fix: properly check if application type is defined with using DCR

https://gravitee.atlassian.net/browse/APIM-2437
gravitee-io/issues#9157

https://gravitee.atlassian.net/browse/APIM-2438
gravitee-io/issues#9158
(cherry picked from commit 23b60be)
(cherry picked from commit 5ece37d)

gravitee-apim-rest-api/gravitee-apim-rest-api-service/src/main/java/io/gravitee/rest/api/service/impl/ApplicationServiceImpl.java

@@ -358,7 +358,7 @@ public ApplicationEntity create(final ExecutionContext executionContext, NewAppl
             if (!isApplicationTypeAllowed(executionContext, appType, executionContext.getEnvironmentId())) {
                 throw new IllegalStateException("Application type '" + appType + "' is not allowed");
             }
-            checkClientSettings(newApplicationEntity.getSettings().getoAuthClient(), newApplicationEntity.getType());
+            checkAndSanitizeOAuthClientSettings(newApplicationEntity.getSettings().getoAuthClient());
 
             // Create an OAuth client
             ClientRegistrationResponse registrationResponse = clientRegistrationService.register(executionContext, newApplicationEntity);
@@ -462,12 +462,16 @@ private ApplicationEntity createApplicationForEnvironment(
         }
     }
 
-    private void checkClientSettings(OAuthClientSettings oAuthClientSettings, String applicationType) {
+    private void checkAndSanitizeOAuthClientSettings(OAuthClientSettings oAuthClientSettings) {
         if (oAuthClientSettings.getGrantTypes() == null || oAuthClientSettings.getGrantTypes().isEmpty()) {
             throw new ApplicationGrantTypesNotFoundException();
         }
 
-        ApplicationTypeEntity applicationTypeEntity = applicationTypeService.getApplicationType(applicationType);
+        if (oAuthClientSettings.getApplicationType() == null || oAuthClientSettings.getApplicationType().isEmpty()) {
+            throw new ApplicationTypeNotFoundException(null);
+        }
+
+        ApplicationTypeEntity applicationTypeEntity = applicationTypeService.getApplicationType(oAuthClientSettings.getApplicationType());
 
         List<String> targetGrantTypes = oAuthClientSettings.getGrantTypes();
         List<String> allowedGrantTypes = applicationTypeEntity
@@ -559,7 +563,7 @@ public ApplicationEntity update(
             } else {
                 // Check that client registration is enabled
                 checkClientRegistrationEnabled(executionContext, executionContext.getEnvironmentId());
-                checkClientSettings(updateApplicationEntity.getSettings().getoAuthClient(), applicationToUpdate.getType().name());
+                checkAndSanitizeOAuthClientSettings(updateApplicationEntity.getSettings().getoAuthClient());
 
                 // Update an OAuth client
                 final String registrationPayload = applicationToUpdate.getMetadata().get(METADATA_REGISTRATION_PAYLOAD);

gravitee-apim-rest-api/gravitee-apim-rest-api-service/src/test/java/io/gravitee/rest/api/service/impl/ApplicationService_CreateTest.java

@@ -340,14 +340,13 @@ public void shouldCreateOauthApp() throws TechnicalException {
         when(parameterService.findAsBoolean(any(), eq(Key.APPLICATION_TYPE_BROWSER_ENABLED), any(), eq(ParameterReferenceType.ENVIRONMENT)))
             .thenReturn(true);
 
-        // oauth app settings contains everything required
+        // oauth app setting contains everything required
         ApplicationSettings settings = new ApplicationSettings();
         OAuthClientSettings oAuthClientSettings = new OAuthClientSettings();
         oAuthClientSettings.setGrantTypes(List.of("application-grant-type"));
         oAuthClientSettings.setApplicationType("BROWSER");
         settings.setoAuthClient(oAuthClientSettings);
         when(newApplication.getSettings()).thenReturn(settings);
-        when(newApplication.getType()).thenReturn(ApplicationType.BROWSER.name());
 
         // mock application type service
         ApplicationTypeEntity applicationTypeEntity = new ApplicationTypeEntity();