mirror of
				https://gitcode.com/gitea/gitea.git
				synced 2025-10-25 12:26:40 +08:00 
			
		
		
		
	Increase the size of the webauthn_credential credential_id field (#18739)
Unfortunately credentialIDs in u2f are 255 bytes long which with base32 encoding becomes 408 bytes. The default size of a xorm string field is only a VARCHAR(255) This problem is not apparent on SQLite because strings get mapped to TEXT there. Fix #18727 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
		
							
								
								
									
										5
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										5
									
								
								Makefile
									
									
									
									
									
								
							| @ -405,6 +405,11 @@ test-sqlite-migration:  migrations.sqlite.test migrations.individual.sqlite.test | ||||
| 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./migrations.sqlite.test | ||||
| 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./migrations.individual.sqlite.test | ||||
|  | ||||
| .PHONY: test-sqlite-migration\#% | ||||
| test-sqlite-migration\#%:  migrations.sqlite.test migrations.individual.sqlite.test generate-ini-sqlite | ||||
| 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./migrations.individual.sqlite.test -test.run $(subst .,/,$*) | ||||
|  | ||||
|  | ||||
| generate-ini-mysql: | ||||
| 	sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \ | ||||
| 		-e 's|{{TEST_MYSQL_DBNAME}}|${TEST_MYSQL_DBNAME}|g' \ | ||||
|  | ||||
| @ -0,0 +1,9 @@ | ||||
| - | ||||
|   id: 1 | ||||
|   credential_id: "TVHE44TOH7DF7V48SEAIT3EMMJ7TGBOQ289E5AQB34S98LFCUFJ7U2NAVI8RJG6K2F4TC8AQ8KBNO7AGEOQOL9NE43GR63HTEHJSLOG=" | ||||
| - | ||||
|   id: 2 | ||||
|   credential_id: "TVHE44TOH7DF7V48SEAIT3EMMJ7TGBOQ289E5AQB34S98LFCUFJ7U2NAVI8RJG6K2F4TC8AQ8KBNO7AGEOQOL9NE43GR63HTEHJSLOG=" | ||||
| - | ||||
|   id: 4 | ||||
|   credential_id: "THIS SHOULD NOT CHAGNGE" | ||||
| @ -0,0 +1,21 @@ | ||||
| - | ||||
|   id: 1 | ||||
|   name: "u2fkey-correctly-migrated" | ||||
|   user_id: 1 | ||||
|   raw: 0x05040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf240efe2e213b889daf3fc88e3952e8dd6b4cfd82f1a1212e2ab4b19389455ecf3e67f0aeafc91b9c0d413c9d6215a45177c1d5076358aa6ee20e1b30e3d7467cae2308202bd308201a5a00302010202041e8f8734300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306e310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3127302506035504030c1e59756269636f205532462045452053657269616c203531323732323734303059301306072a8648ce3d020106082a8648ce3d03010703420004a879f82338ed1494bac0704bcc7fc663d1b271715976243101c7605115d7c1529e281c1c67322d384b5cd55dd3e9818d5fd85c22af326e0c64fc20afe33f2366a36c306a302