further modularized data import/export service
Justin Richer
parent
3acb71763a
commit
8178af87f0
|
|
@ -56,7 +56,7 @@ public interface MITREidDataServiceExtension {
|
|||
/**
|
||||
* Signal the extension to wrap up all object processing and finalize its
|
||||
*/
|
||||
void fixExtensionObjectReferences();
|
||||
void fixExtensionObjectReferences(MITREidDataServiceMaps maps);
|
||||
|
||||
/**
|
||||
* Return
|
||||
|
|
|
|||
|
|
@ -0,0 +1,119 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2017 The MITRE Corporation
|
||||
* and the MIT Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*******************************************************************************/
|
||||
|
||||
package org.mitre.openid.connect.service;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
public class MITREidDataServiceMaps {
|
||||
|
||||
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
|
||||
private Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
|
||||
/**
|
||||
* @return the accessTokenOldToNewIdMap
|
||||
*/
|
||||
public Map<Long, Long> getAccessTokenOldToNewIdMap() {
|
||||
return accessTokenOldToNewIdMap;
|
||||
}
|
||||
/**
|
||||
* @return the accessTokenToAuthHolderRefs
|
||||
*/
|
||||
public Map<Long, Long> getAccessTokenToAuthHolderRefs() {
|
||||
return accessTokenToAuthHolderRefs;
|
||||
}
|
||||
/**
|
||||
* @return the accessTokenToClientRefs
|
||||
*/
|
||||
public Map<Long, String> getAccessTokenToClientRefs() {
|
||||
return accessTokenToClientRefs;
|
||||
}
|
||||
/**
|
||||
* @return the accessTokenToRefreshTokenRefs
|
||||
*/
|
||||
public Map<Long, Long> getAccessTokenToRefreshTokenRefs() {
|
||||
return accessTokenToRefreshTokenRefs;
|
||||
}
|
||||
/**
|
||||
* @return the authHolderOldToNewIdMap
|
||||
*/
|
||||
public Map<Long, Long> getAuthHolderOldToNewIdMap() {
|
||||
return authHolderOldToNewIdMap;
|
||||
}
|
||||
/**
|
||||
* @return the grantOldToNewIdMap
|
||||
*/
|
||||
public Map<Long, Long> getGrantOldToNewIdMap() {
|
||||
return grantOldToNewIdMap;
|
||||
}
|
||||
/**
|
||||
* @return the grantToAccessTokensRefs
|
||||
*/
|
||||
public Map<Long, Set<Long>> getGrantToAccessTokensRefs() {
|
||||
return grantToAccessTokensRefs;
|
||||
}
|
||||
/**
|
||||
* @return the refreshTokenOldToNewIdMap
|
||||
*/
|
||||
public Map<Long, Long> getRefreshTokenOldToNewIdMap() {
|
||||
return refreshTokenOldToNewIdMap;
|
||||
}
|
||||
/**
|
||||
* @return the refreshTokenToAuthHolderRefs
|
||||
*/
|
||||
public Map<Long, Long> getRefreshTokenToAuthHolderRefs() {
|
||||
return refreshTokenToAuthHolderRefs;
|
||||
}
|
||||
/**
|
||||
* @return the refreshTokenToClientRefs
|
||||
*/
|
||||
public Map<Long, String> getRefreshTokenToClientRefs() {
|
||||
return refreshTokenToClientRefs;
|
||||
}
|
||||
/**
|
||||
* @return the whitelistedSiteOldToNewIdMap
|
||||
*/
|
||||
public Map<Long, Long> getWhitelistedSiteOldToNewIdMap() {
|
||||
return whitelistedSiteOldToNewIdMap;
|
||||
}
|
||||
|
||||
public void clearAll() {
|
||||
refreshTokenToClientRefs.clear();
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
accessTokenToClientRefs.clear();
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -49,6 +49,7 @@ import org.mitre.openid.connect.repository.BlacklistedSiteRepository;
|
|||
import org.mitre.openid.connect.repository.WhitelistedSiteRepository;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceExtension;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceMaps;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -102,6 +103,8 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
@Autowired(required = false)
|
||||
private List<MITREidDataServiceExtension> extensions = Collections.emptyList();
|
||||
|
||||
private MITREidDataServiceMaps maps = new MITREidDataServiceMaps();
|
||||
|
||||
private static final String THIS_VERSION = MITREID_CONNECT_1_0;
|
||||
|
||||
@Override
|
||||
|
|
@ -154,8 +157,8 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
} else {
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
if (extension.canImport(name)) {
|
||||
extension.importExtensionData(reader);
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.importExtensionData(name, reader);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
@ -176,15 +179,12 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
fixObjectReferences();
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.fixExtensionObjectReferences();
|
||||
extension.fixExtensionObjectReferences(maps);
|
||||
break;
|
||||
}
|
||||
}
|
||||
maps.clearAll();
|
||||
}
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -238,19 +238,14 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveRefreshToken(token).getId();
