27 lines
1.1 KiB
Ruby
27 lines
1.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AddCodeChallengeToOauthAccessGrants < ActiveRecord::Migration[6.0]
|
|
include Gitlab::Database::MigrationHelpers
|
|
|
|
DOWNTIME = false
|
|
|
|
disable_ddl_transaction!
|
|
|
|
def up
|
|
add_column(:oauth_access_grants, :code_challenge, :text, null: true) unless column_exists?(:oauth_access_grants, :code_challenge)
|
|
# If `code_challenge_method` is 'plain' the length is at most 128 characters as per the spec
|
|
# https://tools.ietf.org/html/rfc7636#section-4.1
|
|
# Otherwise the max length of base64(SHA256(code_verifier)) is 44 characters
|
|
add_text_limit(:oauth_access_grants, :code_challenge, 128, constraint_name: 'oauth_access_grants_code_challenge')
|
|
|
|
add_column(:oauth_access_grants, :code_challenge_method, :text, null: true) unless column_exists?(:oauth_access_grants, :code_challenge_method)
|
|
# Values are either 'plain' or 'S256'
|
|
add_text_limit(:oauth_access_grants, :code_challenge_method, 5, constraint_name: 'oauth_access_grants_code_challenge_method')
|
|
end
|
|
|
|
def down
|
|
remove_column(:oauth_access_grants, :code_challenge)
|
|
remove_column(:oauth_access_grants, :code_challenge_method)
|
|
end
|
|
end
|