From cf75dcc542eaea1f37926799e346f067e1cecd70 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?I=C3=B1igo=20Horcajo?= <i.horcajo@saltosystems.com>
Date: Wed, 28 Feb 2024 18:53:31 +0100
Subject: [PATCH] feat: add id parameter to create oauth2-client cli

fixes https://github.com/ory/hydra/issues/3724
---
 cmd/cmd_create_client.go | 1 +
 cmd/cmd_helper_client.go | 2 ++
 cmd/cmd_update_client.go | 3 +++
 3 files changed, 6 insertions(+)

diff --git a/cmd/cmd_create_client.go b/cmd/cmd_create_client.go
index 629ef495a2e..0a7eb0a1aad 100644
--- a/cmd/cmd_create_client.go
+++ b/cmd/cmd_create_client.go
@@ -20,6 +20,7 @@ const (
 	flagClientAllowedCORSOrigin                 = "allowed-cors-origin"
 	flagClientAudience                          = "audience"
 	flagClientBackchannelLogoutCallback         = "backchannel-logout-callback"
+	flagClientId                                = "id"
 	flagClientName                              = "name"
 	flagClientClientURI                         = "client-uri"
 	flagClientContact                           = "contact"
diff --git a/cmd/cmd_helper_client.go b/cmd/cmd_helper_client.go
index f35af499cce..6f766dd47de 100644
--- a/cmd/cmd_helper_client.go
+++ b/cmd/cmd_helper_client.go
@@ -22,6 +22,7 @@ func clientFromFlags(cmd *cobra.Command) hydra.OAuth2Client {
 		Audience:                          flagx.MustGetStringSlice(cmd, flagClientAudience),
 		BackchannelLogoutSessionRequired:  pointerx.Bool(flagx.MustGetBool(cmd, flagClientBackChannelLogoutSessionRequired)),
 		BackchannelLogoutUri:              pointerx.String(flagx.MustGetString(cmd, flagClientBackchannelLogoutCallback)),
+		ClientId:                          pointerx.String(flagx.MustGetString(cmd, flagClientId)),
 		ClientName:                        pointerx.String(flagx.MustGetString(cmd, flagClientName)),
 		ClientSecret:                      pointerx.String(flagx.MustGetString(cmd, flagClientSecret)),
 		ClientUri:                         pointerx.String(flagx.MustGetString(cmd, flagClientClientURI)),
@@ -76,6 +77,7 @@ func registerClientFlags(flags *pflag.FlagSet) {
 	flags.String(flagClientLogoURI, "", "A URL string that references a logo for the client")
 	flags.StringSlice(flagClientAllowedCORSOrigin, []string{}, "The list of URLs allowed to make CORS requests. Requires CORS_ENABLED.")
 	flags.String(flagClientSubjectType, "public", "A identifier algorithm. Valid values are `public` and `pairwise`.")
+	flags.String(flagClientId, "", "Provide the client's id.")
 	flags.String(flagClientSecret, "", "Provide the client's secret.")
 	flags.String(flagClientName, "", "The client's name.")
 	flags.StringSlice(flagClientPostLogoutCallback, []string{}, "List of allowed URLs to be redirected to after a logout.")
diff --git a/cmd/cmd_update_client.go b/cmd/cmd_update_client.go
index 98f28b333d7..1230b8cd768 100644
--- a/cmd/cmd_update_client.go
+++ b/cmd/cmd_update_client.go
@@ -42,6 +42,9 @@ To encrypt an auto-generated OAuth2 Client Secret, use flags ` + "`--pgp-key`" +
 			}
 
 			id := args[0]
+			if f := cmd.Flag(flagClientId); f.Changed {
+				return fmt.Errorf("client id cannot be updated")
+			}
 			cc := clientFromFlags(cmd)
 
 			client, _, err := m.OAuth2Api.SetOAuth2Client(context.Background(), id).OAuth2Client(cc).Execute() //nolint:bodyclose