Track oidc authorizations by app, not client

app/controllers/OpenID.controller.js

@@ -176,7 +176,7 @@ class OpenIDController extends Controller {
                     {
                         text: req.T('common.grant'),
                         action: 'redirect',
-                        next: `/openid/grant-and-save/${params.client_id}/${uid.toLowerCase()}`,
+                        next: `/openid/grant-and-save/${application.id}/${uid.toLowerCase()}`,
                     },
                     {
                         text: req.T('common.grant_once'),
@@ -189,9 +189,9 @@ class OpenIDController extends Controller {
     }
 
     async grant_and_save(req, res, next) {
-        if ( !req.user.has_authorized({ client_id: req.params.client_id }) ) {
+        if ( !req.user.has_authorized({ client_id: req.params.app_id }) ) {
             req.user.authorize({
-                client_id: req.params.client_id,
+                client_id: req.params.app_id,
                 api_scopes: ['openid-connect'],
             })