clean up resource sets when clients are deleted

openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java

@@ -41,12 +41,14 @@ import javax.persistence.Table;
 @NamedQueries ({
 		@NamedQuery(name = ResourceSet.QUERY_BY_OWNER, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER),
 		@NamedQuery(name = ResourceSet.QUERY_BY_OWNER_AND_CLIENT, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER + " and r.clientId = :" + ResourceSet.PARAM_CLIENTID),
+		@NamedQuery(name = ResourceSet.QUERY_BY_CLIENT, query = "select r from ResourceSet r where r.clientId = :" + ResourceSet.PARAM_CLIENTID),
 		@NamedQuery(name = ResourceSet.QUERY_ALL, query = "select r from ResourceSet r")
 })
 public class ResourceSet {
 
 	public static final String QUERY_BY_OWNER = "ResourceSet.queryByOwner";
 	public static final String QUERY_BY_OWNER_AND_CLIENT = "ResourceSet.queryByOwnerAndClient";
+	public static final String QUERY_BY_CLIENT = "ResourceSet.queryByClient";
 	public static final String QUERY_ALL = "ResourceSet.queryAll";
 
 	public static final String PARAM_OWNER = "owner";

openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java

@@ -39,4 +39,6 @@ public interface ResourceSetRepository {
 
 	public Collection<ResourceSet> getAll();
 
+	public Collection<ResourceSet> getAllForClient(String clientId);
+
 }

openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java

@@ -18,6 +18,7 @@ package org.mitre.uma.service;
 
 import java.util.Collection;
 
+import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.uma.model.ResourceSet;
 
 /**
@@ -41,4 +42,6 @@ public interface ResourceSetService {
 
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String authClientId);
 
+	public Collection<ResourceSet> getAllForClient(ClientDetailsEntity client);
+
 }

openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml

@@ -38,8 +38,8 @@
 		<!-- The following files are for safely bootstrapping users and clients into the database -->
 		<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/>
 		<jdbc:script location="classpath:/db/users.sql"/>
-		<jdbc:script location="classpath:/db/clients.sql"/>
+<!-- 		<jdbc:script location="classpath:/db/clients.sql"/> -->
-		<jdbc:script location="classpath:/db/scopes.sql"/>
+<!-- 		<jdbc:script location="classpath:/db/scopes.sql"/> -->
 	</jdbc:initialize-database>
 
 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">

openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java

@@ -42,6 +42,8 @@ import org.mitre.openid.connect.service.ApprovedSiteService;
 import org.mitre.openid.connect.service.BlacklistedSiteService;
 import org.mitre.openid.connect.service.StatsService;
 import org.mitre.openid.connect.service.WhitelistedSiteService;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.ResourceSetService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -88,6 +90,9 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt
 	@Autowired
 	private StatsService statsService;
 	
+	@Autowired
+	private ResourceSetService resourceSetService;
+	
 	@Autowired
 	private ConfigurationPropertiesBean config;
 
@@ -236,6 +241,12 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt
 			whitelistedSiteService.remove(whitelistedSite);
 		}
 		
+		// clear out resource sets registered for this client
+		Collection<ResourceSet> resourceSets = resourceSetService.getAllForClient(client);
+		for (ResourceSet rs : resourceSets) {
+			resourceSetService.remove(rs);
+		}
+
 		// take care of the client itself
 		clientRepository.deleteClient(client);
 

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DummyResourceSetService.java

@@ -20,6 +20,7 @@ package org.mitre.openid.connect.service.impl;
 import java.util.Collection;
 import java.util.Collections;
 
+import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.uma.model.ResourceSet;
 import org.mitre.uma.service.ResourceSetService;
 import org.springframework.stereotype.Service;
@@ -64,4 +65,9 @@ public class DummyResourceSetService implements ResourceSetService {
 		return Collections.emptySet();
 	}
 
+	@Override
+	public Collection<ResourceSet> getAllForClient(ClientDetailsEntity client) {
+		return Collections.emptySet();
+	}
+
 }

uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java

@@ -885,7 +885,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 						reader.endObject();
 						Permission saved = permissionRepository.saveRawPermission(p);
 						permissionToResourceRefs.put(saved.getId(), rsid);
+						ticket.setPermission(saved);
 					} else if (name.equals(TICKET)) {
+						ticket.setTicket(reader.nextString());
 					} else {
 						logger.debug("Found unexpected entry");
 						reader.skipValue();
@@ -1225,6 +1227,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 									continue;
 								}
 							}
+							reader.endObject();
 							p.setScopes(scope);
 							Permission saved = permissionRepository.saveRawPermission(p);
 							permissionToResourceRefs.put(saved.getId(), rsid);
@@ -1807,6 +1810,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 			ResourceSet rs = resourceSetRepository.getById(newResourceId);
 			p.setResourceSet(rs);
 			permissionRepository.saveRawPermission(p);
+			logger.debug("Mapping rsid " + oldResourceId + " to " + newResourceId + " for permission " + permissionId);
 		}
 		permissionToResourceRefs.clear();
 		resourceSetOldToNewIdMap.clear();

uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java

@@ -85,4 +85,14 @@ public class JpaResourceSetRepository implements ResourceSetRepository {
 		return query.getResultList();
 	}
 
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.ResourceSetRepository#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity)
+	 */
+	@Override
+	public Collection<ResourceSet> getAllForClient(String clientId) {
+		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_CLIENT, ResourceSet.class);
+		query.setParameter(ResourceSet.PARAM_CLIENTID, clientId);
+		return query.getResultList();
+	}
+
 }

uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java

@@ -19,6 +19,7 @@ package org.mitre.uma.service.impl;
 
 import java.util.Collection;
 
+import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.repository.OAuth2TokenRepository;
 import org.mitre.uma.model.PermissionTicket;
@@ -138,4 +139,12 @@ public class DefaultResourceSetService implements ResourceSetService {
 		return true;
 	}
 
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.ResourceSetService#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity)
+	 */
+	@Override
+	public Collection<ResourceSet> getAllForClient(ClientDetailsEntity client) {
+		return repository.getAllForClient(client.getClientId());
+	}
+	
 }