From b7767f9eff02cd382727f81dce9c9dc7cf077d9f Mon Sep 17 00:00:00 2001
From: Nikos <nikos.sklikas@canonical.com>
Date: Thu, 26 Sep 2024 13:25:27 +0300
Subject: [PATCH] fix: duplicate user_code update

---
 persistence/sql/persister_oauth2.go | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/persistence/sql/persister_oauth2.go b/persistence/sql/persister_oauth2.go
index c94281f769..b5454b0eaa 100644
--- a/persistence/sql/persister_oauth2.go
+++ b/persistence/sql/persister_oauth2.go
@@ -763,17 +763,15 @@ func (p *Persister) UpdateAndInvalidateUserCodeSessionByRequestID(ctx context.Co
 	ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateAndInvalidateUserCodeSession")
 	defer otelx.End(span, &err)
 
-	// TODO(nsklikas): afaict this is supposed to return an error if no rows were updated, but this is not the actual behavior.
-	// We need to either fix this OR do a select -> check -> update (this would require 2 queries instead of 1).
-	/* #nosec G201 table is static */
-	return sqlcon.HandleError(
-		p.Connection(ctx).
-			RawQuery(
-				fmt.Sprintf("UPDATE %s SET active=false, challenge_id=? WHERE request_id=? AND nid = ? AND active=true", OAuth2RequestSQL{Table: sqlTableUserCode}.TableName()),
-				challenge_id,
-				request_id,
-				p.NetworkID(ctx),
-			).
-			Exec(),
-	)
+	if count, err := p.Connection(ctx).RawQuery(
+		fmt.Sprintf("UPDATE %s SET active=false, challenge_id=? WHERE request_id=? AND nid = ? AND active=true", OAuth2RequestSQL{Table: sqlTableUserCode}.TableName()),
+		challenge_id,
+		request_id,
+		p.NetworkID(ctx),
+	).ExecWithCount(); count == 0 && err == nil {
+		return errorsx.WithStack(x.ErrNotFound)
+	} else if err != nil {
+		return sqlcon.HandleError(err)
+	}
+	return nil
 }