Increase the size of the webauthn_credential credential_id field

Unfortunately credentialIDs in u2f are 255 bytes long which with base32 encoding
becomes 408 bytes. The default size of a xorm string field is only a VARCHAR(255)

This problem is not apparent on SQLite because strings get mapped to TEXT there.

Fix go-gitea#18727

Signed-off-by: Andrew Thornton <[email protected]>

Author: zeripath

models/migrations/v207.go

@@ -22,7 +22,7 @@ func addWebAuthnCred(x *xorm.Engine) error {
 		Name            string
 		LowerName       string `xorm:"unique(s)"`
 		UserID          int64  `xorm:"INDEX unique(s)"`
-		CredentialID    string `xorm:"INDEX"`
+		CredentialID    string `xorm:"INDEX VARCHAR(410)"` // CredentalID in U2F is at most 255bytes / 5 * 8 = 408 - add a few extra characters for safety
 		PublicKey       []byte
 		AttestationType string
 		AAGUID          []byte

models/migrations/v208.go

@@ -15,7 +15,7 @@ func useBase32HexForCredIDInWebAuthnCredential(x *xorm.Engine) error {
 	// Create webauthnCredential table
 	type webauthnCredential struct {
 		ID           int64  `xorm:"pk autoincr"`
-		CredentialID string `xorm:"INDEX"`
+		CredentialID string `xorm:"INDEX VARCHAR(410)"`
 	}
 	if err := x.Sync2(&webauthnCredential{}); err != nil {
 		return err

models/migrations/v209.go

@@ -0,0 +1,48 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"xorm.io/xorm"
+	"xorm.io/xorm/schemas"
+)
+
+func increaseCredentialIDTo410(x *xorm.Engine) error {
+	// Create webauthnCredential table
+	type webauthnCredential struct {
+		ID           int64  `xorm:"pk autoincr"`
+		CredentialID string `xorm:"INDEX VARCHAR(410)"`
+	}
+	if err := x.Sync2(&webauthnCredential{}); err != nil {
+		return err
+	}
+
+	switch x.Dialect().URI().DBType {
+	case schemas.MYSQL:
+		_, err := x.Exec("ALTER TABLE webauthn_credential MODIFY COLUMN content VARCHAR(410)")
+		if err != nil {
+			return err
+		}
+	case schemas.ORACLE:
+		_, err := x.Exec("ALTER TABLE webauthn_credential MODIFY content VARCHAR(410)")
+		if err != nil {
+			return err
+		}
+	case schemas.MSSQL:
+		_, err := x.Exec("ALTER TABLE webauthn_credential ALTER COLUMN content VARCHAR(410)")
+		if err != nil {
+			return err
+		}
+	case schemas.POSTGRES:
+		_, err := x.Exec("ALTER TABLE webauthn_credential ALTER COLUMN content TYPE VARCHAR(410)")
+		if err != nil {
+			return err
+		}
+	default:
+		// SQLite doesn't support ALTER COLUMN, and it seem to already makes String _TEXT_ by default so no migration needed
+	}
+
+	return nil
+}