mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
refactor: exclude id from sqlite3 migration (#3242)
* refactor: exclude id from sqlite3 table recreate * docs: add migration docs
This commit is contained in:
parent
06ba312c28
commit
555746e771
|
@ -18,10 +18,11 @@ This means all Authelia versions between two schema versions use the first schem
|
||||||
For example for version pre1, it is used for all versions between it and the version 1 schema, so 4.0.0 to 4.32.2. In
|
For example for version pre1, it is used for all versions between it and the version 1 schema, so 4.0.0 to 4.32.2. In
|
||||||
this instance if you wanted to downgrade to pre1 you would need to use an Authelia binary with version 4.33.0 or higher.
|
this instance if you wanted to downgrade to pre1 you would need to use an Authelia binary with version 4.33.0 or higher.
|
||||||
|
|
||||||
| Schema Version | Authelia Version | Notes |
|
| Schema Version | Authelia Version | Notes |
|
||||||
|:--------------:|:----------------:|:-------------------------------------------------------------------------------------------------:|
|
|:--------------:|:----------------:|:--------------------------------------------------------------------------------------------------:|
|
||||||
| pre1 | 4.0.0 | Downgrading to this version requires you use the --pre1 flag |
|
| pre1 | 4.0.0 | Downgrading to this version requires you use the --pre1 flag |
|
||||||
| 1 | 4.33.0 | Initial migration managed version |
|
| 1 | 4.33.0 | Initial migration managed version |
|
||||||
| 2 | 4.34.0 | Webauthn - added webauthn_devices table, altered totp_config to include device created/used dates |
|
| 2 | 4.34.0 | Webauthn - added webauthn_devices table, altered totp_config to include device created/used dates |
|
||||||
| 3 | 4.34.2 | Webauthn - fix V2 migration kid column length and provide migration path for anyone on V2 |
|
| 3 | 4.34.2 | Webauthn - fix V2 migration kid column length and provide migration path for anyone on V2 |
|
||||||
| 4 | 4.35.0 | Added OpenID Connect storage tables and opaque user identifier tables |
|
| 4 | 4.35.0 | Added OpenID Connect storage tables and opaque user identifier tables |
|
||||||
|
| 5 | 4.35.1 | Fixed the oauth2_consent_session table to accept NULL subjects for users who are not yet signed in |
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
||||||
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
||||||
|
DELETE FROM user_opaque_identifier WHERE service <> 'openid';
|
||||||
ALTER TABLE oauth2_consent_session MODIFY subject CHAR(36) NULL DEFAULT NULL;
|
ALTER TABLE oauth2_consent_session MODIFY subject CHAR(36) NULL DEFAULT NULL;
|
||||||
ALTER TABLE oauth2_consent_session
|
ALTER TABLE oauth2_consent_session
|
||||||
DROP FOREIGN KEY oauth2_consent_subject_fkey,
|
DROP FOREIGN KEY oauth2_consent_subject_fkey,
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
||||||
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
||||||
|
DELETE FROM user_opaque_identifier WHERE service <> 'openid';
|
||||||
ALTER TABLE oauth2_consent_session ALTER COLUMN subject DROP NOT NULL;
|
ALTER TABLE oauth2_consent_session ALTER COLUMN subject DROP NOT NULL;
|
||||||
ALTER TABLE oauth2_consent_session ALTER COLUMN subject SET DEFAULT NULL;
|
ALTER TABLE oauth2_consent_session ALTER COLUMN subject SET DEFAULT NULL;
|
||||||
ALTER TABLE oauth2_consent_session RENAME CONSTRAINT oauth2_consent_subject_fkey TO oauth2_consent_session_subject_fkey;
|
ALTER TABLE oauth2_consent_session RENAME CONSTRAINT oauth2_consent_subject_fkey TO oauth2_consent_session_subject_fkey;
|
||||||
|
|
|
@ -4,6 +4,7 @@ BEGIN TRANSACTION;
|
||||||
|
|
||||||
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
|
||||||
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
|
||||||
|
DELETE FROM user_opaque_identifier WHERE service <> 'openid';
|
||||||
|
|
||||||
ALTER TABLE oauth2_consent_session RENAME TO _bkp_UP_V0005_oauth2_consent_session;
|
ALTER TABLE oauth2_consent_session RENAME TO _bkp_UP_V0005_oauth2_consent_session;
|
||||||
|
|
||||||
|
