diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java index be49e9c26..7cf019310 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java @@ -523,7 +523,7 @@ public class ClientDetailsEntity implements ClientDetails { */ @ElementCollection(fetch = FetchType.EAGER) @CollectionTable( - name="resource_ids", + name="resource_id", joinColumns=@JoinColumn(name="owner_id") ) @Column(name="resource_id") diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java index 5d66abc36..c36980ffb 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java @@ -72,6 +72,9 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { private AuthenticationHolder authenticationHolder; // the authentication that made this access private Jwt jwtValue; // JWT-encoded access token value + + //TODO should not need this + private String value; private IdToken idToken; // JWT-encoded OpenID Connect IdToken @@ -155,7 +158,8 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { @Basic @Column(name="token_value") public String getValue() { - return jwtValue.toString(); + this.value = jwtValue.toString(); + return value; } /** @@ -165,6 +169,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { * @throws IllegalArgumentException if "value" is not a properly formatted JWT string */ public void setValue(String value) { + this.value = value; setJwt(Jwt.parse(value)); } @@ -276,6 +281,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { */ public void setJwt(Jwt jwt) { this.jwtValue = jwt; + this.value = jwt.toString(); } @Override diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java index c882e0090..4e30692d5 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java @@ -50,7 +50,7 @@ import org.springframework.security.oauth2.common.OAuth2RefreshToken; @NamedQueries({ @NamedQuery(name = "OAuth2RefreshTokenEntity.getByClient", query = "select r from OAuth2RefreshTokenEntity r where r.client = :client"), @NamedQuery(name = "OAuth2RefreshTokenEntity.getExpired", query = "select r from OAuth2RefreshTokenEntity r where r.expiration is not null and r.expiration < current_timestamp"), - @NamedQuery(name = "OAuth2RefreshTokenEntity.getByTokenValue", query = "select r from OAuth2RefreshTokenEntity r where r.tokenValue = :tokenValue"), + @NamedQuery(name = "OAuth2RefreshTokenEntity.getByTokenValue", query = "select r from OAuth2RefreshTokenEntity r where r.value = :tokenValue"), @NamedQuery(name = "OAuth2RefreshTokenEntity.getByAuthentication", query = "select r from OAuth2RefreshTokenEntity r where r.authenticationHolder.authentication = :authentication") }) public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { @@ -64,6 +64,9 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { //JWT-encoded representation of this access token entity private Jwt jwt; + //TOOD: shouldn't need this + private String value; + // our refresh tokens might expire private Date expiration; @@ -117,7 +120,8 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { @Basic @Column(name="token_value") public String getValue() { - return jwt.toString(); + value = jwt.toString(); + return value; } /** @@ -126,6 +130,7 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { * @throws IllegalArgumentException if the value is not a valid JWT string */ public void setValue(String value) { + this.value = value; setJwt(Jwt.parse(value)); } @@ -201,6 +206,7 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { */ public void setJwt(Jwt jwt) { this.jwt = jwt; + this.value = jwt.toString(); } } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java index a1add46d6..05aa54dea 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java @@ -20,6 +20,8 @@ import java.util.Collection; import org.mitre.oauth2.model.ClientDetailsEntity; public interface OAuth2ClientRepository { + + public ClientDetailsEntity getById(Long id); public ClientDetailsEntity getClientById(String clientId); diff --git a/openid-connect-server/db/tables/access_token.sql b/openid-connect-server/db/tables/access_token.sql index 1da4f9f40..70af61085 100644 --- a/openid-connect-server/db/tables/access_token.sql +++ b/openid-connect-server/db/tables/access_token.sql @@ -1,5 +1,5 @@ CREATE TABLE access_token ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, token_value VARCHAR(4096), expiration TIMESTAMP, token_type VARCHAR(256), diff --git a/openid-connect-server/db/tables/approved_site.sql b/openid-connect-server/db/tables/approved_site.sql index 6fbc5130b..390f123e1 100644 --- a/openid-connect-server/db/tables/approved_site.sql +++ b/openid-connect-server/db/tables/approved_site.sql @@ -1,5 +1,5 @@ CREATE TABLE approved_site ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, user_id VARCHAR(256), client_id VARCHAR(256), creation_date DATE, diff --git a/openid-connect-server/db/tables/authentication_holder.sql b/openid-connect-server/db/tables/authentication_holder.sql