Why is in this OAuth
database scheme from Brent Shaffer the client_secret
column not allowed to be null (client_secret VARCHAR(80) NOT NULL
)? Is this the common configuration for a valid OAuth database schema?
The OAuth2-Server Module can also be found on GitHub but also in the PDO scheme there the client_secret
column is set NOT NULL
.
CREATE TABLE oauth_clients (
client_id VARCHAR(80) NOT NULL,
client_secret VARCHAR(80) NOT NULL,
redirect_uri VARCHAR(2000) NOT NULL,
grant_types VARCHAR(80),
scope VARCHAR(100),
user_id VARCHAR(80),
CONSTRAINT clients_client_id_pk PRIMARY KEY (client_id)
);
It is quite common to have public clients that don't need a password. I see that people set an empty string(''
) in such cases, but a null
values seems much cleaner to me.
Is there some special reason to prohibit null values in this case?