satellite/{mailservice,oidc}: improvements to debugging

Things that make debugging easier. * Added logging to automatic link clicking to make it obvious, when it fails. * Added monitoring to oidc. * Made dbx create calls noreturn for oauth_* Change-Id: I37397b4e84ce5bfd82954aed9c38fdfd52595f24
2022-05-11 20:23:05 +03:00 · 2022-05-11 20:23:05 +03:00 · 4791ba5d50
commit 4791ba5d50
parent 89ccfe2dd7
8 changed files with 204 additions and 168 deletions
--- a/cmd/storj-sim/network.go
+++ b/cmd/storj-sim/network.go
@ -353,6 +353,7 @@ func newNetwork(flags *Flags) (*Processes, error) {
 				"--debug.addr", net.JoinHostPort(host, port(satellitePeer, i, debugHTTP)),

 				"--admin.address", net.JoinHostPort(host, port(satellitePeer, i, adminHTTP)),
+				"--admin.static-dir", filepath.Join(storjRoot, "web/satellite/admin/ui/build"),
 			},
 			"run": {"api"},
 		})
--- a/satellite/api.go
+++ b/satellite/api.go
@ -515,7 +515,7 @@ func NewAPI(log *zap.Logger, full *identity.FullIdentity, db DB,
 				ServerAddress: mailConfig.SMTPServerAddress,
 			}
 		default:
-			sender = simulate.NewDefaultLinkClicker()
+			sender = simulate.NewDefaultLinkClicker(peer.Log.Named("mail:linkclicker"))
 		}

 		peer.Mail.Service, err = mailservice.New(
--- a/satellite/mailservice/simulate/linkclicker.go
+++ b/satellite/mailservice/simulate/linkclicker.go
@ -7,9 +7,11 @@ import (
 	"context"
 	"net/http"
 	"strings"
+	"time"

 	"github.com/spacemonkeygo/monkit/v3"
 	"github.com/zeebo/errs"
+	"go.uber.org/zap"
 	"golang.org/x/net/html"

 	"storj.io/storj/private/post"
@ -24,15 +26,20 @@ var _ mailservice.Sender = (*LinkClicker)(nil)
 //
 // architecture: Service
 type LinkClicker struct {
+	log *zap.Logger
+
 	// MarkerAttribute specifies the attribute every anchor element must have in order to be clicked.
 	// This prevents the link clicker from clicking links that it should not (such as the password reset cancellation link).
 	// Leaving this field empty will make it click every link.
-	MarkerAttribute string
+	markerAttribute string
 }

 // NewDefaultLinkClicker returns a LinkClicker with the default marker attribute.
-func NewDefaultLinkClicker() *LinkClicker {
-	return &LinkClicker{MarkerAttribute: "data-simulate"}
+func NewDefaultLinkClicker(log *zap.Logger) *LinkClicker {
+	return &LinkClicker{
+		log:             log,
+		markerAttribute: "data-simulate",
+	}
 }

 // FromAddress return empty mail address.
@ -56,8 +63,12 @@ func (clicker *LinkClicker) SendEmail(ctx context.Context, msg *post.Message) (e
 		if err != nil {
 			continue
 		}
-		response, err := http.DefaultClient.Do(req)
+		clicker.log.Debug("clicking", zap.String("url", link))
+		client := &http.Client{}
+		client.Timeout = 5 * time.Second
+		response, err := client.Do(req)
 		if err != nil {
+			clicker.log.Error("failed to click", zap.String("url", link), zap.Error(err))
 			continue
 		}
 		sendError = errs.Combine(sendError, err, response.Body.Close())
@ -77,12 +88,12 @@ Loop:
 		case html.StartTagToken:
 			token := tokens.Token()
 			if strings.ToLower(token.Data) == "a" {
-				simulate := clicker.MarkerAttribute == ""
+				simulate := clicker.markerAttribute == ""
 				var href string
 				for _, attr := range token.Attr {
 					if strings.ToLower(attr.Key) == "href" {
 						href = attr.Val
-					} else if !simulate && attr.Key == clicker.MarkerAttribute {
+					} else if !simulate && attr.Key == clicker.markerAttribute {
 						simulate = true
 					}
 				}
--- a/satellite/mailservice/simulate/linkclicker_test.go
+++ b/satellite/mailservice/simulate/linkclicker_test.go
@ -7,6 +7,7 @@ import (
 	"testing"

 	"github.com/stretchr/testify/require"
+	"go.uber.org/zap/zaptest"

 	"storj.io/storj/satellite/mailservice/simulate"
 )
@ -20,9 +21,6 @@ func TestFindLinks(t *testing.T) {
 		<a data-simulate>
 	`

-	clicker := simulate.LinkClicker{MarkerAttribute: "data-simulate"}
+	clicker := simulate.NewDefaultLinkClicker(zaptest.NewLogger(t))
 	require.ElementsMatch(t, []string{"link1", "link2"}, clicker.FindLinks(data))
-
-	clicker.MarkerAttribute = ""
-	require.ElementsMatch(t, []string{"link1", "link2", "link3"}, clicker.FindLinks(data))
 }
--- a/satellite/oidc/dbx.go
+++ b/satellite/oidc/dbx.go
@ -6,7 +6,6 @@ package oidc
 import (
 	"context"
 	"database/sql"
-	"strings"
 	"time"