|
||||
refreshTokenToClientRefs.put(currentId, clientId);
|
||||
refreshTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
refreshTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getRefreshTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getRefreshTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
maps.getRefreshTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read refresh token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -313,19 +308,17 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveAccessToken(token).getId();
|
||||
accessTokenToClientRefs.put(currentId, clientId);
|
||||
accessTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
maps.getAccessTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
if (refreshTokenId != null) {
|
||||
accessTokenToRefreshTokenRefs.put(currentId, refreshTokenId);
|
||||
maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
|
||||
}
|
||||
accessTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read access token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -397,7 +390,7 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = authHolderRepository.save(ahe).getId();
|
||||
authHolderOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAuthHolderOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read authentication holder {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
|
|
@ -511,9 +504,6 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
return savedUserAuth;
|
||||
}
|
||||
|
||||
Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
|
||||
Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -569,20 +559,18 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
maps.getGrantOldToNewIdMap().put(currentId, newId);
|
||||
if (whitelistedSiteId != null) {
|
||||
logger.debug("Ignoring whitelisted site marker on approved site.");
|
||||
}
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
maps.getGrantToAccessTokensRefs().put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading grants");
|
||||
}
|
||||
Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -621,7 +609,7 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = wlSiteRepository.save(wlSite).getId();
|
||||
whitelistedSiteOldToNewIdMap.put(currentId, newId);
|
||||
maps.getWhitelistedSiteOldToNewIdMap().put(currentId, newId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading whitelisted sites");
|
||||
|
|
@ -853,64 +841,58 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
|
||||
private void fixObjectReferences() {
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setClient(client);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setClient(client);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
maps.getAccessTokenToAuthHolderRefs().clear();
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
|
||||
Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setRefreshToken(refreshToken);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
whitelistedSiteOldToNewIdMap.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
|
||||
Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
|
||||
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
|
||||
OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
|
||||
token.setApprovedSite(site);
|
||||
tokenRepository.saveAccessToken(token);
|
||||
|
|
@ -918,8 +900,6 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
|
|||
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,6 +51,7 @@ import org.mitre.openid.connect.repository.BlacklistedSiteRepository;
|
|||
import org.mitre.openid.connect.repository.WhitelistedSiteRepository;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceExtension;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceMaps;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -107,6 +108,8 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
|
||||
private static final String THIS_VERSION = MITREID_CONNECT_1_1;
|
||||
|
||||
private MITREidDataServiceMaps maps = new MITREidDataServiceMaps();
|
||||
|
||||
@Override
|
||||
public boolean supportsVersion(String version) {
|
||||
return THIS_VERSION.equals(version);
|
||||
|
|
@ -156,8 +159,8 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
} else {
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
if (extension.canImport(name)) {
|
||||
extension.importExtensionData(reader);
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.importExtensionData(name, reader);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
@ -179,15 +182,12 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
fixObjectReferences();