index eb064673c..f35a73e9e 100644 --- a/openid-connect-server/db/tables/authentication_holder.sql +++ b/openid-connect-server/db/tables/authentication_holder.sql @@ -1,5 +1,5 @@ CREATE TABLE authentication_holder ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, owner_id VARCHAR(256), authentication LONGBLOB ); \ No newline at end of file diff --git a/openid-connect-server/db/tables/client_details.sql b/openid-connect-server/db/tables/client_details.sql index af7b9d531..6d3cede7e 100644 --- a/openid-connect-server/db/tables/client_details.sql +++ b/openid-connect-server/db/tables/client_details.sql @@ -1,5 +1,5 @@ CREATE TABLE client_details ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, client_description VARCHAR(256), allow_refresh TINYINT, allow_multiple_access_tokens TINYINT, diff --git a/openid-connect-server/db/tables/refresh_token.sql b/openid-connect-server/db/tables/refresh_token.sql index 30d358863..8de6106c2 100644 --- a/openid-connect-server/db/tables/refresh_token.sql +++ b/openid-connect-server/db/tables/refresh_token.sql @@ -1,5 +1,5 @@ CREATE TABLE refresh_token ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, token_value VARCHAR(4096), expiration TIMESTAMP, client_id VARCHAR(256) diff --git a/openid-connect-server/db/tables/whitelisted_site.sql b/openid-connect-server/db/tables/whitelisted_site.sql index 1a2f6d447..990ad8e94 100644 --- a/openid-connect-server/db/tables/whitelisted_site.sql +++ b/openid-connect-server/db/tables/whitelisted_site.sql @@ -1,5 +1,5 @@ CREATE TABLE whitelisted_site ( - id VARCHAR(256), + id BIGINT AUTO_INCREMENT PRIMARY KEY, creator_user_id VARCHAR(256), client_id VARCHAR(256) ); \ No newline at end of file diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java index 9c5fb6c88..92eaff06a 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java @@ -45,13 +45,19 @@ public class JpaOAuth2ClientRepository implements OAuth2ClientRepository { public JpaOAuth2ClientRepository(EntityManager manager) { this.manager = manager; } + + public ClientDetailsEntity getById(Long id) { + return manager.find(ClientDetailsEntity.class, id); + } /* (non-Javadoc) * @see org.mitre.oauth2.repository.OAuth2ClientRepository#getClientById(java.lang.String) */ @Override public ClientDetailsEntity getClientById(String clientId) { - return manager.find(ClientDetailsEntity.class, clientId); + TypedQuery query = manager.createNamedQuery("ClientDetailsEntity.getByClientId", ClientDetailsEntity.class); + query.setParameter("clientId", clientId); + return JpaUtil.getSingleResult(query.getResultList()); } /* (non-Javadoc) diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/ApprovedSiteServiceImpl.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/ApprovedSiteServiceImpl.java index 264da2412..7fe4808ee 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/ApprovedSiteServiceImpl.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/ApprovedSiteServiceImpl.java @@ -62,6 +62,7 @@ public class ApprovedSiteServiceImpl implements ApprovedSiteService { } @Override + @Transactional public ApprovedSite save(ApprovedSite approvedSite) { return approvedSiteRepository.save(approvedSite); } @@ -72,20 +73,23 @@ public class ApprovedSiteServiceImpl implements ApprovedSiteService { } @Override + @Transactional public void remove(ApprovedSite approvedSite) { approvedSiteRepository.remove(approvedSite); } @Override + @Transactional public void removeById(Long id) { approvedSiteRepository.removeById(id); } @Override + @Transactional public ApprovedSite createApprovedSite(String clientId, String userId, Date timeoutDate, Set allowedScopes, WhitelistedSite whitelistedSite) { - ApprovedSite as = new ApprovedSite(); + ApprovedSite as = approvedSiteRepository.save(new ApprovedSite()); Date now = new Date(); as.setCreationDate(now); diff --git a/openid-connect-server/src/main/resources/META-INF/persistence.xml b/openid-connect-server/src/main/resources/META-INF/persistence.xml index b4f165fcb..57aeaf32b 100644 --- a/openid-connect-server/src/main/resources/META-INF/persistence.xml +++ b/openid-connect-server/src/main/resources/META-INF/persistence.xml @@ -8,6 +8,7 @@ org.mitre.oauth2.model.ClientDetailsEntity org.mitre.oauth2.model.OAuth2AccessTokenEntity org.mitre.oauth2.model.OAuth2RefreshTokenEntity + org.mitre.oauth2.model.AuthenticationHolder org.mitre.openid.connect.model.Address org.mitre.openid.connect.model.ApprovedSite org.mitre.openid.connect.model.Event diff --git a/openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp b/openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp index 906dade4e..8837d0783 100644 --- a/openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp +++ b/openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp @@ -29,11 +29,11 @@
Do you authorize " - + - + " to sign you into their site using your identity?