $providerId, string $identifier, string $clie
 			$provider->setClientSecret($clientSecret);
 		}
 		$provider->setDiscoveryEndpoint($discoveryEndpoint);
-		$provider->setScope($scope);
+		$provider->setScope($scope ?: ' ');
 		$provider = $this->providerMapper->update($provider);
 
 		$providerSettings = $this->providerService->setSettings($providerId, $settings);
diff --git a/lib/Db/Provider.php b/lib/Db/Provider.php
index c4169919..a7a0c695 100644
--- a/lib/Db/Provider.php
+++ b/lib/Db/Provider.php
@@ -63,7 +63,7 @@ public function jsonSerialize() {
 			'identifier' => $this->identifier,
 			'clientId' => $this->clientId,
 			'discoveryEndpoint' => $this->discoveryEndpoint,
-			'scope' => $this->scope,
+			'scope' => trim($this->scope),
 		];
 	}
 }
diff --git a/lib/Db/ProviderMapper.php b/lib/Db/ProviderMapper.php
index 9c841e4d..84497f70 100644
--- a/lib/Db/ProviderMapper.php
+++ b/lib/Db/ProviderMapper.php
@@ -114,7 +114,7 @@ public function createOrUpdateProvider(string $identifier, string $clientid = nu
 			$provider->setClientId($clientid);
 			$provider->setClientSecret($clientsecret);
 			$provider->setDiscoveryEndpoint($discoveryuri);
-			$provider->setScope($scope);
+			$provider->setScope($scope ?: ' ');
 			return $this->insert($provider);
 		} else {
 			if ($clientid !== null) {
@@ -126,7 +126,7 @@ public function createOrUpdateProvider(string $identifier, string $clientid = nu
 			if ($discoveryuri !== null) {
 				$provider->setDiscoveryEndpoint($discoveryuri);
 			}
-			$provider->setScope($scope);
+			$provider->setScope($scope ?: ' ');
 			return $this->update($provider);
 		}
 	}

From f940c0399de3ec557bb4d33c85a1c954f15a01ea Mon Sep 17 00:00:00 2001
From: Julien Veyssier <julien-nc@posteo.net>
Date: Fri, 10 Mar 2023 15:05:51 +0100
Subject: [PATCH 2/3] define custom getScope in provider entity to avoid
 getting empty string

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
---
 lib/Controller/LoginController.php    | 3 +--
 lib/Controller/SettingsController.php | 4 ++--
 lib/Db/Provider.php                   | 8 +++++++-
 lib/Db/ProviderMapper.php             | 4 ++--
 4 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/lib/Controller/LoginController.php b/lib/Controller/LoginController.php
index e488da88..8bb7ad86 100644
--- a/lib/Controller/LoginController.php
+++ b/lib/Controller/LoginController.php
@@ -260,11 +260,10 @@ public function login(int $providerId, string $redirectUrl = null) {
 			}
 		}
 
-		$scope = $provider->getScope();
 		$data = [
 			'client_id' => $provider->getClientId(),
 			'response_type' => 'code',
-			'scope' => $scope === ' ' ? '' : $scope,
+			'scope' => trim($provider->getScope()),
 			'redirect_uri' => $this->urlGenerator->linkToRouteAbsolute(Application::APP_ID . '.login.code'),
 			'claims' => json_encode($claims),
 			'state' => $state,
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
index b2dd19fc..4a366cb9 100644
--- a/lib/Controller/SettingsController.php
+++ b/lib/Controller/SettingsController.php
@@ -69,7 +69,7 @@ public function createProvider(string $identifier, string $clientId, string $cli
 		$provider->setClientId($clientId);
 		$provider->setClientSecret($clientSecret);
 		$provider->setDiscoveryEndpoint($discoveryEndpoint);
-		$provider->setScope($scope ?: ' ');
+		$provider->setScope($scope);
 		$provider = $this->providerMapper->insert($provider);
 
 		$providerSettings = $this->providerService->setSettings($provider->getId(), $settings);
@@ -91,7 +91,7 @@ public function updateProvider(int $providerId, string $identifier, string $clie
 			$provider->setClientSecret($clientSecret);
 		}
 		$provider->setDiscoveryEndpoint($discoveryEndpoint);
-		$provider->setScope($scope ?: ' ');
+		$provider->setScope($scope);
 		$provider = $this->providerMapper->update($provider);
 
 		$providerSettings = $this->providerService->setSettings($providerId, $settings);
diff --git a/lib/Db/Provider.php b/lib/Db/Provider.php
index a7a0c695..9f08cf25 100644
--- a/lib/Db/Provider.php
+++ b/lib/Db/Provider.php
@@ -36,7 +36,6 @@
  * @method void setClientSecret(string $clientSecret)
  * @method string getDiscoveryEndpoint()
  * @method void setDiscoveryEndpoint(string $discoveryEndpoint)
- * @method string getScope()
  * @method void setScope(string $scope)
  */
 class Provider extends Entity implements \JsonSerializable {
@@ -56,6 +55,13 @@ class Provider extends Entity implements \JsonSerializable {
 	/** @var string */
 	protected $scope;
 
+	/**
+	 * @return string
+	 */
+	public function getScope(): string {
+		return $this->scope ?: ' ';
+	}
+
 	#[\ReturnTypeWillChange]
 	public function jsonSerialize() {
 		return [
diff --git a/lib/Db/ProviderMapper.php b/lib/Db/ProviderMapper.php
index 84497f70..9c841e4d 100644
--- a/lib/Db/ProviderMapper.php
+++ b/lib/Db/ProviderMapper.php
@@ -114,7 +114,7 @@ public function createOrUpdateProvider(string $identifier, string $clientid = nu
 			$provider->setClientId($clientid);
 			$provider->setClientSecret($clientsecret);
 			$provider->setDiscoveryEndpoint($discoveryuri);
-			$provider->setScope($scope ?: ' ');
+			$provider->setScope($scope);
 			return $this->insert($provider);
 		} else {
 			if ($clientid !== null) {
@@ -126,7 +126,7 @@ public function createOrUpdateProvider(string $identifier, string $clientid = nu
 			if ($discoveryuri !== null) {
 				$provider->setDiscoveryEndpoint($discoveryuri);
 			}
-			$provider->setScope($scope ?: ' ');
+			$provider->setScope($scope);
 			return $this->update($provider);
 		}
 	}

From 6e0b411adf64a6f13a921a18aee5632e1f5346dc Mon Sep 17 00:00:00 2001
From: Julien Veyssier <julien-nc@posteo.net>
Date: Fri, 10 Mar 2023 15:52:04 +0100
Subject: [PATCH 3/3] avoid triming null scope

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
---
 lib/Db/Provider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Db/Provider.php b/lib/Db/Provider.php
index 9f08cf25..2636ac95 100644
--- a/lib/Db/Provider.php
+++ b/lib/Db/Provider.php
@@ -69,7 +69,7 @@ public function jsonSerialize() {
 			'identifier' => $this->identifier,
 			'clientId' => $this->clientId,
 			'discoveryEndpoint' => $this->discoveryEndpoint,
-			'scope' => trim($this->scope),
+			'scope' => trim($this->getScope()),
 		];
 	}
 }