From 266e703d66e812be1661d4ed64700f78dea9152a Mon Sep 17 00:00:00 2001
From: Lorenz Reinhart <reinhart@infosim.net>
Date: Wed, 16 Aug 2017 10:22:42 +0200
Subject: [PATCH] Added temp_tables in mysql. Added missing values in tables.
 Fixed insertion of duplicate user info.

---
 .../db/mysql/loading_temp_tables.sql          | 76 +++++++++++++++++++
 .../db/mysql/mysql_database_tables.sql        |  8 +-
 .../src/main/resources/db/mysql/scopes.sql    |  2 +-
 .../src/main/resources/db/mysql/users.sql     | 10 +--
 .../src/main/webapp/WEB-INF/data-context.xml  |  8 +-
 5 files changed, 92 insertions(+), 12 deletions(-)
 create mode 100644 openid-connect-server-webapp/src/main/resources/db/mysql/loading_temp_tables.sql

diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/loading_temp_tables.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/loading_temp_tables.sql
new file mode 100644
index 000000000..f18d54f5c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/loading_temp_tables.sql
@@ -0,0 +1,76 @@
+--
+-- Temporary tables used during the bootstrapping process to safely load users and clients.
+-- These are not needed if you're not using the users.sql/clients.sql files to bootstrap the database.
+--
+
+CREATE TEMPORARY TABLE IF NOT EXISTS authorities_TEMP (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint ix_authority_TEMP unique (username,authority));
+      
+CREATE TEMPORARY TABLE IF NOT EXISTS users_TEMP (
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS user_info_TEMP (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	sub VARCHAR(256),
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_details_TEMP (
+	client_description VARCHAR(256),
+	dynamically_registered BOOLEAN,
+	id_token_validity_seconds BIGINT,
+	
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	allow_introspection BOOLEAN,
+	
+	client_name VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_scope_TEMP (
+	owner_id VARCHAR(256),
+	scope VARCHAR(2048)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_redirect_uri_TEMP (
+	owner_id VARCHAR(256),
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_grant_type_TEMP (
+	owner_id VARCHAR(256),
+	grant_type VARCHAR(2000)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
+	scope VARCHAR(256),
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN,
+	default_scope BOOLEAN,
+	structured BOOLEAN,
+	structured_param_description VARCHAR(256)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
index 7e00cc876..66d4574a5 100644
--- a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
@@ -108,7 +108,7 @@ CREATE TABLE IF NOT EXISTS authorization_code (
 );
 
 CREATE TABLE IF NOT EXISTS client_grant_type (
-	owner_id BIGINT,
+	owner_id VARCHAR(256),
 	grant_type VARCHAR(2000)
 );
 
@@ -199,7 +199,7 @@ CREATE TABLE IF NOT EXISTS client_contact (
 );
 
 CREATE TABLE IF NOT EXISTS client_redirect_uri (
-	owner_id BIGINT, 
+	owner_id VARCHAR(256),
 	redirect_uri VARCHAR(2048) 
 );
 
@@ -222,7 +222,7 @@ CREATE TABLE IF NOT EXISTS client_resource (
 );
 
 CREATE TABLE IF NOT EXISTS client_scope (
-	owner_id BIGINT,
+	owner_id VARCHAR(256),
 	scope VARCHAR(2048)
 );
 
@@ -238,6 +238,8 @@ CREATE TABLE IF NOT EXISTS system_scope (
 	icon VARCHAR(256),
 	restricted BOOLEAN DEFAULT false NOT NULL,
 	default_scope BOOLEAN DEFAULT false NOT NULL,
+	structured BOOLEAN DEFAULT false NOT NULL,
+	structured_param_description VARCHAR(256),
 	UNIQUE (scope)
 );
 
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql
index 62d5dcd29..58f29cfba 100644
--- a/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql
@@ -28,4 +28,4 @@ INSERT INTO system_scope (scope, description, icon, restricted, default_scope, s
 
 COMMIT;
 
-SET AUTOCOMMIT = 1;
\ No newline at end of file
+SET AUTOCOMMIT = 1;
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql
index fc82e4800..8010dfcff 100644
--- a/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql
@@ -21,9 +21,9 @@ INSERT INTO authorities_TEMP (username, authority) VALUES
   ('user','ROLE_USER');
     
 -- By default, the username column here has to match the username column in the users table, above
-INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES
-  ('90342.ASDFJWFA','admin','Demo Admin','admin@example.com', true),
-  ('01921.FLANRJQW','user','Demo User','user@example.com', true);
+INSERT INTO user_info_TEMP (id, sub, preferred_username, name, email, email_verified) VALUES
+  ('1','90342.ASDFJWFA','admin','Demo Admin','admin@example.com', true),
+  ('2','01921.FLANRJQW','user','Demo User','user@example.com', true);
 
  
 --
@@ -38,8 +38,8 @@ INSERT INTO authorities (username,authority)
   SELECT username, authority FROM authorities_TEMP
   ON DUPLICATE KEY UPDATE authorities.username = authorities.username;
 
-INSERT INTO user_info (sub, preferred_username, name, email, email_verified)
-  SELECT sub, preferred_username, name, email, email_verified FROM user_info_TEMP
+INSERT INTO user_info (id, sub, preferred_username, name, email, email_verified)
+  SELECT id, sub, preferred_username, name, email, email_verified FROM user_info_TEMP
   ON DUPLICATE KEY UPDATE user_info.preferred_username = user_info.preferred_username;
     
 -- 
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml
index 8bab6d361..63da6c2fd 100644
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml
@@ -65,9 +65,11 @@
 	<!-- You can optionally initialize the database with test values here, 
 		but this is not recommended for real systems -->
 <!-- 	<jdbc:initialize-database data-source="dataSource"> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/mysql_database_tables.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/security-schema.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/mysql_database_tables.sql"/> -->
+		<!-- The following file is for the jdbc-user-service spring security implementation -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/security-schema.sql"/> -->
+		<!-- The following files are for safely bootstrapping users and clients into the database -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/loading_temp_tables.sql"/> -->
 <!-- 		<jdbc:script location="classpath:/db/mysql/users.sql"/> -->
 <!-- 		<jdbc:script location="classpath:/db/mysql/clients.sql"/> -->
 <!-- 		<jdbc:script location="classpath:/db/mysql/scopes.sql"/> -->