UserAuth: clean-up auth entries on update (#78377)

* UserAuth: clean-up auth entries on update * Update pkg/services/login/authinfoservice/database/database.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2023-11-20 14:58:32 +01:00 · 2023-11-20 14:58:32 +01:00 · 72db9739c7
commit 72db9739c7
parent 53642b60ed
2 changed files with 95 additions and 2 deletions
--- a/pkg/services/login/authinfoservice/database/database.go
+++ b/pkg/services/login/authinfoservice/database/database.go
@ -165,6 +165,7 @@ func (s *AuthInfoStore) UpdateAuthInfoDate(ctx context.Context, authInfo *login.
 	}
 	return s.sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
 		_, err := sess.Cols("created").Update(authInfo, cond)
 		return err
 	})
 }
@ -208,8 +209,32 @@ func (s *AuthInfoStore) UpdateAuthInfo(ctx context.Context, cmd *login.UpdateAut
 	return s.sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
 		upd, err := sess.MustCols("o_auth_expiry").Where("user_id = ? AND auth_module = ?", cmd.UserId, cmd.AuthModule).Update(authUser)
-		s.logger.Debug("Updated user_auth", "user_id", cmd.UserId,
+
-			"auth_id", cmd.AuthId, "auth_module", cmd.AuthModule, "rows", upd)
+		s.logger.Debug("Updated user_auth", "user_id", cmd.UserId, "auth_id", cmd.AuthId, "auth_module", cmd.AuthModule, "rows", upd)
 		// Clean up duplicated entries
 		if upd > 1 {
 			var id int64
 			ok, err := sess.SQL(
 				"SELECT id FROM user_auth WHERE user_id = ? AND auth_module = ? AND auth_id = ?",
 				cmd.UserId, cmd.AuthModule, cmd.AuthId,
 			).Get(&id)
 			if err != nil {
 				return err
 			}
 			if !ok {
 				return nil
 			}
 			_, err = sess.Exec(
 				"DELETE FROM user_auth WHERE user_id = ? AND auth_module = ? AND auth_id = ? AND id != ?",
 				cmd.UserId, cmd.AuthModule, cmd.AuthId, id,
 			)
 			return err
 		}
 		return err
 	})
 }
--- a/pkg/services/login/authinfoservice/database/database_test.go
+++ b/pkg/services/login/authinfoservice/database/database_test.go
@ -0,0 +1,68 @@
 package database
 import (
 	"context"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/oauth2"
 	"github.com/grafana/grafana/pkg/infra/db"
 	"github.com/grafana/grafana/pkg/services/login"
 	secretstest "github.com/grafana/grafana/pkg/services/secrets/fakes"
 )
 func TestIntegrationAuthInfoStore(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping integration test")
 	}
 	sql := db.InitTestDB(t)
 	store := ProvideAuthInfoStore(sql, secretstest.NewFakeSecretsService(), nil)
 	t.Run("should remove duplicates on update", func(t *testing.T) {
 		ctx := context.Background()
 		setCmd := &login.SetAuthInfoCommand{
 			AuthModule: login.GenericOAuthModule,
 			AuthId:     "1",
 			UserId:     1,
 		}
 		require.NoError(t, store.SetAuthInfo(ctx, setCmd))
 		require.NoError(t, store.SetAuthInfo(ctx, setCmd))
 		count := countEntries(t, sql, setCmd.AuthModule, setCmd.AuthId, setCmd.UserId)
 		require.Equal(t, 2, count)
 		err := store.UpdateAuthInfo(ctx, &login.UpdateAuthInfoCommand{
 			AuthModule: setCmd.AuthModule,
 			AuthId:     setCmd.AuthId,
 			UserId:     setCmd.UserId,
 			OAuthToken: &oauth2.Token{
 				AccessToken:  "atoken",
 				RefreshToken: "rtoken",
 				Expiry:       time.Now(),
 			},
 		})
 		require.NoError(t, err)
 		count = countEntries(t, sql, setCmd.AuthModule, setCmd.AuthId, setCmd.UserId)
 		require.Equal(t, 1, count)
 	})
 }
 func countEntries(t *testing.T, sql db.DB, authModule, authID string, userID int64) int {
 	var result int
 	err := sql.WithDbSession(context.Background(), func(sess *db.Session) error {
 		_, err := sess.SQL(
 			"SELECT COUNT(*) FROM user_auth WHERE auth_module = ? AND auth_id = ? AND user_id = ?",
 			authModule, authID, userID,
 		).Get(&result)
 		return err
 	})
 	require.NoError(t, err)
 	return result
 }