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.fixExtensionObjectReferences();
|
||||
extension.fixExtensionObjectReferences(maps);
|
||||
break;
|
||||
}
|
||||
}
|
||||
maps.clearAll();
|
||||
}
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -241,19 +241,14 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveRefreshToken(token).getId();
|
||||
refreshTokenToClientRefs.put(currentId, clientId);
|
||||
refreshTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
refreshTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getRefreshTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getRefreshTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
maps.getRefreshTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read refresh token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<>();
|
||||
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -316,19 +311,17 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveAccessToken(token).getId();
|
||||
accessTokenToClientRefs.put(currentId, clientId);
|
||||
accessTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
maps.getAccessTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
if (refreshTokenId != null) {
|
||||
accessTokenToRefreshTokenRefs.put(currentId, refreshTokenId);
|
||||
maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
|
||||
}
|
||||
accessTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read access token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -400,7 +393,7 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = authHolderRepository.save(ahe).getId();
|
||||
authHolderOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAuthHolderOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read authentication holder {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
|
|
@ -521,9 +514,6 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
return savedUserAuth;
|
||||
}
|
||||
|
||||
Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
|
||||
Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -579,20 +569,18 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
maps.getGrantOldToNewIdMap().put(currentId, newId);
|
||||
if (whitelistedSiteId != null) {
|
||||
logger.debug("Ignoring whitelisted site marker on approved site.");
|
||||
}
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
maps.getGrantToAccessTokensRefs().put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading grants");
|
||||
}
|
||||
Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -631,7 +619,7 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = wlSiteRepository.save(wlSite).getId();
|
||||
whitelistedSiteOldToNewIdMap.put(currentId, newId);
|
||||
maps.getWhitelistedSiteOldToNewIdMap().put(currentId, newId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading whitelisted sites");
|
||||
|
|
@ -867,63 +855,58 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
|
||||
private void fixObjectReferences() {
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setClient(client);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setClient(client);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
maps.getAccessTokenToClientRefs().clear();
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
|
||||
Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setRefreshToken(refreshToken);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
|
||||
Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
|
||||
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
|
||||
OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
|
||||
token.setApprovedSite(site);
|
||||
tokenRepository.saveAccessToken(token);
|
||||
|
|
@ -931,8 +914,6 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
|
|||
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ import org.mitre.openid.connect.repository.BlacklistedSiteRepository;
|
|||
import org.mitre.openid.connect.repository.WhitelistedSiteRepository;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceExtension;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceMaps;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -168,6 +169,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
@Autowired(required = false)
|
||||
private List<MITREidDataServiceExtension> extensions = Collections.emptyList();
|
||||
|
||||
private MITREidDataServiceMaps maps = new MITREidDataServiceMaps();
|
||||
|
||||
private static final String THIS_VERSION = MITREID_CONNECT_1_2;
|
||||
|
||||
@Override
|
||||
|
|
@ -220,10 +223,8 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
} else {
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
if (extension.canImport(name)) {
|
||||
