*: ClientIdentityXXX -> ClientXXX

Get rid of all outdated "ClientIdentity" terminology.
2016-04-14 16:27:57 -07:00 · 2016-04-14 16:27:57 -07:00 · e5948ab3ce
commit e5948ab3ce
parent 95757e8779
32 changed files with 220 additions and 220 deletions
--- a/admin/api.go
+++ b/admin/api.go
@ -19,7 +19,7 @@ type AdminAPI struct {
 	userManager      *manager.UserManager
 	userRepo         user.UserRepo
 	passwordInfoRepo user.PasswordInfoRepo
-	clientIdentityRepo client.ClientIdentityRepo
+	clientRepo       client.ClientRepo
 	localConnectorID string
 }
@ -33,7 +33,7 @@ func NewAdminAPI(dbMap *gorp.DbMap, userManager *manager.UserManager, localConne
 		userManager:      userManager,
 		userRepo:         db.NewUserRepo(dbMap),
 		passwordInfoRepo: db.NewPasswordInfoRepo(dbMap),
-		clientIdentityRepo: db.NewClientIdentityRepo(dbMap),
+		clientRepo:       db.NewClientRepo(dbMap),
 		localConnectorID: localConnectorID,
 	}
 }
@ -136,7 +136,7 @@ func (a *AdminAPI) CreateClient(req adminschema.ClientCreateRequest) (adminschem
 	cli.Credentials.ID = id
-	creds, err := a.clientIdentityRepo.New(cli)
+	creds, err := a.clientRepo.New(cli)
 	if err != nil {
 		return adminschema.ClientCreateResponse{}, mapError(err)
 	}
--- a/client/client.go
+++ b/client/client.go
@ -23,7 +23,7 @@ type Client struct {
 	Admin       bool
 }
-type ClientIdentityRepo interface {
+type ClientRepo interface {
 	Get(clientID string) (Client, error)
 	// Metadata returns one matching ClientMetadata if the given client
@ -37,10 +37,10 @@ type ClientIdentityRepo interface {
 	// to make these assertions will a non-nil error be returned.
 	Authenticate(creds oidc.ClientCredentials) (bool, error)
-	// All returns all registered Client Identities.
+	// All returns all registered Clients
 	All() ([]Client, error)
-	// New registers a ClientIdentity with the repo for the given metadata.
+	// New registers a Client with the repo.
 	// An unused ID must be provided. A corresponding secret will be returned
 	// in a ClientCredentials struct along with the provided ID.
 	New(client Client) (*oidc.ClientCredentials, error)
--- a/cmd/dexctl/driver_db.go
+++ b/cmd/dexctl/driver_db.go
@ -14,7 +14,7 @@ func newDBDriver(dsn string) (driver, error) {
 	}
 	drv := &dbDriver{
-		ciRepo:  db.NewClientIdentityRepo(dbc),
+		ciRepo:  db.NewClientRepo(dbc),
 		cfgRepo: db.NewConnectorConfigRepo(dbc),
 	}
@ -22,7 +22,7 @@ func newDBDriver(dsn string) (driver, error) {
 }
 type dbDriver struct {
-	ciRepo  client.ClientIdentityRepo
+	ciRepo  client.ClientRepo
 	cfgRepo *db.ConnectorConfigRepo
 }
--- a/db/client.go
+++ b/db/client.go
@ -18,7 +18,7 @@ import (
 )
 const (
-	clientIdentityTableName = "client_identity"
+	clientTableName = "client_identity"
 	bcryptHashCost = 10
@ -34,19 +34,18 @@ const (
 func init() {
 	register(table{
-		name:    clientIdentityTableName,
+		name:    clientTableName,
-		model:   clientIdentityModel{},
+		model:   clientModel{},
 		autoinc: false,
 		pkey:    []string{"id"},
 	})
 }
-func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
+func newClientModel(cli client.Client) (*clientModel, error) {
 	secretBytes, err := base64.URLEncoding.DecodeString(cli.Credentials.Secret)
 	if err != nil {
 		return nil, err
 	}
 	hashed, err := bcrypt.GenerateFromPassword([]byte(
 		secretBytes),
 		bcryptHashCost)
@ -59,7 +58,7 @@ func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
 		return nil, err
 	}
-	cim := clientIdentityModel{
+	cim := clientModel{
 		ID:       cli.Credentials.ID,
 		Secret:   hashed,
 		Metadata: string(bmeta),
@ -69,14 +68,14 @@ func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
 	return &cim, nil
 }
-type clientIdentityModel struct {
+type clientModel struct {
 	ID       string `db:"id"`
 	Secret   []byte `db:"secret"`
 	Metadata string `db:"metadata"`
 	DexAdmin bool   `db:"dex_admin"`
 }
-func (m *clientIdentityModel) Client() (*client.Client, error) {
+func (m *clientModel) Client() (*client.Client, error) {
 	ci := client.Client{
 		Credentials: oidc.ClientCredentials{
 			ID:     m.ID,
@ -92,16 +91,16 @@ func (m *clientIdentityModel) Client() (*client.Client, error) {
 	return &ci, nil
 }
-func NewClientIdentityRepo(dbm *gorp.DbMap) client.ClientIdentityRepo {
+func NewClientRepo(dbm *gorp.DbMap) client.ClientRepo {
-	return newClientIdentityRepo(dbm)
+	return newClientRepo(dbm)
 }
-func newClientIdentityRepo(dbm *gorp.DbMap) *clientIdentityRepo {
+func newClientRepo(dbm *gorp.DbMap) *clientRepo {
-	return &clientIdentityRepo{db: &db{dbm}}
+	return &clientRepo{db: &db{dbm}}
 }
-func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client) (client.ClientIdentityRepo, error) {
