-
-
Notifications
You must be signed in to change notification settings - Fork 777
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OneToOneField causes duplicate NULL key errors #663
Comments
Note: the same problem will likely arise for the refresh token model, which declares the access_token field as OneToOne as well:
|
See #497 |
@phillbaker - can you take a look at this? |
@n2ygk sorry, I'm pretty tied up in a bunch of things. I might be able to help review a solution, but I don't have time currently to dig into the underlying causes here. |
@phillbaker For the record, I was able to dig into the underlying cause already. It looks like the issue was introduced by commit 2e4d15e, which features multiple nullable |
I believe the reason NULL is allowed is that Refresh Tokens are not always requested/granted, especially for the Implicit grant in which they aren't even allowed. PR coming, Real Soon Now. |
This is a SQL Server bug. The code is correctly using OneToOneField. SQL Server does not properly implement the UNIQUE NULL constraint in which no two NULLs are equal. There is a workaround that involves changing the |
@phillbaker We are also experiencing this problem in openedX instance looks like due to concurrent requests from mobile native apps, any timeline to fix this problem? I was able to reproduce this issue using this script:
CC: @n2ygk |
@waheedahmed Did you find a fix for this issue? We are seeing it on our Open edX devstacks (django-oauth-toolkit version 1.1.3). |
@bradenmacdonald No, this is the only workaround for SQL databases #667 (comment). |
I've tried to add the |
I'm using Djongo as my Database Manager, yet I'm getting the same error here. Is there any way to fix this with MongoDB? |
Line L262 appears to be causing us some bugs. Having a
source_refresh_token
on theAccessToken
as aOneToOneField
seems to cause duplicate NULL key errors. Why isn't this aForeignKey
?With any version newer than 1.1 that I have tested against MS SQL (perhaps this only appears on MS SQL because it enforces the constraint more rigidly than other databases?) we see the following error when adding or updating tokens:
At first I thought it was inserting NULL tokens, but then I looked a bit deeper and noticed that the insert statements looked fine from the token perspective: they all had non-null tokens. However, the
source_refresh_token_id
is NULL in our case:Looking deeper, I noticed that there was an extra unique constraint at the database level, at which point I noticed in the migrations that
OneToOneField
is used, which enforces that unique constraint. This appears to have been added in commit 2e4d15e. That commit explains why I started seeing this issue only after upgrading beyond version 1.1.0 of the library. I don't think it makes sense to enforce theunique=True
rule (which occurs by default forOneToOneField
fields) if the field also allows NULL value. To be clear, the code that's causing the issue is:For now, I'm working around this by forking the library internally, and changing the
OneToOneField
to aForeignKey
, which seems to work fine.The text was updated successfully, but these errors were encountered: