From 29be0a38bffa3f1062092911e8ad4a1f257ac7a2 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 23 Nov 2021 12:12:02 +0100 Subject: [PATCH] Bug 28772: DBRev 19.11.23.001 Note that this added back the following patch: "Bug 28772: Do not hash secrets twice" https://bugs.koha-community.org/show_bug.cgi?id=29132 Signed-off-by: Tomas Cohen Arazi Signed-off-by: Wainui Witika-Park --- Koha.pm | 2 +- .../mysql/atomicupdate/bug_28772_api_keys.pl | 32 ------------------- installer/data/mysql/updatedatabase.pl | 31 ++++++++++++++++++ 3 files changed, 32 insertions(+), 33 deletions(-) delete mode 100755 installer/data/mysql/atomicupdate/bug_28772_api_keys.pl diff --git a/Koha.pm b/Koha.pm index 68d082725c..7b4f1557d4 100644 --- a/Koha.pm +++ b/Koha.pm @@ -29,7 +29,7 @@ use vars qw{ $VERSION }; # - #4 : the developer version. The 4th number is the database subversion. # used by developers when the database changes. updatedatabase take care of the changes itself # and is automatically called by Auth.pm when needed. -$VERSION = "19.11.23.000"; +$VERSION = "19.11.23.001"; sub version { return $VERSION; diff --git a/installer/data/mysql/atomicupdate/bug_28772_api_keys.pl b/installer/data/mysql/atomicupdate/bug_28772_api_keys.pl deleted file mode 100755 index 1e38409018..0000000000 --- a/installer/data/mysql/atomicupdate/bug_28772_api_keys.pl +++ /dev/null @@ -1,32 +0,0 @@ -use Modern::Perl; - -return { - bug_number => "28772", - description => "Store hashed API key secrets", - up => sub { - my ($args) = @_; - my ($dbh) = @$args{qw(dbh)}; - - use Koha::AuthUtils qw(hash_password); - - my $sth = $dbh->prepare(q{ - SELECT client_id, secret - FROM api_keys - }); - $sth->execute; - my $results = $sth->fetchall_arrayref({}); - - $sth = $dbh->prepare(q{ - UPDATE api_keys - SET - secret = ? - WHERE - client_id = ? - }); - - foreach my $api_key (@$results) { - my $digest = Koha::AuthUtils::hash_password( $api_key->{secret} ); - $sth->execute( $digest, $api_key->{client_id} ); - } - }, -} diff --git a/installer/data/mysql/updatedatabase.pl b/installer/data/mysql/updatedatabase.pl index 947b82316c..87b8e4f8d2 100755 --- a/installer/data/mysql/updatedatabase.pl +++ b/installer/data/mysql/updatedatabase.pl @@ -20843,6 +20843,37 @@ if ( CheckVersion($DBversion) ) { SetVersion ($DBversion); } +$DBversion = "19.11.23.001"; +if ( CheckVersion($DBversion) ) { + + require Koha::AuthUtils; + + my $sth = $dbh->prepare(q{ + SELECT client_id, secret + FROM api_keys + }); + $sth->execute; + my $results = $sth->fetchall_arrayref({}); + + $sth = $dbh->prepare(q{ + UPDATE api_keys + SET + secret = ? + WHERE + client_id = ? + }); + + foreach my $api_key (@$results) { + unless ( $api_key->{secret} =~ m/^\$2a\$08\$/ ) { + my $digest = Koha::AuthUtils::hash_password( $api_key->{secret} ); + $sth->execute( $digest, $api_key->{client_id} ); + } + } + + print "Upgrade to $DBversion done (Bug 28772 - Store hashed API key secrets)\n"; + SetVersion ($DBversion); +} + # SEE bug 13068 # if there is anything in the atomicupdate, read and execute it. my $update_dir = C4::Context->config('intranetdir') . '/installer/data/mysql/atomicupdate/'; -- 2.39.5