+func NewClientRepoFromClients(dbm *gorp.DbMap, clients []client.Client) (client.ClientRepo, error) {
-	repo := newClientIdentityRepo(dbm)
+	repo := newClientRepo(dbm)
 	tx, err := repo.begin()
 	if err != nil {
 		return nil, err
@ -112,7 +111,7 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client)
 		if c.Credentials.Secret == "" {
 			return nil, fmt.Errorf("client %q has no secret", c.Credentials.ID)
 		}
-		cm, err := newClientIdentityModel(c)
+		cm, err := newClientModel(c)
 		if err != nil {
 			return nil, err
 		}
@ -127,13 +126,12 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client)
 	return repo, nil
 }
-type clientIdentityRepo struct {
+type clientRepo struct {
 	*db
 }
-func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
+func (r *clientRepo) Get(clientID string) (client.Client, error) {
-	m, err := r.executor(nil).Get(clientIdentityModel{}, clientID)
+	m, err := r.executor(nil).Get(clientModel{}, clientID)
 	if err == sql.ErrNoRows || m == nil {
 		return client.Client{}, client.ErrorNotFound
 	}
@ -141,7 +139,7 @@ func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
 		return client.Client{}, err
 	}
-	cim, ok := m.(*clientIdentityModel)
+	cim, ok := m.(*clientModel)
 	if !ok {
 		log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
 		return client.Client{}, errors.New("unrecognized model")
@ -155,7 +153,7 @@ func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
 	return *ci, nil
 }
-func (r *clientIdentityRepo) Metadata(clientID string) (*oidc.ClientMetadata, error) {
+func (r *clientRepo) Metadata(clientID string) (*oidc.ClientMetadata, error) {
 	c, err := r.Get(clientID)
 	if err != nil {
 		return nil, err
@ -164,22 +162,22 @@ func (r *clientIdentityRepo) Metadata(clientID string) (*oidc.ClientMetadata, er
 	return &c.Metadata, nil
 }
-func (r *clientIdentityRepo) IsDexAdmin(clientID string) (bool, error) {
+func (r *clientRepo) IsDexAdmin(clientID string) (bool, error) {
-	m, err := r.executor(nil).Get(clientIdentityModel{}, clientID)
+	m, err := r.executor(nil).Get(clientModel{}, clientID)
 	if m == nil || err != nil {
 		return false, err
 	}
-	cim, ok := m.(*clientIdentityModel)
+	cim, ok := m.(*clientModel)
 	if !ok {
-		log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
+		log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
 		return false, errors.New("unrecognized model")
 	}
 	return cim.DexAdmin, nil
 }
-func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
+func (r *clientRepo) SetDexAdmin(clientID string, isAdmin bool) error {
 	tx, err := r.begin()
 	if err != nil {
 		return err
@ -187,14 +185,14 @@ func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
 	defer tx.Rollback()
 	exec := r.executor(tx)
-	m, err := exec.Get(clientIdentityModel{}, clientID)
+	m, err := exec.Get(clientModel{}, clientID)
 	if m == nil || err != nil {
 		return err
 	}
-	cim, ok := m.(*clientIdentityModel)
+	cim, ok := m.(*clientModel)
 	if !ok {
-		log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
+		log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
 		return errors.New("unrecognized model")
 	}
@ -207,15 +205,15 @@ func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
 	return tx.Commit()
 }
-func (r *clientIdentityRepo) Authenticate(creds oidc.ClientCredentials) (bool, error) {
+func (r *clientRepo) Authenticate(creds oidc.ClientCredentials) (bool, error) {
-	m, err := r.executor(nil).Get(clientIdentityModel{}, creds.ID)
+	m, err := r.executor(nil).Get(clientModel{}, creds.ID)
 	if m == nil || err != nil {
 		return false, err
 	}
-	cim, ok := m.(*clientIdentityModel)
+	cim, ok := m.(*clientModel)
 	if !ok {
-		log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
+		log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
 		return false, errors.New("unrecognized model")
 	}
@ -252,14 +250,15 @@ func isAlreadyExistsErr(err error) bool {
 	return false
 }
-func (r *clientIdentityRepo) New(cli client.Client) (*oidc.ClientCredentials, error) {
+func (r *clientRepo) New(cli client.Client) (*oidc.ClientCredentials, error) {
 	secret, err := pcrypto.RandBytes(maxSecretLength)
 	if err != nil {
 		return nil, err
 	}
 	cli.Credentials.Secret = base64.URLEncoding.EncodeToString(secret)
-	cim, err := newClientIdentityModel(cli)
+	cim, err := newClientModel(cli)
 	if err != nil {
 		return nil, err
 	}
@ -279,19 +278,19 @@ func (r *clientIdentityRepo) New(cli client.Client) (*oidc.ClientCredentials, er
 	return &cc, nil
 }
-func (r *clientIdentityRepo) All() ([]client.Client, error) {
+func (r *clientRepo) All() ([]client.Client, error) {
-	qt := r.quote(clientIdentityTableName)
+	qt := r.quote(clientTableName)
