diff options
Diffstat (limited to 'apps/oauth2/lib/Migration')
| -rw-r--r-- | apps/oauth2/lib/Migration/SetTokenExpiration.php | 22 | ||||
| -rw-r--r-- | apps/oauth2/lib/Migration/Version011901Date20240829164356.php | 49 |
2 files changed, 55 insertions, 16 deletions
diff --git a/apps/oauth2/lib/Migration/SetTokenExpiration.php b/apps/oauth2/lib/Migration/SetTokenExpiration.php index 5077e74be87..dc925e26bb2 100644 --- a/apps/oauth2/lib/Migration/SetTokenExpiration.php +++ b/apps/oauth2/lib/Migration/SetTokenExpiration.php @@ -18,21 +18,11 @@ use OCP\Migration\IRepairStep; class SetTokenExpiration implements IRepairStep { - /** @var IDBConnection */ - private $connection; - - /** @var ITimeFactory */ - private $time; - - /** @var TokenProvider */ - private $tokenProvider; - - public function __construct(IDBConnection $connection, - ITimeFactory $timeFactory, - TokenProvider $tokenProvider) { - $this->connection = $connection; - $this->time = $timeFactory; - $this->tokenProvider = $tokenProvider; + public function __construct( + private IDBConnection $connection, + private ITimeFactory $time, + private TokenProvider $tokenProvider, + ) { } public function getName(): string { @@ -44,7 +34,7 @@ class SetTokenExpiration implements IRepairStep { $qb->select('*') ->from('oauth2_access_tokens'); - $cursor = $qb->execute(); + $cursor = $qb->executeQuery(); while ($row = $cursor->fetch()) { $token = AccessToken::fromRow($row); diff --git a/apps/oauth2/lib/Migration/Version011901Date20240829164356.php b/apps/oauth2/lib/Migration/Version011901Date20240829164356.php new file mode 100644 index 00000000000..20f5754bf11 --- /dev/null +++ b/apps/oauth2/lib/Migration/Version011901Date20240829164356.php @@ -0,0 +1,49 @@ +<?php + +declare(strict_types=1); + +/** + * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later + */ +namespace OCA\OAuth2\Migration; + +use Closure; +use OCP\DB\QueryBuilder\IQueryBuilder; +use OCP\IDBConnection; +use OCP\Migration\IOutput; +use OCP\Migration\SimpleMigrationStep; +use OCP\Security\ICrypto; + +class Version011901Date20240829164356 extends SimpleMigrationStep { + + public function __construct( + private IDBConnection $connection, + private ICrypto $crypto, + ) { + } + + public function postSchemaChange(IOutput $output, Closure $schemaClosure, array $options): void { + $qbUpdate = $this->connection->getQueryBuilder(); + $qbUpdate->update('oauth2_clients') + ->set('secret', $qbUpdate->createParameter('updateSecret')) + ->where( + $qbUpdate->expr()->eq('id', $qbUpdate->createParameter('updateId')) + ); + + $qbSelect = $this->connection->getQueryBuilder(); + $qbSelect->select('id', 'secret') + ->from('oauth2_clients'); + $req = $qbSelect->executeQuery(); + while ($row = $req->fetch()) { + $id = $row['id']; + $storedEncryptedSecret = $row['secret']; + $secret = $this->crypto->decrypt($storedEncryptedSecret); + $hashedSecret = bin2hex($this->crypto->calculateHMAC($secret)); + $qbUpdate->setParameter('updateSecret', $hashedSecret, IQueryBuilder::PARAM_STR); + $qbUpdate->setParameter('updateId', $id, IQueryBuilder::PARAM_INT); + $qbUpdate->executeStatement(); + } + $req->closeCursor(); + } +} |