From 1179ecd13d68e76d74ad94e2d3ca22d9681eeffe Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@controlyourself.ca>
Date: Sat, 7 Mar 2009 12:55:09 -0800
Subject: Fix nonce usage in OAuth store

The OAuth store was failing on getting a request token, because the
token value was forced to be non-null in the DB. Let this value be
null, and use the correct primary key (consumer, timestamp, nonce).
Drop the reference to token table, and don't ever use it.
---
 db/laconica.sql | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'db/laconica.sql')

diff --git a/db/laconica.sql b/db/laconica.sql
index c2cd887de..098fa4fd1 100644
--- a/db/laconica.sql
+++ b/db/laconica.sql
@@ -181,15 +181,14 @@ create table token (
 
 create table nonce (
     consumer_key varchar(255) not null comment 'unique identifier, root URL',
-    tok char(32) not null comment 'identifying value',
+    tok char(32) null comment 'buggy old value, ignored',
     nonce char(32) not null comment 'nonce',
     ts datetime not null comment 'timestamp sent',
 
     created datetime not null comment 'date this record was created',
     modified timestamp comment 'date this record was modified',
 
-    constraint primary key (consumer_key, tok, nonce),
-    constraint foreign key (consumer_key, tok) references token (consumer_key, tok)
+    constraint primary key (consumer_key, ts, nonce)
 ) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
 
 /* One-to-many relationship of user to openid_url */
-- 
cgit v1.2.3-54-g00ecf