Clients metadata not saved

[dennislemonmarkets]

Hi there,

I encountered a weird behavior that the metadata for a client is not saved to the database and also not in the deployed definition of the cluster.

Steps to reproduce:

1. Helm deployment of hydra-maester version 0.6.1
2. Applying the demo from here: https://github.com/ory/hydra-maester/blob/master/config/samples/hydra_v1alpha1_oauth2client_user_credentials.yaml

Outcome:
After doing this the client saved in the hydra database does not contain the expected metadata of {"property1": 1, "proerty2": "2"}.

The output of kubectl describe oauth2client my-oauth2-client-2 also does not show the metadata:

Name:         my-oauth2-client-2
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  hydra.ory.sh/v1alpha1
Kind:         OAuth2Client
Metadata:
  Creation Timestamp:  2021-04-15T15:16:59Z
  Finalizers:
    finalizer.ory.hydra.sh
  Generation:  2
  Managed Fields:
    API Version:  hydra.ory.sh/v1alpha1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .:
          f:kubectl.kubernetes.io/last-applied-configuration:
      f:spec:
        .:
        f:audience:
        f:grantTypes:
        f:hydraAdmin:
          .:
          f:endpoint:
          f:port:
          f:url:
        f:metadata:
        f:redirectUris:
        f:responseTypes:
        f:scope:
        f:secretName:
        f:tokenEndpointAuthMethod:
    Manager:      kubectl-client-side-apply
    Operation:    Update
    Time:         2021-04-15T15:16:59Z
    API Version:  hydra.ory.sh/v1alpha1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:finalizers:
          .:
          v:"finalizer.ory.hydra.sh":
      f:status:
        .:
        f:reconciliationError:
    Manager:         manager
    Operation:       Update
    Time:            2021-04-15T15:16:59Z
  Resource Version:  3572774
  Self Link:         /apis/hydra.ory.sh/v1alpha1/namespaces/default/oauth2clients/my-oauth2-client-2
  UID:               f1e8e9c3-729d-4a90-a722-ee290b39d7b8
Spec:
  Audience:
    audience-a
    audience-b
  Grant Types:
    client_credentials
    implicit
    authorization_code
    refresh_token
  Hydra Admin:
    Endpoint:  /clients
    Port:      4445
    URL:       http://hydra.default.svc.cluster.local
  Metadata:   <------------------------------------------------------------------------ See here!
  Redirect Uris:
    https://client/account
    http://localhost:8080
  Response Types:
    id_token
    code
    token
  Scope:                       read write
  Secret Name:                 my-secret-456
  Token Endpoint Auth Method:  client_secret_basic

Best, Dennis

[github-actions]

Hello contributors!

I am marking this issue as stale as it has not received any engagement from the community or maintainers a year. That does not imply that the issue has no merit! If you feel strongly about this issue

• open a PR referencing and resolving the issue;
• leave a comment on it and discuss ideas how you could contribute towards resolving it;
• leave a comment and describe in detail why this issue is critical for your use case;
• open a new issue with updated details and a plan on resolving the issue.

Throughout its lifetime, Ory has received over 10.000 issues and PRs. To sustain that growth, we need to prioritize and focus on issues that are important to the community. A good indication of importance, and thus priority, is activity on a topic.

Unfortunately, burnout has become a topic of concern amongst open-source projects.

It can lead to severe personal and health issues as well as opening catastrophic attack vectors.

The motivation for this automation is to help prioritize issues in the backlog and not ignore, reject, or belittle anyone.

If this issue was marked as stale erroneous you can exempt it by adding the backlog label, assigning someone, or setting a milestone for it.

Thank you for your understanding and to anyone who participated in the conversation! And as written above, please do participate in the conversation if this topic is important to you!

Thank you 🙏✌️

[Demonsthere]

Hello there,
I am reopening the issue as it is valid, but cannot promise any timeline in which we can deliver the feature 😞

[sja]

Hi @Demonsthere!

1. Maybe you're confused with the metadata-Field in the linked yaml. It's the Kubernetes resource metadata - not that from the Hydra client.
2. The Metadata-Field is a JSON Raw message type. So, the correct definition of your metadata would be:

apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
  name: my-oauth2-client-2
  namespace: default
spec:
  metadata: {"property1": 1, "proerty2": "2"}
  grantTypes:
...