From 611a65e0a9794253d9622a06728c450c90a75833 Mon Sep 17 00:00:00 2001
From: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Date: Tue, 19 Mar 2024 10:21:15 -0400
Subject: [PATCH] [PM-5437] Handle client_credentials clientId that is not a
 valid GUID (#3616)

* Return null if the clientId is not a valid Guid.

* Linting
---
 src/Identity/IdentityServer/ClientStore.cs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Identity/IdentityServer/ClientStore.cs b/src/Identity/IdentityServer/ClientStore.cs
index 310c0ce98f..6fd64ec21b 100644
--- a/src/Identity/IdentityServer/ClientStore.cs
+++ b/src/Identity/IdentityServer/ClientStore.cs
@@ -90,7 +90,12 @@ public class ClientStore : IClientStore
 
     private async Task<Client> CreateApiKeyClientAsync(string clientId)
     {
-        var apiKey = await _apiKeyRepository.GetDetailsByIdAsync(new Guid(clientId));
+        if (!Guid.TryParse(clientId, out var guid))
+        {
+            return null;
+        }
+
+        var apiKey = await _apiKeyRepository.GetDetailsByIdAsync(guid);
 
         if (apiKey == null || apiKey.ExpireAt <= DateTime.Now)
         {