@ -28,8 +29,8 @@ CREATE TABLE IF NOT EXISTS oauth2_consent_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_consent_session (id, challenge_id, client_id, subject, authorized, granted, requested_at, responded_at, expires_at, form_data, requested_scopes, granted_scopes, requested_audience, granted_audience)
|
INSERT INTO oauth2_consent_session (challenge_id, client_id, subject, authorized, granted, requested_at, responded_at, expires_at, form_data, requested_scopes, granted_scopes, requested_audience, granted_audience)
|
||||||
SELECT id, challenge_id, client_id, subject, authorized, granted, requested_at, responded_at, expires_at, form_data, requested_scopes, granted_scopes, requested_audience, granted_audience
|
SELECT challenge_id, client_id, subject, authorized, granted, requested_at, responded_at, expires_at, form_data, requested_scopes, granted_scopes, requested_audience, granted_audience
|
||||||
FROM _bkp_UP_V0005_oauth2_consent_session
|
FROM _bkp_UP_V0005_oauth2_consent_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
@ -66,8 +67,8 @@ CREATE TABLE IF NOT EXISTS oauth2_authorization_code_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_authorization_code_session (id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
INSERT INTO oauth2_authorization_code_session (challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
||||||
SELECT id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
SELECT challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
||||||
FROM _bkp_UP_V0005_oauth2_authorization_code_session
|
FROM _bkp_UP_V0005_oauth2_authorization_code_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
@ -108,8 +109,8 @@ CREATE TABLE IF NOT EXISTS oauth2_access_token_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_access_token_session (id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
INSERT INTO oauth2_access_token_session (challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
||||||
SELECT id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
SELECT challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
||||||
FROM _bkp_UP_V0005_oauth2_access_token_session
|
FROM _bkp_UP_V0005_oauth2_access_token_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
@ -150,8 +151,8 @@ CREATE TABLE IF NOT EXISTS oauth2_refresh_token_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_refresh_token_session (id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
INSERT INTO oauth2_refresh_token_session (challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
||||||
SELECT id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
SELECT challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
||||||
FROM _bkp_UP_V0005_oauth2_refresh_token_session
|
FROM _bkp_UP_V0005_oauth2_refresh_token_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
@ -192,8 +193,8 @@ CREATE TABLE IF NOT EXISTS oauth2_pkce_request_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_pkce_request_session (id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
INSERT INTO oauth2_pkce_request_session (challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
||||||
SELECT id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
SELECT challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
||||||
FROM _bkp_UP_V0005_oauth2_pkce_request_session
|
FROM _bkp_UP_V0005_oauth2_pkce_request_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
@ -234,8 +235,8 @@ CREATE TABLE IF NOT EXISTS oauth2_openid_connect_session (
|
||||||
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
REFERENCES user_opaque_identifier(identifier) ON UPDATE RESTRICT ON DELETE RESTRICT
|
||||||
);
|
);
|
||||||
|
|
||||||
INSERT INTO oauth2_openid_connect_session (id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
INSERT INTO oauth2_openid_connect_session (challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data)
|
||||||
SELECT id, challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
SELECT challenge_id, request_id, client_id, signature, subject, requested_at, requested_scopes, granted_scopes, requested_audience, granted_audience, active, revoked, form_data, session_data
|
||||||
FROM _bkp_UP_V0005_oauth2_openid_connect_session
|
FROM _bkp_UP_V0005_oauth2_openid_connect_session
|
||||||
ORDER BY id;
|
ORDER BY id;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user