extension.importExtensionData(reader);
|
||||
break;
|
||||
}
|
||||
extension.importExtensionData(name, reader);
|
||||
break;
|
||||
}
|
||||
}
|
||||
// unknown token, skip it
|
||||
|
|
@ -243,15 +244,12 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
fixObjectReferences();
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.fixExtensionObjectReferences();
|
||||
extension.fixExtensionObjectReferences(maps);
|
||||
break;
|
||||
}
|
||||
}
|
||||
maps.clearAll();
|
||||
}
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -305,19 +303,14 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveRefreshToken(token).getId();
|
||||
refreshTokenToClientRefs.put(currentId, clientId);
|
||||
refreshTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
refreshTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getRefreshTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getRefreshTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
maps.getRefreshTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read refresh token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -380,19 +373,17 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveAccessToken(token).getId();
|
||||
accessTokenToClientRefs.put(currentId, clientId);
|
||||
accessTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
maps.getAccessTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
if (refreshTokenId != null) {
|
||||
accessTokenToRefreshTokenRefs.put(currentId, refreshTokenId);
|
||||
maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
|
||||
}
|
||||
accessTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read access token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -452,7 +443,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = authHolderRepository.save(ahe).getId();
|
||||
authHolderOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAuthHolderOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read authentication holder {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
|
|
@ -506,9 +497,6 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
return savedUserAuth;
|
||||
}
|
||||
|
||||
Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
|
||||
Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -561,17 +549,15 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
maps.getGrantOldToNewIdMap().put(currentId, newId);
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
maps.getGrantToAccessTokensRefs().put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading grants");
|
||||
}
|
||||
Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -610,7 +596,7 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = wlSiteRepository.save(wlSite).getId();
|
||||
whitelistedSiteOldToNewIdMap.put(currentId, newId);
|
||||
maps.getWhitelistedSiteOldToNewIdMap().put(currentId, newId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading whitelisted sites");
|
||||
|
|
@ -857,63 +843,57 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
|
||||
private void fixObjectReferences() {
|
||||
logger.info("Fixing object references...");
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setClient(client);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setClient(client);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
|
||||
Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setRefreshToken(refreshToken);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
|
||||
Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
|
||||
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
|
||||
OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
|
||||
token.setApprovedSite(site);
|
||||
tokenRepository.saveAccessToken(token);
|
||||
|
|
@ -921,8 +901,6 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
|
|||
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
logger.info("Done fixing object references.");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -25,10 +25,8 @@ import java.io.Serializable;
|
|||
import java.text.ParseException;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Set;
|
||||
|
||||
|
|
@ -54,6 +52,7 @@ import org.mitre.openid.connect.repository.BlacklistedSiteRepository;
|
|||
import org.mitre.openid.connect.repository.WhitelistedSiteRepository;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceExtension;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceMaps;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -72,7 +71,7 @@ import com.nimbusds.jwt.JWTParser;
|
|||
|
||||
/**
|
||||
*
|
||||
* Data service to import and export MITREid 1.2 configuration.
|
||||
* Data service to import and export MITREid 1.3 configuration.
|
||||
*
|
||||
