added client_id to resource sets

2015-03-10 12:38:13 -04:00 · 2015-03-10 12:38:13 -04:00 · 627bcaee43
parent e5e4c15058
commit 627bcaee43
7 changed files with 61 additions and 13 deletions
--- a/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java
+++ b/openid-connect-common/src/main/java/org/mitre/uma/model/ResourceSet.java
@ -34,12 +34,18 @@ import javax.persistence.Table;
@Entity
@Table(name = "resource_set")
-@NamedQueries (
+@NamedQueries ({
-	@NamedQuery(name = ResourceSet.QUERY_BY_OWNER, query = "select r from ResourceSet r where r.owner = :owner")
+		@NamedQuery(name = ResourceSet.QUERY_BY_OWNER, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER),
-)
+		@NamedQuery(name = ResourceSet.QUERY_BY_OWNER_AND_CLIENT, query = "select r from ResourceSet r where r.owner = :" + ResourceSet.PARAM_OWNER + " and r.clientId = :" + ResourceSet.PARAM_CLIENTID)
 })
 public class ResourceSet {
 	public static final String QUERY_BY_OWNER = "ResourceSet.queryByOwner";
 	public static final String QUERY_BY_OWNER_AND_CLIENT = "ResourceSet.queryByOwnerAndClient";
 	public static final String PARAM_OWNER = "owner";
 	public static final String PARAM_CLIENTID = "clientId";
 	private Long id;
 	private String name;
@ -48,7 +54,8 @@ public class ResourceSet {
 	private Set<String> scopes;
 	private String iconUri;
-	private String owner; // username of the person responsible for the reigistration (either directly or via OAuth token)
+	private String owner; // username of the person responsible for the registration (either directly or via OAuth token)
 	private String clientId; // client id of the protected resource that registered this resource set via OAuth token
 	/**
 	 * @return the id
@ -166,6 +173,22 @@ public class ResourceSet {
 	public void setOwner(String owner) {
 		this.owner = owner;
 	}
 	/**
 	 * @return the clientId
 	 */
 	@Basic
 	@Column(name = "client_id")
 	public String getClientId() {
 		return clientId;
 	}
 	/**
 	 * @param clientId the clientId to set
 	 */
 	public void setClientId(String clientId) {
 		this.clientId = clientId;
 	}
--- a/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java
+++ b/openid-connect-common/src/main/java/org/mitre/uma/repository/ResourceSetRepository.java
@ -35,4 +35,6 @@ public interface ResourceSetRepository {
 	public Collection<ResourceSet> getAllForOwner(String owner);
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId);
 }
--- a/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java
+++ b/openid-connect-common/src/main/java/org/mitre/uma/service/ResourceSetService.java
@ -39,4 +39,6 @@ public interface ResourceSetService {
 	public Collection<ResourceSet> getAllForOwner(String owner);
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String authClientId);
 }
--- a/openid-connect-server-webapp/src/main/resources/db/tables/hsql_database_tables.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/tables/hsql_database_tables.sql
@ -225,7 +225,8 @@ CREATE TABLE IF NOT EXISTS resource_set (
 	uri VARCHAR(1024),
 	icon_uri VARCHAR(1024),
 	rs_type VARCHAR(256),
-	owner VARCHAR(256) NOT NULL
+	owner VARCHAR(256) NOT NULL,
 	client_id VARCHAR(256)
 );
 CREATE TABLE IF NOT EXISTS resource_set_scope (
--- a/openid-connect-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java
@ -67,7 +67,15 @@ public class JpaResourceSetRepository implements ResourceSetRepository {
 	@Override
 	public Collection<ResourceSet> getAllForOwner(String owner) {
 		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_OWNER, ResourceSet.class);
-		query.setParameter("owner", owner);
+		query.setParameter(ResourceSet.PARAM_OWNER, owner);
 		return query.getResultList();
 	}
 	@Override
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId) {
 		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_OWNER_AND_CLIENT, ResourceSet.class);
 		query.setParameter(ResourceSet.PARAM_OWNER, owner);
 		query.setParameter(ResourceSet.PARAM_CLIENTID, clientId);
 		return query.getResultList();
 	}
--- a/openid-connect-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java
+++ b/openid-connect-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java
@ -34,7 +34,7 @@ import org.springframework.stereotype.Service;
@Service
 public class DefaultResourceSetService implements ResourceSetService {
-	private static Logger logger = LoggerFactory.getLogger(DefaultResourceSetService.class);
+	private static final Logger logger = LoggerFactory.getLogger(DefaultResourceSetService.class);
 	@Autowired
 	private ResourceSetRepository repository;
@ -68,6 +68,7 @@ public class DefaultResourceSetService implements ResourceSetService {
 		}
 		newRs.setOwner(oldRs.getOwner()); // preserve the owner tag across updates
 		newRs.setClientId(oldRs.getClientId()); // preserve the client id across updates
 		ResourceSet saved = repository.save(newRs);
@ -84,6 +85,11 @@ public class DefaultResourceSetService implements ResourceSetService {
 	public Collection<ResourceSet> getAllForOwner(String owner) {
 		return repository.getAllForOwner(owner);
 	}
 	@Override
 	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId) {
 		return repository.getAllForOwnerAndClient(owner, clientId);
 	}
--- a/openid-connect-server/src/main/java/org/mitre/uma/web/ResourceSetRegistrationEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/uma/web/ResourceSetRegistrationEndpoint.java
@ -17,11 +17,6 @@
 package org.mitre.uma.web;
 import static org.mitre.oauth2.web.AuthenticationUtilities.ensureOAuthScope;
 import static org.mitre.util.JsonUtils.getAsLong;
 import static org.mitre.util.JsonUtils.getAsString;
 import static org.mitre.util.JsonUtils.getAsStringSet;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
@ -41,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.util.MimeTypeUtils;
@ -55,6 +51,11 @@ import com.google.gson.JsonObject;
 import com.google.gson.JsonParseException;
 import com.google.gson.JsonParser;
 import static org.mitre.oauth2.web.AuthenticationUtilities.ensureOAuthScope;
 import static org.mitre.util.JsonUtils.getAsLong;
 import static org.mitre.util.JsonUtils.getAsString;
 import static org.mitre.util.JsonUtils.getAsStringSet;
@Controller
@RequestMapping("/" + ResourceSetRegistrationEndpoint.URL)
@PreAuthorize("hasRole('ROLE_USER')")
@ -90,7 +91,12 @@ public class ResourceSetRegistrationEndpoint {
 			return JsonErrorView.VIEWNAME;
 		}
-		rs.setOwner(auth.getName());
+		if (auth instanceof OAuth2Authentication) {
 			// if it's an OAuth mediated call, it's on behalf of a client, so store that
 			OAuth2Authentication o2a = (OAuth2Authentication) auth;
 			rs.setClientId(o2a.getOAuth2Request().getClientId());
 		}
 		rs.setOwner(auth.getName()); // the username is going to be in the auth object
 		ResourceSet saved = resourceSetService.saveNew(rs);