chore: remove db tags from fields that are not supposed to be stored

GitOrigin-RevId: 50e6feb45583953e40aa1d2eac8f5318fc5fc844

Author: zepatrik

consent/test/manager_test_helpers.go

@@ -409,25 +409,24 @@ func ConsentManagerTests(t *testing.T, deps Deps, m consent.Manager, loginManage
 					require.NoError(t, clientManager.CreateClient(t.Context(), cl))
 
 					f := &flow.Flow{
+						ID:  uuidx.NewV4().String(),
 						NID: deps.Networker().NetworkID(t.Context()),
 						OpenIDConnectContext: &flow.OAuth2ConsentRequestOpenIDConnectContext{
 							ACRValues: []string{"1", "2"},
 							UILocales: []string{"fr", "de"},
 							Display:   "popup",
 						},
-						RequestedAt:      time.Now().UTC().Add(-time.Hour),
-						Client:           cl,
-						Subject:          ls.Subject,
-						RequestURL:       "https://request-url/path",
-						LoginSkip:        true,
-						RequestedScope:   []string{"scopea", "scopeb"},
-						SessionID:        sqlxx.NullString(ls.ID),
-						ConsentRequestID: sqlxx.NullString(uuid.Must(uuid.NewV4()).String()),
-						ConsentCSRF:      sqlxx.NullString(uuid.Must(uuid.NewV4()).String()),
-
-						LoginCSRF: uuid.Must(uuid.NewV4()).String(),
-						ID:        uuid.Must(uuid.NewV4()).String(),
-						State:     flow.FlowStateLoginUsed,
+						ACR:                "1",
+						AMR:                sqlxx.StringSliceJSONFormat{"passwd"},
+						RequestedAt:        time.Now().UTC().Add(-time.Hour),
+						Client:             cl,
+						Subject:            ls.Subject,
+						RequestURL:         "https://request-url/path",
+						RequestedScope:     []string{"scopea", "scopeb"},
+						SessionID:          sqlxx.NullString(ls.ID),
+						ConsentRequestID:   sqlxx.NullString(uuid.Must(uuid.NewV4()).String()),
+						GrantedScope:       sqlxx.StringSliceJSONFormat{"scopea", "scopeb"},
+						ConsentRememberFor: pointerx.Ptr(0),
 					}
 
 					require.NoError(t, m.CreateConsentSession(t.Context(), f))

flow/flow.go

@@ -141,7 +141,7 @@ type Flow struct {
 	// This feature allows you to update / set session information.
 	//
 	// required: true
-	LoginSkip bool `db:"login_skip" json:"ls,omitempty"`
+	LoginSkip bool `db:"-" json:"ls,omitempty"`
 
 	// Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope
 	// requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type
@@ -177,24 +177,24 @@ type Flow struct {
 	// If specified, we will use this value to propagate the logout.
 	IdentityProviderSessionID sqlxx.NullString `db:"identity_provider_session_id" json:"is,omitempty"`
 
-	LoginCSRF string `db:"login_csrf" json:"lc,omitempty"`
+	LoginCSRF string `db:"-" json:"lc,omitempty"`
 
 	RequestedAt time.Time `db:"requested_at" json:"ia,omitempty"`
 
-	State State `db:"state" json:"q,omitempty"`
+	State State `db:"-" json:"q,omitempty"`
 
 	// LoginRemember, if set to true, tells ORY Hydra to remember this user by telling the user agent (browser) to store
 	// a cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, he/she
 	// will not be asked to log in again.
-	LoginRemember bool `db:"login_remember" json:"lr,omitempty"`
+	LoginRemember bool `db:"-" json:"lr,omitempty"`
 
 	// LoginRememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the
 	// authorization will be remembered for the duration of the browser session (using a session cookie).
-	LoginRememberFor int `db:"login_remember_for" json:"lf,omitempty"`
+	LoginRememberFor int `db:"-" json:"lf,omitempty"`
 
 	// LoginExtendSessionLifespan, if set to true, session cookie expiry time will be updated when session is
 	// refreshed (login skip=true).
-	LoginExtendSessionLifespan bool `db:"login_extend_session_lifespan" json:"ll,omitempty"`
+	LoginExtendSessionLifespan bool `db:"-" json:"ll,omitempty"`
 