 	"storj.io/common/uuid"
@ -42,17 +41,19 @@ func (clients *clientsDBX) Get(ctx context.Context, id uuid.UUID) (OAuthClient,
 }

 // Create creates a new OAuthClient.
-func (clients *clientsDBX) Create(ctx context.Context, client OAuthClient) error {
-	_, err := clients.db.Create_OauthClient(ctx,
+func (clients *clientsDBX) Create(ctx context.Context, client OAuthClient) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
+	return clients.db.CreateNoReturn_OauthClient(ctx,
 		dbx.OauthClient_Id(client.ID.Bytes()), dbx.OauthClient_EncryptedSecret(client.Secret),
 		dbx.OauthClient_RedirectUrl(client.RedirectURL), dbx.OauthClient_UserId(client.UserID.Bytes()),
 		dbx.OauthClient_AppName(client.AppName), dbx.OauthClient_AppLogoUrl(client.AppLogoURL))
-
-	return err
 }

 // Update modifies information for the provided OAuthClient.
-func (clients *clientsDBX) Update(ctx context.Context, client OAuthClient) error {
+func (clients *clientsDBX) Update(ctx context.Context, client OAuthClient) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	if client.RedirectURL == "" && client.Secret == nil {
 		return nil
 	}
@ -67,12 +68,12 @@ func (clients *clientsDBX) Update(ctx context.Context, client OAuthClient) error
 		update.EncryptedSecret = dbx.OauthClient_EncryptedSecret(client.Secret)
 	}

-	err := clients.db.UpdateNoReturn_OauthClient_By_Id(ctx, dbx.OauthClient_Id(client.ID.Bytes()), update)
-	return err
+	return clients.db.UpdateNoReturn_OauthClient_By_Id(ctx, dbx.OauthClient_Id(client.ID.Bytes()), update)
 }

-func (clients *clientsDBX) Delete(ctx context.Context, id uuid.UUID) error {
-	_, err := clients.db.Delete_OauthClient_By_Id(ctx, dbx.OauthClient_Id(id.Bytes()))
+func (clients *clientsDBX) Delete(ctx context.Context, id uuid.UUID) (err error) {
+	defer mon.Task()(&ctx)(&err)
+	_, err = clients.db.Delete_OauthClient_By_Id(ctx, dbx.OauthClient_Id(id.Bytes()))
 	return err
 }

@ -81,6 +82,8 @@ type codesDBX struct {
 }

 func (o *codesDBX) Get(ctx context.Context, code string) (oauthCode OAuthCode, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	dbCode, err := o.db.Get_OauthCode_By_Code_And_ClaimedAt_Is_Null(ctx, dbx.OauthCode_Code(code))
 	if err != nil {
 		return oauthCode, err
@ -114,17 +117,19 @@ func (o *codesDBX) Get(ctx context.Context, code string) (oauthCode OAuthCode, e
 	return oauthCode, nil
 }

-func (o *codesDBX) Create(ctx context.Context, code OAuthCode) error {
-	_, err := o.db.Create_OauthCode(ctx, dbx.OauthCode_ClientId(code.ClientID.Bytes()),
+func (o *codesDBX) Create(ctx context.Context, code OAuthCode) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
+	return o.db.CreateNoReturn_OauthCode(ctx, dbx.OauthCode_ClientId(code.ClientID.Bytes()),
 		dbx.OauthCode_UserId(code.UserID.Bytes()), dbx.OauthCode_Scope(code.Scope),
 		dbx.OauthCode_RedirectUrl(code.RedirectURL), dbx.OauthCode_Challenge(code.Challenge),
 		dbx.OauthCode_ChallengeMethod(code.ChallengeMethod), dbx.OauthCode_Code(code.Code),
 		dbx.OauthCode_CreatedAt(code.CreatedAt), dbx.OauthCode_ExpiresAt(code.ExpiresAt), dbx.OauthCode_Create_Fields{})
-
-	return err
 }

-func (o *codesDBX) Claim(ctx context.Context, code string) error {
+func (o *codesDBX) Claim(ctx context.Context, code string) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	return o.db.UpdateNoReturn_OauthCode_By_Code_And_ClaimedAt_Is_Null(ctx, dbx.OauthCode_Code(code), dbx.OauthCode_Update_Fields{
 		ClaimedAt: dbx.OauthCode_ClaimedAt(time.Now()),
 	})
@ -135,6 +140,8 @@ type tokensDBX struct {
 }

 func (o *tokensDBX) Get(ctx context.Context, kind OAuthTokenKind, token string) (oauthToken OAuthToken, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	dbToken, err := o.db.Get_OauthToken_By_Kind_And_Token(ctx, dbx.OauthToken_Kind(int(kind)),
 		dbx.OauthToken_Token([]byte(token)))

