From 3301a48750168616b7efe118ebdb096fe58f8a11 Mon Sep 17 00:00:00 2001
From: garrettmills <shout@garrettmills.dev>
Date: Thu, 15 Apr 2021 13:50:48 -0500
Subject: [PATCH] Track oidc authorizations by app, not client

---
 app/controllers/OpenID.controller.js | 6 +++---
 app/routing/routers/openid.routes.js | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/controllers/OpenID.controller.js b/app/controllers/OpenID.controller.js
index 196f635..bddc62c 100644
--- a/app/controllers/OpenID.controller.js
+++ b/app/controllers/OpenID.controller.js
@@ -176,7 +176,7 @@ class OpenIDController extends Controller {
                     {
                         text: req.T('common.grant'),
                         action: 'redirect',
-                        next: `/openid/grant-and-save/${params.client_id}/${uid.toLowerCase()}`,
+                        next: `/openid/grant-and-save/${application.id}/${uid.toLowerCase()}`,
                     },
                     {
                         text: req.T('common.grant_once'),
@@ -189,9 +189,9 @@ class OpenIDController extends Controller {
     }
 
     async grant_and_save(req, res, next) {
-        if ( !req.user.has_authorized({ client_id: req.params.client_id }) ) {
+        if ( !req.user.has_authorized({ client_id: req.params.app_id }) ) {
             req.user.authorize({
-                client_id: req.params.client_id,
+                client_id: req.params.app_id,
                 api_scopes: ['openid-connect'],
             })
 
diff --git a/app/routing/routers/openid.routes.js b/app/routing/routers/openid.routes.js
index b8ce43d..079be50 100644
--- a/app/routing/routers/openid.routes.js
+++ b/app/routing/routers/openid.routes.js
@@ -7,7 +7,7 @@ const openid = {
     ],
 
     get: {
-        '/grant-and-save/:client_id/:uid': [
+        '/grant-and-save/:app_id/:uid': [
             'middleware::auth:UserOnly', 'controller::OpenID.grant_and_save',
         ],
         '/interaction/:uid': [