aboutsummaryrefslogtreecommitdiffstats
path: root/models/migrations/v1_17/v221.go
blob: 17744d53ab020337e9a6a423ca6abcb36d6e15d4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
// Copyright 2022 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package v1_17 // nolint

import (
	"encoding/base32"
	"fmt"

	"code.gitea.io/gitea/modules/timeutil"

	"xorm.io/xorm"
)

func StoreWebauthnCredentialIDAsBytes(x *xorm.Engine) error {
	// Create webauthnCredential table
	type webauthnCredential struct {
		ID           int64 `xorm:"pk autoincr"`
		Name         string
		LowerName    string `xorm:"unique(s)"`
		UserID       int64  `xorm:"INDEX unique(s)"`
		CredentialID string `xorm:"INDEX VARCHAR(410)"`
		// Note the lack of INDEX here - these will be created once the column is renamed in v223.go
		CredentialIDBytes []byte `xorm:"VARBINARY(1024)"` // CredentialID is at most 1023 bytes as per spec released 20 July 2022
		PublicKey         []byte
		AttestationType   string
		AAGUID            []byte
		SignCount         uint32 `xorm:"BIGINT"`
		CloneWarning      bool
		CreatedUnix       timeutil.TimeStamp `xorm:"INDEX created"`
		UpdatedUnix       timeutil.TimeStamp `xorm:"INDEX updated"`
	}
	if err := x.Sync2(&webauthnCredential{}); err != nil {
		return err
	}

	var start int
	creds := make([]*webauthnCredential, 0, 50)
	for {
		err := x.Select("id, credential_id").OrderBy("id").Limit(50, start).Find(&creds)
		if err != nil {
			return err
		}

		err = func() error {
			sess := x.NewSession()
			defer sess.Close()
			if err := sess.Begin(); err != nil {
				return fmt.Errorf("unable to allow start session. Error: %w", err)
			}
			for _, cred := range creds {
				cred.CredentialIDBytes, err = base32.HexEncoding.DecodeString(cred.CredentialID)
				if err != nil {
					return fmt.Errorf("unable to parse credential id %s for credential[%d]: %w", cred.CredentialID, cred.ID, err)
				}
				count, err := sess.ID(cred.ID).Cols("credential_id_bytes").Update(cred)
				if count != 1 || err != nil {
					return fmt.Errorf("unable to update credential id bytes for credential[%d]: %d,%w", cred.ID, count, err)
				}
			}
			return sess.Commit()
		}()
		if err != nil {
			return err
		}

		if len(creds) < 50 {
			break
		}
		start += 50
		creds = creds[:0]
	}
	return nil
}