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b050003820101008693ff62df0d5779d4748d7fc8d10227318a8e580e6a3a57c108e94e03c38568b366894fce5624be4a3efd7f34118b3d993743f792a1989160c8fc9ae0b04e3df9ee15e3e88c04fc82a8dcbf5818e108dcc2968577ae79ff662b94734e3dec4597305d73e6e55ee2beb9cd9678ca0935e533eb638f8e26fabb817cda441fbe9831832ae5f6e2ad992f9ebbdb4c62238b8f8d7ab481d6d3263bcdbf9e4a57550370988ad5813440fa032cadb6723cadd8f8d7ba809f75b43cffa0a5b9add14232ef9d9e14812638233c4ca4a873b9f8ac98e32ba19167606e15909fcddb4a2dffbdae4620249f9a6646ac81e4832d1119febfaa731a882da25a77827d46d190173046022100b579338a44c236d3f214b2e150011a08cf251193ecfae2244edb0a5794e9b301022100fab468862c47d98204d437cf2be8c54a5a4ecd1ebb1c61a6c23da7b9c75f6841 | ||||
|   counter: 0 | ||||
| - id: 2 | ||||
|   name: "u2fkey-incorrectly-migrated" | ||||
|   user_id: 1 | ||||
|   raw: 0x05040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf240efe2e213b889daf3fc88e3952e8dd6b4cfd82f1a1212e2ab4b19389455ecf3e67f0aeafc91b9c0d413c9d6215a45177c1d5076358aa6ee20e1b30e3d7467cae2308202bd308201a5a00302010202041e8f8734300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306e310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3127302506035504030c1e59756269636f205532462045452053657269616c203531323732323734303059301306072a8648ce3d020106082a8648ce3d03010703420004a879f82338ed1494bac0704bcc7fc663d1b271715976243101c7605115d7c1529e281c1c67322d384b5cd55dd3e9818d5fd85c22af326e0c64fc20afe33f2366a36c306a302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b050003820101008693ff62df0d5779d4748d7fc8d10227318a8e580e6a3a57c108e94e03c38568b366894fce5624be4a3efd7f34118b3d993743f792a1989160c8fc9ae0b04e3df9ee15e3e88c04fc82a8dcbf5818e108dcc2968577ae79ff662b94734e3dec4597305d73e6e55ee2beb9cd9678ca0935e533eb638f8e26fabb817cda441fbe9831832ae5f6e2ad992f9ebbdb4c62238b8f8d7ab481d6d3263bcdbf9e4a57550370988ad5813440fa032cadb6723cadd8f8d7ba809f75b43cffa0a5b9add14232ef9d9e14812638233c4ca4a873b9f8ac98e32ba19167606e15909fcddb4a2dffbdae4620249f9a6646ac81e4832d1119febfaa731a882da25a77827d46d190173046022100b579338a44c236d3f214b2e150011a08cf251193ecfae2244edb0a5794e9b301022100fab468862c47d98204d437cf2be8c54a5a4ecd1ebb1c61a6c23da7b9c75f6841 | ||||
|   counter: 0 | ||||
| - id: 3 | ||||
|   name: "u2fkey-deleted" | ||||
|   user_id: 1 | ||||
|   raw: 