authelia/internal/storage/migrations/V0002.WebAuthn.postgres.dow...

ALTER TABLE totp_configurations
    DROP CONSTRAINT IF EXISTS totp_configurations_pkey,
    DROP CONSTRAINT IF EXISTS totp_configurations_pkey1;

ALTER TABLE totp_configurations
    RENAME TO _bkp_DOWN_V0002_totp_configurations;

ALTER TABLE webauthn_devices
    DROP CONSTRAINT IF EXISTS webauthn_devices_pkey,
    DROP CONSTRAINT IF EXISTS webauthn_devices_pkey1;

ALTER TABLE webauthn_devices
    RENAME TO _bkp_DOWN_V0002_webauthn_devices;

CREATE TABLE IF NOT EXISTS totp_configurations (
    id SERIAL CONSTRAINT totp_configurations_pkey PRIMARY KEY,
    username VARCHAR(100) NOT NULL,
    issuer VARCHAR(100),
    algorithm VARCHAR(6) NOT NULL DEFAULT 'SHA1',
    digits INTEGER NOT NULL DEFAULT 6,
    period INTEGER NOT NULL DEFAULT 30,
    secret BYTEA NOT NULL
);

CREATE UNIQUE INDEX totp_configurations_username_key ON totp_configurations (username);

INSERT INTO totp_configurations (id, username, issuer, algorithm, digits, period, secret)
SELECT id, username, issuer, algorithm, digits, period, secret
FROM _bkp_DOWN_V0002_totp_configurations;

CREATE TABLE IF NOT EXISTS u2f_devices (
    id SERIAL CONSTRAINT u2f_devices_pkey PRIMARY KEY,
    username VARCHAR(100) NOT NULL,
    description VARCHAR(30) NOT NULL DEFAULT 'Primary',
    key_handle BYTEA NOT NULL,
    public_key BYTEA NOT NULL
);

CREATE UNIQUE INDEX u2f_devices_lookup_key ON u2f_devices (username, description);

INSERT INTO u2f_devices (id, username, description, key_handle, public_key)
SELECT id, username, description, DECODE(kid, 'base64'), public_key
FROM _bkp_DOWN_V0002_webauthn_devices
WHERE attestation_type = 'fido-u2f';

UPDATE user_preferences
SET second_factor_method = 'u2f'
WHERE second_factor_method = 'webauthn';

DROP TABLE IF EXISTS _bkp_DOWN_V0002_totp_configurations;
DROP TABLE IF EXISTS _bkp_DOWN_V0002_webauthn_devices;
DROP TABLE IF EXISTS _bkp_UP_V0002_totp_configurations;
DROP TABLE IF EXISTS _bkp_UP_V0002_u2f_devices;
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`ALTER TABLE totp_configurations`
			`DROP CONSTRAINT IF EXISTS totp_configurations_pkey,`
			`DROP CONSTRAINT IF EXISTS totp_configurations_pkey1;`

			`ALTER TABLE totp_configurations`
			`RENAME TO _bkp_DOWN_V0002_totp_configurations;`

			`ALTER TABLE webauthn_devices`
			`DROP CONSTRAINT IF EXISTS webauthn_devices_pkey,`
			`DROP CONSTRAINT IF EXISTS webauthn_devices_pkey1;`

			`ALTER TABLE webauthn_devices`
			`RENAME TO _bkp_DOWN_V0002_webauthn_devices;`
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00
			`CREATE TABLE IF NOT EXISTS totp_configurations (`
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`id SERIAL CONSTRAINT totp_configurations_pkey PRIMARY KEY,`
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`username VARCHAR(100) NOT NULL,`
			`issuer VARCHAR(100),`
			`algorithm VARCHAR(6) NOT NULL DEFAULT 'SHA1',`
			`digits INTEGER NOT NULL DEFAULT 6,`
			`period INTEGER NOT NULL DEFAULT 30,`
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`secret BYTEA NOT NULL`
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`);`

fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`CREATE UNIQUE INDEX totp_configurations_username_key ON totp_configurations (username);`

feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`INSERT INTO totp_configurations (id, username, issuer, algorithm, digits, period, secret)`
			`SELECT id, username, issuer, algorithm, digits, period, secret`
			`FROM _bkp_DOWN_V0002_totp_configurations;`

			`CREATE TABLE IF NOT EXISTS u2f_devices (`
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`id SERIAL CONSTRAINT u2f_devices_pkey PRIMARY KEY,`
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`username VARCHAR(100) NOT NULL,`
			`description VARCHAR(30) NOT NULL DEFAULT 'Primary',`
			`key_handle BYTEA NOT NULL,`
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`public_key BYTEA NOT NULL`
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`);`

fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00			`CREATE UNIQUE INDEX u2f_devices_lookup_key ON u2f_devices (username, description);`

feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless. 2022-03-03 11:20:43 +00:00			`INSERT INTO u2f_devices (id, username, description, key_handle, public_key)`
			`SELECT id, username, description, DECODE(kid, 'base64'), public_key`
			`FROM _bkp_DOWN_V0002_webauthn_devices`
			`WHERE attestation_type = 'fido-u2f';`

			`UPDATE user_preferences`
			`SET second_factor_method = 'u2f'`
			`WHERE second_factor_method = 'webauthn';`
fix(storage): schema inconsistency (#4262) 2022-11-19 05:47:09 +00:00
			`DROP TABLE IF EXISTS _bkp_DOWN_V0002_totp_configurations;`
			`DROP TABLE IF EXISTS _bkp_DOWN_V0002_webauthn_devices;`
			`DROP TABLE IF EXISTS _bkp_UP_V0002_totp_configurations;`
			`DROP TABLE IF EXISTS _bkp_UP_V0002_u2f_devices;`