From 36df095dac85279c16f6d22481a4c7e3abb11c7c Mon Sep 17 00:00:00 2001
From: yalh76 <yalh@yahoo.com>
Date: Thu, 21 Nov 2019 21:45:06 +0100
Subject: [PATCH 1/4] Add ARM64 Build

---
 Makefile | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Makefile b/Makefile
index 757bcfd..782e680 100644
--- a/Makefile
+++ b/Makefile
@@ -47,6 +47,12 @@ build-arm7: deps
 	fi
 	xgo --targets=linux/arm-7, -dest build/ $(LDFLAGS) -tags='sqlite' -out writefreely ./cmd/writefreely
 
+build-arm64: deps
+	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GOGET) -u github.com/karalabe/xgo; \
+	fi
+	xgo --targets=linux/arm64, -dest build/ $(LDFLAGS) -tags='sqlite' -out writefreely ./cmd/writefreely
+
 build-docker :
 	$(DOCKERCMD) build -t $(IMAGE_NAME):latest -t $(IMAGE_NAME):$(GITREV) .
 
@@ -83,6 +89,10 @@ release : clean ui assets
 	mv build/$(BINARY_NAME)-linux-arm-7 $(BUILDPATH)/$(BINARY_NAME)
 	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_arm7.tar.gz -C build $(BINARY_NAME)
 	rm $(BUILDPATH)/$(BINARY_NAME)
+	$(MAKE) build-arm64
+	mv build/$(BINARY_NAME)-linux-arm64 $(BUILDPATH)/$(BINARY_NAME)
+	tar -cvzf $(BINARY_NAME)_$(GITREV)_linux_arm64.tar.gz -C build $(BINARY_NAME)
+	rm $(BUILDPATH)/$(BINARY_NAME)
 	$(MAKE) build-darwin
 	mv build/$(BINARY_NAME)-darwin-10.6-amd64 $(BUILDPATH)/$(BINARY_NAME)
 	tar -cvzf $(BINARY_NAME)_$(GITREV)_macos_amd64.tar.gz -C build $(BINARY_NAME)

From 39d0f1de98310fb351641b0347610cf4dc036b33 Mon Sep 17 00:00:00 2001
From: Matt Baer <matt@write.as>
Date: Mon, 30 Dec 2019 18:23:45 -0500
Subject: [PATCH 2/4] Add logging in viewOauthCallback()

Ref T705
---
 oauth.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/oauth.go b/oauth.go
index d918f7f..98e0d43 100644
--- a/oauth.go
+++ b/oauth.go
@@ -113,12 +113,14 @@ func (h oauthHandler) viewOauthCallback(w http.ResponseWriter, r *http.Request)
 
 	err := h.DB.ValidateOAuthState(ctx, state)
 	if err != nil {
+		log.Error("Unable to ValidateOAuthState: %s", err)
 		failOAuthRequest(w, http.StatusInternalServerError, err.Error())
 		return
 	}
 
 	tokenResponse, err := h.exchangeOauthCode(ctx, code)
 	if err != nil {
+		log.Error("Unable to exchangeOauthCode: %s", err)
 		failOAuthRequest(w, http.StatusInternalServerError, err.Error())
 		return
 	}
@@ -127,12 +129,14 @@ func (h oauthHandler) viewOauthCallback(w http.ResponseWriter, r *http.Request)
 	// it really really works.
 	tokenInfo, err := h.inspectOauthAccessToken(ctx, tokenResponse.AccessToken)
 	if err != nil {
+		log.Error("Unable to inspectOauthAccessToken: %s", err)
 		failOAuthRequest(w, http.StatusInternalServerError, err.Error())
 		return
 	}
 
 	localUserID, err := h.DB.GetIDForRemoteUser(ctx, tokenInfo.UserID)
 	if err != nil {
+		log.Error("Unable to GetIDForRemoteUser: %s", err)
 		failOAuthRequest(w, http.StatusInternalServerError, err.Error())
 		return
 	}

From 6bcc4cfa46b681f3d1341e4166ac38ae91d6068b Mon Sep 17 00:00:00 2001
From: Matt Baer <matt@write.as>
Date: Mon, 30 Dec 2019 18:25:24 -0500
Subject: [PATCH 3/4] Check for error response in code exchange

This checks to see if we get a response with a populated `error` field
in exchangeOauthCode(). If so, we return that error message as an error,
to ensure the callback logic doesn't continue with a bad response.

