[#3700] allow a single OAuth2 user to be used for authentication in multiple auth collection

daos/external_auth.go

@@ -32,27 +32,6 @@ func (dao *Dao) FindAllExternalAuthsByRecord(authRecord *models.Record) ([]*mode
 	return auths, nil
 }
 
-// FindExternalAuthByProvider returns the first available
-// ExternalAuth model for the specified provider and providerId.
-func (dao *Dao) FindExternalAuthByProvider(provider, providerId string) (*models.ExternalAuth, error) {
-	model := &models.ExternalAuth{}
-
-	err := dao.ExternalAuthQuery().
-		AndWhere(dbx.Not(dbx.HashExp{"providerId": ""})). // exclude empty providerIds
-		AndWhere(dbx.HashExp{
-			"provider":   provider,
-			"providerId": providerId,
-		}).
-		Limit(1).
-		One(model)
-
-	if err != nil {
-		return nil, err
-	}
-
-	return model, nil
-}
-
 // FindExternalAuthByRecordAndProvider returns the first available
 // ExternalAuth model for the specified record data and provider.
 func (dao *Dao) FindExternalAuthByRecordAndProvider(authRecord *models.Record, provider string) (*models.ExternalAuth, error) {
@@ -74,6 +53,24 @@ func (dao *Dao) FindExternalAuthByRecordAndProvider(authRecord *models.Record, p
 	return model, nil
 }
 
+// FindFirstExternalAuthByExpr returns the first available
+// ExternalAuth model that satisfies the non-nil expression.
+func (dao *Dao) FindFirstExternalAuthByExpr(expr dbx.Expression) (*models.ExternalAuth, error) {
+	model := &models.ExternalAuth{}
+
+	err := dao.ExternalAuthQuery().
+		AndWhere(dbx.Not(dbx.HashExp{"providerId": ""})). // exclude empty providerIds
+		AndWhere(expr).
+		Limit(1).
+		One(model)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return model, nil
+}
+
 // SaveExternalAuth upserts the provided ExternalAuth model.
 func (dao *Dao) SaveExternalAuth(model *models.ExternalAuth) error {
 	// extra check the model data in case the provider's API response

daos/external_auth_test.go

@@ -3,6 +3,7 @@ package daos_test
 import (
 	"testing"
 
+	"github.com/pocketbase/dbx"
 	"github.com/pocketbase/pocketbase/models"
 	"github.com/pocketbase/pocketbase/tests"
 )
@@ -56,25 +57,23 @@ func TestFindAllExternalAuthsByRecord(t *testing.T) {
 	}
 }
 
-func TestFindExternalAuthByProvider(t *testing.T) {
+func TestFindFirstExternalAuthByExpr(t *testing.T) {
 	app, _ := tests.NewTestApp()
 	defer app.Cleanup()
 
 	scenarios := []struct {
-		provider   string
-		providerId string
+		expr       dbx.Expression
 		expectedId string
 	}{
-		{"", "", ""},
-		{"github", "", ""},
-		{"github", "id1", ""},
-		{"github", "id2", ""},
-		{"google", "test123", "clmflokuq1xl341"},
-		{"gitlab", "test123", "dlmflokuq1xl342"},
+		{dbx.HashExp{"provider": "github", "providerId": ""}, ""},
+		{dbx.HashExp{"provider": "github", "providerId": "id1"}, ""},
+		{dbx.HashExp{"provider": "github", "providerId": "id2"}, ""},
+		{dbx.HashExp{"provider": "google", "providerId": "test123"}, "clmflokuq1xl341"},
+		{dbx.HashExp{"provider": "gitlab", "providerId": "test123"}, "dlmflokuq1xl342"},
 	}
 
 	for i, s := range scenarios {
-		auth, err := app.Dao().FindExternalAuthByProvider(s.provider, s.providerId)
+		auth, err := app.Dao().FindFirstExternalAuthByExpr(s.expr)
 
 		hasErr := err != nil
 		expectErr := s.expectedId == ""
@@ -147,7 +146,11 @@ func TestSaveExternalAuth(t *testing.T) {
 	}
 
 	// check if it was really saved
-	foundAuth, err := app.Dao().FindExternalAuthByProvider("test", "test_id")
+	foundAuth, err := app.Dao().FindFirstExternalAuthByExpr(dbx.HashExp{
+		"collectionId": "v851q4r790rhknl",
+		"provider":     "test",
+		"providerId":   "test_id",
+	})
 	if err != nil {
 		t.Fatal(err)
 	}