Improve oauth2 database migration from ownCloud #38577
Conversation
julien-nc
added
enhancement
3. to review
|
|
||
| $qbDeleteAccessTokens->delete('oauth2_access_tokens') | ||
| ->where( | ||
| $qbSelectClientId->expr()->in('client_id', $qbDeleteAccessTokens->createFunction($qbSelectClientId->getSQL()), IQueryBuilder::PARAM_STR_ARRAY) |
There was a problem hiding this comment.
Does this work? I though getSQL didn't replace the parameters.
There was a problem hiding this comment.
That works. Maybe because the expression is built with the same query builder.
$qbSelectClientId->expr() and $qbSelectClientId->getSQL()
|
If this can help, I kept a script to test the initial version of the migration: #30276 |
| $qbSelectClientId->select('id') | ||
| ->from('oauth2_clients') | ||
| ->where( | ||
| $qbSelectClientId->expr()->iLike('redirect_uri', $qbDeleteAccessTokens->createNamedParameter('oc://%', IQueryBuilder::PARAM_STR)) |
There was a problem hiding this comment.
Do we know if the column is indexed on the owncloud side?
There was a problem hiding this comment.
We don't but I guess @pmarini-nc can get that information for us
There was a problem hiding this comment.
I understand the column that we want to know whether it is indexed is oauth2_clients.id. I asked the prospect
There was a problem hiding this comment.
I installed ownCloud 10.12.1. The only oauth2 related index is on the token column of oauth2_access_tokens.
There was a problem hiding this comment.
oC table definition:
MySQL [ucprod]> show create table oc_oauth2_clients\G
*************************** 1. row ***************************
Table: oc_oauth2_clients
Create Table: CREATE TABLE `oc_oauth2_clients` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`identifier` varchar(64) COLLATE utf8_bin NOT NULL,
`secret` varchar(64) COLLATE utf8_bin NOT NULL,
`redirect_uri` varchar(2000) COLLATE utf8_bin NOT NULL,
`name` varchar(80) COLLATE utf8_bin NOT NULL,
`allow_subdomains` tinyint(1) NOT NULL DEFAULT 0,
`trusted` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
UNIQUE KEY `name_idx` (`name`)
) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=utf8 COLLATE=utf8_bin
There was a problem hiding this comment.
All right, then this would require a full table scan for the like statements, which could take longer depending on the size of the table, but I'd say since this is a onetime migration this should be fine.
|
Potential problem: The Do you think we should cut the values during the migration? |
I think we should just bump the field length to To support future migrations it be code if this is done in code by us and not purely via DBA cli else we might miss it in future migration scenarios. Wat do you think @julien-nc ? |
|
@AndyScherzinger Actually we already set the I wonder what happens for rows having a name which is longer than 64. |
julien-nc
force-pushed
the
enh/noid/improve-oauth-migration-from-oc
branch
from
b7e8996
to
aa3f6b1
Compare
|
@AndyScherzinger 745b408 shortens the values before resizing the column. |
julien-nc
force-pushed
the
enh/noid/improve-oauth-migration-from-oc
branch
from
aa3f6b1
to
745b408
Compare
|
Sounds/looks good to me @julien-nc 👍 |
julien-nc
force-pushed
the
enh/noid/improve-oauth-migration-from-oc
branch
from
745b408
to
2fabb8d
Compare
|
/backport to stable27 |
|
/backport to stable26 |
|
/backport to stable25 |
…d their access tokens Signed-off-by: Julien Veyssier <[email protected]>
Signed-off-by: Julien Veyssier <[email protected]>
julien-nc
force-pushed
the
enh/noid/improve-oauth-migration-from-oc
branch
from
2fabb8d
to
633e951
Compare
|
CI failures are not related (Cypress jobs) |
|
The backport to stable25 failed. Please do this backport manually. # Switch to the target branch and update it
git checkout stable25
git pull origin/stable25
# Create the new backport branch
git checkout -b fix/foo-stable25
# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts. Resolve them.
git cherry-pick abc123
# Push the cherry pick commit to the remote repository and open a pull request
git push origin fix/foo-stable25More info at https://docs.nextcloud.com/server/latest/developer_manual/getting_started/development_process.html#manual-backport |
The redirect_uri set by OC can be like
oc://android.owncloud.comorhttp://host/*and we don't support those.I tested it by first putting those changes in a migration step in the oauth2 app. Worked fine.