Handle existing PKCE schema

mwiencek · mwiencek · commit e9a341685d70 · 2021-05-10T22:16:26.000-05:00
These changes were already applied in production; we should ensure the
script detects that and skips over them rather than failing.
diff --git a/admin/sql/updates/20200914-oauth-pkce.sql b/admin/sql/updates/20200914-oauth-pkce.sql
@@ -2,12 +2,33 @@
 
 BEGIN;
 
-CREATE TYPE oauth_code_challenge_method AS ENUM ('plain', 'S256');
-ALTER TABLE editor_oauth_token ADD COLUMN code_challenge TEXT;
-ALTER TABLE editor_oauth_token ADD COLUMN code_challenge_method oauth_code_challenge_method;
-ALTER TABLE editor_oauth_token ADD CONSTRAINT valid_code_challenge CHECK (
-  (code_challenge IS NULL) = (code_challenge_method IS NULL) AND
-  (code_challenge IS NULL OR code_challenge ~ E'^[A-Za-z0-9.~_-]{43,128}$')
-);
+DO $$
+BEGIN
+  PERFORM 1 FROM pg_type
+  WHERE typname = 'oauth_code_challenge_method';
+
+  IF NOT FOUND THEN
+    CREATE TYPE oauth_code_challenge_method AS ENUM ('plain', 'S256');
+  END IF;
+END
+$$;
+
+ALTER TABLE editor_oauth_token ADD COLUMN IF NOT EXISTS code_challenge TEXT;
+ALTER TABLE editor_oauth_token ADD COLUMN IF NOT EXISTS code_challenge_method oauth_code_challenge_method;
+
+DO $$
+BEGIN
+  PERFORM 1 FROM information_schema.constraint_column_usage
+  WHERE table_name = 'editor_oauth_token'
+  AND constraint_name = 'valid_code_challenge';
+
+  IF NOT FOUND THEN
+    ALTER TABLE editor_oauth_token ADD CONSTRAINT valid_code_challenge CHECK (
+      (code_challenge IS NULL) = (code_challenge_method IS NULL) AND
+      (code_challenge IS NULL OR code_challenge ~ E'^[A-Za-z0-9.~_-]{43,128}$')
+    );
+  END IF;
+END
+$$;
 
 COMMIT;
diff --git a/admin/sql/updates/schema-change/26.slave.sql b/admin/sql/updates/schema-change/26.slave.sql
@@ -81,13 +81,34 @@ $$ LANGUAGE 'plpgsql';
 SELECT '20200914-oauth-pkce.sql';
 
 
-CREATE TYPE oauth_code_challenge_method AS ENUM ('plain', 'S256');
-ALTER TABLE editor_oauth_token ADD COLUMN code_challenge TEXT;
-ALTER TABLE editor_oauth_token ADD COLUMN code_challenge_method oauth_code_challenge_method;
-ALTER TABLE editor_oauth_token ADD CONSTRAINT valid_code_challenge CHECK (
-  (code_challenge IS NULL) = (code_challenge_method IS NULL) AND
-  (code_challenge IS NULL OR code_challenge ~ E'^[A-Za-z0-9.~_-]{43,128}$')
-);
+DO $$
+BEGIN
+  PERFORM 1 FROM pg_type
+  WHERE typname = 'oauth_code_challenge_method';
+
+  IF NOT FOUND THEN
+    CREATE TYPE oauth_code_challenge_method AS ENUM ('plain', 'S256');
+  END IF;
+END
+$$;
+
+ALTER TABLE editor_oauth_token ADD COLUMN IF NOT EXISTS code_challenge TEXT;
+ALTER TABLE editor_oauth_token ADD COLUMN IF NOT EXISTS code_challenge_method oauth_code_challenge_method;
+
+DO $$
+BEGIN
+  PERFORM 1 FROM information_schema.constraint_column_usage
+  WHERE table_name = 'editor_oauth_token'
+  AND constraint_name = 'valid_code_challenge';
+
+  IF NOT FOUND THEN
+    ALTER TABLE editor_oauth_token ADD CONSTRAINT valid_code_challenge CHECK (
+      (code_challenge IS NULL) = (code_challenge_method IS NULL) AND
+      (code_challenge IS NULL OR code_challenge ~ E'^[A-Za-z0-9.~_-]{43,128}$')
+    );
+  END IF;
+END
+$$;
 
 --------------------------------------------------------------------------------
 SELECT '20201028-mbs-1424.sql';
