From f428ed910d5ff33fea9a0dd453a2fbf6bac57055 Mon Sep 17 00:00:00 2001
From: Bojan Bogdanovic <info@bojanbogdanovic.nl>
Date: Tue, 11 Mar 2025 16:04:45 +0100
Subject: [PATCH 1/2] Issue #3512143: Add extra checks in
 simple_oauth_update_8604

---
 simple_oauth.install | 51 ++++++++++++++++++++++++++++----------------
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/simple_oauth.install b/simple_oauth.install
index 67c13b2..452dfad 100644
--- a/simple_oauth.install
+++ b/simple_oauth.install
@@ -280,7 +280,6 @@ function simple_oauth_update_8603() {
  * Migrate roles used as scope and migrate settings to the consumer.
  */
 function simple_oauth_update_8604() {
-  $scopes = [];
   $consumers = \Drupal::entityTypeManager()->getStorage('consumer')->loadMultiple();
   $grant_types = array_keys(Oauth2GrantManager::getAvailablePluginsAsOptions());
   $config = \Drupal::configFactory()->get('simple_oauth.settings');
@@ -291,27 +290,31 @@ function simple_oauth_update_8604() {
     ->execute()
     ->fetchAll();
 
-  $scopes = [];
   foreach ($role_values as $role_value) {
     /** @var \Drupal\user\RoleInterface $role */
     $role = \Drupal::entityTypeManager()->getStorage('user_role')->load($role_value->roles_target_id);
-    // Scope doesn't exist, so we need to create one.
-    if (!isset($scopes[$role->id()])) {
-      $scope = Oauth2Scope::create([
-        'name' => $role->id(),
-        'description' => $role->label(),
-        'grant_types' => [
-          'authorization_code' => ['status' => TRUE],
-          'client_credentials' => ['status' => TRUE],
-          'refresh_token' => ['status' => TRUE],
-        ],
-        'granularity' => Oauth2ScopeInterface::GRANULARITY_ROLE,
-        'role' => $role->id(),
-      ]);
-      $scope->save();
-      $scopes[$role->id()] = $scope;
+    // Role doesn't exist, so don't do anything.
+    if (!$role) {
+      continue;
+    }
+    // Scope already exist.
+    if (\Drupal::entityTypeManager()->getStorage('oauth2_scope')->load($role->id())) {
+      continue;
     }
 
+    // Scope doesn't exist, so we need to create one.
+    Oauth2Scope::create([
+      'name' => $role->id(),
+      'description' => $role->label(),
+      'grant_types' => [
+        'authorization_code' => ['status' => TRUE],
+        'client_credentials' => ['status' => TRUE],
+        'refresh_token' => ['status' => TRUE],
+      ],
+      'granularity' => Oauth2ScopeInterface::GRANULARITY_ROLE,
+      'role' => $role->id(),
+    ])->save();
+
     $insert_query = $database->insert('consumer__scopes')
       ->fields([
         'bundle',
@@ -336,6 +339,16 @@ function simple_oauth_update_8604() {
 
   foreach ($consumers as $consumer) {
     foreach ($grant_types as $delta => $grant_type) {
+      $grant_type_exist = $database->select('consumer__grant_types', 'gc')
+        ->fields('gc', ['entity_id'])
+        ->condition('gc.entity_id', 1)
+        ->condition('gc.langcode', 'nl')
+        ->condition('gc.grant_types_value', 'client_credentials')
+        ->execute()
+        ->fetchField();
+      if (!empty($grant_type_exist)) {
+        continue;
+      }
       $insert_query = $database->insert('consumer__grant_types')
         ->fields([
           'bundle',
@@ -371,7 +384,9 @@ function simple_oauth_update_8604() {
   // Remove roles field.
   $entity_definition_update_manager = \Drupal::entityDefinitionUpdateManager();
   $roles_field_definition = $entity_definition_update_manager->getFieldStorageDefinition('roles', 'consumer');
-  $entity_definition_update_manager->uninstallFieldStorageDefinition($roles_field_definition);
+  if ($roles_field_definition) {
+    $entity_definition_update_manager->uninstallFieldStorageDefinition($roles_field_definition);
+  }
 }
 
 /**
-- 
GitLab


From 32c99fa6b109e0b370bfc20e181dce71b5bb4a1d Mon Sep 17 00:00:00 2001
From: Bojan Bogdanovic <info@bojanbogdanovic.nl>
Date: Tue, 11 Mar 2025 16:10:57 +0100
Subject: [PATCH 2/2] Update hardcoded stuff

---
 simple_oauth.install | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/simple_oauth.install b/simple_oauth.install
index 452dfad..e234d3c 100644
--- a/simple_oauth.install
+++ b/simple_oauth.install
@@ -341,12 +341,13 @@ function simple_oauth_update_8604() {
     foreach ($grant_types as $delta => $grant_type) {
       $grant_type_exist = $database->select('consumer__grant_types', 'gc')
         ->fields('gc', ['entity_id'])
-        ->condition('gc.entity_id', 1)
-        ->condition('gc.langcode', 'nl')
-        ->condition('gc.grant_types_value', 'client_credentials')
+        ->condition('gc.entity_id', $consumer->id())
+        ->condition('gc.langcode', $consumer->language()->getId())
+        ->condition('gc.grant_types_value', $grant_type)
         ->execute()
         ->fetchField();
-      if (!empty($grant_type_exist)) {
+      // Grant type already exist.
+      if ($grant_type_exist) {
         continue;
       }
       $insert_query = $database->insert('consumer__grant_types')
-- 
GitLab