mirror of
https://github.com/willchen96/mike.git
synced 2026-06-24 21:38:06 +02:00
42 lines
1.6 KiB
SQL
42 lines
1.6 KiB
SQL
-- Migration date: 2026-06-15
|
|
-- Adds OAuth metadata/state needed for HTTP MCP connectors that authorize via
|
|
-- OAuth 2.x instead of pasted bearer tokens.
|
|
|
|
ALTER TABLE public.user_mcp_connectors
|
|
ADD COLUMN IF NOT EXISTS auth_type text NOT NULL DEFAULT 'none'
|
|
CHECK (auth_type IN ('none', 'bearer', 'oauth'));
|
|
|
|
UPDATE public.user_mcp_connectors
|
|
SET auth_type = CASE
|
|
WHEN encrypted_auth_config IS NOT NULL THEN 'bearer'
|
|
ELSE 'none'
|
|
END
|
|
WHERE auth_type IS NULL OR auth_type = 'none';
|
|
|
|
ALTER TABLE public.user_mcp_oauth_tokens
|
|
ADD COLUMN IF NOT EXISTS authorization_server text,
|
|
ADD COLUMN IF NOT EXISTS token_endpoint text,
|
|
ADD COLUMN IF NOT EXISTS client_id text,
|
|
ADD COLUMN IF NOT EXISTS encrypted_client_secret text,
|
|
ADD COLUMN IF NOT EXISTS client_secret_iv text,
|
|
ADD COLUMN IF NOT EXISTS client_secret_tag text,
|
|
ADD COLUMN IF NOT EXISTS resource text;
|
|
|
|
CREATE TABLE IF NOT EXISTS public.user_mcp_oauth_states (
|
|
id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
user_id uuid NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE,
|
|
connector_id uuid NOT NULL REFERENCES public.user_mcp_connectors(id) ON DELETE CASCADE,
|
|
state_hash text NOT NULL UNIQUE,
|
|
encrypted_state_config text NOT NULL,
|
|
state_config_iv text NOT NULL,
|
|
state_config_tag text NOT NULL,
|
|
expires_at timestamptz NOT NULL,
|
|
created_at timestamptz NOT NULL DEFAULT now()
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_user_mcp_oauth_states_expires
|
|
ON public.user_mcp_oauth_states(expires_at);
|
|
|
|
ALTER TABLE public.user_mcp_oauth_states ENABLE ROW LEVEL SECURITY;
|
|
|
|
REVOKE ALL ON public.user_mcp_oauth_states FROM anon, authenticated;
|