Summary

Fix up some issues with oauth2_provider evolutions.

Review Request #14905 — Created March 14, 2026 and submitted March 17, 2026, 12:01 a.m.

Information

Owner

david

Repository

Review Board

Branch

master

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

When adding evolutions for oauth2_provider I got a little lazy and just
ignored the RunPython stuff in their migrations. It turns out that we
actually need to populate the token_checksum field in the same way that
they do, first creating the field as blank, populated it with hashes of
each of the items, and then finally fixing it to be non-blank.

This also adds a post-upgrade step to save application client_secret
fields, causing any unhashed items to be fixed.

Finally, I've set a couple additional flags on the conversion of the
token field to be a TextField, removing the max length and unique
parameters.

Testing Done

Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas.
Previously I was getting failures on the 4.0.6 and 5.0.7 ones.

Commits

Summary	ID
Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones. Reviewed at https://reviews.reviewboard.org/r/14905/	lwuwtszpxvmntxyumnryryxqxrruyptq

Summary

Fix up some issues with oauth2_provider evolutions.

When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones. Reviewed at https://reviews.reviewboard.org/r/14905/

lwuwtszpxvmntxyumnryryxqxrruyptq

Issues

Description	From	Last Updated
Can we make this a Sequence?	chipx86	March 16, 2026, 10:30 p.m.
The ) would look nicer on the next line.	chipx86	March 16, 2026, 10:30 p.m.
While probably okay, these aren't doing any quoting. Look in Django Evolution where we assign a qn from an import …	chipx86	March 16, 2026, 10:51 p.m.
Sorry, I wasn't clear on this. I meant the table and row names. So like: return [ (f'UPDATE {qn("oauth2_provider_accesstoken")} ...) …	chipx86	March 16, 2026, 11:16 p.m.

flake8 passed.

JSHint passed.

reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py (Diff revision 1)
The issue has been resolved. Show all issues
```
Can we make this a Sequence?
```

reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py (Diff revision 1)

The issue has been resolved. Show all issues

The ) would look nicer on the next line.

reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py (Diff revision 1)

The issue has been resolved. Show all issues

While probably okay, these aren't doing any quoting. Look in Django Evolution where we assign a qn from an import and use that to quote. To be safe, we should opt to do that where possible, just to completely avoid any surprises.

Commits:

	Summary	ID
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq

Diff:

Revision 2 (+192 -14)

Show changes

	reviewboard/upgrade.py
	reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py (Diff revision 2)

The issue has been resolved. Show all issues

Sorry, I wasn't clear on this. I meant the table and row names. So like:

return [
    (f'UPDATE {qn("oauth2_provider_accesstoken")} ...)
    ...
]


This just better mirrors how Django Evolution constructs all of its own SQL, and avoids things like possible conflicts (say, if id holds a special meaning). A Better Safe Than Sorry sort of thing. That'll be single quotes, double quotes, or backticks, depending on the backend.
The values going into that tuple automatically get quoted through SQLExecutor for capture purposes in Django Evolution and for execution in Django, so we don't want to quote those.

Commits:

	Summary	ID
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq

Diff:

Revision 3 (+204 -14)

Show changes

	reviewboard/upgrade.py
	reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Commits:

	Summary	ID
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq

Diff:

Revision 4 (+204 -14)

Show changes

	reviewboard/upgrade.py
	reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Commits:

	Summary	ID
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones.	lwuwtszpxvmntxyumnryryxqxrruyptq
	Fix up some issues with oauth2_provider evolutions. When adding evolutions for oauth2_provider I got a little lazy and just ignored the `RunPython` stuff in their migrations. It turns out that we actually need to populate the token_checksum field in the same way that they do, first creating the field as blank, populated it with hashes of each of the items, and then finally fixing it to be non-blank. This also adds a post-upgrade step to save application `client_secret` fields, causing any unhashed items to be fixed. Finally, I've set a couple additional flags on the conversion of the `token` field to be a `TextField`, removing the max length and unique parameters. Testing Done: - Did test upgrades from 4.0.6, 5.0.7, 6.0.2, and 7.0.4 schemas. Previously I was getting failures on the 4.0.6 and 5.0.7 ones. Reviewed at https://reviews.reviewboard.org/r/14905/	lwuwtszpxvmntxyumnryryxqxrruyptq

Diff:

Revision 5 (+206 -14)

Show changes

	reviewboard/upgrade.py
	reviewboard/admin/custom_evolutions/oauth2_provider/upgrade_to_3_2_0.py

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Ship it!

```
Ship It!
```

Status:: Completed
Change Summary:: Pushed to master (112617e)