0x05040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf240efe2e213b889daf3fc88e3952e8dd6b4cfd82f1a1212e2ab4b19389455ecf3e67f0aeafc91b9c0d413c9d6215a45177c1d5076358aa6ee20e1b30e3d7467cae2308202bd308201a5a00302010202041e8f8734300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306e310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3127302506035504030c1e59756269636f205532462045452053657269616c203531323732323734303059301306072a8648ce3d020106082a8648ce3d03010703420004a879f82338ed1494bac0704bcc7fc663d1b271715976243101c7605115d7c1529e281c1c67322d384b5cd55dd3e9818d5fd85c22af326e0c64fc20afe33f2366a36c306a302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b050003820101008693ff62df0d5779d4748d7fc8d10227318a8e580e6a3a57c108e94e03c38568b366894fce5624be4a3efd7f34118b3d993743f792a1989160c8fc9ae0b04e3df9ee15e3e88c04fc82a8dcbf5818e108dcc2968577ae79ff662b94734e3dec4597305d73e6e55ee2beb9cd9678ca0935e533eb638f8e26fabb817cda441fbe9831832ae5f6e2ad992f9ebbdb4c62238b8f8d7ab481d6d3263bcdbf9e4a57550370988ad5813440fa032cadb6723cadd8f8d7ba809f75b43cffa0a5b9add14232ef9d9e14812638233c4ca4a873b9f8ac98e32ba19167606e15909fcddb4a2dffbdae4620249f9a6646ac81e4832d1119febfaa731a882da25a77827d46d190173046022100b579338a44c236d3f214b2e150011a08cf251193ecfae2244edb0a5794e9b301022100fab468862c47d98204d437cf2be8c54a5a4ecd1ebb1c61a6c23da7b9c75f6841 | ||||
|   counter: 0 | ||||
| - id: 4 | ||||
|   name: "u2fkey-wrong-user-id" | ||||
|   user_id: 2 | ||||
|   raw: 0x05040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf240efe2e213b889daf3fc88e3952e8dd6b4cfd82f1a1212e2ab4b19389455ecf3e67f0aeafc91b9c0d413c9d6215a45177c1d5076358aa6ee20e1b30e3d7467cae2308202bd308201a5a00302010202041e8f8734300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306e310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3127302506035504030c1e59756269636f205532462045452053657269616c203531323732323734303059301306072a8648ce3d020106082a8648ce3d03010703420004a879f82338ed1494bac0704bcc7fc663d1b271715976243101c7605115d7c1529e281c1c67322d384b5cd55dd3e9818d5fd85c22af326e0c64fc20afe33f2366a36c306a302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b050003820101008693ff62df0d5779d4748d7fc8d10227318a8e580e6a3a57c108e94e03c38568b366894fce5624be4a3efd7f34118b3d993743f792a1989160c8fc9ae0b04e3df9ee15e3e88c04fc82a8dcbf5818e108dcc2968577ae79ff662b94734e3dec4597305d73e6e55ee2beb9cd9678ca0935e533eb638f8e26fabb817cda441fbe9831832ae5f6e2ad992f9ebbdb4c62238b8f8d7ab481d6d3263bcdbf9e4a57550370988ad5813440fa032cadb6723cadd8f8d7ba809f75b43cffa0a5b9add14232ef9d9e14812638233c4ca4a873b9f8ac98e32ba19167606e15909fcddb4a2dffbdae4620249f9a6646ac81e4832d1119febfaa731a882da25a77827d46d190173046022100b579338a44c236d3f214b2e150011a08cf251193ecfae2244edb0a5794e9b301022100fab468862c47d98204d437cf2be8c54a5a4ecd1ebb1c61a6c23da7b9c75f6841 | ||||
|   counter: 0 | ||||
| @ -0,0 +1,30 @@ | ||||
| - | ||||
|   id: 1 | ||||
|   lower_name: "u2fkey-correctly-migrated" | ||||
|   name: "u2fkey-correctly-migrated" | ||||
|   user_id: 1 | ||||
