refactor: ensure bad consent sessions and identifiers are deleted (#3241)

This commit is contained in:
James Elliott 2022-04-25 17:53:38 +10:00 committed by GitHub
parent 6c17ac5cc8
commit 861bcc898f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 0 deletions

View File

@ -1,3 +1,5 @@
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
ALTER TABLE oauth2_consent_session MODIFY subject CHAR(36) NULL DEFAULT NULL;
ALTER TABLE oauth2_consent_session
DROP FOREIGN KEY oauth2_consent_subject_fkey,

View File

@ -1,3 +1,5 @@
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
ALTER TABLE oauth2_consent_session ALTER COLUMN subject DROP NOT NULL;
ALTER TABLE oauth2_consent_session ALTER COLUMN subject SET DEFAULT NULL;
ALTER TABLE oauth2_consent_session RENAME CONSTRAINT oauth2_consent_subject_fkey TO oauth2_consent_session_subject_fkey;

View File

@ -2,6 +2,9 @@ PRAGMA foreign_keys=off;
BEGIN TRANSACTION;
DELETE FROM oauth2_consent_session WHERE subject IN(SELECT identifier FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect'));
DELETE FROM user_opaque_identifier WHERE username = '' AND service IN('openid', 'openid_connect');
ALTER TABLE oauth2_consent_session RENAME TO _bkp_UP_V0005_oauth2_consent_session;
CREATE TABLE IF NOT EXISTS oauth2_consent_session (