 	q := fmt.Sprintf("SELECT * FROM %s", qt)
-	objs, err := r.executor(nil).Select(&clientIdentityModel{}, q)
+	objs, err := r.executor(nil).Select(&clientModel{}, q)
 	if err != nil {
 		return nil, err
 	}
 	cs := make([]client.Client, len(objs))
 	for i, obj := range objs {
-		m, ok := obj.(*clientIdentityModel)
+		m, ok := obj.(*clientModel)
 		if !ok {
-			return nil, errors.New("unable to cast client identity to clientIdentityModel")
+			return nil, errors.New("unable to cast client identity to clientModel")
 		}
 		ci, err := m.Client()
--- a/db/migrate_test.go
+++ b/db/migrate_test.go
@ -88,7 +88,7 @@ func TestMigrateClientMetadata(t *testing.T) {
 	}
 	for i, tt := range tests {
-		model := &clientIdentityModel{
+		model := &clientModel{
 			ID:       strconv.Itoa(i),
 			Secret:   []byte("verysecret"),
 			Metadata: tt.before,
@ -108,12 +108,12 @@ func TestMigrateClientMetadata(t *testing.T) {
 	for i, tt := range tests {
 		id := strconv.Itoa(i)
-		m, err := dbMap.Get(clientIdentityModel{}, id)
+		m, err := dbMap.Get(clientModel{}, id)
 		if err != nil {
 			t.Errorf("case %d: failed to get model: %v", i, err)
 			continue
 		}
-		cim, ok := m.(*clientIdentityModel)
+		cim, ok := m.(*clientModel)
 		if !ok {
 			t.Errorf("case %d: unrecognized model type: %T", i, m)
 			continue
--- a/db/refresh.go
+++ b/db/refresh.go
@ -189,9 +189,9 @@ func (r *refreshTokenRepo) RevokeTokensForClient(userID, clientID string) error
 func (r *refreshTokenRepo) ClientsWithRefreshTokens(userID string) ([]client.Client, error) {
 	q := `SELECT c.* FROM %s as c
 	INNER JOIN %s as r ON c.id = r.client_id WHERE r.user_id = $1;`
-	q = fmt.Sprintf(q, r.quote(clientIdentityTableName), r.quote(refreshTokenTableName))
+	q = fmt.Sprintf(q, r.quote(clientTableName), r.quote(refreshTokenTableName))
-	var clients []clientIdentityModel
+	var clients []clientModel
 	if _, err := r.executor(nil).Select(&clients, q, userID); err != nil {
 		return nil, err
 	}
--- a/functional/db_test.go
+++ b/functional/db_test.go
@ -181,8 +181,8 @@ func TestDBPrivateKeySetRepoSetGet(t *testing.T) {
 	}
 }
-func TestDBClientIdentityRepoMetadata(t *testing.T) {
+func TestDBClientRepoMetadata(t *testing.T) {
-	r := db.NewClientIdentityRepo(connect(t))
+	r := db.NewClientRepo(connect(t))
 	cm := oidc.ClientMetadata{
 		RedirectURIs: []url.URL{
@ -211,8 +211,8 @@ func TestDBClientIdentityRepoMetadata(t *testing.T) {
 	}
 }
-func TestDBClientIdentityRepoMetadataNoExist(t *testing.T) {
+func TestDBClientRepoMetadataNoExist(t *testing.T) {
-	r := db.NewClientIdentityRepo(connect(t))
+	r := db.NewClientRepo(connect(t))
 	got, err := r.Metadata("noexist")
 	if err != client.ErrorNotFound {
@ -223,8 +223,8 @@ func TestDBClientIdentityRepoMetadataNoExist(t *testing.T) {
 	}
 }
-func TestDBClientIdentityRepoNewDuplicate(t *testing.T) {
+func TestDBClientRepoNewDuplicate(t *testing.T) {
-	r := db.NewClientIdentityRepo(connect(t))
+	r := db.NewClientRepo(connect(t))
 	meta1 := oidc.ClientMetadata{
 		RedirectURIs: []url.URL{
@ -257,8 +257,8 @@ func TestDBClientIdentityRepoNewDuplicate(t *testing.T) {
 	}
 }
-func TestDBClientIdentityRepoAuthenticate(t *testing.T) {
+func TestDBClientRepoAuthenticate(t *testing.T) {
-	r := db.NewClientIdentityRepo(connect(t))
+	r := db.NewClientRepo(connect(t))
 	cm := oidc.ClientMetadata{
 		RedirectURIs: []url.URL{
@ -310,8 +310,8 @@ func TestDBClientIdentityRepoAuthenticate(t *testing.T) {
 	}
 }
-func TestDBClientIdentityAll(t *testing.T) {
+func TestDBClientAll(t *testing.T) {
-	r := db.NewClientIdentityRepo(connect(t))
+	r := db.NewClientRepo(connect(t))
 	cm := oidc.ClientMetadata{
 		RedirectURIs: []url.URL{
--- a/functional/repo/client_repo_test.go
+++ b/functional/repo/client_repo_test.go
@ -48,7 +48,7 @@ var (
 	}
 )
-func newClientIdentityRepo(t *testing.T) client.ClientIdentityRepo {
+func newClientRepo(t *testing.T) client.ClientRepo {
 	dsn := os.Getenv("DEX_TEST_DSN")
 	var dbMap *gorp.DbMap
 	if dsn == "" {
@ -56,7 +56,7 @@ func newClientIdentityRepo(t *testing.T) client.ClientIdentityRepo {
 	} else {
 		dbMap = connect(t)
 	}
-	repo, err := db.NewClientIdentityRepoFromClients(dbMap, testClients)
+	repo, err := db.NewClientRepoFromClients(dbMap, testClients)
 	if err != nil {
 		t.Fatalf("failed to create client repo from clients: %v", err)
 	}
@ -101,7 +101,7 @@ func TestGetSetAdminClient(t *testing.T) {
 Tests:
 	for i, tt := range tests {
-		repo := newClientIdentityRepo(t)
+		repo := newClientRepo(t)
 		for _, cid := range startAdmins {
 			err := repo.SetDexAdmin(cid, true)
 			if err != nil {
--- a/functional/repo/refresh_repo_test.go
+++ b/functional/repo/refresh_repo_test.go
