From 328fa221bd6b901504f204fd5315ae706c170d47 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Tue, 5 Feb 2013 15:08:49 -0500
Subject: [PATCH] scope bootstrapping

---
 .../src/main/resources/db/scopes.sql          | 34 +++++++++++++++++++
 .../db/tables/hsql_database_tables.sql        |  4 +--
 .../db/tables/loading_temp_tables.sql         |  8 +++++
 .../db/tables/mysql_database_tables.sql       |  3 +-
 .../src/main/webapp/WEB-INF/data-context.xml  |  1 +
 5 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 openid-connect-server/src/main/resources/db/scopes.sql

diff --git a/openid-connect-server/src/main/resources/db/scopes.sql b/openid-connect-server/src/main/resources/db/scopes.sql
new file mode 100644
index 000000000..191fc181c
--- /dev/null
+++ b/openid-connect-server/src/main/resources/db/scopes.sql
@@ -0,0 +1,34 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, allow_dyn_reg, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', true, true),
+  ('profile', 'basic profile information', 'list-alt', true, true),
+  ('email', 'email address', 'envelope', true, true),
+  ('address', 'physical address', 'home', true, true),
+  ('phone', 'telephone number', 'bell', true, true),
+  ('offline_access', 'offline access', 'time', true, true);
+  
+
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+MERGE INTO system_scope
+	USING (SELECT scope, description, icon, allow_dyn_reg, default_scope FROM system_scope_TEMP) AS vals(scope, description, icon, allow_dyn_reg, default_scope)
+	ON vals.scope = system_scope.scope
+	WHEN NOT MATCHED THEN
+	  INSERT (scope, description, icon, allow_dyn_reg, default_scope) VALUES(vals.scope, vals.description, vals.icon, vals.allow_dyn_reg, vals.default_scope);
+
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
\ No newline at end of file
diff --git a/openid-connect-server/src/main/resources/db/tables/hsql_database_tables.sql b/openid-connect-server/src/main/resources/db/tables/hsql_database_tables.sql
index bf0416ce6..a7f0143c4 100644
--- a/openid-connect-server/src/main/resources/db/tables/hsql_database_tables.sql
+++ b/openid-connect-server/src/main/resources/db/tables/hsql_database_tables.sql
@@ -162,12 +162,12 @@ CREATE TABLE IF NOT EXISTS token_scope (
 
 CREATE TABLE IF NOT EXISTS system_scope (
 	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
-	scope VARCHAR(1024) NOT NULL,
+	scope VARCHAR(256) NOT NULL,
 	description VARCHAR(4096),
 	icon VARCHAR(256),
 	allow_dyn_reg BOOLEAN NOT NULL DEFAULT false,
 	default_scope BOOLEAN NOT NULL DEFAULT false,
-	UNIQUE scope
+	UNIQUE (scope)
 );
 
 CREATE TABLE IF NOT EXISTS user_info (
diff --git a/openid-connect-server/src/main/resources/db/tables/loading_temp_tables.sql b/openid-connect-server/src/main/resources/db/tables/loading_temp_tables.sql
index e8b34d9ca..bbb5894b6 100644
--- a/openid-connect-server/src/main/resources/db/tables/loading_temp_tables.sql
+++ b/openid-connect-server/src/main/resources/db/tables/loading_temp_tables.sql
@@ -64,3 +64,11 @@ CREATE TEMPORARY TABLE IF NOT EXISTS authorized_grant_type_TEMP (
 	owner_id VARCHAR(256),
 	authorized_grant_type VARCHAR(2000)
 );
+
+CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
+	scope VARCHAR(256),
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	allow_dyn_reg BOOLEAN,
+	default_scope BOOLEAN
+);
\ No newline at end of file
diff --git a/openid-connect-server/src/main/resources/db/tables/mysql_database_tables.sql b/openid-connect-server/src/main/resources/db/tables/mysql_database_tables.sql
index 8e03b1921..c0f79cce9 100644
--- a/openid-connect-server/src/main/resources/db/tables/mysql_database_tables.sql
+++ b/openid-connect-server/src/main/resources/db/tables/mysql_database_tables.sql
@@ -157,11 +157,12 @@ CREATE TABLE token_scope (
 
 CREATE TABLE system_scope (
 	id BIGINT AUTO_INCREMENT PRIMARY KEY,
-	scope VARCHAR(1024) UNIQUE NOT NULL,
+	scope VARCHAR(256) NOT NULL,
 	description VARCHAR(4096),
 	icon VARCHAR(256),
 	allow_dyn_reg BOOLEAN NOT NULL DEFAULT 0,
 	default_scope BOOLEAN NOT NULL DEFAULT 0,
+	unique(scope)
 	
 );
 
diff --git a/openid-connect-server/src/main/webapp/WEB-INF/data-context.xml b/openid-connect-server/src/main/webapp/WEB-INF/data-context.xml
index 658d4eaba..e20e6cd46 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/data-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/data-context.xml
@@ -23,6 +23,7 @@
 		<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/>
 		<jdbc:script location="classpath:/db/users.sql"/>
 		<jdbc:script location="classpath:/db/clients.sql"/>
+		<jdbc:script location="classpath:/db/scopes.sql"/>
 	</jdbc:initialize-database>
 	
 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">