Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[TT-13535/TT-13566] Make upstream oauth flow client secret omitempty #6708

Merged

Conversation

jeffy-mathew
Copy link
Contributor

@jeffy-mathew jeffy-mathew commented Nov 18, 2024

User description

TT-13566
Summary Make upstream auth oauth password client secret not required in oas schema
Type Sub-task Sub-task
Status Ready for Testing
Points N/A
Labels -

Description

Make upstream oauth flow client secret omitempty to not break when an API is created without clientSecret and saved later.

Related Issue

Parent: https://tyktech.atlassian.net/browse/TT-13535
Subtask: https://tyktech.atlassian.net/browse/TT-13566

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Refactoring or add test (improvements in base code or adds test coverage to functionality)

Checklist

  • I ensured that the documentation is up to date
  • I explained why this PR updates go.mod in detail with reasoning why it's required
  • I would like a code coverage CI quality gate exception and have explained why

PR Type

enhancement


Description

  • Updated the ClientAuthData struct in apidef/api_definitions.go to make the ClientSecret field optional by adding the omitempty tag.
  • This change prevents errors when an API is created without a clientSecret and saved later.

Changes walkthrough 📝

Relevant files
Enhancement
api_definitions.go
Make `ClientSecret` optional in OAuth client auth data     

apidef/api_definitions.go

  • Made ClientSecret field optional by adding omitempty tag.
  • Updated JSON and BSON tags for ClientSecret to reflect optional
    status.
  • +1/-1     

    💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    @buger
    Copy link
    Member

    buger commented Nov 18, 2024

    I'm a bot and I 👍 this PR title. 🤖

    Copy link
    Contributor

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    ⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ No major issues detected

    Copy link
    Contributor

    PR Code Suggestions ✨

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Ensure consistent handling of optional fields across the application

    Ensure that the omitempty option is correctly implemented in all relevant places
    where ClientSecret is used or processed to avoid unintended behavior when the field
    is empty.

    apidef/api_definitions.go [852]

    +ClientSecret string `bson:"client_secret,omitempty" json:"client_secret,omitempty"`
     
    -
    Suggestion importance[1-10]: 7

    Why: The suggestion to verify the correct implementation of omitempty is relevant as it ensures that optional fields do not cause unintended behavior. This is crucial for maintaining the robustness and reliability of the application, especially when dealing with optional data fields in serialization and deserialization processes.

    7

    Copy link
    Contributor

    github-actions bot commented Nov 18, 2024

    API Changes

    --- prev.txt	2024-11-18 12:47:17.711262005 +0000
    +++ current.txt	2024-11-18 12:47:10.951238509 +0000
    @@ -1204,7 +1204,6 @@
                   },
                   "required": [
                     "client_id",
    -                "client_secret",
                     "token_url",
                     "username",
                     "password"
    @@ -1545,7 +1544,7 @@
     	// ClientID is the application's ID.
     	ClientID string `bson:"client_id" json:"client_id"`
     	// ClientSecret is the application's secret.
    -	ClientSecret string `bson:"client_secret" json:"client_secret"`
    +	ClientSecret string `bson:"client_secret,omitempty" json:"client_secret,omitempty"` // client secret is optional for password flow
     }
         ClientAuthData holds the client ID and secret for upstream OAuth2
         authentication.
    @@ -3487,7 +3486,7 @@
     	// ClientID is the application's ID.
     	ClientID string `bson:"clientId" json:"clientId"`
     	// ClientSecret is the application's secret.
    -	ClientSecret string `bson:"clientSecret" json:"clientSecret"`
    +	ClientSecret string `bson:"clientSecret,omitempty" json:"clientSecret,omitempty"` // client secret is optional for password flow
     }
         ClientAuthData holds the client ID and secret for OAuth2 authentication.
     

    @jeffy-mathew jeffy-mathew force-pushed the fix/TT-13535/TT-13566/make-client-secret-omitempty branch from 4037aa9 to dac0cee Compare November 18, 2024 10:46
    @jeffy-mathew jeffy-mathew enabled auto-merge (squash) November 18, 2024 11:05
    Copy link

    Quality Gate Failed Quality Gate failed

    Failed conditions
    0.0% Coverage on New Code (required ≥ 80%)

    See analysis details on SonarQube Cloud

    @jeffy-mathew jeffy-mathew merged commit c8f21dc into master Nov 18, 2024
    32 of 45 checks passed
    @jeffy-mathew jeffy-mathew deleted the fix/TT-13535/TT-13566/make-client-secret-omitempty branch November 18, 2024 13:57
    @jeffy-mathew
    Copy link
    Contributor Author

    /release to release-5.7

    @jeffy-mathew
    Copy link
    Contributor Author

    /release to release-5.7.0

    Copy link

    tykbot bot commented Nov 18, 2024

    Working on it! Note that it can take a few minutes.