@ -27,7 +27,7 @@ func newRefreshRepo(t *testing.T, users []user.UserWithRemoteIdentities, clients
 	if _, err := db.NewUserRepoFromUsers(dbMap, users); err != nil {
 		t.Fatalf("Unable to add users: %v", err)
 	}
-	if _, err := db.NewClientIdentityRepoFromClients(dbMap, clients); err != nil {
+	if _, err := db.NewClientRepoFromClients(dbMap, clients); err != nil {
 		t.Fatalf("Unable to add clients: %v", err)
 	}
 	return db.NewRefreshTokenRepo(dbMap)
--- a/integration/client_api_test.go
+++ b/integration/client_api_test.go
@ -73,7 +73,7 @@ func TestClientCreate(t *testing.T) {
 		t.Error("Expected non-empty Client Secret")
 	}
-	meta, err := srv.ClientIdentityRepo.Metadata(newClient.Id)
+	meta, err := srv.ClientRepo.Metadata(newClient.Id)
 	if err != nil {
 		t.Errorf("Error looking up client metadata: %v", err)
 	} else if meta == nil {
--- a/integration/oidc_test.go
+++ b/integration/oidc_test.go
@ -35,7 +35,7 @@ func mockServer(cis []client.Client) (*server.Server, error) {
 	if err != nil {
 		return nil, err
 	}
-	clientIdentityRepo, err := db.NewClientIdentityRepoFromClients(dbMap, cis)
+	clientRepo, err := db.NewClientRepoFromClients(dbMap, cis)
 	if err != nil {
 		return nil, err
 	}
@ -44,7 +44,7 @@ func mockServer(cis []client.Client) (*server.Server, error) {
 	srv := &server.Server{
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:     km,
-		ClientIdentityRepo: clientIdentityRepo,
+		ClientRepo:     clientRepo,
 		SessionManager: sm,
 	}
@ -125,7 +125,7 @@ func TestHTTPExchangeTokenRefreshToken(t *testing.T) {
 	}
 	dbMap := db.NewMemDB()
-	cir, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{ci})
+	cir, err := db.NewClientRepoFromClients(dbMap, []client.Client{ci})
 	if err != nil {
 		t.Fatalf("Failed to create client identity repo: " + err.Error())
 	}
@ -164,7 +164,7 @@ func TestHTTPExchangeTokenRefreshToken(t *testing.T) {
 		IssuerURL:        issuerURL,
 		KeyManager:       km,
 		SessionManager:   sm,
-		ClientIdentityRepo: cir,
+		ClientRepo:       cir,
 		Templates:        template.New(connector.LoginPageTemplateName),
 		Connectors:       []connector.Connector{},
 		UserRepo:         userRepo,
--- a/integration/user_api_test.go
+++ b/integration/user_api_test.go
@ -101,8 +101,8 @@ func makeUserAPITestFixtures() *userAPITestFixtures {
 	f := &userAPITestFixtures{}
 	dbMap, _, _, um := makeUserObjects(userUsers, userPasswords)
-	cir := func() client.ClientIdentityRepo {
+	cir := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{
+		repo, err := db.NewClientRepoFromClients(dbMap, []client.Client{
 			client.Client{
 				Credentials: oidc.ClientCredentials{
 					ID:     testClientID,
--- a/schema/adminschema/v1-json.go
+++ b/schema/adminschema/v1-json.go
@ -1,4 +1,5 @@
 package adminschema
 //
 // This file is automatically generated by schema/generator
 //
--- a/schema/workerschema/v1-json.go
+++ b/schema/workerschema/v1-json.go
@ -1,4 +1,5 @@
 package workerschema
 //
 // This file is automatically generated by schema/generator
 //
--- a/server/auth_middleware.go
+++ b/server/auth_middleware.go
@ -14,7 +14,7 @@ import (
 type clientTokenMiddleware struct {
 	issuerURL string
-	ciRepo    client.ClientIdentityRepo
+	ciRepo    client.ClientRepo
 	keysFunc  func() ([]key.PublicKey, error)
 	next      http.Handler
 }
@ -31,7 +31,7 @@ func (c *clientTokenMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request
 	}
 	if c.ciRepo == nil {
-		log.Errorf("Misconfigured clientTokenMiddleware, ClientIdentityRepo is not set")
+		log.Errorf("Misconfigured clientTokenMiddleware, ClientRepo is not set")
 		respondError()
 		return
 	}
--- a/server/auth_middleware_test.go
+++ b/server/auth_middleware_test.go
@ -37,7 +37,7 @@ func TestClientToken(t *testing.T) {
 			},
 		},
 	}
-	repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
+	repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
 	if err != nil {
 		t.Fatalf("Failed to create client identity repo: %v", err)
 	}
@ -65,7 +65,7 @@ func TestClientToken(t *testing.T) {
 	tests := []struct {
 		keys     []key.PublicKey
-		repo     client.ClientIdentityRepo
+		repo     client.ClientRepo
 		header   string
 		wantCode int
 	}{
@ -114,7 +114,7 @@ func TestClientToken(t *testing.T) {
 		// empty repo
 		{
 			keys:     []key.PublicKey{pubKey},
-			repo:     db.NewClientIdentityRepo(db.NewMemDB()),
+			repo:     db.NewClientRepo(db.NewMemDB()),
 			header:   fmt.Sprintf("BEARER %s", validJWT),
 			wantCode: http.StatusUnauthorized,
 		},
--- a/server/client_registration.go
+++ b/server/client_registration.go
@ -45,7 +45,7 @@ func (s *Server) handleClientRegistrationRequest(r *http.Request) (*oidc.ClientR
