fixup! fix(oauth2): adjust db schemas when migrating from owncloud

apps/oauth2/lib/Db/AccessTokenMapper.php

@@ -41,6 +41,16 @@
  * @template-extends QBMapper<AccessToken>
  */
 class AccessTokenMapper extends QBMapper {
+	// Ignore potential legacy column 'token' from oc for now until it is migrated properly
+	public const COLUMN_LIST = [
+		'id',
+		'token_id',
+		'client_id',
+		'hashed_code',
+		'encrypted_token',
+		'code_created_at',
+		'token_count',
+	];
 
 	public function __construct(
 		IDBConnection $db,
@@ -57,7 +67,7 @@ public function __construct(
 	public function getByCode(string $code): AccessToken {
 		$qb = $this->db->getQueryBuilder();
 		$qb
-			->select('*')
+			->select(...self::COLUMN_LIST)
 			->from($this->tableName)
 			->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
 

apps/oauth2/lib/Migration/SetTokenExpiration.php

@@ -28,6 +28,7 @@
 
 use OC\Authentication\Token\IProvider as TokenProvider;
 use OCA\OAuth2\Db\AccessToken;
+use OCA\OAuth2\Db\AccessTokenMapper;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\Exceptions\InvalidTokenException;
 use OCP\IDBConnection;
@@ -59,7 +60,7 @@ public function getName(): string {
 
 	public function run(IOutput $output) {
 		$qb = $this->connection->getQueryBuilder();
-		$qb->select('*')
+		$qb->select(...AccessTokenMapper::COLUMN_LIST)
 			->from('oauth2_access_tokens');
 
 		$cursor = $qb->execute();

lib/private/Repair/Owncloud/MigrateOauthTables.php

@@ -89,7 +89,7 @@ public function run(IOutput $output) {
 		if ($table->hasColumn('token')) {
 			// Warning: We are dropping auth tokens. However, they should only be valid for an hour,
 			// and we can't really migrate them to oc_authtoken anyway.
-			$table->dropColumn('token');
+			//$table->dropColumn('token');
 		}
 
 		$output->info('Update the oauth2_clients table schema.');
@@ -195,37 +195,5 @@ public function run(IOutput $output) {
 				$qbDeleteClients->expr()->iLike('redirect_uri', $qbDeleteClients->createNamedParameter('%*', IQueryBuilder::PARAM_STR))
 			);
 		$qbDeleteClients->executeStatement();
-
-		// Migrate plain client secrets and widen the column
-		$clientsTable = $schema->getTable('oauth2_clients');
-		if ($clientsTable->getColumn('secret')->getLength() === 64) {
-			$output->info("Migrate client secrets.");
-
-			// Widen the column first
-			$clientsTable->getColumn('secret')->setLength(512);
-
-			// Regenerate schema after migrating to it
-			$this->db->migrateToSchema($schema->getWrappedSchema());
-			$schema = new SchemaWrapper($this->db);
-
-			$qb = $this->db->getQueryBuilder();
-			$qb->update('oauth2_clients')
-				->set('secret', $qb->createParameter('secret'))
-				->where($qb->expr()->eq('id', $qb->createParameter('id')));
-
-			$qbSelect = $this->db->getQueryBuilder();
-			$qbSelect->select('id', 'secret')
-				->from('oauth2_clients');
-			$result = $qbSelect->executeQuery();
-			while ($row = $result->fetch()) {
-				$id = $row['id'];
-				$secret = $row['secret'];
-				$encryptedSecret = bin2hex($this->crypto->calculateHMAC($secret));
-				$qb->setParameter('id', $id);
-				$qb->setParameter('secret', $encryptedSecret);
-				$qb->executeStatement();
-			}
-			$result->closeCursor();
-		}
 	}
 }