@ -167,22 +174,25 @@ func (o *tokensDBX) Get(ctx context.Context, kind OAuthTokenKind, token string)
 	return oauthToken, nil
 }

-func (o *tokensDBX) Create(ctx context.Context, token OAuthToken) error {
-	_, err := o.db.Create_OauthToken(ctx, dbx.OauthToken_ClientId(token.ClientID.Bytes()),
+func (o *tokensDBX) Create(ctx context.Context, token OAuthToken) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
+	err = o.db.CreateNoReturn_OauthToken(ctx, dbx.OauthToken_ClientId(token.ClientID.Bytes()),
 		dbx.OauthToken_UserId(token.UserID.Bytes()), dbx.OauthToken_Scope(token.Scope),
 		dbx.OauthToken_Kind(int(token.Kind)), dbx.OauthToken_Token([]byte(token.Token)),
 		dbx.OauthToken_CreatedAt(token.CreatedAt), dbx.OauthToken_ExpiresAt(token.ExpiresAt))

 	// ignore duplicate key errors as they're somewhat expected
-	if err != nil && strings.Contains(err.Error(), "duplicate key") {
+	if err != nil && dbx.IsConstraintError(err) {
 		return nil
 	}
-
 	return err
 }

 // RevokeRESTTokenV0 revokes a v0 REST token by setting its expires_at time to zero.
-func (o *tokensDBX) RevokeRESTTokenV0(ctx context.Context, token string) error {
+func (o *tokensDBX) RevokeRESTTokenV0(ctx context.Context, token string) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	return o.db.UpdateNoReturn_OauthToken_By_Token_And_Kind(ctx, dbx.OauthToken_Token([]byte(token)),
 		dbx.OauthToken_Kind(int(KindRESTTokenV0)),
 		dbx.OauthToken_Update_Fields{
--- a/satellite/oidc/oauth_stores.go
+++ b/satellite/oidc/oauth_stores.go
@ -20,7 +20,9 @@ type ClientStore struct {
 var _ oauth2.ClientStore = (*ClientStore)(nil)

 // GetByID returns client information by id.
-func (c *ClientStore) GetByID(ctx context.Context, id string) (oauth2.ClientInfo, error) {
+func (c *ClientStore) GetByID(ctx context.Context, id string) (_ oauth2.ClientInfo, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	uid, err := uuid.FromString(id)
 	if err != nil {
 		return nil, err
@ -39,6 +41,8 @@ var _ oauth2.TokenStore = (*TokenStore)(nil)

 // Create creates a new token with the given info.
 func (t *TokenStore) Create(ctx context.Context, info oauth2.TokenInfo) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	var code OAuthCode
 	var access, refresh OAuthToken

@ -115,22 +119,30 @@ func (t *TokenStore) Create(ctx context.Context, info oauth2.TokenInfo) (err err
 }

 // RemoveByCode deletes token by authorization code.
-func (t *TokenStore) RemoveByCode(ctx context.Context, code string) error {
+func (t *TokenStore) RemoveByCode(ctx context.Context, code string) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	return t.codes.Claim(ctx, code)
 }

 // RemoveByAccess deletes token by access token.
-func (t *TokenStore) RemoveByAccess(ctx context.Context, access string) error {
+func (t *TokenStore) RemoveByAccess(ctx context.Context, access string) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	return nil // unsupported by current configuration
 }

 // RemoveByRefresh deletes token by refresh token.
-func (t *TokenStore) RemoveByRefresh(ctx context.Context, refresh string) error {
+func (t *TokenStore) RemoveByRefresh(ctx context.Context, refresh string) (err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	return nil // unsupported by current configuration
 }

 // GetByCode uses authorization code to find token information.
-func (t *TokenStore) GetByCode(ctx context.Context, code string) (oauth2.TokenInfo, error) {
+func (t *TokenStore) GetByCode(ctx context.Context, code string) (_ oauth2.TokenInfo, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	oauthCode, err := t.codes.Get(ctx, code)
 	if err != nil {
 		return nil, err
@ -140,7 +152,9 @@ func (t *TokenStore) GetByCode(ctx context.Context, code string) (oauth2.TokenIn
 }

 // GetByAccess uses access token to find token information.
-func (t *TokenStore) GetByAccess(ctx context.Context, access string) (oauth2.TokenInfo, error) {
+func (t *TokenStore) GetByAccess(ctx context.Context, access string) (_ oauth2.TokenInfo, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	oauthToken, err := t.tokens.Get(ctx, KindAccessToken, access)
 	if err != nil {
 		return nil, err
@ -150,7 +164,9 @@ func (t *TokenStore) GetByAccess(ctx context.Context, access string) (oauth2.Tok
 }