 		return nil, newAPIError(oauth2.ErrorServerError, "unable to save client metadata")
 	}
-	creds, err := s.ClientIdentityRepo.New(client.Client{
+	creds, err := s.ClientRepo.New(client.Client{
 		Credentials: oidc.ClientCredentials{
 			ID: id,
 		},
--- a/server/client_registration_test.go
+++ b/server/client_registration_test.go
@ -143,7 +143,7 @@ func TestClientRegistration(t *testing.T) {
 				return fmt.Errorf("no client id in registration response")
 			}
-			metadata, err := fixtures.clientIdentityRepo.Metadata(r.ClientID)
+			metadata, err := fixtures.clientRepo.Metadata(r.ClientID)
 			if err != nil {
 				return fmt.Errorf("failed to lookup client id after creation")
 			}
--- a/server/client_resource.go
+++ b/server/client_resource.go
@ -14,10 +14,10 @@ import (
 )
 type clientResource struct {
-	repo client.ClientIdentityRepo
+	repo client.ClientRepo
 }
-func registerClientResource(prefix string, repo client.ClientIdentityRepo) (string, http.Handler) {
+func registerClientResource(prefix string, repo client.ClientRepo) (string, http.Handler) {
 	mux := http.NewServeMux()
 	c := &clientResource{
 		repo: repo,
--- a/server/client_resource_test.go
+++ b/server/client_resource_test.go
@ -28,7 +28,7 @@ func makeBody(s string) io.ReadCloser {
 func TestCreateInvalidRequest(t *testing.T) {
 	u := &url.URL{Scheme: "http", Host: "example.com", Path: "clients"}
 	h := http.Header{"Content-Type": []string{"application/json"}}
-	repo := db.NewClientIdentityRepo(db.NewMemDB())
+	repo := db.NewClientRepo(db.NewMemDB())
 	res := &clientResource{repo: repo}
 	tests := []struct {
 		req      *http.Request
@ -119,7 +119,7 @@ func TestCreateInvalidRequest(t *testing.T) {
 }
 func TestCreate(t *testing.T) {
-	repo := db.NewClientIdentityRepo(db.NewMemDB())
+	repo := db.NewClientRepo(db.NewMemDB())
 	res := &clientResource{repo: repo}
 	tests := [][]string{
 		[]string{"http://example.com"},
@ -239,7 +239,7 @@ func TestList(t *testing.T) {
 	}
 	for i, tt := range tests {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), tt.cs)
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), tt.cs)
 		if err != nil {
 			t.Errorf("case %d: failed to create client identity repo: %v", i, err)
 			continue
--- a/server/config.go
+++ b/server/config.go
@ -114,7 +114,7 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
 	if err != nil {
 		return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)
 	}
-	ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)
+	ciRepo, err := db.NewClientRepoFromClients(dbMap, clients)
 	if err != nil {
 		return fmt.Errorf("failed to create client identity repo: %v", err)
 	}
@ -155,7 +155,7 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
 	txnFactory := db.TransactionFactory(dbMap)
 	userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, txnFactory, usermanager.ManagerOptions{})
-	srv.ClientIdentityRepo = ciRepo
+	srv.ClientRepo = ciRepo
 	srv.KeySetRepo = kRepo
 	srv.ConnectorConfigRepo = cfgRepo
 	srv.UserRepo = userRepo
@ -246,7 +246,7 @@ func (cfg *MultiServerConfig) Configure(srv *Server) error {
 		return fmt.Errorf("unable to create PrivateKeySetRepo: %v", err)
 	}
-	ciRepo := db.NewClientIdentityRepo(dbc)
+	ciRepo := db.NewClientRepo(dbc)
 	sRepo := db.NewSessionRepo(dbc)
 	skRepo := db.NewSessionKeyRepo(dbc)
 	cfgRepo := db.NewConnectorConfigRepo(dbc)
@ -257,7 +257,7 @@ func (cfg *MultiServerConfig) Configure(srv *Server) error {
 	sm := sessionmanager.NewSessionManager(sRepo, skRepo)
-	srv.ClientIdentityRepo = ciRepo
+	srv.ClientRepo = ciRepo
 	srv.KeySetRepo = kRepo
 	srv.ConnectorConfigRepo = cfgRepo
 	srv.UserRepo = userRepo
--- a/server/email_verification.go
+++ b/server/email_verification.go
@ -28,7 +28,7 @@ func handleVerifyEmailResendFunc(
 	srvKeysFunc func() ([]key.PublicKey, error),
 	emailer *useremail.UserEmailer,
 	userRepo user.UserRepo,
-	clientIdentityRepo client.ClientIdentityRepo) http.HandlerFunc {
+	clientRepo client.ClientRepo) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		decoder := json.NewDecoder(r.Body)
 		var params struct {
@ -57,7 +57,7 @@ func handleVerifyEmailResendFunc(
 			return
 		}
-		cm, err := clientIdentityRepo.Metadata(clientID)
+		cm, err := clientRepo.Metadata(clientID)
 		if err == client.ErrorNotFound {
 			log.Errorf("No such client: %v", err)
 			writeAPIError(w, http.StatusBadRequest,
--- a/server/email_verification_test.go
+++ b/server/email_verification_test.go
@ -130,7 +130,7 @@ func TestHandleVerifyEmailResend(t *testing.T) {
 			keysFunc,
 			f.srv.UserEmailer,
 			f.userRepo,
-			f.clientIdentityRepo)
+			f.clientRepo)
 		w := httptest.NewRecorder()
 		u := "http://example.com"
