mailPasswords table should work with oidc clients not apps

src/oidcserver.js

@@ -470,7 +470,7 @@ async function interactionConfirm(req, res, next) {
             return await gOidcProvider.interactionFinished(req, res, result, { mergeWithLastSubmission: false });
         }
 
-        if (!app.manifest.addons.email && params.scope.indexOf('mailclient') !== -1) {
+        if (!app.manifest.addons?.email && params.scope.includes('mailclient')) {
             const result = {
                 error: 'access_denied',
                 error_description: 'App has no access to mailclient claims',
@@ -538,16 +538,13 @@ async function getClaims(username, use, scope, clientId) {
 
     let mailPassword = null;
     if (clientId) {
-        const [clientError, client] = await safe(oidcClients.get(clientId));
-        if (!clientError && client && client.appId) {
-            let mailPw = await mailpasswords.get(client.appId, user.id);
-            if (!mailPw) {
-                const generatedPassword = crypto.randomBytes(48).toString('hex');
-                await mailpasswords.add(client.appId, user.id, generatedPassword);
-                mailPw = await mailpasswords.get(client.appId, user.id);
-            }
-            if (mailPw) mailPassword = mailPw.password;
+        let mailPw = await mailpasswords.get(clientId, user.id);
+        if (!mailPw) {
+            const generatedPassword = crypto.randomBytes(48).toString('hex');
+            await mailpasswords.add(clientId, user.id, generatedPassword);
+            mailPw = await mailpasswords.get(clientId, user.id);
         }
+        if (mailPw) mailPassword = mailPw.password;
     }
 
     const displayName = user.displayName || user.username || ''; // displayName can be empty and username can be null