* @author jricher
|
||||
* @author arielak
|
||||
|
|
@ -172,6 +171,8 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
|
||||
private static final String THIS_VERSION = MITREID_CONNECT_1_3;
|
||||
|
||||
private MITREidDataServiceMaps maps = new MITREidDataServiceMaps();
|
||||
|
||||
@Override
|
||||
public boolean supportsVersion(String version) {
|
||||
return THIS_VERSION.equals(version);
|
||||
|
|
@ -236,7 +237,7 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
}
|
||||
|
||||
writer.endObject(); // end mitreid-connect-1.2
|
||||
writer.endObject(); // end mitreid-connect-1.3
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -557,7 +558,7 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
@Override
|
||||
public void importData(JsonReader reader) throws IOException {
|
||||
|
||||
logger.info("Reading configuration for 1.2");
|
||||
logger.info("Reading configuration for 1.3");
|
||||
|
||||
// this *HAS* to start as an object
|
||||
reader.beginObject();
|
||||
|
|
@ -585,17 +586,21 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
} else if (name.equals(SYSTEMSCOPES)) {
|
||||
readSystemScopes(reader);
|
||||
} else {
|
||||
boolean processed = false;
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
if (extension.importExtensionData(name, reader)) {
|
||||
processed = extension.importExtensionData(name, reader);
|
||||
if (processed) {
|
||||
// if the extension processed data, break out of this inner loop
|
||||
// (only the first extension to claim an extension point gets it)
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
// unknown token, skip it
|
||||
reader.skipValue();
|
||||
if (!processed) {
|
||||
// unknown token, skip it
|
||||
reader.skipValue();
|
||||
}
|
||||
}
|
||||
break;
|
||||
case END_OBJECT:
|
||||
|
|
@ -611,15 +616,13 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
fixObjectReferences();
|
||||
for (MITREidDataServiceExtension extension : extensions) {
|
||||
if (extension.supportsVersion(THIS_VERSION)) {
|
||||
extension.fixExtensionObjectReferences();
|
||||
extension.fixExtensionObjectReferences(maps);
|
||||
break;
|
||||
}
|
||||
}
|
||||
maps.clearAll();
|
||||
}
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -673,19 +676,14 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveRefreshToken(token).getId();
|
||||
refreshTokenToClientRefs.put(currentId, clientId);
|
||||
refreshTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
refreshTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getRefreshTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getRefreshTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
maps.getRefreshTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read refresh token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -748,19 +746,17 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = tokenRepository.saveAccessToken(token).getId();
|
||||
accessTokenToClientRefs.put(currentId, clientId);
|
||||
accessTokenToAuthHolderRefs.put(currentId, authHolderId);
|
||||
maps.getAccessTokenToClientRefs().put(currentId, clientId);
|
||||
maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
|
||||
if (refreshTokenId != null) {
|
||||
accessTokenToRefreshTokenRefs.put(currentId, refreshTokenId);
|
||||
maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
|
||||
}
|
||||
accessTokenOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read access token {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -820,7 +816,7 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = authHolderRepository.save(ahe).getId();
|
||||
authHolderOldToNewIdMap.put(currentId, newId);
|
||||
maps.getAuthHolderOldToNewIdMap().put(currentId, newId);
|
||||
logger.debug("Read authentication holder {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
|
|
@ -874,9 +870,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
return savedUserAuth;
|
||||
}
|
||||
|
||||
private Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
|
||||
private Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -929,9 +922,9 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
maps.getGrantOldToNewIdMap().put(currentId, newId);
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
maps.getGrantToAccessTokensRefs().put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
|
|
@ -939,8 +932,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
logger.info("Done reading grants");
|
||||
}
|
||||
|
||||
private Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -979,7 +970,7 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
}
|
||||
reader.endObject();
|
||||
Long newId = wlSiteRepository.save(wlSite).getId();
|