 // GetByRefresh uses refresh token to find token information.
-func (t *TokenStore) GetByRefresh(ctx context.Context, refresh string) (oauth2.TokenInfo, error) {
+func (t *TokenStore) GetByRefresh(ctx context.Context, refresh string) (_ oauth2.TokenInfo, err error) {
+	defer mon.Task()(&ctx)(&err)
+
 	oauthToken, err := t.tokens.Get(ctx, KindRefreshToken, refresh)
 	if err != nil {
 		return nil, err
--- a/satellite/satellitedb/dbx/satellitedb.dbx
+++ b/satellite/satellitedb/dbx/satellitedb.dbx
@ -1351,7 +1351,9 @@ model oauth_client (
    field app_logo_url      text ( updatable )
 )

-create oauth_client ()
+create oauth_client (
+	noreturn
+)

 read one (
    select oauth_client
@ -1390,7 +1392,9 @@ model oauth_code (
    field claimed_at        timestamp ( nullable, updatable )
 )

-create oauth_code ()
+create oauth_code (
+	noreturn
+)

 read one (
    select oauth_code
@ -1421,7 +1425,9 @@ model oauth_token (
    field expires_at    timestamp ( updatable )
 )

-create oauth_token ()
+create oauth_token (
+	noreturn
+)

 read one (
    select oauth_token
--- a/satellite/satellitedb/dbx/satellitedb.dbx.go
+++ b/satellite/satellitedb/dbx/satellitedb.dbx.go
@ -12048,14 +12048,14 @@ func (obj *pgxImpl) ReplaceNoReturn_NodeApiVersion(ctx context.Context,

 }

-func (obj *pgxImpl) Create_OauthClient(ctx context.Context,
+func (obj *pgxImpl) CreateNoReturn_OauthClient(ctx context.Context,
 	oauth_client_id OauthClient_Id_Field,
 	oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
 	oauth_client_redirect_url OauthClient_RedirectUrl_Field,
 	oauth_client_user_id OauthClient_UserId_Field,
 	oauth_client_app_name OauthClient_AppName_Field,
 	oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
-	oauth_client *OauthClient, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__id_val := oauth_client_id.value()
 	__encrypted_secret_val := oauth_client_encrypted_secret.value()
@ -12064,7 +12064,7 @@ func (obj *pgxImpl) Create_OauthClient(ctx context.Context,
 	__app_name_val := oauth_client_app_name.value()
 	__app_logo_url_val := oauth_client_app_logo_url.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_clients ( id, encrypted_secret, redirect_url, user_id, app_name, app_logo_url ) VALUES ( ?, ?, ?, ?, ?, ? ) RETURNING oauth_clients.id, oauth_clients.encrypted_secret, oauth_clients.redirect_url, oauth_clients.user_id, oauth_clients.app_name, oauth_clients.app_logo_url")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_clients ( id, encrypted_secret, redirect_url, user_id, app_name, app_logo_url ) VALUES ( ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __id_val, __encrypted_secret_val, __redirect_url_val, __user_id_val, __app_name_val, __app_logo_url_val)
@ -12072,16 +12072,15 @@ func (obj *pgxImpl) Create_OauthClient(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_client = &OauthClient{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_client.Id, &oauth_client.EncryptedSecret, &oauth_client.RedirectUrl, &oauth_client.UserId, &oauth_client.AppName, &oauth_client.AppLogoUrl)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_client, nil
+	return nil

 }

-func (obj *pgxImpl) Create_OauthCode(ctx context.Context,
+func (obj *pgxImpl) CreateNoReturn_OauthCode(ctx context.Context,
 	oauth_code_client_id OauthCode_ClientId_Field,
 	oauth_code_user_id OauthCode_UserId_Field,
 	oauth_code_scope OauthCode_Scope_Field,
@ -12092,7 +12091,7 @@ func (obj *pgxImpl) Create_OauthCode(ctx context.Context,
 	oauth_code_created_at OauthCode_CreatedAt_Field,
 	oauth_code_expires_at OauthCode_ExpiresAt_Field,
 	optional OauthCode_Create_Fields) (
-	oauth_code *OauthCode, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__client_id_val := oauth_code_client_id.value()
 	__user_id_val := oauth_code_user_id.value()
@ -12105,7 +12104,7 @@ func (obj *pgxImpl) Create_OauthCode(ctx context.Context,
 	__expires_at_val := oauth_code_expires_at.value()
 	__claimed_at_val := optional.ClaimedAt.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_codes ( client_id, user_id, scope, redirect_url, challenge, challenge_method, code, created_at, expires_at, claimed_at ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) RETURNING oauth_codes.client_id, oauth_codes.user_id, oauth_codes.scope, oauth_codes.redirect_url, oauth_codes.challenge, oauth_codes.challenge_method, oauth_codes.code, oauth_codes.created_at, oauth_codes.expires_at, oauth_codes.claimed_at")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_codes ( client_id, user_id, scope, redirect_url, challenge, challenge_method, code, created_at, expires_at, claimed_at ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __client_id_val, __user_id_val, __scope_val, __redirect_url_val, __challenge_val, __challenge_method_val, __code_val, __created_at_val, __expires_at_val, __claimed_at_val)
@ -12113,16 +12112,15 @@ func (obj *pgxImpl) Create_OauthCode(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_code = &OauthCode{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_code.ClientId, &oauth_code.UserId, &oauth_code.Scope, &oauth_code.RedirectUrl, &oauth_code.Challenge, &oauth_code.ChallengeMethod, &oauth_code.Code, &oauth_code.CreatedAt, &oauth_code.ExpiresAt, &oauth_code.ClaimedAt)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_code, nil
+	return nil