    1 similar comment
    Copy link

    tykbot bot commented Nov 18, 2024

    Working on it! Note that it can take a few minutes.

    tykbot bot pushed a commit that referenced this pull request Nov 18, 2024
    …6708)
    
    ### **User description**
    <details open>
    <summary><a href="https://tyktech.atlassian.net/browse/TT-13566"
    title="TT-13566" target="_blank">TT-13566</a></summary>
      <br />
      <table>
        <tr>
          <th>Summary</th>
    <td>Make upstream auth oauth password client secret not required in oas
    schema</td>
        </tr>
        <tr>
          <th>Type</th>
          <td>
    <img alt="Sub-task"
    src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium"
    />
            Sub-task
          </td>
        </tr>
        <tr>
          <th>Status</th>
          <td>Ready for Testing</td>
        </tr>
        <tr>
          <th>Points</th>
          <td>N/A</td>
        </tr>
        <tr>
          <th>Labels</th>
          <td>-</td>
        </tr>
      </table>
    </details>
    <!--
      do not remove this marker as it will break jira-lint's functionality.
      added_by_jira_lint
    -->
    
    ---
    
    <!-- Provide a general summary of your changes in the Title above -->
    
    ## Description
    
    Make upstream oauth flow client secret omitempty to not break when an
    API is created without `clientSecret` and saved later.
    
    ## Related Issue
    Parent: https://tyktech.atlassian.net/browse/TT-13535
    Subtask: https://tyktech.atlassian.net/browse/TT-13566
    
    ## Motivation and Context
    
    <!-- Why is this change required? What problem does it solve? -->
    
    ## How This Has Been Tested
    
    <!-- Please describe in detail how you tested your changes -->
    <!-- Include details of your testing environment, and the tests -->
    <!-- you ran to see how your change affects other areas of the code,
    etc. -->
    <!-- This information is helpful for reviewers and QA. -->
    
    ## Screenshots (if appropriate)
    
    ## Types of changes
    
    <!-- What types of changes does your code introduce? Put an `x` in all
    the boxes that apply: -->
    
    - [ ] Bug fix (non-breaking change which fixes an issue)
    - [ ] New feature (non-breaking change which adds functionality)
    - [ ] Breaking change (fix or feature that would cause existing
    functionality to change)
    - [ ] Refactoring or add test (improvements in base code or adds test
    coverage to functionality)
    
    ## Checklist
    
    <!-- Go over all the following points, and put an `x` in all the boxes
    that apply -->
    <!-- If there are no documentation updates required, mark the item as
    checked. -->
    <!-- Raise up any additional concerns not covered by the checklist. -->
    
    - [ ] I ensured that the documentation is up to date
    - [ ] I explained why this PR updates go.mod in detail with reasoning
    why it's required
    - [ ] I would like a code coverage CI quality gate exception and have
    explained why
    
    
    ___
    
    ### **PR Type**
    enhancement
    
    
    ___
    
    ### **Description**
    - Updated the `ClientAuthData` struct in `apidef/api_definitions.go` to
    make the `ClientSecret` field optional by adding the `omitempty` tag.
    - This change prevents errors when an API is created without a
    `clientSecret` and saved later.
    
    
    
    ___
    
    
    
    ### **Changes walkthrough** 📝
    <table><thead><tr><th></th><th align="left">Relevant
    files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions.go</strong><dd><code>Make
    `ClientSecret` optional in OAuth client auth data</code>&nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6708/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    </table></td></tr></tr></tbody></table>
    
    ___
    
    > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
    request to receive relevant information
    
    (cherry picked from commit c8f21dc)
    buger added a commit that referenced this pull request Nov 18, 2024
    …client secret omitempty (#6708)
    
    [TT-13535/TT-13566] Make upstream oauth flow client secret omitempty (#6708)
    
