Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: The schema of oc_oauth2_access_tokens is not adjusted properly and its data is not migrated correctly when migrating from ownCloud #50186

Open
4 of 8 tasks
st3iny opened this issue Jan 14, 2025 · 0 comments · May be fixed by #50193
Open
4 of 8 tasks

[Bug]: The schema of oc_oauth2_access_tokens is not adjusted properly and its data is not migrated correctly when migrating from ownCloud #50186

st3iny opened this issue Jan 14, 2025 · 0 comments · May be fixed by #50193
Labels
1. to develop Accepted and waiting to be taken care of 29-feedback bug feature: authentication feature: owncloud migration

Comments

@st3iny
Copy link
Member

st3iny commented Jan 14, 2025
edited
Loading

⚠️ This issue respects the following points: ⚠️

Bug description

Tokens from the OAuth2 app are not properly migrated when migrating from ownCloud to Nextcloud. There are two major problems:

  1. The schema is not adjusted properly. The token_id column is missing and the token column is superfluous (not dropped).
  2. The existing rows in oc_oauth2_access_tokens should be migrated properly. Currently, all new columns are just added and populated with empty values, yielding broken tokens which cannot be refreshed any more.

Regarding 2): If I understand the authentication logic correctly, we have to migrate tokens from oc_oauth2_access_tokens to oc_authtoken and then migrate refresh tokens from oauth2_refresh_tokens to oc_oauth2_access_tokens. The key difference between both implementations is that the actual authentication tokens are saved in oc_authtoken and the refresh tokens are saved inside oc_oauth2_access_tokens (encrypted) on our end. And we don't use the table oauth2_refresh_tokens any more.

Steps to reproduce

  1. Use ownCloud and set up some OAuth2 clients and access tokens.
  2. Migrate to Nextcloud.
  3. Try to run repair jobs -> creates some of the new columns but errors out later: token is not a valid attribute [OCA\OAuth2\Migration\SetTokenExpiration]
  4. Try to authenticate from existing clients using previous access tokens -> fails
  5. Try to refresh existing tokens -> fails

Expected behavior

It should migrate existing access tokens and let me create new clients and tokens.

Nextcloud Server version

29

Operating system

None

PHP engine version

None

Web server

None

Database engine version

None

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report



List of activated Apps




Nextcloud Signing status




Nextcloud Logs




Additional info


No response

      		
    

      
  





        



            

              
            

        

      


      
    








      


  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    1. to develop

  Accepted and waiting to be taken care of
  

    29-feedback

  

    bug

  

    feature: authentication

  

    feature: owncloud migration









      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




          
  
Successfully merging a pull request may close this issue.





    


  
          
      fix(oauth2): adjust db schemas when migrating from owncloud

    
      nextcloud/server
    





    
  




      

    

  
      

  

    

      2 participants
    

    

        
          @st3iny 
        
          @szaimen