 	// ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it
 	// to express that, for example, a user authenticated using two factor authentication.
@@ -230,17 +230,17 @@ type Flow struct {
 	// data.
 	Context sqlxx.JSONRawMessage `db:"context" json:"ct"`
 
-	LoginError           *RequestDeniedError `db:"login_error" json:"le,omitempty"`
-	LoginAuthenticatedAt sqlxx.NullTime      `db:"login_authenticated_at" json:"la,omitempty"`
+	LoginError           *RequestDeniedError `db:"-" json:"le,omitempty"`
+	LoginAuthenticatedAt sqlxx.NullTime      `db:"-" json:"la,omitempty"`
 
 	// DeviceChallengeID is the device request's challenge ID
 	DeviceChallengeID sqlxx.NullString `db:"device_challenge_id" json:"di,omitempty"`
 	// DeviceCodeRequestID is the device request's ID
 	DeviceCodeRequestID sqlxx.NullString `db:"device_code_request_id" json:"dr,omitempty"`
 	// DeviceCSRF is the device request's CSRF
-	DeviceCSRF sqlxx.NullString `db:"device_csrf" json:"dc,omitempty"`
+	DeviceCSRF sqlxx.NullString `db:"-" json:"dc,omitempty"`
 	// DeviceHandledAt contains the timestamp the device user_code verification request was handled
-	DeviceHandledAt sqlxx.NullTime `db:"device_handled_at" json:"dh,omitempty"`
+	DeviceHandledAt sqlxx.NullTime `db:"-" json:"dh,omitempty"`
 
 	// ConsentRequestID is the identifier of the consent request.
 	// The database column should be named `consent_request_id`, but is not for historical reasons.
@@ -249,7 +249,7 @@ type Flow struct {
 	// If true, you must not ask the user to grant the requested scopes. You must however either allow or deny the
 	// consent request using the usual API call.
 	ConsentSkip bool             `db:"consent_skip" json:"cs,omitempty"`
-	ConsentCSRF sqlxx.NullString `db:"consent_csrf" json:"cr,omitempty"`
+	ConsentCSRF sqlxx.NullString `db:"-" json:"cr,omitempty"`
 
 	// GrantedScope sets the scope the user authorized the client to use. Should be a subset of `requested_scope`.
 	GrantedScope sqlxx.StringSliceJSONFormat `db:"granted_scope" json:"gs,omitempty"`
@@ -268,7 +268,7 @@ type Flow struct {
 	// ConsentHandledAt contains the timestamp the consent request was handled.
 	ConsentHandledAt sqlxx.NullTime `db:"consent_handled_at" json:"ch,omitempty"`
 
-	ConsentError       *RequestDeniedError      `db:"consent_error" json:"cx"`
+	ConsentError       *RequestDeniedError      `db:"-" json:"cx"`
 	SessionIDToken     sqlxx.MapStringInterface `db:"session_id_token" faker:"-" json:"st"`
 	SessionAccessToken sqlxx.MapStringInterface `db:"session_access_token" faker:"-" json:"sa"`
 }

persistence/sql/migratest/fixtures/hydra_oauth2_flow/challenge-0001.json

@@ -4,47 +4,26 @@
   "rs": [
     "requested_scope-0001_1"
   ],
-  "ls": true,
   "s": "subject-0001",
   "oc": {
     "display": "display-0001"
   },
   "ci": "client-0014",
   "r": "http://request/0001",
-  "lc": "csrf-0001",
   "ia": "2022-02-15T22:20:21Z",
-  "q": 128,
-  "lr": true,
-  "lf": 1,
   "a": "acr-0001",
   "ct": {},
-  "le": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
-  "la": "2022-02-15T22:20:21Z",
+  "la": null,
   "dh": null,
   "cc": "challenge-0001",
   "cs": true,
-  "cr": "csrf-0001",
   "gs": [
     "granted_scope-0001_1"
   ],
   "ce": true,
   "cf": 1,
   "ch": null,
-  "cx": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
+  "cx": null,
   "st": {
     "session_id_token-0001": "0001"
   },