Ref T705
---
 oauth.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/oauth.go b/oauth.go
index 98e0d43..0042433 100644
--- a/oauth.go
+++ b/oauth.go
@@ -25,6 +25,7 @@ type TokenResponse struct {
 	ExpiresIn    int    `json:"expires_in"`
 	RefreshToken string `json:"refresh_token"`
 	TokenType    string `json:"token_type"`
+	Error        string `json:"error"`
 }
 
 // InspectResponse contains data returned when an access token is inspected.
@@ -224,6 +225,11 @@ func (h oauthHandler) exchangeOauthCode(ctx context.Context, code string) (*Toke
 	if err != nil {
 		return nil, err
 	}
+
+	// Check the response for an error message, and return it if there is one.
+	if tokenResponse.Error != "" {
+		return nil, fmt.Errorf(tokenResponse.Error)
+	}
 	return &tokenResponse, nil
 }
 

From b5f716135b9b28cdaff706bae670571ed010b9ac Mon Sep 17 00:00:00 2001
From: Nick Gerakines <ngerakines@users.noreply.github.com>
Date: Tue, 31 Dec 2019 11:28:05 -0500
Subject: [PATCH 4/4] Changed oauth table names per PR feedback. T705

---
 database.go      | 12 ++++++------
 database_test.go |  6 +++---
 migrations/v4.go |  4 ++--
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/database.go b/database.go
index 56035dd..ca62d3c 100644
--- a/database.go
+++ b/database.go
@@ -2461,7 +2461,7 @@ func (db *datastore) GetCollectionLastPostTime(id int64) (*time.Time, error) {
 
 func (db *datastore) GenerateOAuthState(ctx context.Context) (string, error) {
 	state := store.Generate62RandomString(24)
-	_, err := db.ExecContext(ctx, "INSERT INTO oauth_client_state (state, used, created_at) VALUES (?, FALSE, NOW())", state)
+	_, err := db.ExecContext(ctx, "INSERT INTO oauth_client_states (state, used, created_at) VALUES (?, FALSE, NOW())", state)
 	if err != nil {
 		return "", fmt.Errorf("unable to record oauth client state: %w", err)
 	}
@@ -2469,7 +2469,7 @@ func (db *datastore) GenerateOAuthState(ctx context.Context) (string, error) {
 }
 
