Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.

openid-connect-server/pom.xml

@@ -24,6 +24,11 @@
 			<artifactId>openid-connect-common</artifactId>
 			<version>0.1-SNAPSHOT</version>
 		</dependency>
+		<dependency>
+			<groupId>org.hsqldb</groupId>
+			<artifactId>hsqldb</artifactId>
+			<version>2.2.9</version>
+		</dependency>
     </dependencies>
     <description>Reference implementation of OpenID Connect spec (http://openid.net/connect/).
     </description>

openid-connect-server/src/main/resources/db/tables/database_tables.sql

@@ -0,0 +1,181 @@
+CREATE TABLE access_token (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	token_type VARCHAR(256),
+	refresh_token_id BIGINT,
+	client_id VARCHAR(256),
+	auth_holder_id BIGINT,
+	id_token_string VARCHAR(4096)
+);
+
+CREATE TABLE address (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	formatted VARCHAR(256),
+	street_address VARCHAR(256),
+	locality VARCHAR(256),
+	region VARCHAR(256),
+	postal_code VARCHAR(256),
+	country VARCHAR(256)
+);
+
+CREATE TABLE approved_site (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	user_id VARCHAR(4096),
+	client_id VARCHAR(4096),
+	creation_date TIMESTAMP,
+	access_date TIMESTAMP,
+	timeout_date TIMESTAMP,
+	whitelisted_site_id VARCHAR(256)
+);
+
+CREATE TABLE approved_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE authentication_holder (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	owner_id BIGINT,
+	authentication LONGVARBINARY
+);
+
+CREATE TABLE authority (
+	owner_id BIGINT,
+	authority LONGVARBINARY
+);
+
+CREATE TABLE authorization_code (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	code VARCHAR(256),
+	authorization_request_holder LONGVARBINARY
+);
+
+CREATE TABLE authorized_grant_type (
+	owner_id BIGINT,
+	authorized_grant_type VARCHAR(2000)
+);
+
+CREATE TABLE client_details (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	client_description VARCHAR(256),
+	allow_refresh TINYINT,
+	allow_multiple_access_tokens TINYINT,
+	reuse_refresh_tokens TINYINT,
+	dynamically_registered TINYINT,
+	id_token_validity_seconds BIGINT,
+	
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	
+	application_type VARCHAR(256),
+	application_name VARCHAR(256),
+	token_endpoint_auth_type VARCHAR(256),
+	user_id_type VARCHAR(256),
+	
+	logo_url VARCHAR(2048),
+	policy_url VARCHAR(2048),
+	jwk_url VARCHAR(2048),
+	jwk_encryption_url VARCHAR(2048),
+	x509_url VARCHAR(2048),
+	x509_encryption_url VARCHAR(2048),
+	sector_identifier_url VARCHAR(2048),
+	
+	requre_signed_request_object VARCHAR(256),
+	
+	user_info_signed_response_alg VARCHAR(256),
+	user_info_encrypted_response_alg VARCHAR(256),
+	user_info_encrypted_response_enc VARCHAR(256),
+	user_info_encrypted_response_int VARCHAR(256),
+	
+	id_token_signed_response_alg VARCHAR(256),
+	id_token_encrypted_response_alg VARCHAR(256),
+	id_token_encrypted_response_enc VARCHAR(256),
+	id_token_encrypted_response_int VARCHAR(256),
+	
+	default_max_age BIGINT,
+	require_auth_time TINYINT,
+	default_acr VARCHAR(256)
+);
+
+CREATE TABLE contact (
+	owner_id BIGINT,
+	contact VARCHAR(256)
+);
+
+CREATE TABLE event (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	type INT,
+	timestamp DATE
+);
+
+CREATE TABLE idtoken (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY
+);
+
+CREATE TABLE idtokenclaims (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY
+);
+
+CREATE TABLE redirect_uri (
+	owner_id BIGINT, 
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TABLE refresh_token (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	auth_holder_id BIGINT,
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE resource_id (
+	owner_id VARCHAR(256), 
+	resource_id VARCHAR(256) 
+);
+
+CREATE TABLE client_scope (
+	owner_id VARCHAR(4096),
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE token_scope (
+	owner_id VARCHAR(4096),
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE user_info (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	user_id VARCHAR(256),
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256)
+);
+
+CREATE TABLE whitelisted_site (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	creator_user_id VARCHAR(256),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE whitelisted_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);

