Added a database-backed authorization-code system. Untested; needs to be injected into configuration in the place of the in-memory one and tested

2012-08-22 16:54:00 -04:00 · 2012-08-22 16:54:00 -04:00 · 4b76cc514b
parent dc61068702
commit 4b76cc514b
5 changed files with 233 additions and 0 deletions
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
@ -0,0 +1,92 @@
+package org.mitre.oauth2.model;
+
+import javax.persistence.Basic;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Lob;
+import javax.persistence.NamedQueries;
+import javax.persistence.NamedQuery;
+import javax.persistence.Table;
+
+import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;
+
+/**
+ * Entity class for authorization codes
+ * @author aanganes
+ *
+ */
+@Entity
+@Table(name="authorization_code")
+@NamedQueries({
+	@NamedQuery(name = "AuthorizationCodeEntity.getByValue", query = "select a from AuthorizationCodeEntity a where a.code = :code")
+})
+public class AuthorizationCodeEntity {
+
+	private Long id;
+	
+	private String code;
+	
+	private AuthorizationRequestHolder authorizationRequestHolder;
+
+	/**
+	 * Create a new AuthorizationCodeEntity with the given code.
+	 * 
+	 * @param code the authorization code
+	 */
+	public AuthorizationCodeEntity(String code) {
+		this.code = code;
+	}
+	
+	/**
+	 * @return the id
+	 */
+	@Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+	public Long getId() {
+		return id;
+	}
+
+	/**
+	 * @param id the id to set
+	 */
+	public void setId(Long id) {
+		this.id = id;
+	}
+
+	/**
+	 * @return the code
+	 */
+	@Basic
+	public String getCode() {
+		return code;
+	}
+
+	/**
+	 * @param code the code to set
+	 */
+	public void setCode(String code) {
+		this.code = code;
+	}
+
+	/**
+	 * @return the authorizationRequestHolder
+	 */
+	@Lob
+	@Basic(fetch=FetchType.LAZY)
+	@Column(name="authorization_request_holder")
+	public AuthorizationRequestHolder getAuthorizationRequestHolder() {
+		return authorizationRequestHolder;
+	}
+
+	/**
+	 * @param authorizationRequestHolder the authorizationRequestHolder to set
+	 */
+	public void setAuthorizationRequestHolder(AuthorizationRequestHolder authorizationRequestHolder) {
+		this.authorizationRequestHolder = authorizationRequestHolder;
+	}
+	
+}
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
@ -0,0 +1,16 @@
+package org.mitre.oauth2.repository;
+
+import org.mitre.oauth2.model.AuthorizationCodeEntity;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;
+
+/**
+ * @author amanda
+ *
+ */
+public interface AuthorizationCodeRepository {
+
+	public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode);
+	
+	public AuthorizationRequestHolder consume(String code) throws InvalidGrantException;
+}
--- a/openid-connect-server/db/tables/database_tables.sql
+++ b/openid-connect-server/db/tables/database_tables.sql
@ -45,6 +45,12 @@ CREATE TABLE authority (
 	authority LONGBLOB
 );

+CREATE TABLE authorization_code (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	code VARCHAR(256),
+	authorization_request_holder LONGBLOB
+);
+
 CREATE TABLE authorized_grant_type (
 	owner_id BIGINT,
 	authorized_grant_type VARCHAR(2000)
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
@ -0,0 +1,60 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.repository.impl;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.TypedQuery;
+
+import org.mitre.oauth2.model.AuthorizationCodeEntity;
+import org.mitre.oauth2.repository.AuthorizationCodeRepository;
+import org.mitre.util.jpa.JpaUtil;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * @author aanganes
+ *
+ */
+@Repository
+@Transactional
+public class JpaAuthorizationCodeRepository implements AuthorizationCodeRepository {
+
+	@PersistenceContext
+	EntityManager manager;
+	
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#save(org.mitre.oauth2.model.AuthorizationCodeEntity)
+	 */
+	@Override
+	@Transactional
+	public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode) {
+		
+		return JpaUtil.saveOrUpdate(authorizationCode.getId(), manager, authorizationCode);
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#consume(java.lang.String)
+	 */
+	@Override
+	@Transactional
+	public AuthorizationRequestHolder consume(String code) throws InvalidGrantException {
+		
+		TypedQuery<AuthorizationCodeEntity> query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class);
+		query.setParameter("code", code);
+		
+		AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList());
+		
+		if (result == null) {
+			throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
+		}
+		
+		return result.getAuthorizationRequestHolder();
+
+	}
+
+}
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
@ -0,0 +1,59 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.service.impl;
+
+import org.mitre.oauth2.model.AuthorizationCodeEntity;
+import org.mitre.oauth2.repository.AuthorizationCodeRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+import org.springframework.security.oauth2.common.util.RandomValueStringGenerator;
+import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author aanganes
+ *
+ */
+@Service
+public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeServices {
+
+	@Autowired
+	private AuthorizationCodeRepository repository;
+	
+	private RandomValueStringGenerator generator = new RandomValueStringGenerator();
+	
+	/* (non-Javadoc)
+	 * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#createAuthorizationCode(org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder)
+	 */
+	@Override
+	public String createAuthorizationCode(AuthorizationRequestHolder authentication) {
+		String code = generator.generate();
+		
+		AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code);
+		
+		repository.save(entity);
+		
+		return code;
+	}
+
+	/* (non-Javadoc)
+	 * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#consumeAuthorizationCode(java.lang.String)
+	 */
+	@Override
+	public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException {
+		
+		AuthorizationRequestHolder auth = repository.consume(code);
+		return auth;
+	}
+
+	public AuthorizationCodeRepository getRepository() {
+		return repository;
+	}
+
+	public void setRepository(AuthorizationCodeRepository repository) {
+		this.repository = repository;
+	}
+
+}