    ### **User description**
    <details open>
    <summary><a href="https://tyktech.atlassian.net/browse/TT-13566"
    title="TT-13566" target="_blank">TT-13566</a></summary>
      <br />
      <table>
        <tr>
          <th>Summary</th>
    <td>Make upstream auth oauth password client secret not required in oas
    schema</td>
        </tr>
        <tr>
          <th>Type</th>
          <td>
    <img alt="Sub-task"
    src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium"
    />
            Sub-task
          </td>
        </tr>
        <tr>
          <th>Status</th>
          <td>Ready for Testing</td>
        </tr>
        <tr>
          <th>Points</th>
          <td>N/A</td>
        </tr>
        <tr>
          <th>Labels</th>
          <td>-</td>
        </tr>
      </table>
    </details>
    <!--
      do not remove this marker as it will break jira-lint's functionality.
      added_by_jira_lint
    -->
    
    ---
    
    <!-- Provide a general summary of your changes in the Title above -->
    
    ## Description
    
    Make upstream oauth flow client secret omitempty to not break when an
    API is created without `clientSecret` and saved later.
    
    ## Related Issue
    Parent: https://tyktech.atlassian.net/browse/TT-13535
    Subtask: https://tyktech.atlassian.net/browse/TT-13566
    
    ## Motivation and Context
    
    <!-- Why is this change required? What problem does it solve? -->
    
    ## How This Has Been Tested
    
    <!-- Please describe in detail how you tested your changes -->
    <!-- Include details of your testing environment, and the tests -->
    <!-- you ran to see how your change affects other areas of the code,
    etc. -->
    <!-- This information is helpful for reviewers and QA. -->
    
    ## Screenshots (if appropriate)
    
    ## Types of changes
    
    <!-- What types of changes does your code introduce? Put an `x` in all
    the boxes that apply: -->
    
    - [ ] Bug fix (non-breaking change which fixes an issue)
    - [ ] New feature (non-breaking change which adds functionality)
    - [ ] Breaking change (fix or feature that would cause existing
    functionality to change)
    - [ ] Refactoring or add test (improvements in base code or adds test
    coverage to functionality)
    
    ## Checklist
    
    <!-- Go over all the following points, and put an `x` in all the boxes
    that apply -->
    <!-- If there are no documentation updates required, mark the item as
    checked. -->
    <!-- Raise up any additional concerns not covered by the checklist. -->
    
    - [ ] I ensured that the documentation is up to date
    - [ ] I explained why this PR updates go.mod in detail with reasoning
    why it's required
    - [ ] I would like a code coverage CI quality gate exception and have
    explained why
    
    
    ___
    
    ### **PR Type**
    enhancement
    
    
    ___
    
    ### **Description**
    - Updated the `ClientAuthData` struct in `apidef/api_definitions.go` to
    make the `ClientSecret` field optional by adding the `omitempty` tag.
    - This change prevents errors when an API is created without a
    `clientSecret` and saved later.
    
    
    
    ___
    
    
    
    ### **Changes walkthrough** 📝
    <table><thead><tr><th></th><th align="left">Relevant
    files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions.go</strong><dd><code>Make
    `ClientSecret` optional in OAuth client auth data</code>&nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6708/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    </table></td></tr></tr></tbody></table>
    
    ___
    
    > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
    request to receive relevant information
    Copy link

    tykbot bot commented Nov 18, 2024

    @jeffy-mathew Succesfully merged PR

    Copy link

    tykbot bot commented Nov 18, 2024

    Still working...

    tykbot bot pushed a commit that referenced this pull request Nov 18, 2024
    …6708)
    
    ### **User description**
    <details open>
    <summary><a href="https://tyktech.atlassian.net/browse/TT-13566"
    title="TT-13566" target="_blank">TT-13566</a></summary>
      <br />
      <table>
        <tr>
          <th>Summary</th>
    <td>Make upstream auth oauth password client secret not required in oas
    schema</td>
        </tr>
        <tr>
          <th>Type</th>
          <td>
    <img alt="Sub-task"
    src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium"
    />
            Sub-task
          </td>
        </tr>
        <tr>
          <th>Status</th>
          <td>Ready for Testing</td>
        </tr>
        <tr>
          <th>Points</th>
          <td>N/A</td>
        </tr>
        <tr>
          <th>Labels</th>
          <td>-</td>
        </tr>
      </table>
    </details>
    <!--
      do not remove this marker as it will break jira-lint's functionality.
      added_by_jira_lint
    -->
    
    ---
    
    <!-- Provide a general summary of your changes in the Title above -->
    
    ## Description
    
    Make upstream oauth flow client secret omitempty to not break when an
    API is created without `clientSecret` and saved later.
    