openid-connect-server/src/main/resources/db/tables/security-schema.sql

@@ -0,0 +1,10 @@
+  create table users(
+      username varchar_ignorecase(50) not null primary key,
+      password varchar_ignorecase(50) not null,
+      enabled boolean not null);
+
+  create table authorities (
+      username varchar_ignorecase(50) not null,
+      authority varchar_ignorecase(50) not null,
+      constraint fk_authorities_users foreign key(username) references users(username));
+      create unique index ix_auth_username on authorities (username,authority);

openid-connect-server/src/main/resources/db/users.sql

@@ -0,0 +1,23 @@
+INSERT INTO users(username, password, enabled) values ('jricher','password',true);
+INSERT INTO authorities(username,authority) values ('jricher','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('jricher','ROLE_ADMIN');
+
+INSERT INTO users(username, password, enabled) values ('mfranklin','password',true);
+INSERT INTO authorities(username,authority) values ('mfranklin','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('mfranklin','ROLE_ADMIN');
+
+INSERT INTO users(username, password, enabled) values ('dcuomo','password',true);
+INSERT INTO authorities(username,authority) values ('dcuomo','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('dcuomo','ROLE_ADMIN');
+
+INSERT INTO users(username, password, enabled) values ('aanganes','password',true);
+INSERT INTO authorities(username,authority) values ('aanganes','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('aanganes','ROLE_ADMIN');
+
+INSERT INTO users(username, password, enabled) values ('mjwalsh','password',true);
+INSERT INTO authorities(username,authority) values ('mjwalsh','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('mjwalsh','ROLE_ADMIN');
+
+INSERT INTO users(username, password, enabled) values ('srmoore','password',true);
+INSERT INTO authorities(username,authority) values ('srmoore','ROLE_USER');
+INSERT INTO authorities(username,authority) values ('srmoore','ROLE_ADMIN');

openid-connect-server/src/main/webapp/WEB-INF/application-context.xml

@@ -134,7 +134,8 @@
 	<!-- JPA -->
 
 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
-		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" />
+		<!-- <property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" /> -->
+		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.HSQLPlatform"></property>
 		<property name="showSql" value="true" />
 	</bean>
 

openid-connect-server/src/main/webapp/WEB-INF/data-context.xml

@@ -1,13 +1,35 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
+	   xmlns:jdbc="http://www.springframework.org/schema/jdbc"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+       						http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd">
 
+	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
+		<property name="driverClassName" value="org.hsqldb.jdbcDriver" />
+		<property name="url" value="jdbc:hsqldb:mem:oic;sql.syntax_mys=true" />
+		<!-- <property name="url" value="jdbc:hsqldb:file:/opt/hsql/clipOIDC/oic;sql.syntax_mys=true" /> -->
+		<property name="username" value="oic" />
+		<property name="password" value="oic" />	
+	</bean>
+	
+	<!-- Use the following to set up the OIC tables in the in-memory DB
+		   If you are using a file based HSQLDB you should not run this every time. -->
+	<jdbc:initialize-database data-source="dataSource">
+		<jdbc:script location="classpath:/db/tables/database_tables.sql"/>
+		<!-- The following are for the jdbc-user-service spring security implementation -->
+		<jdbc:script location="classpath:/db/tables/security-schema.sql"/>
+		<jdbc:script location="classpath:/db/users.sql"/>
+	</jdbc:initialize-database>
+	
+	<!--  The following is for connecting to a MySQL database that has been initialized with 
+			src/main/resources/db/tables/mysql_database_tables.sql -->
+	<!-- 
 	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
 		<property name="driverClassName" value="com.mysql.jdbc.Driver" />
 		<property name="url" value="jdbc:mysql://localhost/oic" />
 		<property name="username" value="oic" />
 		<property name="password" value="oic" />		
 	</bean>
-
+	-->
 </beans>

openid-connect-server/src/main/webapp/WEB-INF/user-context.xml

@@ -16,6 +16,8 @@
 
 	<security:authentication-manager alias="authenticationManager">
 		<security:authentication-provider>
+			<security:jdbc-user-service data-source-ref="dataSource"/>
+			<!-- 
 			<security:user-service id="userDetailsService">
 				<security:user name="jricher" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
 				<security:user name="mfranklin" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
@@ -25,6 +27,7 @@
 				<security:user name="mjwalsh" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
 				<security:user name="srmoore" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
 		  	</security:user-service>
+		  	-->
 		</security:authentication-provider>
 	</security:authentication-manager>