diff --git a/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java b/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java index fccda7dda..78fca51b4 100644 --- a/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java +++ b/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java @@ -41,12 +41,14 @@ import javax.persistence.Table; @NamedQueries ({ @NamedQuery(name = ResourceSet.QUERY_BY_OWNER, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER), @NamedQuery(name = ResourceSet.QUERY_BY_OWNER_AND_CLIENT, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER + " and r.clientId = :" + ResourceSet.PARAM_CLIENTID), + @NamedQuery(name = ResourceSet.QUERY_BY_CLIENT, query = "select r from ResourceSet r where r.clientId = :" + ResourceSet.PARAM_CLIENTID), @NamedQuery(name = ResourceSet.QUERY_ALL, query = "select r from ResourceSet r") }) public class ResourceSet { public static final String QUERY_BY_OWNER = "ResourceSet.queryByOwner"; public static final String QUERY_BY_OWNER_AND_CLIENT = "ResourceSet.queryByOwnerAndClient"; + public static final String QUERY_BY_CLIENT = "ResourceSet.queryByClient"; public static final String QUERY_ALL = "ResourceSet.queryAll"; public static final String PARAM_OWNER = "owner"; diff --git a/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java b/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java index 9dd08266a..997e2f15b 100644 --- a/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java @@ -39,4 +39,6 @@ public interface ResourceSetRepository { public Collection getAll(); + public Collection getAllForClient(String clientId); + } diff --git a/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java b/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java index e05d7881e..fd64e83cf 100644 --- a/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java +++ b/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java @@ -18,6 +18,7 @@ package org.mitre.uma.service; import java.util.Collection; +import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.uma.model.ResourceSet; /** @@ -41,4 +42,6 @@ public interface ResourceSetService { public Collection getAllForOwnerAndClient(String owner, String authClientId); + public Collection getAllForClient(ClientDetailsEntity client); + } diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml index c1c8620db..e8d03c97b 100644 --- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml +++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml @@ -38,8 +38,8 @@ - - + + diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java index 2ff98edef..d7f6f429c 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java @@ -42,6 +42,8 @@ import org.mitre.openid.connect.service.ApprovedSiteService; import org.mitre.openid.connect.service.BlacklistedSiteService; import org.mitre.openid.connect.service.StatsService; import org.mitre.openid.connect.service.WhitelistedSiteService; +import org.mitre.uma.model.ResourceSet; +import org.mitre.uma.service.ResourceSetService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -88,6 +90,9 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt @Autowired private StatsService statsService; + @Autowired + private ResourceSetService resourceSetService; + @Autowired private ConfigurationPropertiesBean config; @@ -235,6 +240,12 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt if (whitelistedSite != null) { whitelistedSiteService.remove(whitelistedSite); } + + // clear out resource sets registered for this client + Collection resourceSets = resourceSetService.getAllForClient(client); + for (ResourceSet rs : resourceSets) { + resourceSetService.remove(rs); + } // take care of the client itself clientRepository.deleteClient(client); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java index 2c0e89364..4ab6f8ff6 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java @@ -20,6 +20,7 @@ package org.mitre.openid.connect.service.impl; import java.util.Collection; import java.util.Collections; +import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.uma.model.ResourceSet; import org.mitre.uma.service.ResourceSetService; import org.springframework.stereotype.Service; @@ -64,4 +65,9 @@ public class DummyResourceSetService implements ResourceSetService { return Collections.emptySet(); } + @Override + public Collection getAllForClient(ClientDetailsEntity client) { + return Collections.emptySet(); + } + } diff --git a/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java b/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java index f72abcb33..fb22ae1ca 100644 --- a/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java +++ b/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java @@ -885,7 +885,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements reader.endObject(); Permission saved = permissionRepository.saveRawPermission(p); permissionToResourceRefs.put(saved.getId(), rsid); + ticket.setPermission(saved); } else if (name.equals(TICKET)) { + ticket.setTicket(reader.nextString()); } else { logger.debug("Found unexpected entry"); reader.skipValue(); @@ -1225,6 +1227,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements continue; } } + reader.endObject(); p.setScopes(scope); Permission saved = permissionRepository.saveRawPermission(p); permissionToResourceRefs.put(saved.getId(), rsid); @@ -1807,6 +1810,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements ResourceSet rs = resourceSetRepository.getById(newResourceId); p.setResourceSet(rs); permissionRepository.saveRawPermission(p); + logger.debug("Mapping rsid " + oldResourceId + " to " + newResourceId + " for permission " + permissionId); } permissionToResourceRefs.clear(); resourceSetOldToNewIdMap.clear(); diff --git a/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java index 17530eb18..4eefff9ff 100644 --- a/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java +++ b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java @@ -85,4 +85,14 @@ public class JpaResourceSetRepository implements ResourceSetRepository { return query.getResultList(); } + /* (non-Javadoc) + * @see org.mitre.uma.repository.ResourceSetRepository#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity) + */ + @Override + public Collection getAllForClient(String clientId) { + TypedQuery query = em.createNamedQuery(ResourceSet.QUERY_BY_CLIENT, ResourceSet.class); + query.setParameter(ResourceSet.PARAM_CLIENTID, clientId); + return query.getResultList(); + } + } diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java index d76c051fe..269c29831 100644 --- a/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java +++ b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java @@ -19,6 +19,7 @@ package org.mitre.uma.service.impl; import java.util.Collection; +import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.uma.model.PermissionTicket; @@ -137,5 +138,13 @@ public class DefaultResourceSetService implements ResourceSetService { // we've checked everything, we're good return true; } + + /* (non-Javadoc) + * @see org.mitre.uma.service.ResourceSetService#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity) + */ + @Override + public Collection getAllForClient(ClientDetailsEntity client) { + return repository.getAllForClient(client.getClientId()); + } }