||||
whitelistedSiteOldToNewIdMap.put(currentId, newId);
|
||||
maps.getWhitelistedSiteOldToNewIdMap().put(currentId, newId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading whitelisted sites");
|
||||
|
|
@ -1230,63 +1221,57 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
|
||||
private void fixObjectReferences() {
|
||||
logger.info("Fixing object references...");
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setClient(client);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
refreshToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
|
||||
String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setClient(client);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
|
||||
Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
|
||||
Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setAuthenticationHolder(authHolder);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
|
||||
Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
|
||||
OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
|
||||
accessToken.setRefreshToken(refreshToken);
|
||||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
|
||||
Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
|
||||
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
|
||||
OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
|
||||
token.setApprovedSite(site);
|
||||
tokenRepository.saveAccessToken(token);
|
||||
|
|
@ -1294,8 +1279,16 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
|
|||
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
/*
|
||||
refreshTokenToClientRefs.clear();
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
accessTokenToClientRefs.clear();
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
*/
|
||||
logger.info("Done fixing object references.");
|
||||
}
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
package org.mitre.uma.service.impl;
|
||||
|
||||
import static org.mitre.util.JsonUtils.*;
|
||||
import static org.mitre.util.JsonUtils.readSet;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -25,10 +25,13 @@ import java.util.HashSet;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.mitre.oauth2.repository.OAuth2TokenRepository;
|
||||
import org.mitre.openid.connect.ClientDetailsEntityJsonProcessor;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceExtension;
|
||||
import org.mitre.openid.connect.service.MITREidDataServiceMaps;
|
||||
import org.mitre.openid.connect.service.impl.MITREidDataServiceSupport;
|
||||
import org.mitre.uma.model.Claim;
|
||||
import org.mitre.uma.model.Permission;
|
||||
|
|
@ -42,6 +45,7 @@ import org.mitre.uma.service.SavedRegisteredClientService;
|
|||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonParser;
|
||||
|
|
@ -53,6 +57,7 @@ import com.google.gson.stream.JsonWriter;
|
|||
* @author jricher
|
||||
*
|
||||
*/
|
||||
@Service("umaDataExtension_1_3")
|
||||
public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport implements MITREidDataServiceExtension {
|
||||
|
||||
private static final String THIS_VERSION = MITREidDataService.MITREID_CONNECT_1_3;
|
||||
|
|
@ -142,8 +147,12 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
private static final String CLAIMS_SUPPLIED = "claimsSupplied";
|
||||
private static final String SAVED_REGISTERED_CLIENTS = "savedRegisteredClients";
|
||||
private static final String RESOURCE_SETS = "resourceSets";
|
||||
private static final String TOKEN_PERMISSIONS = "tokenPermissions";
|
||||
private static final String TOKEN_ID = "tokenId";
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(UmaDataServiceExtension_1_3.class);
|
||||
|
||||
|
||||
|
||||
@Autowired
|
||||
private SavedRegisteredClientService registeredClientService;
|
||||
|
|
@ -151,6 +160,10 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
private ResourceSetRepository resourceSetRepository;
|
||||
@Autowired
|
||||
private PermissionRepository permissionRepository;
|
||||
@Autowired
|
||||
private OAuth2TokenRepository tokenRepository;
|
||||
|
||||
private Map<Long, Set<Long>> tokenToPermissionRefs = new HashMap<>();
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.mitre.openid.connect.service.MITREidDataServiceExtension#supportsVersion(java.lang.String)
|
||||
|
|
@ -180,6 +193,40 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
writer.beginArray();
|
||||
writePermissionTickets(writer);
|
||||
writer.endArray();
|
||||
|
||||
writer.name(TOKEN_PERMISSIONS);
|
||||
writer.beginArray();
|
||||
writeTokenPermissions(writer);
|
||||
writer.endArray();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
* @throws IOException
|
||||
*/
|
||||