 }

-func (obj *pgxImpl) Create_OauthToken(ctx context.Context,
+func (obj *pgxImpl) CreateNoReturn_OauthToken(ctx context.Context,
 	oauth_token_client_id OauthToken_ClientId_Field,
 	oauth_token_user_id OauthToken_UserId_Field,
 	oauth_token_scope OauthToken_Scope_Field,
@ -12130,7 +12128,7 @@ func (obj *pgxImpl) Create_OauthToken(ctx context.Context,
 	oauth_token_token OauthToken_Token_Field,
 	oauth_token_created_at OauthToken_CreatedAt_Field,
 	oauth_token_expires_at OauthToken_ExpiresAt_Field) (
-	oauth_token *OauthToken, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__client_id_val := oauth_token_client_id.value()
 	__user_id_val := oauth_token_user_id.value()
@ -12140,7 +12138,7 @@ func (obj *pgxImpl) Create_OauthToken(ctx context.Context,
 	__created_at_val := oauth_token_created_at.value()
 	__expires_at_val := oauth_token_expires_at.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_tokens ( client_id, user_id, scope, kind, token, created_at, expires_at ) VALUES ( ?, ?, ?, ?, ?, ?, ? ) RETURNING oauth_tokens.client_id, oauth_tokens.user_id, oauth_tokens.scope, oauth_tokens.kind, oauth_tokens.token, oauth_tokens.created_at, oauth_tokens.expires_at")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_tokens ( client_id, user_id, scope, kind, token, created_at, expires_at ) VALUES ( ?, ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __client_id_val, __user_id_val, __scope_val, __kind_val, __token_val, __created_at_val, __expires_at_val)
@ -12148,12 +12146,11 @@ func (obj *pgxImpl) Create_OauthToken(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_token = &OauthToken{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_token.ClientId, &oauth_token.UserId, &oauth_token.Scope, &oauth_token.Kind, &oauth_token.Token, &oauth_token.CreatedAt, &oauth_token.ExpiresAt)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_token, nil
+	return nil

 }

@ -18618,14 +18615,14 @@ func (obj *pgxcockroachImpl) ReplaceNoReturn_NodeApiVersion(ctx context.Context,

 }

-func (obj *pgxcockroachImpl) Create_OauthClient(ctx context.Context,
+func (obj *pgxcockroachImpl) CreateNoReturn_OauthClient(ctx context.Context,
 	oauth_client_id OauthClient_Id_Field,
 	oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
 	oauth_client_redirect_url OauthClient_RedirectUrl_Field,
 	oauth_client_user_id OauthClient_UserId_Field,
 	oauth_client_app_name OauthClient_AppName_Field,
 	oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
-	oauth_client *OauthClient, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__id_val := oauth_client_id.value()
 	__encrypted_secret_val := oauth_client_encrypted_secret.value()
@ -18634,7 +18631,7 @@ func (obj *pgxcockroachImpl) Create_OauthClient(ctx context.Context,
 	__app_name_val := oauth_client_app_name.value()
 	__app_logo_url_val := oauth_client_app_logo_url.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_clients ( id, encrypted_secret, redirect_url, user_id, app_name, app_logo_url ) VALUES ( ?, ?, ?, ?, ?, ? ) RETURNING oauth_clients.id, oauth_clients.encrypted_secret, oauth_clients.redirect_url, oauth_clients.user_id, oauth_clients.app_name, oauth_clients.app_logo_url")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_clients ( id, encrypted_secret, redirect_url, user_id, app_name, app_logo_url ) VALUES ( ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __id_val, __encrypted_secret_val, __redirect_url_val, __user_id_val, __app_name_val, __app_logo_url_val)
@ -18642,16 +18639,15 @@ func (obj *pgxcockroachImpl) Create_OauthClient(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_client = &OauthClient{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_client.Id, &oauth_client.EncryptedSecret, &oauth_client.RedirectUrl, &oauth_client.UserId, &oauth_client.AppName, &oauth_client.AppLogoUrl)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_client, nil
+	return nil