persistence/sql/migratest/fixtures/hydra_oauth2_flow/challenge-0002.json

@@ -4,48 +4,27 @@
   "rs": [
     "requested_scope-0002_1"
   ],
-  "ls": true,
   "s": "subject-0002",
   "oc": {
     "display": "display-0002"
   },
   "ci": "client-0014",
   "r": "http://request/0002",
-  "lc": "csrf-0002",
   "ia": "2022-02-15T22:20:21Z",
-  "q": 128,
-  "lr": true,
-  "lf": 2,
   "a": "acr-0002",
   "fs": "force_subject_id-0002",
   "ct": {},
-  "le": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
-  "la": "2022-02-15T22:20:21Z",
+  "la": null,
   "dh": null,
   "cc": "challenge-0002",
   "cs": true,
-  "cr": "csrf-0002",
   "gs": [
     "granted_scope-0002_1"
   ],
   "ce": true,
   "cf": 2,
   "ch": null,
-  "cx": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
+  "cx": null,
   "st": {
     "session_id_token-0002": "0002"
   },

persistence/sql/migratest/fixtures/hydra_oauth2_flow/challenge-0003.json

@@ -4,49 +4,28 @@
   "rs": [
     "requested_scope-0003_1"
   ],
-  "ls": true,
   "s": "subject-0003",
   "oc": {
     "display": "display-0003"
   },
   "ci": "client-0014",
   "r": "http://request/0003",
   "si": "auth_session-0003",
-  "lc": "csrf-0003",
   "ia": "2022-02-15T22:20:21Z",
-  "q": 128,
-  "lr": true,
-  "lf": 3,
   "a": "acr-0003",
   "fs": "force_subject_id-0003",
   "ct": {},
-  "le": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
-  "la": "2022-02-15T22:20:21Z",
+  "la": null,
   "dh": null,
   "cc": "challenge-0003",
   "cs": true,
-  "cr": "csrf-0003",
   "gs": [
     "granted_scope-0003_1"
   ],
   "ce": true,
   "cf": 3,
   "ch": null,
-  "cx": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
+  "cx": null,
   "st": {
     "session_id_token-0003": "0003"
   },

persistence/sql/migratest/fixtures/hydra_oauth2_flow/challenge-0004.json

@@ -7,35 +7,21 @@
   "ra": [
     "requested_audience-0004_1"
   ],
-  "ls": true,
   "s": "subject-0004",
   "oc": {
     "display": "display-0004"
   },
   "ci": "client-0014",
   "r": "http://request/0004",
   "si": "auth_session-0004",
-  "lc": "csrf-0004",
   "ia": "2022-02-15T22:20:21Z",
-  "q": 128,
-  "lr": true,
-  "lf": 4,
   "a": "acr-0004",
   "fs": "force_subject_id-0004",
   "ct": {},
-  "le": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
-  "la": "2022-02-15T22:20:21Z",
+  "la": null,
   "dh": null,
   "cc": "challenge-0004",
   "cs": true,
-  "cr": "csrf-0004",
   "gs": [
     "granted_scope-0004_1"
   ],
@@ -45,14 +31,7 @@
   "ce": true,
   "cf": 4,
   "ch": null,
-  "cx": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
+  "cx": null,
   "st": {
     "session_id_token-0004": "0004"
   },

persistence/sql/migratest/fixtures/hydra_oauth2_flow/challenge-0005.json

@@ -7,35 +7,21 @@
   "ra": [
     "requested_audience-0005_1"
   ],
-  "ls": true,
   "s": "subject-0005",
   "oc": {
     "display": "display-0005"
   },
   "ci": "client-0014",
   "r": "http://request/0005",
   "si": "auth_session-0005",
-  "lc": "csrf-0005",
   "ia": "2022-02-15T22:20:21Z",
-  "q": 128,
-  "lr": true,
-  "lf": 5,
   "a": "acr-0005",
   "fs": "force_subject_id-0005",
   "ct": {},
-  "le": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
-  "la": "2022-02-15T22:20:21Z",
+  "la": null,
   "dh": null,
   "cc": "challenge-0005",
   "cs": true,
-  "cr": "csrf-0005",
   "gs": [
     "granted_scope-0005_1"
   ],
@@ -45,14 +31,7 @@
   "ce": true,
   "cf": 5,
   "ch": null,
-  "cx": {
-    "error": "",
-    "error_description": "",
-    "error_hint": "",
-    "status_code": 0,
-    "error_debug": "",
-    "valid": false
-  },
+  "cx": null,
   "st": {
     "session_id_token-0005": "0005"
   },