github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added device flow expiration

pull/1161/merge
Justin Richer 2017-03-14 17:39:57 -04:00
parent f0c8b1b235
commit 8406a89fd1
5 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-common/src/main/java/org/mitre/oauth2/repository/impl/DeviceCodeRepository.java
View File

@ -17,6 +17,7 @@
package org.mitre.oauth2.repository.impl; package org.mitre.oauth2.repository.impl;
import java.util.Collection;
import java.util.Set; import java.util.Set;
import org.mitre.oauth2.model.DeviceCode; import org.mitre.oauth2.model.DeviceCode;
@ -56,4 +57,9 @@ public interface DeviceCodeRepository {
*/ */
public DeviceCode getByUserCode(String userCode); public DeviceCode getByUserCode(String userCode);
/**
* @return
*/
public Collection<DeviceCode> getExpiredCodes();
} }

2
openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
View File

@ -61,4 +61,6 @@ public interface DeviceCodeService {
*/ */
public DeviceCode createNewDeviceCode(String deviceCode, String userCode, Set<String> requestedScopes, ClientDetailsEntity client, Map<String, String> parameters); public DeviceCode createNewDeviceCode(String deviceCode, String userCode, Set<String> requestedScopes, ClientDetailsEntity client, Map<String, String> parameters);
public void clearExpiredDeviceCodes();
} }

1
openid-connect-server-webapp/src/main/webapp/WEB-INF/task-config.xml
View File

@ -31,6 +31,7 @@
<task:scheduled ref="defaultOAuth2ProviderTokenService" method="clearExpiredTokens" fixed-delay="300000" initial-delay="600000"/> <task:scheduled ref="defaultOAuth2ProviderTokenService" method="clearExpiredTokens" fixed-delay="300000" initial-delay="600000"/>
<task:scheduled ref="defaultApprovedSiteService" method="clearExpiredSites" fixed-delay="300000" initial-delay="600000"/> <task:scheduled ref="defaultApprovedSiteService" method="clearExpiredSites" fixed-delay="300000" initial-delay="600000"/>
<task:scheduled ref="defaultOAuth2AuthorizationCodeService" method="clearExpiredAuthorizationCodes" fixed-delay="300000" initial-delay="600000"/> <task:scheduled ref="defaultOAuth2AuthorizationCodeService" method="clearExpiredAuthorizationCodes" fixed-delay="300000" initial-delay="600000"/>
<task:scheduled ref="defaultDeviceCodeService" method="clearExpiredDeviceCodes" fixed-delay="300000" initial-delay="600000"/>
</task:scheduled-tasks> </task:scheduled-tasks>
</beans> </beans>

13
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaDeviceCodeRepository.java
View File

@ -22,6 +22,8 @@ package org.mitre.oauth2.repository.impl;
import static org.mitre.util.jpa.JpaUtil.getSingleResult; import static org.mitre.util.jpa.JpaUtil.getSingleResult;
import static org.mitre.util.jpa.JpaUtil.saveOrUpdate; import static org.mitre.util.jpa.JpaUtil.saveOrUpdate;
import java.util.Collection;
import java.util.Date;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
import java.util.Set; import java.util.Set;
@ -93,4 +95,15 @@ public class JpaDeviceCodeRepository implements DeviceCodeRepository {
return saveOrUpdate(scope.getId(), em, scope); return saveOrUpdate(scope.getId(), em, scope);
} }
/* (non-Javadoc)
* @see org.mitre.oauth2.repository.impl.DeviceCodeRepository#getExpiredCodes()
*/
@Override
@Transactional(value="defaultTransactionManager")
public Collection<DeviceCode> getExpiredCodes() {
TypedQuery<DeviceCode> query = em.createNamedQuery(DeviceCode.QUERY_EXPIRED_BY_DATE, DeviceCode.class);
query.setParameter(DeviceCode.PARAM_DATE, new Date());
return query.getResultList();
}
} }

24
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java
View File

@ -17,11 +17,14 @@
package org.mitre.oauth2.service.impl; package org.mitre.oauth2.service.impl;
import java.util.Collection;
import java.util.Date; import java.util.Date;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import org.mitre.data.AbstractPageOperationTemplate;
import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.AuthorizationCodeEntity;
import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.DeviceCode; import org.mitre.oauth2.model.DeviceCode;
import org.mitre.oauth2.repository.impl.DeviceCodeRepository; import org.mitre.oauth2.repository.impl.DeviceCodeRepository;
@ -30,6 +33,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
/** /**
* @author jricher * @author jricher
@ -103,4 +107,24 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
} }
/* (non-Javadoc)
* @see org.mitre.oauth2.service.DeviceCodeService#clearExpiredDeviceCodes()
*/
@Override
@Transactional(value="defaultTransactionManager")
public void clearExpiredDeviceCodes() {
new AbstractPageOperationTemplate<DeviceCode>("clearExpiredDeviceCodes"){
@Override
public Collection<DeviceCode> fetchPage() {
return repository.getExpiredCodes();
}
@Override
protected void doOperation(DeviceCode item) {
repository.remove(item);
}
}.execute();
}
} }