1
0
mirror of https://github.com/bitwarden/server.git synced 2025-01-08 19:47:44 +01:00
bitwarden-server/util/Migrator/DbScripts/2023-05-16_00_ClientSecretHash.sql
Thomas Avery bb3a9daf98
[SM-678] ClientSecret migration (#2943)
* Init ClientSecret migration

* Fix unit tests

* Move to src/Sql/dbo_future

* Formatting changes

* Update migration date for next release

* Swap to just executing sp_refreshview

* Fix formatting

* Add EF Migrations

* Rename to ClientSecretHash

* Fix unit test

* EF column rename

* Batch the migration

* Fix formatting

* Add deprecation notice to property

* Move data migration

* Swap to CREATE OR ALTER
2023-06-21 13:16:06 -05:00

73 lines
1.6 KiB
Transact-SQL

IF COL_LENGTH('[dbo].[ApiKey]', 'ClientSecretHash') IS NULL
BEGIN
ALTER TABLE [dbo].[ApiKey]
ADD [ClientSecretHash] VARCHAR(128);
END
GO
-- Refresh views
IF OBJECT_ID('[dbo].[ApiKeyDetailsView]') IS NOT NULL
BEGIN
EXECUTE sp_refreshview N'[dbo].[ApiKeyDetailsView]';
END
GO
IF OBJECT_ID('[dbo].[ApiKeyView]') IS NOT NULL
BEGIN
EXECUTE sp_refreshview N'[dbo].[ApiKeyView]';
END
GO
CREATE OR ALTER PROCEDURE [dbo].[ApiKey_Create]
@Id UNIQUEIDENTIFIER OUTPUT,
@ServiceAccountId UNIQUEIDENTIFIER,
@Name VARCHAR(200),
@ClientSecret VARCHAR(30) = 'migrated', -- Deprecated as of 2023-05-17
@ClientSecretHash VARCHAR(128) = NULL,
@Scope NVARCHAR(4000),
@EncryptedPayload NVARCHAR(4000),
@Key VARCHAR(MAX),
@ExpireAt DATETIME2(7),
@CreationDate DATETIME2(7),
@RevisionDate DATETIME2(7)
AS
BEGIN
SET NOCOUNT ON
IF (@ClientSecretHash IS NULL)
BEGIN
DECLARE @hb VARBINARY(128) = HASHBYTES('SHA2_256', @ClientSecret);
SET @ClientSecretHash = CAST(N'' as xml).value('xs:base64Binary(sql:variable("@hb"))', 'VARCHAR(128)');
END
INSERT INTO [dbo].[ApiKey]
(
[Id],
[ServiceAccountId],
[Name],
[ClientSecret],
[ClientSecretHash],
[Scope],
[EncryptedPayload],
[Key],
[ExpireAt],
[CreationDate],
[RevisionDate]
)
VALUES
(
@Id,
@ServiceAccountId,
@Name,
@ClientSecret,
@ClientSecretHash,
@Scope,
@EncryptedPayload,
@Key,
@ExpireAt,
@CreationDate,
@RevisionDate
)
END
GO