    ## Related Issue
    Parent: https://tyktech.atlassian.net/browse/TT-13535
    Subtask: https://tyktech.atlassian.net/browse/TT-13566
    
    ## Motivation and Context
    
    <!-- Why is this change required? What problem does it solve? -->
    
    ## How This Has Been Tested
    
    <!-- Please describe in detail how you tested your changes -->
    <!-- Include details of your testing environment, and the tests -->
    <!-- you ran to see how your change affects other areas of the code,
    etc. -->
    <!-- This information is helpful for reviewers and QA. -->
    
    ## Screenshots (if appropriate)
    
    ## Types of changes
    
    <!-- What types of changes does your code introduce? Put an `x` in all
    the boxes that apply: -->
    
    - [ ] Bug fix (non-breaking change which fixes an issue)
    - [ ] New feature (non-breaking change which adds functionality)
    - [ ] Breaking change (fix or feature that would cause existing
    functionality to change)
    - [ ] Refactoring or add test (improvements in base code or adds test
    coverage to functionality)
    
    ## Checklist
    
    <!-- Go over all the following points, and put an `x` in all the boxes
    that apply -->
    <!-- If there are no documentation updates required, mark the item as
    checked. -->
    <!-- Raise up any additional concerns not covered by the checklist. -->
    
    - [ ] I ensured that the documentation is up to date
    - [ ] I explained why this PR updates go.mod in detail with reasoning
    why it's required
    - [ ] I would like a code coverage CI quality gate exception and have
    explained why
    
    
    ___
    
    ### **PR Type**
    enhancement
    
    
    ___
    
    ### **Description**
    - Updated the `ClientAuthData` struct in `apidef/api_definitions.go` to
    make the `ClientSecret` field optional by adding the `omitempty` tag.
    - This change prevents errors when an API is created without a
    `clientSecret` and saved later.
    
    
    
    ___
    
    
    
    ### **Changes walkthrough** 📝
    <table><thead><tr><th></th><th align="left">Relevant
    files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions.go</strong><dd><code>Make
    `ClientSecret` optional in OAuth client auth data</code>&nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6708/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    </table></td></tr></tr></tbody></table>
    
    ___
    
    > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
    request to receive relevant information
    
    (cherry picked from commit c8f21dc)
    Copy link

    tykbot bot commented Nov 18, 2024

    @jeffy-mathew Seems like there is conflict and it require manual merge.

    jeffy-mathew added a commit that referenced this pull request Nov 18, 2024
    …w client secret omitempty (#6708) (#6710)
    
    ### **User description**
    [TT-13535/TT-13566] Make upstream oauth flow client secret omitempty
    (#6708)
    
    ### **User description**
    <details open>
    <summary><a href="https://tyktech.atlassian.net/browse/TT-13566"
    title="TT-13566" target="_blank">TT-13566</a></summary>
      <br />
      <table>
        <tr>
          <th>Summary</th>
    <td>Make upstream auth oauth password client secret not required in oas
    schema</td>
        </tr>
        <tr>
          <th>Type</th>
          <td>
    <img alt="Sub-task"
    
    src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium"
    />
            Sub-task
          </td>
        </tr>
        <tr>
          <th>Status</th>
          <td>Ready for Testing</td>
        </tr>
        <tr>
          <th>Points</th>
          <td>N/A</td>
        </tr>
        <tr>
          <th>Labels</th>
          <td>-</td>
        </tr>
      </table>
    </details>
    <!--
      do not remove this marker as it will break jira-lint's functionality.
      added_by_jira_lint
    -->
    
    ---
    
    <!-- Provide a general summary of your changes in the Title above -->
    
    ## Description
    
    Make upstream oauth flow client secret omitempty to not break when an
    API is created without `clientSecret` and saved later.
    
    ## Related Issue
    Parent: https://tyktech.atlassian.net/browse/TT-13535
    Subtask: https://tyktech.atlassian.net/browse/TT-13566
    
    ## Motivation and Context
    
    <!-- Why is this change required? What problem does it solve? -->
    
    ## How This Has Been Tested
    
    <!-- Please describe in detail how you tested your changes -->
    <!-- Include details of your testing environment, and the tests -->
    <!-- you ran to see how your change affects other areas of the code,
    etc. -->
    <!-- This information is helpful for reviewers and QA. -->
    
    ## Screenshots (if appropriate)
    
    ## Types of changes
    
    <!-- What types of changes does your code introduce? Put an `x` in all
    the boxes that apply: -->
    
    - [ ] Bug fix (non-breaking change which fixes an issue)
    - [ ] New feature (non-breaking change which adds functionality)
    - [ ] Breaking change (fix or feature that would cause existing
    functionality to change)
    - [ ] Refactoring or add test (improvements in base code or adds test
    coverage to functionality)
    