--- a/server/http_test.go
+++ b/server/http_test.go
@ -78,8 +78,8 @@ func TestHandleAuthFuncResponsesSingleRedirectURL(t *testing.T) {
 	srv := &Server{
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		SessionManager: manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB())),
-		ClientIdentityRepo: func() client.ClientIdentityRepo {
+		ClientRepo: func() client.ClientRepo {
-			repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+			repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 				client.Client{
 					Credentials: oidc.ClientCredentials{
 						ID:     "XXX",
@ -230,8 +230,8 @@ func TestHandleAuthFuncResponsesMultipleRedirectURLs(t *testing.T) {
 	srv := &Server{
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		SessionManager: manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB())),
-		ClientIdentityRepo: func() client.ClientIdentityRepo {
+		ClientRepo: func() client.ClientRepo {
-			repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+			repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 				client.Client{
 					Credentials: oidc.ClientCredentials{
 						ID:     "XXX",
--- a/server/password.go
+++ b/server/password.go
@ -29,7 +29,7 @@ type SendResetPasswordEmailHandler struct {
 	tpl     *template.Template
 	emailer *useremail.UserEmailer
 	sm      *sessionmanager.SessionManager
-	cr      client.ClientIdentityRepo
+	cr      client.ClientRepo
 }
 func (h *SendResetPasswordEmailHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
--- a/server/password_test.go
+++ b/server/password_test.go
@ -267,7 +267,7 @@ func TestSendResetPasswordEmailHandler(t *testing.T) {
 			tpl:     f.srv.SendResetPasswordEmailTemplate,
 			emailer: f.srv.UserEmailer,
 			sm:      f.sessionManager,
-			cr:      f.clientIdentityRepo,
+			cr:      f.clientRepo,
 		}
 		w := httptest.NewRecorder()
--- a/server/server.go
+++ b/server/server.go
@ -60,7 +60,7 @@ type Server struct {
 	KeyManager                     key.PrivateKeyManager
 	KeySetRepo                     key.PrivateKeySetRepo
 	SessionManager                 *sessionmanager.SessionManager
-	ClientIdentityRepo             client.ClientIdentityRepo
+	ClientRepo                     client.ClientRepo
 	ConnectorConfigRepo            connector.ConnectorConfigRepo
 	Templates                      *template.Template
 	LoginTemplate                  *template.Template
@ -213,13 +213,13 @@ func (s *Server) HTTPHandler() http.Handler {
 		s.KeyManager.PublicKeys,
 		s.UserEmailer,
 		s.UserRepo,
-		s.ClientIdentityRepo)))
+		s.ClientRepo)))
 	mux.Handle(httpPathSendResetPassword, &SendResetPasswordEmailHandler{
 		tpl:     s.SendResetPasswordEmailTemplate,
 		emailer: s.UserEmailer,
 		sm:      s.SessionManager,
-		cr:      s.ClientIdentityRepo,
+		cr:      s.ClientRepo,
 	})
 	mux.Handle(httpPathResetPassword, &ResetPasswordHandler{
@ -256,11 +256,11 @@ func (s *Server) HTTPHandler() http.Handler {
 	apiBasePath := path.Join(httpPathAPI, APIVersion)
 	registerDiscoveryResource(apiBasePath, mux)
-	clientPath, clientHandler := registerClientResource(apiBasePath, s.ClientIdentityRepo)
+	clientPath, clientHandler := registerClientResource(apiBasePath, s.ClientRepo)
 	mux.Handle(path.Join(apiBasePath, clientPath), s.NewClientTokenAuthHandler(clientHandler))
 	usersAPI := usersapi.NewUsersAPI(s.dbMap, s.UserManager, s.UserEmailer, s.localConnectorID)
-	handler := NewUserMgmtServer(usersAPI, s.JWTVerifierFactory(), s.UserManager, s.ClientIdentityRepo).HTTPHandler()
+	handler := NewUserMgmtServer(usersAPI, s.JWTVerifierFactory(), s.UserManager, s.ClientRepo).HTTPHandler()
 	mux.Handle(apiBasePath+"/", handler)
@ -271,14 +271,14 @@ func (s *Server) HTTPHandler() http.Handler {
 func (s *Server) NewClientTokenAuthHandler(handler http.Handler) http.Handler {
 	return &clientTokenMiddleware{
 		issuerURL: s.IssuerURL.String(),
-		ciRepo:    s.ClientIdentityRepo,
+		ciRepo:    s.ClientRepo,
 		keysFunc:  s.KeyManager.PublicKeys,
 		next:      handler,
 	}
 }
 func (s *Server) ClientMetadata(clientID string) (*oidc.ClientMetadata, error) {
-	return s.ClientIdentityRepo.Metadata(clientID)
+	return s.ClientRepo.Metadata(clientID)
 }
 func (s *Server) NewSession(ipdcID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error) {
@ -365,7 +365,7 @@ func (s *Server) Login(ident oidc.Identity, key string) (string, error) {
 }
 func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, error) {
-	ok, err := s.ClientIdentityRepo.Authenticate(creds)
+	ok, err := s.ClientRepo.Authenticate(creds)
 	if err != nil {
 		log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
 		return nil, oauth2.NewError(oauth2.ErrorServerError)