 }

-func (obj *pgxcockroachImpl) Create_OauthCode(ctx context.Context,
+func (obj *pgxcockroachImpl) CreateNoReturn_OauthCode(ctx context.Context,
 	oauth_code_client_id OauthCode_ClientId_Field,
 	oauth_code_user_id OauthCode_UserId_Field,
 	oauth_code_scope OauthCode_Scope_Field,
@ -18662,7 +18658,7 @@ func (obj *pgxcockroachImpl) Create_OauthCode(ctx context.Context,
 	oauth_code_created_at OauthCode_CreatedAt_Field,
 	oauth_code_expires_at OauthCode_ExpiresAt_Field,
 	optional OauthCode_Create_Fields) (
-	oauth_code *OauthCode, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__client_id_val := oauth_code_client_id.value()
 	__user_id_val := oauth_code_user_id.value()
@ -18675,7 +18671,7 @@ func (obj *pgxcockroachImpl) Create_OauthCode(ctx context.Context,
 	__expires_at_val := oauth_code_expires_at.value()
 	__claimed_at_val := optional.ClaimedAt.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_codes ( client_id, user_id, scope, redirect_url, challenge, challenge_method, code, created_at, expires_at, claimed_at ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) RETURNING oauth_codes.client_id, oauth_codes.user_id, oauth_codes.scope, oauth_codes.redirect_url, oauth_codes.challenge, oauth_codes.challenge_method, oauth_codes.code, oauth_codes.created_at, oauth_codes.expires_at, oauth_codes.claimed_at")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_codes ( client_id, user_id, scope, redirect_url, challenge, challenge_method, code, created_at, expires_at, claimed_at ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __client_id_val, __user_id_val, __scope_val, __redirect_url_val, __challenge_val, __challenge_method_val, __code_val, __created_at_val, __expires_at_val, __claimed_at_val)
@ -18683,16 +18679,15 @@ func (obj *pgxcockroachImpl) Create_OauthCode(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_code = &OauthCode{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_code.ClientId, &oauth_code.UserId, &oauth_code.Scope, &oauth_code.RedirectUrl, &oauth_code.Challenge, &oauth_code.ChallengeMethod, &oauth_code.Code, &oauth_code.CreatedAt, &oauth_code.ExpiresAt, &oauth_code.ClaimedAt)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_code, nil
+	return nil

 }

-func (obj *pgxcockroachImpl) Create_OauthToken(ctx context.Context,
+func (obj *pgxcockroachImpl) CreateNoReturn_OauthToken(ctx context.Context,
 	oauth_token_client_id OauthToken_ClientId_Field,
 	oauth_token_user_id OauthToken_UserId_Field,
 	oauth_token_scope OauthToken_Scope_Field,
@ -18700,7 +18695,7 @@ func (obj *pgxcockroachImpl) Create_OauthToken(ctx context.Context,
 	oauth_token_token OauthToken_Token_Field,
 	oauth_token_created_at OauthToken_CreatedAt_Field,
 	oauth_token_expires_at OauthToken_ExpiresAt_Field) (
-	oauth_token *OauthToken, err error) {
+	err error) {
 	defer mon.Task()(&ctx)(&err)
 	__client_id_val := oauth_token_client_id.value()
 	__user_id_val := oauth_token_user_id.value()
@ -18710,7 +18705,7 @@ func (obj *pgxcockroachImpl) Create_OauthToken(ctx context.Context,
 	__created_at_val := oauth_token_created_at.value()
 	__expires_at_val := oauth_token_expires_at.value()

-	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_tokens ( client_id, user_id, scope, kind, token, created_at, expires_at ) VALUES ( ?, ?, ?, ?, ?, ?, ? ) RETURNING oauth_tokens.client_id, oauth_tokens.user_id, oauth_tokens.scope, oauth_tokens.kind, oauth_tokens.token, oauth_tokens.created_at, oauth_tokens.expires_at")
+	var __embed_stmt = __sqlbundle_Literal("INSERT INTO oauth_tokens ( client_id, user_id, scope, kind, token, created_at, expires_at ) VALUES ( ?, ?, ?, ?, ?, ?, ? )")

 	var __values []interface{}
 	__values = append(__values, __client_id_val, __user_id_val, __scope_val, __kind_val, __token_val, __created_at_val, __expires_at_val)
@ -18718,12 +18713,11 @@ func (obj *pgxcockroachImpl) Create_OauthToken(ctx context.Context,
 	var __stmt = __sqlbundle_Render(obj.dialect, __embed_stmt)
 	obj.logStmt(__stmt, __values...)

-	oauth_token = &OauthToken{}
-	err = obj.queryRowContext(ctx, __stmt, __values...).Scan(&oauth_token.ClientId, &oauth_token.UserId, &oauth_token.Scope, &oauth_token.Kind, &oauth_token.Token, &oauth_token.CreatedAt, &oauth_token.ExpiresAt)
+	_, err = obj.driver.ExecContext(ctx, __stmt, __values...)
 	if err != nil {
-		return nil, obj.makeErr(err)
+		return obj.makeErr(err)
 	}
-	return oauth_token, nil
+	return nil

 }

@ -24462,6 +24456,59 @@ func (rx *Rx) CreateNoReturn_AccountingTimestamps(ctx context.Context,

