From a44556577c355ad4290c6e78cdf81566efe60c61 Mon Sep 17 00:00:00 2001 From: Dominik Frantisek Bucik Date: Tue, 23 Nov 2021 18:15:13 +0100 Subject: [PATCH] =?UTF-8?q?refactor:=20=F0=9F=92=A1=20Refactored=20all=20m?= =?UTF-8?q?odels?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ics/oauth2/model/ClientDetailsEntity.java | 959 +++++------------- .../ics/oauth2/model/RegisteredClient.java | 33 +- .../cz/muni/ics/oauth2/model/SystemScope.java | 173 +--- .../muni/ics/oauth2/model/enums/AppType.java | 27 + .../ics/oauth2/model/enums/AuthMethod.java | 31 + .../ics/oauth2/model/enums/SubjectType.java | 27 + .../impl/BlacklistAwareRedirectResolver.java | 9 +- ...faultOAuth2ClientDetailsEntityService.java | 2 +- .../ics/oauth2/service/impl/ServiceUtils.java | 5 +- .../ClientDetailsEntityJsonProcessor.java | 6 +- .../JWTBearerAuthenticationProvider.java | 2 +- .../openid/connect/model/ApprovedSite.java | 129 +-- .../openid/connect/model/BlacklistedSite.java | 41 +- .../openid/connect/model/DefaultAddress.java | 149 +-- .../openid/connect/model/DefaultUserInfo.java | 375 ++----- .../connect/model/PairwiseIdentifier.java | 69 +- .../openid/connect/model/WhitelistedSite.java | 82 +- .../service/impl/DefaultUserInfoService.java | 2 +- .../ics/openid/connect/web/ClientAPI.java | 6 +- .../DynamicClientRegistrationEndpoint.java | 6 +- ...ProtectedResourceRegistrationEndpoint.java | 2 +- .../oauth2/model/ClientDetailsEntityTest.java | 15 +- .../oauth2/model/RegisteredClientTest.java | 39 +- .../TestBlacklistAwareRedirectResolver.java | 13 +- ...faultOAuth2ClientDetailsEntityService.java | 29 +- .../ClientDetailsEntityJsonProcessorTest.java | 27 +- .../TestJWTBearerAuthenticationProvider.java | 2 +- .../impl/TestDefaultUserInfoService.java | 11 +- .../TestUUIDPairwiseIdentiferService.java | 11 +- 29 files changed, 795 insertions(+), 1487 deletions(-) create mode 100644 perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AppType.java create mode 100644 perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AuthMethod.java create mode 100644 perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/SubjectType.java diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java index 1c2be5ab6..f09672bb8 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java @@ -20,6 +20,10 @@ */ package cz.muni.ics.oauth2.model; +import static cz.muni.ics.oauth2.model.ClientDetailsEntity.PARAM_CLIENT_ID; +import static cz.muni.ics.oauth2.model.ClientDetailsEntity.QUERY_ALL; +import static cz.muni.ics.oauth2.model.ClientDetailsEntity.QUERY_BY_CLIENT_ID; + import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWSAlgorithm; @@ -32,12 +36,14 @@ import cz.muni.ics.oauth2.model.convert.JWSAlgorithmStringConverter; import cz.muni.ics.oauth2.model.convert.JWTStringConverter; import cz.muni.ics.oauth2.model.convert.PKCEAlgorithmStringConverter; import cz.muni.ics.oauth2.model.convert.SimpleGrantedAuthorityStringConverter; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.Map; import java.util.Set; -import javax.persistence.Basic; import javax.persistence.CollectionTable; import javax.persistence.Column; import javax.persistence.Convert; @@ -58,6 +64,13 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; +import org.eclipse.persistence.annotations.CascadeOnDelete; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.oauth2.provider.ClientDetails; @@ -65,11 +78,21 @@ import org.springframework.security.oauth2.provider.ClientDetails; * @author jricher * */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name = "client_details") @NamedQueries({ - @NamedQuery(name = ClientDetailsEntity.QUERY_ALL, query = "SELECT c FROM ClientDetailsEntity c"), - @NamedQuery(name = ClientDetailsEntity.QUERY_BY_CLIENT_ID, query = "select c from ClientDetailsEntity c where c.clientId = :" + ClientDetailsEntity.PARAM_CLIENT_ID) + @NamedQuery(name = QUERY_ALL, + query = "SELECT c FROM ClientDetailsEntity c"), + @NamedQuery(name = QUERY_BY_CLIENT_ID, + query = "SELECT c FROM ClientDetailsEntity c " + + "WHERE c.clientId = :" + PARAM_CLIENT_ID) }) public class ClientDetailsEntity implements ClientDetails { @@ -82,142 +105,206 @@ public class ClientDetailsEntity implements ClientDetails { private static final long serialVersionUID = -1617727085733786296L; + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") private Long id; - private String clientId = null; - private String clientSecret = null; - private Set redirectUris = new HashSet<>(); + + @Column(name = "client_name") private String clientName; - private String clientUri; - private Set contacts; - private String tosUri; - private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; - private Set scope = new HashSet<>(); - private Set grantTypes = new HashSet<>(); - private Set responseTypes = new HashSet<>(); - private String policyUri; - private String jwksUri; - private JWKSet jwks; - private String softwareId; - private String softwareVersion; - private AppType applicationType; - private String sectorIdentifierUri; - private SubjectType subjectType; - private JWSAlgorithm requestObjectSigningAlg = null; - private JWSAlgorithm userInfoSignedResponseAlg = null; - private JWEAlgorithm userInfoEncryptedResponseAlg = null; - private EncryptionMethod userInfoEncryptedResponseEnc = null; - private JWSAlgorithm idTokenSignedResponseAlg = null; - private JWEAlgorithm idTokenEncryptedResponseAlg = null; - private EncryptionMethod idTokenEncryptedResponseEnc = null; - private JWSAlgorithm tokenEndpointAuthSigningAlg = null; - private Integer defaultMaxAge; - private Boolean requireAuthTime; - private Set defaultACRvalues; - private String initiateLoginUri; - private Set postLogoutRedirectUris; - private Set requestUris; - private Set authorities = new HashSet<>(); - private Integer accessTokenValiditySeconds = 0; - private Integer refreshTokenValiditySeconds = 0; - private Set resourceIds = new HashSet<>(); - private Map additionalInformation = new HashMap<>(); + + @Column(name = "client_description") private String clientDescription = ""; + + @Column(name = "client_id") + private String clientId = null; + + @Column(name = "client_secret") + private String clientSecret = null; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_redirect_uri", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "redirect_uri") + @CascadeOnDelete + private Set redirectUris = new HashSet<>(); + + @Column(name = "client_uri") + private String clientUri; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_contact", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "contact") + @CascadeOnDelete + private Set contacts = new HashSet<>(); + + @Column(name = "tos_uri") + private String tosUri; + + @Enumerated(EnumType.STRING) + @Column(name = "token_endpoint_auth_method") + private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_scope", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "scope") + @CascadeOnDelete + private Set scope = new HashSet<>(); + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_grant_type", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "grant_type") + @CascadeOnDelete + private Set grantTypes = new HashSet<>(); + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_response_type", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "response_type") + @CascadeOnDelete + private Set responseTypes = new HashSet<>(); + + @Column(name = "policy_uri") + private String policyUri; + + @Column(name = "jwks_uri") + private String jwksUri; + + @Column(name = "jwks") + @Convert(converter = JWKSetStringConverter.class) + private JWKSet jwks; + + @Column(name = "software_id") + private String softwareId; + + @Column(name = "software_version") + private String softwareVersion; + + @Enumerated(EnumType.STRING) + @Column(name = "application_type") + private AppType applicationType; + + @Column(name = "sector_identifier_uri") + private String sectorIdentifierUri; + + @Enumerated(EnumType.STRING) + @Column(name = "subject_type") + private SubjectType subjectType; + + @Column(name = "request_object_signing_alg") + @Convert(converter = JWSAlgorithmStringConverter.class) + private JWSAlgorithm requestObjectSigningAlg = null; + + @Column(name = "user_info_signed_response_alg") + @Convert(converter = JWSAlgorithmStringConverter.class) + private JWSAlgorithm userInfoSignedResponseAlg = null; + + @Column(name = "user_info_encrypted_response_alg") + @Convert(converter = JWEAlgorithmStringConverter.class) + private JWEAlgorithm userInfoEncryptedResponseAlg = null; + + @Column(name = "user_info_encrypted_response_enc") + @Convert(converter = JWEEncryptionMethodStringConverter.class) + private EncryptionMethod userInfoEncryptedResponseEnc = null; + + @Column(name = "id_token_signed_response_alg") + @Convert(converter = JWSAlgorithmStringConverter.class) + private JWSAlgorithm idTokenSignedResponseAlg = null; + + @Column(name = "id_token_encrypted_response_alg") + @Convert(converter = JWEAlgorithmStringConverter.class) + private JWEAlgorithm idTokenEncryptedResponseAlg = null; + + @Column(name = "id_token_encrypted_response_enc") + @Convert(converter = JWEEncryptionMethodStringConverter.class) + private EncryptionMethod idTokenEncryptedResponseEnc = null; + + @Column(name = "token_endpoint_auth_signing_alg") + @Convert(converter = JWSAlgorithmStringConverter.class) + private JWSAlgorithm tokenEndpointAuthSigningAlg = null; + + @Column(name = "default_max_age") + private Integer defaultMaxAge; + + @Column(name = "require_auth_time") + private Boolean requireAuthTime; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_default_acr_value", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "default_acr_value") + @CascadeOnDelete + private Set defaultACRvalues; + + @Column(name = "initiate_login_uri") + private String initiateLoginUri; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_post_logout_redirect_uri", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "post_logout_redirect_uri") + @CascadeOnDelete + private Set postLogoutRedirectUris = new HashSet<>(); + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_request_uri", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "request_uri") + @CascadeOnDelete + private Set requestUris = new HashSet<>();; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_authority", joinColumns = @JoinColumn(name = "owner_id")) + @Convert(converter = SimpleGrantedAuthorityStringConverter.class) + @Column(name = "authority") + @CascadeOnDelete + private Set authorities = new HashSet<>(); + + @Column(name = "access_token_validity_seconds") + private Integer accessTokenValiditySeconds = 0; + + @Column(name = "refresh_token_validity_seconds") + private Integer refreshTokenValiditySeconds = 0; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_resource", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "resource_id") + @CascadeOnDelete + private Set resourceIds = new HashSet<>(); + + @Column(name = "reuse_refresh_tokens") private boolean reuseRefreshToken = true; + + @Column(name = "dynamically_registered") private boolean dynamicallyRegistered = false; + + @Column(name = "allow_introspection") private boolean allowIntrospection = false; - private Integer idTokenValiditySeconds; + + @Column(name = "id_token_validity_seconds") + private Integer idTokenValiditySeconds = DEFAULT_ID_TOKEN_VALIDITY_SECONDS; + + @Temporal(TemporalType.TIMESTAMP) + @Column(name = "created_at") private Date createdAt; + + @Column(name = "clear_access_tokens_on_refresh") private boolean clearAccessTokensOnRefresh = true; - private Integer deviceCodeValiditySeconds; - private Set claimsRedirectUris; + + @Column(name = "device_code_validity_seconds") + private Integer deviceCodeValiditySeconds = 0; + + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable(name = "client_claims_redirect_uri", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "redirect_uri") + @CascadeOnDelete + private Set claimsRedirectUris = new HashSet<>(); + + @Column(name = "software_statement") + @Convert(converter = JWTStringConverter.class) private JWT softwareStatement; + + @Column(name = "code_challenge_method") + @Convert(converter = PKCEAlgorithmStringConverter.class) private PKCEAlgorithm codeChallengeMethod; - public enum AuthMethod { - SECRET_POST("client_secret_post"), - SECRET_BASIC("client_secret_basic"), - SECRET_JWT("client_secret_jwt"), - PRIVATE_KEY("private_key_jwt"), - NONE("none"); - - private final String value; - - // map to aid reverse lookup - private static final Map lookup = new HashMap<>(); - static { - for (AuthMethod a : AuthMethod.values()) { - lookup.put(a.getValue(), a); - } - } - - AuthMethod(String value) { - this.value = value; - } - - public String getValue() { - return value; - } - - public static AuthMethod getByValue(String value) { - return lookup.get(value); - } - } - - public enum AppType { - WEB("web"), NATIVE("native"); - - private final String value; - - // map to aid reverse lookup - private static final Map lookup = new HashMap<>(); - static { - for (AppType a : AppType.values()) { - lookup.put(a.getValue(), a); - } - } - - AppType(String value) { - this.value = value; - } - - public String getValue() { - return value; - } - - public static AppType getByValue(String value) { - return lookup.get(value); - } - } - - public enum SubjectType { - PAIRWISE("pairwise"), PUBLIC("public"); - - private final String value; - - // map to aid reverse lookup - private static final Map lookup = new HashMap<>(); - static { - for (SubjectType u : SubjectType.values()) { - lookup.put(u.getValue(), u); - } - } - - SubjectType(String value) { - this.value = value; - } - - public String getValue() { - return value; - } - - public static SubjectType getByValue(String value) { - return lookup.get(value); - } - } - - public ClientDetailsEntity() { - - } + @Transient + private Map additionalInformation = new HashMap<>(); @PrePersist @PreUpdate @@ -227,25 +314,77 @@ public class ClientDetailsEntity implements ClientDetails { } } - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - public Long getId() { - return id; + @Override + public String getClientId() { + return clientId; } - public void setId(Long id) { - this.id = id; + @Override + public String getClientSecret() { + return clientSecret; } - @Basic - @Column(name="client_description") - public String getClientDescription() { - return clientDescription; + @Override + public Set getScope() { + return scope; } - public void setClientDescription(String clientDescription) { - this.clientDescription = clientDescription; + @Override + public Set getAuthorities() { + return authorities; + } + + @Override + public Integer getAccessTokenValiditySeconds() { + return accessTokenValiditySeconds; + } + + @Override + public Integer getRefreshTokenValiditySeconds() { + return refreshTokenValiditySeconds; + } + + @Override + public Set getResourceIds() { + return resourceIds; + } + + @Override + public boolean isAutoApprove(String scope) { + return false; + } + + @Override + @Transient + public boolean isSecretRequired() { + return getTokenEndpointAuthMethod() != null && + (getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC) || + getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST) || + getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)); + } + + @Override + @Transient + public boolean isScoped() { + return getScope() != null && !getScope().isEmpty(); + } + + @Override + @Transient + public Set getAuthorizedGrantTypes() { + return getGrantTypes(); + } + + @Override + @Transient + public Set getRegisteredRedirectUri() { + return getRedirectUris(); + } + + @Override + @Transient + public Map getAdditionalInformation() { + return this.additionalInformation; } @Transient @@ -257,542 +396,4 @@ public class ClientDetailsEntity implements ClientDetails { } } - @Basic - @Column(name="reuse_refresh_tokens") - public boolean isReuseRefreshToken() { - return reuseRefreshToken; - } - - public void setReuseRefreshToken(boolean reuseRefreshToken) { - this.reuseRefreshToken = reuseRefreshToken; - } - - @Basic - @Column(name="id_token_validity_seconds") - public Integer getIdTokenValiditySeconds() { - return idTokenValiditySeconds; - } - - public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { - this.idTokenValiditySeconds = idTokenValiditySeconds; - } - - @Basic - @Column(name="dynamically_registered") - public boolean isDynamicallyRegistered() { - return dynamicallyRegistered; - } - - public void setDynamicallyRegistered(boolean dynamicallyRegistered) { - this.dynamicallyRegistered = dynamicallyRegistered; - } - - @Basic - @Column(name="allow_introspection") - public boolean isAllowIntrospection() { - return allowIntrospection; - } - - public void setAllowIntrospection(boolean allowIntrospection) { - this.allowIntrospection = allowIntrospection; - } - - @Override - @Transient - public boolean isSecretRequired() { - return getTokenEndpointAuthMethod() != null && - (getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC) || - getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST) || - getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)); - } - - @Override - @Transient - public boolean isScoped() { - return getScope() != null && !getScope().isEmpty(); - } - - @Basic - @Override - @Column(name="client_id") - public String getClientId() { - return clientId; - } - - public void setClientId(String clientId) { - this.clientId = clientId; - } - - @Basic - @Override - @Column(name="client_secret") - public String getClientSecret() { - return clientSecret; - } - - public void setClientSecret(String clientSecret) { - this.clientSecret = clientSecret; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_scope", joinColumns=@JoinColumn(name="owner_id")) - @Override - @Column(name="scope") - public Set getScope() { - return scope; - } - - public void setScope(Set scope) { - this.scope = scope; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_grant_type", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="grant_type") - public Set getGrantTypes() { - return grantTypes; - } - - public void setGrantTypes(Set grantTypes) { - this.grantTypes = grantTypes; - } - - @Override - @Transient - public Set getAuthorizedGrantTypes() { - return getGrantTypes(); - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_authority", joinColumns=@JoinColumn(name="owner_id")) - @Override - @Convert(converter = SimpleGrantedAuthorityStringConverter.class) - @Column(name="authority") - public Set getAuthorities() { - return authorities; - } - - public void setAuthorities(Set authorities) { - this.authorities = authorities; - } - - @Override - @Basic - @Column(name="access_token_validity_seconds") - public Integer getAccessTokenValiditySeconds() { - return accessTokenValiditySeconds; - } - - public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { - this.accessTokenValiditySeconds = accessTokenValiditySeconds; - } - - @Override - @Basic - @Column(name="refresh_token_validity_seconds") - public Integer getRefreshTokenValiditySeconds() { - return refreshTokenValiditySeconds; - } - - public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { - this.refreshTokenValiditySeconds = refreshTokenValiditySeconds; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_redirect_uri", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="redirect_uri") - public Set getRedirectUris() { - return redirectUris; - } - - public void setRedirectUris(Set redirectUris) { - this.redirectUris = redirectUris; - } - - @Override - @Transient - public Set getRegisteredRedirectUri() { - return getRedirectUris(); - } - - @Override - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_resource", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="resource_id") - public Set getResourceIds() { - return resourceIds; - } - - public void setResourceIds(Set resourceIds) { - this.resourceIds = resourceIds; - } - - @Override - @Transient - public Map getAdditionalInformation() { - return this.additionalInformation; - } - - @Enumerated(EnumType.STRING) - @Column(name="application_type") - public AppType getApplicationType() { - return applicationType; - } - - public void setApplicationType(AppType applicationType) { - this.applicationType = applicationType; - } - - @Basic - @Column(name="client_name") - public String getClientName() { - return clientName; - } - - public void setClientName(String clientName) { - this.clientName = clientName; - } - - @Enumerated(EnumType.STRING) - @Column(name="token_endpoint_auth_method") - public AuthMethod getTokenEndpointAuthMethod() { - return tokenEndpointAuthMethod; - } - - public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { - this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; - } - - @Enumerated(EnumType.STRING) - @Column(name="subject_type") - public SubjectType getSubjectType() { - return subjectType; - } - - public void setSubjectType(SubjectType subjectType) { - this.subjectType = subjectType; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_contact", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="contact") - public Set getContacts() { - return contacts; - } - - public void setContacts(Set contacts) { - this.contacts = contacts; - } - - @Basic - @Column(name="policy_uri") - public String getPolicyUri() { - return policyUri; - } - - public void setPolicyUri(String policyUri) { - this.policyUri = policyUri; - } - - @Basic - @Column(name="client_uri") - public String getClientUri() { - return clientUri; - } - - public void setClientUri(String clientUri) { - this.clientUri = clientUri; - } - - @Basic - @Column(name="tos_uri") - public String getTosUri() { - return tosUri; - } - - public void setTosUri(String tosUri) { - this.tosUri = tosUri; - } - - @Basic - @Column(name="jwks_uri") - public String getJwksUri() { - return jwksUri; - } - - public void setJwksUri(String jwksUri) { - this.jwksUri = jwksUri; - } - - @Basic - @Column(name="jwks") - @Convert(converter = JWKSetStringConverter.class) - public JWKSet getJwks() { - return jwks; - } - - public void setJwks(JWKSet jwks) { - this.jwks = jwks; - } - - @Basic - @Column(name="sector_identifier_uri") - public String getSectorIdentifierUri() { - return sectorIdentifierUri; - } - - public void setSectorIdentifierUri(String sectorIdentifierUri) { - this.sectorIdentifierUri = sectorIdentifierUri; - } - - @Basic - @Column(name = "request_object_signing_alg") - @Convert(converter = JWSAlgorithmStringConverter.class) - public JWSAlgorithm getRequestObjectSigningAlg() { - return requestObjectSigningAlg; - } - - public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) { - this.requestObjectSigningAlg = requestObjectSigningAlg; - } - - @Basic - @Column(name = "user_info_signed_response_alg") - @Convert(converter = JWSAlgorithmStringConverter.class) - public JWSAlgorithm getUserInfoSignedResponseAlg() { - return userInfoSignedResponseAlg; - } - - public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) { - this.userInfoSignedResponseAlg = userInfoSignedResponseAlg; - } - - @Basic - @Column(name = "user_info_encrypted_response_alg") - @Convert(converter = JWEAlgorithmStringConverter.class) - public JWEAlgorithm getUserInfoEncryptedResponseAlg() { - return userInfoEncryptedResponseAlg; - } - - public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) { - this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg; - } - - @Basic - @Column(name = "user_info_encrypted_response_enc") - @Convert(converter = JWEEncryptionMethodStringConverter.class) - public EncryptionMethod getUserInfoEncryptedResponseEnc() { - return userInfoEncryptedResponseEnc; - } - - public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) { - this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc; - } - - @Basic - @Column(name="id_token_signed_response_alg") - @Convert(converter = JWSAlgorithmStringConverter.class) - public JWSAlgorithm getIdTokenSignedResponseAlg() { - return idTokenSignedResponseAlg; - } - - public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) { - this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; - } - - @Basic - @Column(name = "id_token_encrypted_response_alg") - @Convert(converter = JWEAlgorithmStringConverter.class) - public JWEAlgorithm getIdTokenEncryptedResponseAlg() { - return idTokenEncryptedResponseAlg; - } - - public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) { - this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg; - } - - @Basic - @Column(name = "id_token_encrypted_response_enc") - @Convert(converter = JWEEncryptionMethodStringConverter.class) - public EncryptionMethod getIdTokenEncryptedResponseEnc() { - return idTokenEncryptedResponseEnc; - } - - public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) { - this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc; - } - - @Basic - @Column(name="token_endpoint_auth_signing_alg") - @Convert(converter = JWSAlgorithmStringConverter.class) - public JWSAlgorithm getTokenEndpointAuthSigningAlg() { - return tokenEndpointAuthSigningAlg; - } - - public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) { - this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlg; - } - - @Basic - @Column(name="default_max_age") - public Integer getDefaultMaxAge() { - return defaultMaxAge; - } - - public void setDefaultMaxAge(Integer defaultMaxAge) { - this.defaultMaxAge = defaultMaxAge; - } - - @Basic - @Column(name="require_auth_time") - public Boolean getRequireAuthTime() { - return requireAuthTime; - } - - public void setRequireAuthTime(Boolean requireAuthTime) { - this.requireAuthTime = requireAuthTime; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_response_type", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="response_type") - public Set getResponseTypes() { - return responseTypes; - } - - public void setResponseTypes(Set responseTypes) { - this.responseTypes = responseTypes; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_default_acr_value", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="default_acr_value") - public Set getDefaultACRvalues() { - return defaultACRvalues; - } - - public void setDefaultACRvalues(Set defaultACRvalues) { - this.defaultACRvalues = defaultACRvalues; - } - - @Basic - @Column(name="initiate_login_uri") - public String getInitiateLoginUri() { - return initiateLoginUri; - } - - public void setInitiateLoginUri(String initiateLoginUri) { - this.initiateLoginUri = initiateLoginUri; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_post_logout_redirect_uri", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="post_logout_redirect_uri") - public Set getPostLogoutRedirectUris() { - return postLogoutRedirectUris; - } - - public void setPostLogoutRedirectUris(Set postLogoutRedirectUri) { - this.postLogoutRedirectUris = postLogoutRedirectUri; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_request_uri", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="request_uri") - public Set