private void writeTokenPermissions(JsonWriter writer) throws IOException {
|
||||
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
|
||||
if (!token.getPermissions().isEmpty()) { // skip tokens that don't have the permissions structure attached
|
||||
writer.beginObject();
|
||||
writer.name(TOKEN_ID).value(token.getId());
|
||||
writer.name(PERMISSIONS);
|
||||
writer.beginArray();
|
||||
for (Permission p : token.getPermissions()) {
|
||||
writer.beginObject();
|
||||
writer.name(RESOURCE_SET).value(p.getResourceSet().getId());
|
||||
writer.name(SCOPES);
|
||||
writer.beginArray();
|
||||
for (String s : p.getScopes()) {
|
||||
writer.value(s);
|
||||
}
|
||||
writer.endArray();
|
||||
writer.endObject();
|
||||
}
|
||||
writer.endArray();
|
||||
|
||||
writer.endObject();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -329,11 +376,83 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
} else if (name.equals(PERMISSION_TICKETS)) {
|
||||
readPermissionTickets(reader);
|
||||
return true;
|
||||
} else if (name.equals(TOKEN_PERMISSIONS)) {
|
||||
readTokenPermissions(reader);
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
*/
|
||||
private void readTokenPermissions(JsonReader reader) throws IOException {
|
||||
reader.beginArray();
|
||||
while(reader.hasNext()) {
|
||||
reader.beginObject();
|
||||
Long tokenId = null;
|
||||
Set<Long> permissions = new HashSet<>();
|
||||
while (reader.hasNext()) {
|
||||
switch(reader.peek()) {
|
||||
case END_OBJECT:
|
||||
continue;
|
||||
case NAME:
|
||||
String name = reader.nextName();
|
||||
if (name.equals(TOKEN_ID)) {
|
||||
tokenId = reader.nextLong();
|
||||
} else if (name.equals(PERMISSIONS)) {
|
||||
reader.beginArray();
|
||||
while (reader.hasNext()) {
|
||||
Permission p = new Permission();
|
||||
Long rsid = null;
|
||||
Set<String> scope = new HashSet<>();
|
||||
reader.beginObject();
|
||||
while (reader.hasNext()) {
|
||||
switch (reader.peek()) {
|
||||
case END_OBJECT:
|
||||
continue;
|
||||
case NAME:
|
||||
String pname = reader.nextName();
|
||||
if (reader.peek() == JsonToken.NULL) {
|
||||
reader.skipValue();
|
||||
} else if (pname.equals(RESOURCE_SET)) {
|
||||
rsid = reader.nextLong();
|
||||
} else if (pname.equals(SCOPES)) {
|
||||
scope = readSet(reader);
|
||||
} else {
|
||||
logger.debug("Found unexpected entry");
|
||||
reader.skipValue();
|
||||
}
|
||||
break;
|
||||
default:
|
||||
logger.debug("Found unexpected entry");
|
||||
reader.skipValue();
|
||||
continue;
|
||||
}
|
||||
}
|
||||
reader.endObject();
|
||||
p.setScopes(scope);
|
||||
Permission saved = permissionRepository.saveRawPermission(p);
|
||||
permissionToResourceRefs.put(saved.getId(), rsid);
|
||||
permissions.add(saved.getId());
|
||||
}
|
||||
reader.endArray();
|
||||
}
|
||||
break;
|
||||
default:
|
||||
logger.debug("Found unexpected entry");
|
||||
reader.skipValue();
|
||||
continue;
|
||||
}
|
||||
}
|
||||
reader.endObject();
|
||||
tokenToPermissionRefs.put(tokenId, permissions);
|
||||
}
|
||||
reader.endArray();
|
||||
|
||||
}
|
||||
|
||||
private Map<Long, Long> permissionToResourceRefs = new HashMap<>();
|
||||
|
||||
/**
|
||||
|
|
@ -626,7 +745,7 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
* @see org.mitre.openid.connect.service.MITREidDataServiceExtension#fixExtensionObjectReferences()
|
||||
*/
|
||||
@Override
|
||||
public void fixExtensionObjectReferences() {
|
||||
public void fixExtensionObjectReferences(MITREidDataServiceMaps maps) {
|
||||
for (Long permissionId : permissionToResourceRefs.keySet()) {
|
||||
Long oldResourceId = permissionToResourceRefs.get(permissionId);
|
||||
Long newResourceId = resourceSetOldToNewIdMap.get(oldResourceId);
|
||||
|
|
@ -636,8 +755,22 @@ public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport imple
|
|||
permissionRepository.saveRawPermission(p);
|
||||
logger.debug("Mapping rsid " + oldResourceId + " to " + newResourceId + " for permission " + permissionId);
|
||||
}
|
||||
for (Long tokenId : tokenToPermissionRefs.keySet()) {
|
||||
Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(tokenId);
|
||||
OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
|
||||
|
||||
Set<Permission> permissions = new HashSet<>();
|
||||
for (Long permissionId : tokenToPermissionRefs.get(tokenId)) {
|
||||
Permission p = permissionRepository.getById(permissionId);
|
||||
permissions.add(p);
|
||||
}
|
||||
|
||||
token.setPermissions(permissions);
|
||||
tokenRepository.saveAccessToken(token);
|
||||
}
|
||||
permissionToResourceRefs.clear();
|
||||
resourceSetOldToNewIdMap.clear();
|
||||
tokenToPermissionRefs.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue