diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java new file mode 100644 index 000000000..70b5ac76c --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -0,0 +1,92 @@ +package org.mitre.oauth2.model; + +import javax.persistence.Basic; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.FetchType; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Lob; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; +import javax.persistence.Table; + +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; + +/** + * Entity class for authorization codes + * @author aanganes + * + */ +@Entity +@Table(name="authorization_code") +@NamedQueries({ + @NamedQuery(name = "AuthorizationCodeEntity.getByValue", query = "select a from AuthorizationCodeEntity a where a.code = :code") +}) +public class AuthorizationCodeEntity { + + private Long id; + + private String code; + + private AuthorizationRequestHolder authorizationRequestHolder; + + /** + * Create a new AuthorizationCodeEntity with the given code. + * + * @param code the authorization code + */ + public AuthorizationCodeEntity(String code) { + this.code = code; + } + + /** + * @return the id + */ + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + public Long getId() { + return id; + } + + /** + * @param id the id to set + */ + public void setId(Long id) { + this.id = id; + } + + /** + * @return the code + */ + @Basic + public String getCode() { + return code; + } + + /** + * @param code the code to set + */ + public void setCode(String code) { + this.code = code; + } + + /** + * @return the authorizationRequestHolder + */ + @Lob + @Basic(fetch=FetchType.LAZY) + @Column(name="authorization_request_holder") + public AuthorizationRequestHolder getAuthorizationRequestHolder() { + return authorizationRequestHolder; + } + + /** + * @param authorizationRequestHolder the authorizationRequestHolder to set + */ + public void setAuthorizationRequestHolder(AuthorizationRequestHolder authorizationRequestHolder) { + this.authorizationRequestHolder = authorizationRequestHolder; + } + +} diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java new file mode 100644 index 000000000..6510f8852 --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java @@ -0,0 +1,16 @@ +package org.mitre.oauth2.repository; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; + +/** + * @author amanda + * + */ +public interface AuthorizationCodeRepository { + + public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode); + + public AuthorizationRequestHolder consume(String code) throws InvalidGrantException; +} diff --git a/openid-connect-server/db/tables/database_tables.sql b/openid-connect-server/db/tables/database_tables.sql index 3c96ea092..f8731024e 100644 --- a/openid-connect-server/db/tables/database_tables.sql +++ b/openid-connect-server/db/tables/database_tables.sql @@ -45,6 +45,12 @@ CREATE TABLE authority ( authority LONGBLOB ); +CREATE TABLE authorization_code ( + id BIGINT AUTO_INCREMENT PRIMARY KEY, + code VARCHAR(256), + authorization_request_holder LONGBLOB +); + CREATE TABLE authorized_grant_type ( owner_id BIGINT, authorized_grant_type VARCHAR(2000) diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java new file mode 100644 index 000000000..ccfe8acba --- /dev/null +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -0,0 +1,60 @@ +/** + * + */ +package org.mitre.oauth2.repository.impl; + +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.TypedQuery; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.repository.AuthorizationCodeRepository; +import org.mitre.util.jpa.JpaUtil; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; + +/** + * @author aanganes + * + */ +@Repository +@Transactional +public class JpaAuthorizationCodeRepository implements AuthorizationCodeRepository { + + @PersistenceContext + EntityManager manager; + + /* (non-Javadoc) + * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#save(org.mitre.oauth2.model.AuthorizationCodeEntity) + */ + @Override + @Transactional + public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode) { + + return JpaUtil.saveOrUpdate(authorizationCode.getId(), manager, authorizationCode); + + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#consume(java.lang.String) + */ + @Override + @Transactional + public AuthorizationRequestHolder consume(String code) throws InvalidGrantException { + + TypedQuery query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class); + query.setParameter("code", code); + + AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList()); + + if (result == null) { + throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code); + } + + return result.getAuthorizationRequestHolder(); + + } + +} diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java new file mode 100644 index 000000000..f653d3a1d --- /dev/null +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -0,0 +1,59 @@ +/** + * + */ +package org.mitre.oauth2.service.impl; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.repository.AuthorizationCodeRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.common.util.RandomValueStringGenerator; +import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; +import org.springframework.stereotype.Service; + +/** + * @author aanganes + * + */ +@Service +public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeServices { + + @Autowired + private AuthorizationCodeRepository repository; + + private RandomValueStringGenerator generator = new RandomValueStringGenerator(); + + /* (non-Javadoc) + * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#createAuthorizationCode(org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder) + */ + @Override + public String createAuthorizationCode(AuthorizationRequestHolder authentication) { + String code = generator.generate(); + + AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code); + + repository.save(entity); + + return code; + } + + /* (non-Javadoc) + * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#consumeAuthorizationCode(java.lang.String) + */ + @Override + public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException { + + AuthorizationRequestHolder auth = repository.consume(code); + return auth; + } + + public AuthorizationCodeRepository getRepository() { + return repository; + } + + public void setRepository(AuthorizationCodeRepository repository) { + this.repository = repository; + } + +}