From d6da876cabe0180acd0ebca173d973c8d3450d99 Mon Sep 17 00:00:00 2001
From: pennae <github@quasiparticle.net>
Date: Wed, 13 Jul 2022 18:09:19 +0200
Subject: keep oauth tokens around a bit after expiry

firefox wants to delete profile access tokens after they're expired and
logs errors if it can't do that. since this happens every hour we can
end up with a bunch of error logs very quickly, so we better let it do
what it wants.
---
 .../20220713142453_token_deletion_grace_period.up.sql       | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 migrations/20220713142453_token_deletion_grace_period.up.sql

(limited to 'migrations/20220713142453_token_deletion_grace_period.up.sql')

diff --git a/migrations/20220713142453_token_deletion_grace_period.up.sql b/migrations/20220713142453_token_deletion_grace_period.up.sql
new file mode 100644
index 0000000..6228602
--- /dev/null
+++ b/migrations/20220713142453_token_deletion_grace_period.up.sql
@@ -0,0 +1,13 @@
+alter procedure prune_expired_tokens() rename to prune_expired_tokens_1;
+
+create procedure prune_expired_tokens()
+language sql
+begin atomic
+       delete from key_fetch where expires_at <= now();
+       -- give oauth tokens a grace period, otherwise firefox will log an error
+       -- once per hour trying to destroy a token that has already been timed out.
+       delete from oauth_token where expires_at + '1 day'::interval <= now();
+       delete from oauth_authorization where expires_at <= now();
+       delete from device_commands where expires <= now();
+       delete from invite_codes where expires_at <= now();
+end;
-- 
cgit v1.2.3