diff options
Diffstat (limited to 'db/migrate/20201209163958_add_code_challenge_to_oauth_access_grants.rb')
-rw-r--r-- | db/migrate/20201209163958_add_code_challenge_to_oauth_access_grants.rb | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/db/migrate/20201209163958_add_code_challenge_to_oauth_access_grants.rb b/db/migrate/20201209163958_add_code_challenge_to_oauth_access_grants.rb new file mode 100644 index 00000000000..48292cce55b --- /dev/null +++ b/db/migrate/20201209163958_add_code_challenge_to_oauth_access_grants.rb @@ -0,0 +1,26 @@ +# frozen_string_literal: true + +class AddCodeChallengeToOauthAccessGrants < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_column(:oauth_access_grants, :code_challenge, :text, null: true) unless column_exists?(:oauth_access_grants, :code_challenge) + # If `code_challenge_method` is 'plain' the length is at most 128 characters as per the spec + # https://tools.ietf.org/html/rfc7636#section-4.1 + # Otherwise the max length of base64(SHA256(code_verifier)) is 44 characters + add_text_limit(:oauth_access_grants, :code_challenge, 128, constraint_name: 'oauth_access_grants_code_challenge') + + add_column(:oauth_access_grants, :code_challenge_method, :text, null: true) unless column_exists?(:oauth_access_grants, :code_challenge_method) + # Values are either 'plain' or 'S256' + add_text_limit(:oauth_access_grants, :code_challenge_method, 5, constraint_name: 'oauth_access_grants_code_challenge_method') + end + + def down + remove_column(:oauth_access_grants, :code_challenge) + remove_column(:oauth_access_grants, :code_challenge_method) + end +end |