 }

+func (rx *Rx) CreateNoReturn_OauthClient(ctx context.Context,
+	oauth_client_id OauthClient_Id_Field,
+	oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
+	oauth_client_redirect_url OauthClient_RedirectUrl_Field,
+	oauth_client_user_id OauthClient_UserId_Field,
+	oauth_client_app_name OauthClient_AppName_Field,
+	oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
+	err error) {
+	var tx *Tx
+	if tx, err = rx.getTx(ctx); err != nil {
+		return
+	}
+	return tx.CreateNoReturn_OauthClient(ctx, oauth_client_id, oauth_client_encrypted_secret, oauth_client_redirect_url, oauth_client_user_id, oauth_client_app_name, oauth_client_app_logo_url)
+
+}
+
+func (rx *Rx) CreateNoReturn_OauthCode(ctx context.Context,
+	oauth_code_client_id OauthCode_ClientId_Field,
+	oauth_code_user_id OauthCode_UserId_Field,
+	oauth_code_scope OauthCode_Scope_Field,
+	oauth_code_redirect_url OauthCode_RedirectUrl_Field,
+	oauth_code_challenge OauthCode_Challenge_Field,
+	oauth_code_challenge_method OauthCode_ChallengeMethod_Field,
+	oauth_code_code OauthCode_Code_Field,
+	oauth_code_created_at OauthCode_CreatedAt_Field,
+	oauth_code_expires_at OauthCode_ExpiresAt_Field,
+	optional OauthCode_Create_Fields) (
+	err error) {
+	var tx *Tx
+	if tx, err = rx.getTx(ctx); err != nil {
+		return
+	}
+	return tx.CreateNoReturn_OauthCode(ctx, oauth_code_client_id, oauth_code_user_id, oauth_code_scope, oauth_code_redirect_url, oauth_code_challenge, oauth_code_challenge_method, oauth_code_code, oauth_code_created_at, oauth_code_expires_at, optional)
+
+}
+
+func (rx *Rx) CreateNoReturn_OauthToken(ctx context.Context,
+	oauth_token_client_id OauthToken_ClientId_Field,
+	oauth_token_user_id OauthToken_UserId_Field,
+	oauth_token_scope OauthToken_Scope_Field,
+	oauth_token_kind OauthToken_Kind_Field,
+	oauth_token_token OauthToken_Token_Field,
+	oauth_token_created_at OauthToken_CreatedAt_Field,
+	oauth_token_expires_at OauthToken_ExpiresAt_Field) (
+	err error) {
+	var tx *Tx
+	if tx, err = rx.getTx(ctx); err != nil {
+		return
+	}
+	return tx.CreateNoReturn_OauthToken(ctx, oauth_token_client_id, oauth_token_user_id, oauth_token_scope, oauth_token_kind, oauth_token_token, oauth_token_created_at, oauth_token_expires_at)
+
+}
+
 func (rx *Rx) CreateNoReturn_PeerIdentity(ctx context.Context,
 	peer_identity_node_id PeerIdentity_NodeId_Field,
 	peer_identity_leaf_serial_number PeerIdentity_LeafSerialNumber_Field,
@ -24607,59 +24654,6 @@ func (rx *Rx) Create_CouponUsage(ctx context.Context,

 }

-func (rx *Rx) Create_OauthClient(ctx context.Context,
-	oauth_client_id OauthClient_Id_Field,
-	oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
-	oauth_client_redirect_url OauthClient_RedirectUrl_Field,
-	oauth_client_user_id OauthClient_UserId_Field,
-	oauth_client_app_name OauthClient_AppName_Field,
-	oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
-	oauth_client *OauthClient, err error) {
-	var tx *Tx
-	if tx, err = rx.getTx(ctx); err != nil {
-		return
-	}
-	return tx.Create_OauthClient(ctx, oauth_client_id, oauth_client_encrypted_secret, oauth_client_redirect_url, oauth_client_user_id, oauth_client_app_name, oauth_client_app_logo_url)
-
-}
-
-func (rx *Rx) Create_OauthCode(ctx context.Context,
-	oauth_code_client_id OauthCode_ClientId_Field,
-	oauth_code_user_id OauthCode_UserId_Field,
-	oauth_code_scope OauthCode_Scope_Field,
-	oauth_code_redirect_url OauthCode_RedirectUrl_Field,
-	oauth_code_challenge OauthCode_Challenge_Field,
-	oauth_code_challenge_method OauthCode_ChallengeMethod_Field,
-	oauth_code_code OauthCode_Code_Field,
-	oauth_code_created_at OauthCode_CreatedAt_Field,
-	oauth_code_expires_at OauthCode_ExpiresAt_Field,
-	optional OauthCode_Create_Fields) (
-	oauth_code *OauthCode, err error) {
-	var tx *Tx
-	if tx, err = rx.getTx(ctx); err != nil {
-		return
-	}
-	return tx.Create_OauthCode(ctx, oauth_code_client_id, oauth_code_user_id, oauth_code_scope, oauth_code_redirect_url, oauth_code_challenge, oauth_code_challenge_method, oauth_code_code, oauth_code_created_at, oauth_code_expires_at, optional)
-
-}
-
-func (rx *Rx) Create_OauthToken(ctx context.Context,
-	oauth_token_client_id OauthToken_ClientId_Field,
-	oauth_token_user_id OauthToken_UserId_Field,
-	oauth_token_scope OauthToken_Scope_Field,
-	oauth_token_kind OauthToken_Kind_Field,
-	oauth_token_token OauthToken_Token_Field,
-	oauth_token_created_at OauthToken_CreatedAt_Field,
-	oauth_token_expires_at OauthToken_ExpiresAt_Field) (
-	oauth_token *OauthToken, err error) {
-	var tx *Tx
-	if tx, err = rx.getTx(ctx); err != nil {
-		return
-	}
-	return tx.Create_OauthToken(ctx, oauth_token_client_id, oauth_token_user_id, oauth_token_scope, oauth_token_kind, oauth_token_token, oauth_token_created_at, oauth_token_expires_at)
-
-}
-
 func (rx *Rx) Create_Project(ctx context.Context,
 	project_id Project_Id_Field,
 	project_name Project_Name_Field,
@ -26002,6 +25996,38 @@ type Methods interface {
 		accounting_timestamps_value AccountingTimestamps_Value_Field) (
 		err error)