    ## Checklist
    
    <!-- Go over all the following points, and put an `x` in all the boxes
    that apply -->
    <!-- If there are no documentation updates required, mark the item as
    checked. -->
    <!-- Raise up any additional concerns not covered by the checklist. -->
    
    - [ ] I ensured that the documentation is up to date
    - [ ] I explained why this PR updates go.mod in detail with reasoning
    why it's required
    - [ ] I would like a code coverage CI quality gate exception and have
    explained why
    
    
    ___
    
    ### **PR Type**
    enhancement
    
    
    ___
    
    ### **Description**
    - Updated the `ClientAuthData` struct in `apidef/api_definitions.go` to
    make the `ClientSecret` field optional by adding the `omitempty` tag.
    - This change prevents errors when an API is created without a
    `clientSecret` and saved later.
    
    
    
    ___
    
    
    
    ### **Changes walkthrough** 📝
    <table><thead><tr><th></th><th align="left">Relevant
    
    files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions.go</strong><dd><code>Make
    `ClientSecret` optional in OAuth client auth data</code>&nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    
    href="https://github.com/TykTechnologies/tyk/pull/6708/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    </table></td></tr></tr></tbody></table>
    
    ___
    
    > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
    request to receive relevant information
    
    
    ___
    
    ### **PR Type**
    Enhancement, Tests
    
    
    ___
    
    ### **Description**
    - Made the `ClientSecret` field optional in the `ClientAuthData` struct
    by adding the `omitempty` tag in `apidef/api_definitions.go` and
    `apidef/oas/upstream.go`.
    - Updated the schema in `apidef/schema.go` to remove `client_secret`
    from the list of required fields.
    - Enhanced test coverage in `apidef/api_definitions_test.go` by
    configuring `UpstreamAuth` and including `ClientSecret` in test setup to
    prevent schema errors.
    
    
    
    ___
    
    
    
    ### **Changes walkthrough** 📝
    <table><thead><tr><th></th><th align="left">Relevant
    files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions.go</strong><dd><code>Make
    `ClientSecret` optional in OAuth client auth data</code>&nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6710/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    
    <tr>
      <td>
        <details>
    <summary><strong>upstream.go</strong><dd><code>Make `ClientSecret`
    optional in OAuth client auth data</code>&nbsp; &nbsp; &nbsp;
    </dd></summary>
    <hr>
    
    apidef/oas/upstream.go
    
    <li>Made <code>ClientSecret</code> field optional by adding
    <code>omitempty</code> tag.<br> <li> Updated JSON and BSON tags for
    <code>ClientSecret</code> to reflect optional <br>status.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6710/files#diff-7b0941c7f37fe5a2a23047e0822a65519ca11c371660f36555b59a60f000e3f4">+1/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    
    <tr>
      <td>
        <details>
    <summary><strong>schema.go</strong><dd><code>Remove `client_secret` from
    required schema fields</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
    &nbsp; </dd></summary>
    <hr>
    
    apidef/schema.go
    
    - Removed `client_secret` from required fields in schema.
    
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6710/files#diff-f8a37bb370eb6fe20063786a5e6ea3d85a5c91d8e289f0b3e045830c4d322095">+0/-1</a>&nbsp;
    &nbsp; &nbsp; </td>
    
    </tr>
    </table></td></tr><tr><td><strong>Tests</strong></td><td><table>
    <tr>
      <td>
        <details>
    <summary><strong>api_definitions_test.go</strong><dd><code>Add test
    setup for optional `ClientSecret` in schema</code>&nbsp; &nbsp; &nbsp;
    &nbsp; &nbsp; </dd></summary>
    <hr>
    
    apidef/api_definitions_test.go
    
    <li>Added <code>UpstreamAuth</code> configuration to test schema.<br>
    <li> Included <code>ClientSecret</code> in test setup to avoid schema
    errors.<br>
    
    
    </details>
    
    
      </td>
    <td><a
    href="https://github.com/TykTechnologies/tyk/pull/6710/files#diff-6af57c2148f42dce2ee2b93b77d65412024a802ddbd26b63f1d8bd339f4ef760">+22/-0</a>&nbsp;
    &nbsp; </td>
    
    </tr>
    </table></td></tr></tr></tbody></table>
    
    ___
    
    > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
    request to receive relevant information
    
    Co-authored-by: Jeffy Mathew <[email protected]>
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    4 participants