Merge pull request #523 from curveball/fix-app-auto-signup-flow

Fix bug in 'App creation wizard' flow.

changelog.md

@@ -7,6 +7,7 @@ Changelog
 * Allow admins to auto-generate an intitial 'diceware' password when creating
   new users, which should make onboaring new users and testing easier.
 * Fix CSRF error on register form
+* Fix a bug in the automatic App creation flow
 
 
 0.26.1 (2024-08-12)

src/app-client/formats/siren.ts

@@ -80,7 +80,7 @@ export function newClient(user: App, query: NewClientQuery ) {
             name: 'requirePkce',
             title: 'Require PKCE support (modern clients support this, but not everyone does)',
             type: 'checkbox',
-            value: query.requirePkce === 'true'
+            value: !!query.requirePkce
           },
         ],
       }

src/app/controller/new.ts

@@ -2,7 +2,7 @@ import Controller from '@curveball/controller';
 import { Context } from '@curveball/core';
 import { createAppForm } from '../formats/html.js';
 import * as services from '../../services.js';
-import { Conflict, UnprocessableContent } from '@curveball/http-errors';
+import { Conflict, NotFound, UnprocessableContent } from '@curveball/http-errors';
 import { AppNewFormBody } from '../../api-types.js';
 
 class CreateAppController extends Controller {
@@ -38,9 +38,15 @@ class CreateAppController extends Controller {
       if (!identity.match(/^https?:(.*)$/)) {
         throw new UnprocessableContent('App url must be a http or https URI');
       }
-      if (await services.principalIdentity.findByUri(identity)) {
-        throw new Conflict('A principal with this URI already exists');
+
+      try {
+        if (await services.principalIdentity.findByUri(identity)) {
+          throw new Conflict('A principal with this URI already exists');
+        }
+      } catch (err) {
+        if (!(err instanceof NotFound)) throw err;
       }
+
     }
 
     const newApp = await principalService.save({