|   credential_id: "TVHE44TOH7DF7V48SEAIT3EMMJ7TGBOQ289E5AQB34S98LFCUFJ7U2NAVI8RJG6K2F4TC8AQ8KBNO7AGEOQOL9NE43GR63HTEHJSLOG=" | ||||
|   public_key: 0x040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf2 | ||||
|   attestation_type: 'fido-u2f' | ||||
|   sign_count: 1 | ||||
|   clone_warning: false | ||||
| - | ||||
|   id: 2 | ||||
|   lower_name: "u2fkey-incorrectly-migrated" | ||||
|   name: "u2fkey-incorrectly-migrated" | ||||
|   user_id: 1 | ||||
|   credential_id: "TVHE44TOH7DF7V48SEAIT3EMMJ7TGBOQ289E5AQB34S98LFCUFJ7U2NAVI8RJG6K2F4TC8A" | ||||
|   public_key: 0x040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf2 | ||||
|   attestation_type: 'fido-u2f' | ||||
|   sign_count: 1 | ||||
|   clone_warning: false | ||||
| - | ||||
|   id: 4 | ||||
|   lower_name: "u2fkey-wrong-user-id" | ||||
|   name: "u2fkey-wrong-user-id" | ||||
|   user_id: 1 | ||||
|   credential_id: "THIS SHOULD NOT CHAGNGE" | ||||
|   public_key: 0x040d0967a2cad045011631187576492a0beb5b377954b4f694c5afc8bdf25270f87f09a9ab6ce9c282f447ba71b2f2bae2105b32b847e0704f310f48644e3eddf2 | ||||
|   attestation_type: 'fido-u2f' | ||||
|   sign_count: 1 | ||||
|   clone_warning: false | ||||
| @ -370,6 +370,8 @@ var migrations = []Migration{ | ||||
| 	NewMigration("Add webauthn table and migrate u2f data to webauthn", addWebAuthnCred), | ||||
| 	// v208 -> v209 | ||||
| 	NewMigration("Use base32.HexEncoding instead of base64 encoding for cred ID as it is case insensitive", useBase32HexForCredIDInWebAuthnCredential), | ||||
| 	// v209 -> v210 | ||||
| 	NewMigration("Increase WebAuthentication CredentialID size to 410", increaseCredentialIDTo410), | ||||
| } | ||||
|  | ||||
| // GetCurrentDBVersion returns the current db version | ||||
|  | ||||
| @ -22,7 +22,7 @@ func addWebAuthnCred(x *xorm.Engine) error { | ||||
| 		Name            string | ||||
| 		LowerName       string `xorm:"unique(s)"` | ||||
| 		UserID          int64  `xorm:"INDEX unique(s)"` | ||||
| 		CredentialID    string `xorm:"INDEX"` | ||||
| 		CredentialID    string `xorm:"INDEX VARCHAR(410)"` // CredentalID in U2F is at most 255bytes / 5 * 8 = 408 - add a few extra characters for safety | ||||
| 		PublicKey       []byte | ||||
| 		AttestationType string | ||||
| 		AAGUID          []byte | ||||
|  | ||||
| @ -15,7 +15,7 @@ func useBase32HexForCredIDInWebAuthnCredential(x *xorm.Engine) error { | ||||
| 	// Create webauthnCredential table | ||||
| 	type webauthnCredential struct { | ||||
| 		ID           int64  `xorm:"pk autoincr"` | ||||
| 		CredentialID string `xorm:"INDEX"` | ||||
| 		CredentialID string `xorm:"INDEX VARCHAR(410)"` | ||||
| 	} | ||||
| 	if err := x.Sync2(&webauthnCredential{}); err != nil { | ||||
| 		return err | ||||
|  | ||||
							