getRequestUris() { - return requestUris; - } - - public void setRequestUris(Set requestUris) { - this.requestUris = requestUris; - } - - @Temporal(TemporalType.TIMESTAMP) - @Column(name="created_at") - public Date getCreatedAt() { - return createdAt; - } - - public void setCreatedAt(Date createdAt) { - this.createdAt = createdAt; - } - - @Override - public boolean isAutoApprove(String scope) { - return false; - } - - @Basic - @Column(name = "clear_access_tokens_on_refresh") - public boolean isClearAccessTokensOnRefresh() { - return clearAccessTokensOnRefresh; - } - - public void setClearAccessTokensOnRefresh(boolean clearAccessTokensOnRefresh) { - this.clearAccessTokensOnRefresh = clearAccessTokensOnRefresh; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="client_claims_redirect_uri", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="redirect_uri") - public Set getClaimsRedirectUris() { - return claimsRedirectUris; - } - - public void setClaimsRedirectUris(Set claimsRedirectUris) { - this.claimsRedirectUris = claimsRedirectUris; - } - - @Basic - @Column(name = "software_statement") - @Convert(converter = JWTStringConverter.class) - public JWT getSoftwareStatement() { - return softwareStatement; - } - - public void setSoftwareStatement(JWT softwareStatement) { - this.softwareStatement = softwareStatement; - } - - @Basic - @Column(name = "code_challenge_method") - @Convert(converter = PKCEAlgorithmStringConverter.class) - public PKCEAlgorithm getCodeChallengeMethod() { - return codeChallengeMethod; - } - - public void setCodeChallengeMethod(PKCEAlgorithm codeChallengeMethod) { - this.codeChallengeMethod = codeChallengeMethod; - } - - @Basic - @Column(name="device_code_validity_seconds") - public Integer getDeviceCodeValiditySeconds() { - return deviceCodeValiditySeconds; - } - - public void setDeviceCodeValiditySeconds(Integer deviceCodeValiditySeconds) { - this.deviceCodeValiditySeconds = deviceCodeValiditySeconds; - } - - @Basic - @Column(name="software_id") - public String getSoftwareId() { - return softwareId; - } - - public void setSoftwareId(String softwareId) { - this.softwareId = softwareId; - } - - @Basic - @Column(name="software_version") - public String getSoftwareVersion() { - return softwareVersion; - } - - public void setSoftwareVersion(String softwareVersion) { - this.softwareVersion = softwareVersion; - } - } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/RegisteredClient.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/RegisteredClient.java index 4642644d0..712e36e18 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/RegisteredClient.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/RegisteredClient.java @@ -26,14 +26,27 @@ import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWT; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import java.util.Date; import java.util.Map; import java.util.Set; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; import org.springframework.security.core.GrantedAuthority; /** * @author jricher */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@AllArgsConstructor public class RegisteredClient { private String registrationAccessToken; @@ -57,14 +70,6 @@ public class RegisteredClient { this.registrationClientUri = registrationClientUri; } - public ClientDetailsEntity getClient() { - return client; - } - - public void setClient(ClientDetailsEntity client) { - this.client = client; - } - public String getClientDescription() { return client.getClientDescription(); } @@ -201,11 +206,11 @@ public class RegisteredClient { return client.getAdditionalInformation(); } - public ClientDetailsEntity.AppType getApplicationType() { + public AppType getApplicationType() { return client.getApplicationType(); } - public void setApplicationType(ClientDetailsEntity.AppType applicationType) { + public void setApplicationType(AppType applicationType) { client.setApplicationType(applicationType); } @@ -217,19 +222,19 @@ public class RegisteredClient { client.setClientName(clientName); } - public ClientDetailsEntity.AuthMethod getTokenEndpointAuthMethod() { + public AuthMethod getTokenEndpointAuthMethod() { return client.getTokenEndpointAuthMethod(); } - public void setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod tokenEndpointAuthMethod) { + public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } - public ClientDetailsEntity.SubjectType getSubjectType() { + public SubjectType getSubjectType() { return client.getSubjectType(); } - public void setSubjectType(ClientDetailsEntity.SubjectType subjectType) { + public void setSubjectType(SubjectType subjectType) { client.setSubjectType(subjectType); } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SystemScope.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SystemScope.java index 70fd23476..dd5fbc71b 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SystemScope.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SystemScope.java @@ -20,6 +20,8 @@ */ package cz.muni.ics.oauth2.model; +import static cz.muni.ics.oauth2.model.SystemScope.*; + import javax.persistence.Basic; import javax.persistence.Column; import javax.persistence.Entity; @@ -29,15 +31,31 @@ import javax.persistence.Id; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; /** * @author jricher */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name = "system_scope") @NamedQueries({ - @NamedQuery(name = SystemScope.QUERY_ALL, query = "select s from SystemScope s ORDER BY s.id"), - @NamedQuery(name = SystemScope.QUERY_BY_VALUE, query = "select s from SystemScope s WHERE s.value = :" + SystemScope.PARAM_VALUE) + @NamedQuery(name = QUERY_ALL, + query = "SELECT s FROM SystemScope s ORDER BY s.id"), + @NamedQuery(name = QUERY_BY_VALUE, + query = "SELECT s FROM SystemScope s " + + "WHERE s.value = :" + PARAM_VALUE) }) public class SystemScope { @@ -46,145 +64,28 @@ public class SystemScope { public static final String PARAM_VALUE = "value"; + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") private Long id; - private String value; // scope value - private String description; // human-readable description - private String icon; // class of the icon to display on the auth page - private boolean defaultScope = false; // is this a default scope for newly-registered clients? - private boolean restricted = false; // is this scope restricted to admin-only registration access? - public SystemScope() { } + @Column(name = "scope") + private String value; + + @Column(name = "description") + private String description; // human-readable description + + @Column(name = "icon") + private String icon; // class of the icon to display on the auth page + + @Column(name = "default_scope") + private boolean defaultScope = false; // is this