mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
fix(storage): webauthn kid too short for some devices (#2957)
This fixes an issue that may cause the kid length of a webauthn device to exceed that length allowed by the database column.
This commit is contained in:
parent
82d28155d0
commit
204cef4d03
|
@ -23,3 +23,4 @@ this instance if you wanted to downgrade to pre1 you would need to use an Authel
|
||||||
| pre1 | 4.0.0 | Downgrading to this version requires you use the --pre1 flag |
|
| pre1 | 4.0.0 | Downgrading to this version requires you use the --pre1 flag |
|
||||||
| 1 | 4.33.0 | Initial migration managed version |
|
| 1 | 4.33.0 | Initial migration managed version |
|
||||||
| 2 | 4.34.0 | Webauthn - added webauthn_devices table, altered totp_config to include device created/used dates |
|
| 2 | 4.34.0 | Webauthn - added webauthn_devices table, altered totp_config to include device created/used dates |
|
||||||
|
| 3 | 4.34.2 | Webauthn - fix V2 migration kid column length and provide migration path for anyone on V2 |
|
||||||
|
|
|
@ -56,7 +56,7 @@ const (
|
||||||
|
|
||||||
const (
|
const (
|
||||||
// This is the latest schema version for the purpose of tests.
|
// This is the latest schema version for the purpose of tests.
|
||||||
testLatestVersion = 2
|
testLatestVersion = 3
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -26,7 +26,7 @@ CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
rpid TEXT,
|
rpid TEXT,
|
||||||
username VARCHAR(100) NOT NULL,
|
username VARCHAR(100) NOT NULL,
|
||||||
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
kid VARCHAR(100) NOT NULL,
|
kid VARCHAR(512) NOT NULL,
|
||||||
public_key BLOB NOT NULL,
|
public_key BLOB NOT NULL,
|
||||||
attestation_type VARCHAR(32),
|
attestation_type VARCHAR(32),
|
||||||
transport VARCHAR(20) DEFAULT '',
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
|
|
@ -26,7 +26,7 @@ CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
rpid TEXT,
|
rpid TEXT,
|
||||||
username VARCHAR(100) NOT NULL,
|
username VARCHAR(100) NOT NULL,
|
||||||
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
kid VARCHAR(100) NOT NULL,
|
kid VARCHAR(512) NOT NULL,
|
||||||
public_key BYTEA NOT NULL,
|
public_key BYTEA NOT NULL,
|
||||||
attestation_type VARCHAR(32),
|
attestation_type VARCHAR(32),
|
||||||
transport VARCHAR(20) DEFAULT '',
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
|
|
@ -26,7 +26,7 @@ CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
rpid TEXT,
|
rpid TEXT,
|
||||||
username VARCHAR(100) NOT NULL,
|
username VARCHAR(100) NOT NULL,
|
||||||
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
kid VARCHAR(100) NOT NULL,
|
kid VARCHAR(512) NOT NULL,
|
||||||
public_key BLOB NOT NULL,
|
public_key BLOB NOT NULL,
|
||||||
attestation_type VARCHAR(32),
|
attestation_type VARCHAR(32),
|
||||||
transport VARCHAR(20) DEFAULT '',
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
DROP TABLE IF EXISTS _bkp_UP_V0003_webauthn_devices;
|
|
@ -0,0 +1,26 @@
|
||||||
|
ALTER TABLE webauthn_devices RENAME _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
|
id INTEGER AUTO_INCREMENT,
|
||||||
|
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
last_used_at TIMESTAMP NULL DEFAULT NULL,
|
||||||
|
rpid TEXT,
|
||||||
|
username VARCHAR(100) NOT NULL,
|
||||||
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
|
kid VARCHAR(512) NOT NULL,
|
||||||
|
public_key BLOB NOT NULL,
|
||||||
|
attestation_type VARCHAR(32),
|
||||||
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
aaguid CHAR(36) NOT NULL,
|
||||||
|
sign_count INTEGER DEFAULT 0,
|
||||||
|
clone_warning BOOLEAN NOT NULL DEFAULT FALSE,
|
||||||
|
PRIMARY KEY (id),
|
||||||
|
UNIQUE KEY (username, description),
|
||||||
|
UNIQUE KEY (kid)
|
||||||
|
);
|
||||||
|
|
||||||
|
INSERT INTO webauthn_devices (id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning)
|
||||||
|
SELECT id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning
|
||||||
|
FROM _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
DROP TABLE IF EXISTS _bkp_UP_V0003_webauthn_devices;
|
|
@ -0,0 +1,26 @@
|
||||||
|
ALTER TABLE webauthn_devices RENAME TO _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
|
id SERIAL,
|
||||||
|
created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
last_used_at TIMESTAMP WITH TIME ZONE NULL DEFAULT NULL,
|
||||||
|
rpid TEXT,
|
||||||
|
username VARCHAR(100) NOT NULL,
|
||||||
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
|
kid VARCHAR(512) NOT NULL,
|
||||||
|
public_key BYTEA NOT NULL,
|
||||||
|
attestation_type VARCHAR(32),
|
||||||
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
aaguid CHAR(36) NOT NULL,
|
||||||
|
sign_count INTEGER DEFAULT 0,
|
||||||
|
clone_warning BOOLEAN NOT NULL DEFAULT FALSE,
|
||||||
|
PRIMARY KEY (id),
|
||||||
|
UNIQUE (username, description),
|
||||||
|
UNIQUE (kid)
|
||||||
|
);
|
||||||
|
|
||||||
|
INSERT INTO webauthn_devices (id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning)
|
||||||
|
SELECT id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning
|
||||||
|
FROM _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
DROP TABLE IF EXISTS _bkp_UP_V0003_webauthn_devices;
|
|
@ -0,0 +1,26 @@
|
||||||
|
ALTER TABLE webauthn_devices RENAME TO _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
CREATE TABLE IF NOT EXISTS webauthn_devices (
|
||||||
|
id INTEGER,
|
||||||
|
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
last_used_at TIMESTAMP NULL DEFAULT NULL,
|
||||||
|
rpid TEXT,
|
||||||
|
username VARCHAR(100) NOT NULL,
|
||||||
|
description VARCHAR(30) NOT NULL DEFAULT 'Primary',
|
||||||
|
kid VARCHAR(512) NOT NULL,
|
||||||
|
public_key BLOB NOT NULL,
|
||||||
|
attestation_type VARCHAR(32),
|
||||||
|
transport VARCHAR(20) DEFAULT '',
|
||||||
|
aaguid CHAR(36) NOT NULL,
|
||||||
|
sign_count INTEGER DEFAULT 0,
|
||||||
|
clone_warning BOOLEAN NOT NULL DEFAULT FALSE,
|
||||||
|
PRIMARY KEY (id),
|
||||||
|
UNIQUE (username, description),
|
||||||
|
UNIQUE (kid)
|
||||||
|
);
|
||||||
|
|
||||||
|
INSERT INTO webauthn_devices (id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning)
|
||||||
|
SELECT id, created_at, last_used_at, rpid, username, description, kid, public_key, attestation_type, transport, aaguid, sign_count, clone_warning
|
||||||
|
FROM _bkp_UP_V0003_webauthn_devices;
|
||||||
|
|
||||||
|
DROP TABLE IF EXISTS _bkp_UP_V0003_webauthn_devices;
|
Loading…
Reference in New Issue
Block a user