Skip to content

Make oauth2 client secret column larger #38770

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
julien-nc merged 3 commits into from
Jun 14, 2023
Merged

Make oauth2 client secret column larger #38770

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8086d7e
add test that inserts a long oauth client secret
julien-nc Jun 12, 2023
24e517c
make oauth2 client secret column larger
julien-nc Jun 12, 2023
578bf8c
add extra migration that sets the secret column length in case the pr…
julien-nc Jun 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
make oauth2 client secret column larger 
Signed-off-by: Julien Veyssier <[email protected]>
  • Loading branch information
@julien-nc
julien-nc committed Jun 14, 2023
commit 24e517c5b3c67a5d88923a8e59b285886cdefa5b
2 changes: 1 addition & 1 deletion apps/oauth2/lib/Migration/Version011601Date20230522143227.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ public function changeSchema(IOutput $output, Closure $schemaClosure, array $opt
$table = $schema->getTable('oauth2_clients');
if ($table->hasColumn('secret')) {
$column = $table->getColumn('secret');
$column->setLength(256);
$column->setLength(512);
Copy link
Member

@rullzer rullzer Jun 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing migrations later on feels iffy

Copy link
Member Author

@julien-nc julien-nc Jun 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rullzer Not sure what to do here.

If we keep Version011601Date20230522143227 with 256 and add a step that just changes the column length we don't prevent problems when the existing secrets will be encrypted and the update will fail because we try to store values that are too long.

We could:

  • change the value in Version011601Date20230522143227 so that people who never ran it have the correct column length before encrypting the existing values
  • add a step that changes the column length to 512 again for people who already ran the previous step successfully

What do you think?

Copy link
Member

@rullzer rullzer Jun 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I see the trouble
But you need indeed another one for people that did already run the migration

return $schema;
}
}
Expand Down