package auth
import (
+ "context"
"crypto/sha256"
"encoding/base32"
"encoding/base64"
uuid "github.com/google/uuid"
"golang.org/x/crypto/bcrypt"
+ "xorm.io/builder"
"xorm.io/xorm"
)
return authSource, nil
}
+
+func DeleteOAuth2RelictsByUserID(ctx context.Context, userID int64) error {
+ deleteCond := builder.Select("id").From("oauth2_grant").Where(builder.Eq{"oauth2_grant.user_id": userID})
+
+ if _, err := db.GetEngine(ctx).In("grant_id", deleteCond).
+ Delete(&OAuth2AuthorizationCode{}); err != nil {
+ return err
+ }
+
+ if err := db.DeleteBeans(ctx,
+ &OAuth2Application{UID: userID},
+ &OAuth2Grant{UserID: userID},
+ ); err != nil {
+ return fmt.Errorf("DeleteBeans: %v", err)
+ }
+
+ return nil
+}
_ "image/jpeg" // Needed for jpeg support
asymkey_model "code.gitea.io/gitea/models/asymkey"
+ auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/issues"
"code.gitea.io/gitea/models/organization"
return fmt.Errorf("deleteBeans: %v", err)
}
+ if err := auth_model.DeleteOAuth2RelictsByUserID(ctx, u.ID); err != nil {
+ return err
+ }
+
if setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now()) {
// find action without repository
genericOrphanCheck("Action entries without existing repository",
"action", "repository", "action.repo_id=repository.id"),
+ // find OAuth2Grant without existing user
+ genericOrphanCheck("Orphaned OAuth2Grant without existing User",
+ "oauth2_grant", "user", "oauth2_grant.user_id=user.id"),
+ // find OAuth2Application without existing user
+ genericOrphanCheck("Orphaned OAuth2Application without existing User",
+ "oauth2_application", "user", "oauth2_application.uid=user.id"),
+ // find OAuth2AuthorizationCode without existing OAuth2Grant
+ genericOrphanCheck("Orphaned OAuth2AuthorizationCode without existing OAuth2Grant",
+ "oauth2_authorization_code", "oauth2_grant", "oauth2_authorization_code.grant_id=oauth2_grant.id"),
)
for _, c := range consistencyChecks {