								
								
									
										136
									
								
								models/migrations/v209.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										136
									
								
								models/migrations/v209.go
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,136 @@ | ||||
| // Copyright 2022 The Gitea Authors. All rights reserved. | ||||
| // Use of this source code is governed by a MIT-style | ||||
| // license that can be found in the LICENSE file. | ||||
|  | ||||
| package migrations | ||||
|  | ||||
| import ( | ||||
| 	"encoding/base32" | ||||
| 	"fmt" | ||||
| 	"strings" | ||||
|  | ||||
| 	"code.gitea.io/gitea/modules/timeutil" | ||||
|  | ||||
| 	"github.com/tstranex/u2f" | ||||
| 	"xorm.io/xorm" | ||||
| 	"xorm.io/xorm/schemas" | ||||
| ) | ||||
|  | ||||
| func increaseCredentialIDTo410(x *xorm.Engine) error { | ||||
| 	// Create webauthnCredential table | ||||
| 	type webauthnCredential struct { | ||||
| 		ID              int64 `xorm:"pk autoincr"` | ||||
| 		Name            string | ||||
| 		LowerName       string `xorm:"unique(s)"` | ||||
| 		UserID          int64  `xorm:"INDEX unique(s)"` | ||||
| 		CredentialID    string `xorm:"INDEX VARCHAR(410)"` // CredentalID in U2F is at most 255bytes / 5 * 8 = 408 - add a few extra characters for safety | ||||
| 		PublicKey       []byte | ||||
| 		AttestationType string | ||||
| 		AAGUID          []byte | ||||
| 		SignCount       uint32 `xorm:"BIGINT"` | ||||
| 		CloneWarning    bool | ||||
| 		CreatedUnix     timeutil.TimeStamp `xorm:"INDEX created"` | ||||
| 		UpdatedUnix     timeutil.TimeStamp `xorm:"INDEX updated"` | ||||
| 	} | ||||
| 	if err := x.Sync2(&webauthnCredential{}); err != nil { | ||||
| 		return err | ||||
| 	} | ||||
|  | ||||
| 	switch x.Dialect().URI().DBType { | ||||
| 	case schemas.MYSQL: | ||||
| 		_, err := x.Exec("ALTER TABLE webauthn_credential MODIFY COLUMN credential_id VARCHAR(410)") | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 	case schemas.ORACLE: | ||||
| 		_, err := x.Exec("ALTER TABLE webauthn_credential MODIFY credential_id VARCHAR(410)") | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 	case schemas.MSSQL: | ||||
| 		// This column has an index on it. I could write all of the code to attempt to change the index OR | ||||
| 		// I could just use recreate table. | ||||
| 		sess := x.NewSession() | ||||
| 		if err := sess.Begin(); err != nil { | ||||
| 			_ = sess.Close() | ||||
| 			return err | ||||
| 		} | ||||
|  | ||||
| 		if err := recreateTable(sess, new(webauthnCredential)); err != nil { | ||||
| 			_ = sess.Close() | ||||
| 			return err | ||||
| 		} | ||||
| 		if err := sess.Commit(); err != nil { | ||||
| 			_ = sess.Close() | ||||
| 			return err | ||||
| 		} | ||||
| 		if err := sess.Close(); err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 	case schemas.POSTGRES: | ||||
| 		_, err := x.Exec("ALTER TABLE webauthn_credential ALTER COLUMN credential_id TYPE VARCHAR(410)") | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 	default: | ||||
| 		// SQLite doesn't support ALTER COLUMN, and it already makes String _TEXT_ by default so no migration needed | ||||
| 		// nor is there any need to re-migrate | ||||
| 		return nil | ||||
| 	} | ||||
|  | ||||
| 	// Now migrate the old u2f registrations to the new format | ||||
| 	type u2fRegistration struct { | ||||
| 		ID          int64 `xorm:"pk autoincr"` | ||||
| 		Name        string | ||||
| 		UserID      int64 `xorm:"INDEX"` | ||||
| 		Raw         []byte | ||||
| 		Counter     uint32             `xorm:"BIGINT"` | ||||
| 		CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"` | ||||
| 		UpdatedUnix timeutil.TimeStamp `xorm:"INDEX updated"` | ||||
| 	} | ||||
|  | ||||
| 	var start int | ||||
| 	regs := make([]*u2fRegistration, 0, 50) | ||||
| 	for { | ||||
| 		err := x.OrderBy("id").Limit(50, start).Find(®s) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
|  | ||||
| 		for _, reg := range regs { | ||||
| 			parsed := new(u2f.Registration) | ||||
| 			err = parsed.UnmarshalBinary(reg.Raw) | ||||
| 			if err != nil { | ||||
| 				continue | ||||
| 			} | ||||
|  | ||||
| 			cred := &webauthnCredential{} | ||||
| 			has, err := x.ID(reg.ID).Where("id = ? AND user_id = ?", reg.ID, reg.UserID).Get(cred) | ||||
| 			if err != nil { | ||||
| 				return fmt.Errorf("unable to get webauthn_credential[%d]. Error: %v", reg.ID, err) | ||||
| 			} | ||||
| 			if !has { | ||||
| 				continue | ||||
| 			} | ||||
| 			remigratedCredID := base32.HexEncoding.EncodeToString(parsed.KeyHandle) | ||||
| 			if cred.CredentialID == remigratedCredID || (!strings.HasPrefix(remigratedCredID, cred.CredentialID) && cred.CredentialID != "") { | ||||
| 				continue | ||||
| 			} | ||||
|  | ||||
| 			cred.CredentialID = remigratedCredID | ||||
|  | ||||
| 			_, err = x.ID(cred.ID).Update(cred) | ||||
| 			if err != nil { | ||||
| 				return err | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		if len(regs) < 50 { | ||||
| 			break | ||||
| 		} | ||||
| 		start += 50 | ||||
| 		regs = regs[:0] | ||||
| 	} | ||||
|  | ||||
| 	return nil | ||||
| } | ||||
							