@ -397,7 +397,7 @@ func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, erro
 }
 func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, error) {
-	ok, err := s.ClientIdentityRepo.Authenticate(creds)
+	ok, err := s.ClientRepo.Authenticate(creds)
 	if err != nil {
 		log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
 		return nil, "", oauth2.NewError(oauth2.ErrorServerError)
@ -466,7 +466,7 @@ func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jo
 }
 func (s *Server) RefreshToken(creds oidc.ClientCredentials, token string) (*jose.JWT, error) {
-	ok, err := s.ClientIdentityRepo.Authenticate(creds)
+	ok, err := s.ClientRepo.Authenticate(creds)
 	if err != nil {
 		log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
 		return nil, oauth2.NewError(oauth2.ErrorServerError)
--- a/server/server_test.go
+++ b/server/server_test.go
@ -194,8 +194,8 @@ func TestServerLogin(t *testing.T) {
 			},
 		},
 	}
-	ciRepo := func() client.ClientIdentityRepo {
+	ciRepo := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
 		if err != nil {
 			t.Fatalf("Failed to create client identity repo: %v", err)
 		}
@ -222,7 +222,7 @@ func TestServerLogin(t *testing.T) {
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:     km,
 		SessionManager: sm,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:     ciRepo,
 		UserRepo:       userRepo,
 	}
@ -244,8 +244,8 @@ func TestServerLogin(t *testing.T) {
 }
 func TestServerLoginUnrecognizedSessionKey(t *testing.T) {
-	ciRepo := func() client.ClientIdentityRepo {
+	ciRepo := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 			client.Client{
 				Credentials: oidc.ClientCredentials{
 					ID: "XXX", Secret: clientTestSecret,
@ -266,7 +266,7 @@ func TestServerLoginUnrecognizedSessionKey(t *testing.T) {
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:     km,
 		SessionManager: sm,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:     ciRepo,
 	}
 	ident := oidc.Identity{ID: "YYY", Name: "elroy", Email: "elroy@example.com"}
@ -296,8 +296,8 @@ func TestServerLoginDisabledUser(t *testing.T) {
 			},
 		},
 	}
-	ciRepo := func() client.ClientIdentityRepo {
+	ciRepo := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
 		if err != nil {
 			t.Fatalf("Failed to create client identity repo: %v", err)
 		}
@ -338,7 +338,7 @@ func TestServerLoginDisabledUser(t *testing.T) {
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:     km,
 		SessionManager: sm,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:     ciRepo,
 		UserRepo:       userRepo,
 	}
@ -361,8 +361,8 @@ func TestServerCodeToken(t *testing.T) {
 			Secret: clientTestSecret,
 		},
 	}
-	ciRepo := func() client.ClientIdentityRepo {
+	ciRepo := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
 		if err != nil {
 			t.Fatalf("Failed to create client identity repo: %v", err)
 		}
@ -384,7 +384,7 @@ func TestServerCodeToken(t *testing.T) {
 		IssuerURL:        url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:       km,
 		SessionManager:   sm,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:       ciRepo,
 		UserRepo:         userRepo,
 		RefreshTokenRepo: refreshTokenRepo,
 	}
@ -447,8 +447,8 @@ func TestServerTokenUnrecognizedKey(t *testing.T) {
 			Secret: clientTestSecret,
 		},
 	}
-	ciRepo := func() client.ClientIdentityRepo {
+	ciRepo := func() client.ClientRepo {
-		repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
+		repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
 		if err != nil {
 			t.Fatalf("Failed to create client identity repo: %v", err)
 		}
@ -463,7 +463,7 @@ func TestServerTokenUnrecognizedKey(t *testing.T) {
 		IssuerURL:      url.URL{Scheme: "http", Host: "server.example.com"},
 		KeyManager:     km,
 		SessionManager: sm,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:     ciRepo,
 	}
 	sessionID, err := sm.NewSession("connector_id", ci.Credentials.ID, "bogus", url.URL{}, "", false, []string{"openid", "offline_access"})
@ -569,7 +569,7 @@ func TestServerTokenFail(t *testing.T) {
 		km := &StaticKeyManager{
 			signer: tt.signer,
 		}
-		ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+		ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 			client.Client{Credentials: ccFixture},
 		})
 		if err != nil {
@ -593,7 +593,7 @@ func TestServerTokenFail(t *testing.T) {
 			IssuerURL:        issuerURL,
 			KeyManager:       km,
 			SessionManager:   sm,
-			ClientIdentityRepo: ciRepo,
+			ClientRepo:       ciRepo,
 			UserRepo:         userRepo,
 			RefreshTokenRepo: refreshTokenRepo,
 		}
@ -731,7 +731,7 @@ func TestServerRefreshToken(t *testing.T) {
 			signer: tt.signer,
 		}