+	CreateNoReturn_OauthClient(ctx context.Context,
+		oauth_client_id OauthClient_Id_Field,
+		oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
+		oauth_client_redirect_url OauthClient_RedirectUrl_Field,
+		oauth_client_user_id OauthClient_UserId_Field,
+		oauth_client_app_name OauthClient_AppName_Field,
+		oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
+		err error)
+
+	CreateNoReturn_OauthCode(ctx context.Context,
+		oauth_code_client_id OauthCode_ClientId_Field,
+		oauth_code_user_id OauthCode_UserId_Field,
+		oauth_code_scope OauthCode_Scope_Field,
+		oauth_code_redirect_url OauthCode_RedirectUrl_Field,
+		oauth_code_challenge OauthCode_Challenge_Field,
+		oauth_code_challenge_method OauthCode_ChallengeMethod_Field,
+		oauth_code_code OauthCode_Code_Field,
+		oauth_code_created_at OauthCode_CreatedAt_Field,
+		oauth_code_expires_at OauthCode_ExpiresAt_Field,
+		optional OauthCode_Create_Fields) (
+		err error)
+
+	CreateNoReturn_OauthToken(ctx context.Context,
+		oauth_token_client_id OauthToken_ClientId_Field,
+		oauth_token_user_id OauthToken_UserId_Field,
+		oauth_token_scope OauthToken_Scope_Field,
+		oauth_token_kind OauthToken_Kind_Field,
+		oauth_token_token OauthToken_Token_Field,
+		oauth_token_created_at OauthToken_CreatedAt_Field,
+		oauth_token_expires_at OauthToken_ExpiresAt_Field) (
+		err error)
+
 	CreateNoReturn_PeerIdentity(ctx context.Context,
 		peer_identity_node_id PeerIdentity_NodeId_Field,
 		peer_identity_leaf_serial_number PeerIdentity_LeafSerialNumber_Field,
@ -26084,38 +26110,6 @@ type Methods interface {
 		coupon_usage_period CouponUsage_Period_Field) (
 		coupon_usage *CouponUsage, err error)

-	Create_OauthClient(ctx context.Context,
-		oauth_client_id OauthClient_Id_Field,
-		oauth_client_encrypted_secret OauthClient_EncryptedSecret_Field,
-		oauth_client_redirect_url OauthClient_RedirectUrl_Field,
-		oauth_client_user_id OauthClient_UserId_Field,
-		oauth_client_app_name OauthClient_AppName_Field,
-		oauth_client_app_logo_url OauthClient_AppLogoUrl_Field) (
-		oauth_client *OauthClient, err error)
-
-	Create_OauthCode(ctx context.Context,
-		oauth_code_client_id OauthCode_ClientId_Field,
-		oauth_code_user_id OauthCode_UserId_Field,
-		oauth_code_scope OauthCode_Scope_Field,
-		oauth_code_redirect_url OauthCode_RedirectUrl_Field,
-		oauth_code_challenge OauthCode_Challenge_Field,
-		oauth_code_challenge_method OauthCode_ChallengeMethod_Field,
-		oauth_code_code OauthCode_Code_Field,
-		oauth_code_created_at OauthCode_CreatedAt_Field,
-		oauth_code_expires_at OauthCode_ExpiresAt_Field,
-		optional OauthCode_Create_Fields) (
-		oauth_code *OauthCode, err error)
-
-	Create_OauthToken(ctx context.Context,
-		oauth_token_client_id OauthToken_ClientId_Field,
-		oauth_token_user_id OauthToken_UserId_Field,
-		oauth_token_scope OauthToken_Scope_Field,
-		oauth_token_kind OauthToken_Kind_Field,
-		oauth_token_token OauthToken_Token_Field,
-		oauth_token_created_at OauthToken_CreatedAt_Field,
-		oauth_token_expires_at OauthToken_ExpiresAt_Field) (
-		oauth_token *OauthToken, err error)
-
 	Create_Project(ctx context.Context,
 		project_id Project_Id_Field,
 		project_name Project_Name_Field,