								
								
									
										74
									
								
								models/migrations/v209_test.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										74
									
								
								models/migrations/v209_test.go
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,74 @@ | ||||
| // Copyright 2021 The Gitea Authors. All rights reserved. | ||||
| // Use of this source code is governed by a MIT-style | ||||
| // license that can be found in the LICENSE file. | ||||
|  | ||||
| package migrations | ||||
|  | ||||
| import ( | ||||
| 	"testing" | ||||
|  | ||||
| 	"code.gitea.io/gitea/modules/timeutil" | ||||
| 	"github.com/stretchr/testify/assert" | ||||
| 	"xorm.io/xorm/schemas" | ||||
| ) | ||||
|  | ||||
| func Test_increaseCredentialIDTo410(t *testing.T) { | ||||
| 	// Create webauthnCredential table | ||||
| 	type WebauthnCredential struct { | ||||
| 		ID              int64 `xorm:"pk autoincr"` | ||||
| 		Name            string | ||||
| 		LowerName       string `xorm:"unique(s)"` | ||||
| 		UserID          int64  `xorm:"INDEX unique(s)"` | ||||
| 		CredentialID    string `xorm:"INDEX VARCHAR(410)"` // CredentalID in U2F is at most 255bytes / 5 * 8 = 408 - add a few extra characters for safety | ||||
| 		PublicKey       []byte | ||||
| 		AttestationType string | ||||
| 		SignCount       uint32 `xorm:"BIGINT"` | ||||
| 		CloneWarning    bool | ||||
| 	} | ||||
|  | ||||
| 	// Now migrate the old u2f registrations to the new format | ||||
| 	type U2fRegistration struct { | ||||
| 		ID          int64 `xorm:"pk autoincr"` | ||||
| 		Name        string | ||||
| 		UserID      int64 `xorm:"INDEX"` | ||||
| 		Raw         []byte | ||||
| 		Counter     uint32             `xorm:"BIGINT"` | ||||
| 		CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"` | ||||
| 		UpdatedUnix timeutil.TimeStamp `xorm:"INDEX updated"` | ||||
| 	} | ||||
|  | ||||
| 	type ExpectedWebauthnCredential struct { | ||||
| 		ID           int64  `xorm:"pk autoincr"` | ||||
| 		CredentialID string `xorm:"INDEX VARCHAR(410)"` // CredentalID in U2F is at most 255bytes / 5 * 8 = 408 - add a few extra characters for safety | ||||
| 	} | ||||
|  | ||||
| 	// Prepare and load the testing database | ||||
| 	x, deferable := prepareTestEnv(t, 0, new(WebauthnCredential), new(U2fRegistration), new(ExpectedWebauthnCredential)) | ||||
| 	if x == nil || t.Failed() { | ||||
| 		defer deferable() | ||||
| 		return | ||||
| 	} | ||||
| 	defer deferable() | ||||
|  | ||||
| 	if x.Dialect().URI().DBType == schemas.SQLITE { | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	// Run the migration | ||||
| 	if err := increaseCredentialIDTo410(x); err != nil { | ||||
| 		assert.NoError(t, err) | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	expected := []ExpectedWebauthnCredential{} | ||||
| 	if err := x.Table("expected_webauthn_credential").Asc("id").Find(&expected); !assert.NoError(t, err) { | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	got := []ExpectedWebauthnCredential{} | ||||
| 	if err := x.Table("webauthn_credential").Select("id, credential_id").Asc("id").Find(&got); !assert.NoError(t, err) { | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	assert.EqualValues(t, expected, got) | ||||
| } | ||||
		Reference in New Issue
	
	Block a user
	 zeripath
					zeripath