-		ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+		ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 			client.Client{Credentials: credXXX},
 			client.Client{Credentials: credYYY},
 		})
@ -750,7 +750,7 @@ func TestServerRefreshToken(t *testing.T) {
 		srv := &Server{
 			IssuerURL:        issuerURL,
 			KeyManager:       km,
-			ClientIdentityRepo: ciRepo,
+			ClientRepo:       ciRepo,
 			UserRepo:         userRepo,
 			RefreshTokenRepo: refreshTokenRepo,
 		}
@ -784,7 +784,7 @@ func TestServerRefreshToken(t *testing.T) {
 		signer: signerFixture,
 	}
-	ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+	ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 		client.Client{Credentials: credXXX},
 		client.Client{Credentials: credYYY},
 	})
@ -810,7 +810,7 @@ func TestServerRefreshToken(t *testing.T) {
 	srv := &Server{
 		IssuerURL:        issuerURL,
 		KeyManager:       km,
-		ClientIdentityRepo: ciRepo,
+		ClientRepo:       ciRepo,
 		UserRepo:         userRepo,
 		RefreshTokenRepo: refreshTokenRepo,
 	}
--- a/server/testutil.go
+++ b/server/testutil.go
@ -78,7 +78,7 @@ type testFixtures struct {
 	sessionManager *sessionmanager.SessionManager
 	emailer        *email.TemplatizedEmailer
 	redirectURL    url.URL
-	clientIdentityRepo client.ClientIdentityRepo
+	clientRepo     client.ClientRepo
 }
 func sequentialGenerateCodeFunc() sessionmanager.GenerateCodeFunc {
@ -136,7 +136,7 @@ func makeTestFixtures() (*testFixtures, error) {
 		return nil, err
 	}
-	clientIdentityRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
+	clientRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
 		client.Client{
 			Credentials: oidc.ClientCredentials{
 				ID:     "XXX",
@ -169,7 +169,7 @@ func makeTestFixtures() (*testFixtures, error) {
 	srv := &Server{
 		IssuerURL:        testIssuerURL,
 		SessionManager:   sessionManager,
-		ClientIdentityRepo: clientIdentityRepo,
+		ClientRepo:       clientRepo,
 		Templates:        tpl,
 		UserRepo:         userRepo,
 		PasswordInfoRepo: pwRepo,
@ -206,6 +206,6 @@ func makeTestFixtures() (*testFixtures, error) {
 		userRepo:       userRepo,
 		sessionManager: sessionManager,
 		emailer:        emailer,
-		clientIdentityRepo: clientIdentityRepo,
+		clientRepo:     clientRepo,
 	}, nil
 }
--- a/server/user.go
+++ b/server/user.go
@ -39,10 +39,10 @@ type UserMgmtServer struct {
 	api         *api.UsersAPI
 	jwtvFactory JWTVerifierFactory
 	um          *manager.UserManager
-	cir         client.ClientIdentityRepo
+	cir         client.ClientRepo
 }
-func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *manager.UserManager, cir client.ClientIdentityRepo) *UserMgmtServer {
+func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *manager.UserManager, cir client.ClientRepo) *UserMgmtServer {
 	return &UserMgmtServer{
 		api:         userMgmtAPI,
 		jwtvFactory: jwtvFactory,
--- a/user/api/api.go
+++ b/user/api/api.go
@ -90,7 +90,7 @@ func (e Error) Error() string {
 type UsersAPI struct {
 	manager          *manager.UserManager
 	localConnectorID string
-	clientIdentityRepo client.ClientIdentityRepo
+	clientRepo       client.ClientRepo
 	refreshRepo      refresh.RefreshTokenRepo
 	emailer          Emailer
 }
@ -109,7 +109,7 @@ func NewUsersAPI(dbMap *gorp.DbMap, userManager *manager.UserManager, emailer Em
 	return &UsersAPI{
 		manager:          userManager,
 		refreshRepo:      db.NewRefreshTokenRepo(dbMap),
-		clientIdentityRepo: db.NewClientIdentityRepo(dbMap),
+		clientRepo:       db.NewClientRepo(dbMap),
 		localConnectorID: localConnectorID,
 		emailer:          emailer,
 	}
@ -157,7 +157,7 @@ func (u *UsersAPI) CreateUser(creds Creds, usr schema.User, redirURL url.URL) (s
 		return schema.UserCreateResponse{}, mapError(err)
 	}
-	metadata, err := u.clientIdentityRepo.Metadata(creds.ClientID)
+	metadata, err := u.clientRepo.Metadata(creds.ClientID)
 	if err != nil {
 		return schema.UserCreateResponse{}, mapError(err)
 	}
@ -202,7 +202,7 @@ func (u *UsersAPI) ResendEmailInvitation(creds Creds, userID string, redirURL ur
 		return schema.ResendEmailInvitationResponse{}, ErrorUnauthorized
 	}
-	metadata, err := u.clientIdentityRepo.Metadata(creds.ClientID)
+	metadata, err := u.clientRepo.Metadata(creds.ClientID)
 	if err != nil {
 		return schema.ResendEmailInvitationResponse{}, mapError(err)
 	}
--- a/user/api/api_test.go
+++ b/user/api/api_test.go
@ -167,8 +167,7 @@ func makeTestFixtures() (*UsersAPI, *testEmailer) {
 			},
 		},
 	}
-
+	if _, err := db.NewClientRepoFromClients(dbMap, []client.Client{ci}); err != nil {
 	if _, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{ci}); err != nil {
 		panic("Failed to create client  repo: " + err.Error())
 	}