 func (db *datastore) ValidateOAuthState(ctx context.Context, state string) error {
-	res, err := db.ExecContext(ctx, "UPDATE oauth_client_state SET used = TRUE WHERE state = ?", state)
+	res, err := db.ExecContext(ctx, "UPDATE oauth_client_states SET used = TRUE WHERE state = ?", state)
 	if err != nil {
 		return err
 	}
@@ -2486,12 +2486,12 @@ func (db *datastore) ValidateOAuthState(ctx context.Context, state string) error
 func (db *datastore) RecordRemoteUserID(ctx context.Context, localUserID, remoteUserID int64) error {
 	var err error
 	if db.driverName == driverSQLite {
-		_, err = db.ExecContext(ctx, "INSERT OR REPLACE INTO users_oauth (user_id, remote_user_id) VALUES (?, ?)", localUserID, remoteUserID)
+		_, err = db.ExecContext(ctx, "INSERT OR REPLACE INTO oauth_users (user_id, remote_user_id) VALUES (?, ?)", localUserID, remoteUserID)
 	} else {
-		_, err = db.ExecContext(ctx, "INSERT INTO users_oauth (user_id, remote_user_id) VALUES (?, ?) "+db.upsert("user_id")+" user_id = ?", localUserID, remoteUserID, localUserID)
+		_, err = db.ExecContext(ctx, "INSERT INTO oauth_users (user_id, remote_user_id) VALUES (?, ?) "+db.upsert("user_id")+" user_id = ?", localUserID, remoteUserID, localUserID)
 	}
 	if err != nil {
-		log.Error("Unable to INSERT users_oauth for '%d': %v", localUserID, err)
+		log.Error("Unable to INSERT oauth_users for '%d': %v", localUserID, err)
 	}
 	return err
 }
@@ -2500,7 +2500,7 @@ func (db *datastore) RecordRemoteUserID(ctx context.Context, localUserID, remote
 func (db *datastore) GetIDForRemoteUser(ctx context.Context, remoteUserID int64) (int64, error) {
 	var userID int64 = -1
 	err := db.
-		QueryRowContext(ctx, "SELECT user_id FROM users_oauth WHERE remote_user_id = ?", remoteUserID).
+		QueryRowContext(ctx, "SELECT user_id FROM oauth_users WHERE remote_user_id = ?", remoteUserID).
 		Scan(&userID)
 	// Not finding a record is OK.
 	if err != nil && err != sql.ErrNoRows {
diff --git a/database_test.go b/database_test.go
index 4a45dd0..879840e 100644
--- a/database_test.go
+++ b/database_test.go
@@ -22,19 +22,19 @@ func TestOAuthDatastore(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, state, 24)
 
-		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_state` WHERE `state` = ? AND `used` = false", state)
+		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_states` WHERE `state` = ? AND `used` = false", state)
 
 		err = ds.ValidateOAuthState(ctx, state)
 		assert.NoError(t, err)
 
-		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_state` WHERE `state` = ? AND `used` = true", state)
+		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_states` WHERE `state` = ? AND `used` = true", state)
 
 		var localUserID int64 = 99
 		var remoteUserID int64 = 100
 		err = ds.RecordRemoteUserID(ctx, localUserID, remoteUserID)
 		assert.NoError(t, err)
 
-		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `users_oauth` WHERE `user_id` = ? AND `remote_user_id` = ?", localUserID, remoteUserID)
+		countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_users` WHERE `user_id` = ? AND `remote_user_id` = ?", localUserID, remoteUserID)
 
 		foundUserID, err := ds.GetIDForRemoteUser(ctx, remoteUserID)
 		assert.NoError(t, err)
diff --git a/migrations/v4.go b/migrations/v4.go
index c123f54..c075dd8 100644
--- a/migrations/v4.go
+++ b/migrations/v4.go
@@ -14,7 +14,7 @@ func oauth(db *datastore) error {
 	}
 	return wf_db.RunTransactionWithOptions(context.Background(), db.DB, &sql.TxOptions{}, func(ctx context.Context, tx *sql.Tx) error {
 		createTableUsersOauth, err := dialect.
-			Table("users_oauth").
+			Table("oauth_users").
 			SetIfNotExists(true).
 			Column(dialect.Column("user_id", wf_db.ColumnTypeInteger, wf_db.UnsetSize)).
 			Column(dialect.Column("remote_user_id", wf_db.ColumnTypeInteger, wf_db.UnsetSize)).
@@ -25,7 +25,7 @@ func oauth(db *datastore) error {
 			return err
 		}
 		createTableOauthClientState, err := dialect.
-			Table("oauth_client_state").
+			Table("oauth_client_states").
 			SetIfNotExists(true).
 			Column(dialect.Column("state", wf_db.ColumnTypeVarChar, wf_db.OptionalInt{Set: true, Value: 255})).
 			Column(dialect.Column("used", wf_db.ColumnTypeBool, wf_db.UnsetSize)).