a default scope for newly-registered clients? + + @Column(name = "restricted") + private boolean restricted = false; // is this scope restricted to admin-only registration access? public SystemScope(String value) { this.value = value; } - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - public Long getId() { - return id; - } - - public void setId(Long id) { - this.id = id; - } - - @Basic - @Column(name = "scope") - public String getValue() { - return value; - } - - public void setValue(String value) { - this.value = value; - } - - @Basic - @Column(name = "description") - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - @Basic - @Column(name = "icon") - public String getIcon() { - return icon; - } - - public void setIcon(String icon) { - this.icon = icon; - } - - @Basic - @Column(name = "default_scope") - public boolean isDefaultScope() { - return defaultScope; - } - - public void setDefaultScope(boolean defaultScope) { - this.defaultScope = defaultScope; - } - - @Basic - @Column(name = "restricted") - public boolean isRestricted() { - return restricted; - } - - public void setRestricted(boolean restricted) { - this.restricted = restricted; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + (defaultScope ? 1231 : 1237); - result = prime * result - + ((description == null) ? 0 : description.hashCode()); - result = prime * result + ((icon == null) ? 0 : icon.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); - result = prime * result + (restricted ? 1231 : 1237); - result = prime * result + ((value == null) ? 0 : value.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) { - return true; - } - if (obj == null) { - return false; - } - if (getClass() != obj.getClass()) { - return false; - } - SystemScope other = (SystemScope) obj; - if (defaultScope != other.defaultScope) { - return false; - } - if (description == null) { - if (other.description != null) { - return false; - } - } else if (!description.equals(other.description)) { - return false; - } - if (icon == null) { - if (other.icon != null) { - return false; - } - } else if (!icon.equals(other.icon)) { - return false; - } - if (id == null) { - if (other.id != null) { - return false; - } - } else if (!id.equals(other.id)) { - return false; - } - if (restricted != other.restricted) { - return false; - } - if (value == null) { - return other.value == null; - } else { - return value.equals(other.value); - } - } - - @Override - public String toString() { - return "SystemScope [id=" + id + ", value=" + value + ", description=" - + description + ", icon=" + icon + ", defaultScope=" - + defaultScope + ", restricted=" + restricted + "]"; - } - } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AppType.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AppType.java new file mode 100644 index 000000000..d265f9b62 --- /dev/null +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AppType.java @@ -0,0 +1,27 @@ +package cz.muni.ics.oauth2.model.enums; + +import java.util.HashMap; +import java.util.Map; +import lombok.AllArgsConstructor; +import lombok.Getter; + +@Getter +@AllArgsConstructor +public enum AppType { + WEB("web"), NATIVE("native"); + + private final String value; + + // map to aid reverse lookup + private static final Map lookup = new HashMap<>(); + static { + for (AppType a : AppType.values()) { + lookup.put(a.getValue(), a); + } + } + + public static AppType getByValue(String value) { + return lookup.get(value); + } + +} diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AuthMethod.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AuthMethod.java new file mode 100644 index 000000000..a792910e5 --- /dev/null +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/AuthMethod.java @@ -0,0 +1,31 @@ +package cz.muni.ics.oauth2.model.enums; + +import java.util.HashMap; +import java.util.Map; +import lombok.AllArgsConstructor; +import lombok.Getter; + +@Getter +@AllArgsConstructor +public enum AuthMethod { + SECRET_POST("client_secret_post"), + SECRET_BASIC("client_secret_basic"), + SECRET_JWT("client_secret_jwt"), + PRIVATE_KEY("private_key_jwt"), + NONE("none"); + + private final String value; + + // map to aid reverse lookup + private static final Map lookup = new HashMap<>(); + static { + for (AuthMethod a : AuthMethod.values()) { + lookup.put(a.getValue(), a); + } + } + + public static AuthMethod getByValue(String value) { + return lookup.get(value); + } + +} diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/SubjectType.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/SubjectType.java new file mode 100644 index 000000000..f71e53cfb --- /dev/null +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/enums/SubjectType.java @@ -0,0 +1,27 @@ +package cz.muni.ics.oauth2.model.enums; + +import java.util.HashMap; +import java.util.Map; +import lombok.AllArgsConstructor; +import lombok.Getter; + +@Getter +@AllArgsConstructor +public enum SubjectType { + + PAIRWISE("pairwise"), PUBLIC("public"); + + private final String value; + + // map to aid reverse lookup + private static final Map lookup = new HashMap<>(); + static { + for (SubjectType u : SubjectType.values()) { + lookup.put(u.getValue(), u); + } + } + + public static SubjectType getByValue(String value) { + return lookup.get(value); + } +} diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/BlacklistAwareRedirectResolver.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/BlacklistAwareRedirectResolver.java index c8c307be1..eeda6dee7 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/BlacklistAwareRedirectResolver.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/BlacklistAwareRedirectResolver.java @@ -19,6 +19,7 @@ package cz.muni.ics.oauth2.service.impl; import cz.muni.ics.oauth2.model.ClientDetailsEntity; +import cz.muni.ics.oauth2.model.enums.AppType; import cz.muni.ics.openid.connect.config.ConfigurationPropertiesBean; import cz.muni.ics.openid.connect.service.BlacklistedSiteService; import java.util.Arrays; @@ -158,7 +159,7 @@ public class BlacklistAwareRedirectResolver implements RedirectResolver { * @return Whether the requested redirect URI "matches" the specified redirect URI. */ protected boolean redirectMatches(String requestedRedirect, String redirectUri, - ClientDetailsEntity.AppType applicationType) + AppType applicationType) { UriComponents requestedRedirectUri = UriComponentsBuilder.fromUriString(requestedRedirect).build(); UriComponents registeredRedirectUri = UriComponentsBuilder.fromUriString(redirectUri).build(); @@ -167,7 +168,7 @@ public class BlacklistAwareRedirectResolver implements RedirectResolver { boolean userInfoMatch = isEqual(registeredRedirectUri.getUserInfo(), requestedRedirectUri.getUserInfo()); boolean hostMatch = hostMatches(registeredRedirectUri.getHost(), requestedRedirectUri.getHost()); boolean portMatch = true; - if (!ClientDetailsEntity.AppType.NATIVE.equals(applicationType)) { + if (!AppType.NATIVE.equals(applicationType)) { portMatch = !matchPorts || registeredRedirectUri.getPort() == requestedRedirectUri.getPort(); } boolean pathMatch = true; @@ -205,7 +206,7 @@ public class BlacklistAwareRedirectResolver implements RedirectResolver { * @throws RedirectMismatchException if no match was found */ private String obtainMatchingRedirect(Set redirectUris, String requestedRedirect, - ClientDetailsEntity.AppType applicationType) + AppType applicationType) { Assert.notEmpty(redirectUris, "Redirect URIs cannot be empty"); @@ -222,7 +223,7 @@ public class BlacklistAwareRedirectResolver implements RedirectResolver { if (this.matchSubdomains) { redirectUriBuilder.host(requestedRedirectUri.getHost()); } - if (!this.matchPorts || ClientDetailsEntity.AppType.NATIVE.equals(applicationType)) { + if (!this.matchPorts || AppType.NATIVE.equals(applicationType)) { redirectUriBuilder.port(requestedRedirectUri.getPort()); } if (!this.strictMatch) { diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java index 8c24faa0d..6cca58027 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java @@ -25,8 +25,8 @@ import com.google.common.util.concurrent.UncheckedExecutionException; import com.google.gson.JsonElement; import com.google.gson.JsonParser; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; import cz.muni.ics.oauth2.model.SystemScope; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.oauth2.repository.OAuth2ClientRepository; import cz.muni.ics.oauth2.repository.OAuth2TokenRepository; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/ServiceUtils.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/ServiceUtils.java index 31bf7f642..3c93c440f 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/ServiceUtils.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/service/impl/ServiceUtils.java @@ -1,6 +1,7 @@ package cz.muni.ics.oauth2.service.impl; import cz.muni.ics.oauth2.model.ClientDetailsEntity; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.openid.connect.config.ConfigurationPropertiesBean; import java.math.BigInteger; import java.security.SecureRandom; @@ -15,8 +16,8 @@ public class ServiceUtils { public static UserDetails getUserDetails(String decodedClientId, ClientDetailsEntity client, String encodedPassword, ConfigurationPropertiesBean config, GrantedAuthority roleClient) { if (config.isHeartMode() || // if we're running HEART mode turn off all client secrets (client.getTokenEndpointAuthMethod() != null && - (client.getTokenEndpointAuthMethod().equals(ClientDetailsEntity.AuthMethod.PRIVATE_KEY) || - client.getTokenEndpointAuthMethod().equals(ClientDetailsEntity.AuthMethod.SECRET_JWT)))) { + (client.getTokenEndpointAuthMethod().equals(AuthMethod.PRIVATE_KEY) || + client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)))) { encodedPassword = new BigInteger(512, new SecureRandom()).toString(16); } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessor.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessor.java index 975c5b637..e7cb0981c 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessor.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessor.java @@ -74,10 +74,10 @@ import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWT; import com.nimbusds.jwt.JWTParser; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AppType; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.SubjectType; import cz.muni.ics.oauth2.model.RegisteredClient; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.util.JsonUtils; import java.text.ParseException; import lombok.extern.slf4j.Slf4j; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/assertion/JWTBearerAuthenticationProvider.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/assertion/JWTBearerAuthenticationProvider.java index 5198537dd..2e4be9487 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/assertion/JWTBearerAuthenticationProvider.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/assertion/JWTBearerAuthenticationProvider.java @@ -27,7 +27,7 @@ import com.nimbusds.jwt.SignedJWT; import cz.muni.ics.jwt.signer.service.JWTSigningAndValidationService; import cz.muni.ics.jwt.signer.service.impl.ClientKeyCacheService; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.openid.connect.config.ConfigurationPropertiesBean; import java.text.ParseException; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/ApprovedSite.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/ApprovedSite.java index 4d1d7cafb..77a271609 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/ApprovedSite.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/ApprovedSite.java @@ -17,9 +17,15 @@ *******************************************************************************/ package cz.muni.ics.openid.connect.model; +import static cz.muni.ics.openid.connect.model.ApprovedSite.PARAM_CLIENT_ID; +import static cz.muni.ics.openid.connect.model.ApprovedSite.PARAM_USER_ID; +import static cz.muni.ics.openid.connect.model.ApprovedSite.QUERY_ALL; +import static cz.muni.ics.openid.connect.model.ApprovedSite.QUERY_BY_CLIENT_ID; +import static cz.muni.ics.openid.connect.model.ApprovedSite.QUERY_BY_CLIENT_ID_AND_USER_ID; +import static cz.muni.ics.openid.connect.model.ApprovedSite.QUERY_BY_USER_ID; + import java.util.Date; import java.util.Set; -import javax.persistence.Basic; import javax.persistence.CollectionTable; import javax.persistence.Column; import javax.persistence.ElementCollection; @@ -33,15 +39,37 @@ import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; import javax.persistence.Temporal; +import javax.persistence.TemporalType; import javax.persistence.Transient; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name="approved_site") @NamedQueries({ - @NamedQuery(name = ApprovedSite.QUERY_ALL, query = "select a from ApprovedSite a"), - @NamedQuery(name = ApprovedSite.QUERY_BY_USER_ID, query = "select a from ApprovedSite a where a.userId = :" + ApprovedSite.PARAM_USER_ID), - @NamedQuery(name = ApprovedSite.QUERY_BY_CLIENT_ID, query = "select a from ApprovedSite a where a.clientId = :" + ApprovedSite.PARAM_CLIENT_ID), - @NamedQuery(name = ApprovedSite.QUERY_BY_CLIENT_ID_AND_USER_ID, query = "select a from ApprovedSite a where a.clientId = :" + ApprovedSite.PARAM_CLIENT_ID + " and a.userId = :" + ApprovedSite.PARAM_USER_ID) + @NamedQuery(name = QUERY_ALL, + query = "SELECT a FROM ApprovedSite a"), + @NamedQuery(name = QUERY_BY_USER_ID, + query = "SELECT a FROM ApprovedSite a " + + "WHERE a.userId = :" + PARAM_USER_ID), + @NamedQuery(name = QUERY_BY_CLIENT_ID, + query = "SELECT a FROM ApprovedSite a " + + "WHERE a.clientId = :" + PARAM_CLIENT_ID), + @NamedQuery(name = QUERY_BY_CLIENT_ID_AND_USER_ID, + query = "SELECT a FROM ApprovedSite a " + + "WHERE a.clientId = :" + PARAM_CLIENT_ID + ' ' + + "AND a.userId = :" + PARAM_USER_ID) }) public class ApprovedSite { @@ -53,90 +81,33 @@ public class ApprovedSite { public static final String PARAM_CLIENT_ID = "clientId"; public static final String PARAM_USER_ID = "userId"; - private Long id; - private String userId; - private String clientId; - private Date creationDate; - private Date accessDate; - private Date timeoutDate; - private Set allowedScopes; - - public ApprovedSite() { } - @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") - public Long getId() { - return id; - } + private Long id; - public void setId(Long id) { - this.id = id; - } + @Column(name = "user_id") + private String userId; - @Basic - @Column(name="user_id") - public String getUserId() { - return userId; - } + @Column(name = "client_id") + private String clientId; - public void setUserId(String userId) { - this.userId = userId; - } + @Temporal(TemporalType.TIMESTAMP) + @Column(name = "creation_date") + private Date creationDate; - @Basic - @Column(name="client_id") - public String getClientId() { - return clientId; - } + @Temporal(TemporalType.TIMESTAMP) + @Column(name = "access_date") + private Date accessDate; - public void setClientId(String clientId) { - this.clientId = clientId; - } - - @Basic - @Temporal(javax.persistence.TemporalType.TIMESTAMP) - @Column(name="creation_date") - public Date getCreationDate() { - return creationDate; - } - - public void setCreationDate(Date creationDate) { - this.creationDate = creationDate; - } - - @Basic - @Temporal(javax.persistence.TemporalType.TIMESTAMP) - @Column(name="access_date") - public Date getAccessDate() { - return accessDate; - } - - public void setAccessDate(Date accessDate) { - this.accessDate = accessDate; - } + @Temporal(TemporalType.TIMESTAMP) + @Column(name = "timeout_date") + private Date timeoutDate; @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="approved_site_scope", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="scope") - public Set getAllowedScopes() { - return allowedScopes; - } - - public void setAllowedScopes(Set allowedScopes) { - this.allowedScopes = allowedScopes; - } - - @Basic - @Temporal(javax.persistence.TemporalType.TIMESTAMP) - @Column(name="timeout_date") - public Date getTimeoutDate() { - return timeoutDate; - } - - public void setTimeoutDate(Date timeoutDate) { - this.timeoutDate = timeoutDate; - } + @CollectionTable(name = "approved_site_scope", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "scope") + private Set allowedScopes; @Transient public boolean isExpired() { diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/BlacklistedSite.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/BlacklistedSite.java index defc96c76..f5517f8c0 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/BlacklistedSite.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/BlacklistedSite.java @@ -20,7 +20,8 @@ */ package cz.muni.ics.openid.connect.model; -import javax.persistence.Basic; +import static cz.muni.ics.openid.connect.model.BlacklistedSite.QUERY_ALL; + import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; @@ -29,43 +30,39 @@ import javax.persistence.Id; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; /** * @author jricher */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name="blacklisted_site") @NamedQueries({ - @NamedQuery(name = BlacklistedSite.QUERY_ALL, query = "select b from BlacklistedSite b") + @NamedQuery(name = QUERY_ALL, + query = "SELECT b FROM BlacklistedSite b") }) public class BlacklistedSite { public static final String QUERY_ALL = "BlacklistedSite.getAll"; - private Long id; - private String uri; - - public BlacklistedSite() { } - @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") - public Long getId() { - return id; - } + private Long id; - public void setId(Long id) { - this.id = id; - } - - @Basic @Column(name="uri") - public String getUri() { - return uri; - } - - public void setUri(String uri) { - this.uri = uri; - } + private String uri; } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultAddress.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultAddress.java index f4f609a03..d9bf92163 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultAddress.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultAddress.java @@ -15,29 +15,54 @@ *******************************************************************************/ package cz.muni.ics.openid.connect.model; -import javax.persistence.Basic; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity -@Table(name="address") +@Table(name = "address") public class DefaultAddress implements Address { private static final long serialVersionUID = -1304880008685206811L; + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") private Long id; - private String formatted; - private String streetAddress; - private String locality; - private String region; - private String postalCode; - private String country; - public DefaultAddress() { } + @Column(name = "formatted") + private String formatted; + + @Column(name = "street_address") + private String streetAddress; + + @Column(name = "locality") + private String locality; + + @Column(name = "region") + private String region; + + @Column(name = "postal_code") + private String postalCode; + + @Column(name = "country") + private String country; public DefaultAddress(Address address) { setFormatted(address.getFormatted()); @@ -49,8 +74,11 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name = "formatted") + public Long getId() { + return id; + } + + @Override public String getFormatted() { return formatted; } @@ -61,8 +89,6 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name="street_address") public String getStreetAddress() { return streetAddress; } @@ -73,8 +99,6 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name = "locality") public String getLocality() { return locality; } @@ -85,8 +109,6 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name = "region") public String getRegion() { return region; } @@ -97,8 +119,6 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name="postal_code") public String getPostalCode() { return postalCode; } @@ -109,8 +129,6 @@ public class DefaultAddress implements Address { } @Override - @Basic - @Column(name = "country") public String getCountry() { return country; } @@ -120,93 +138,4 @@ public class DefaultAddress implements Address { this.country = country; } - - @Override - @Id - @GeneratedValue(strategy=GenerationType.IDENTITY) - @Column(name = "id") - public Long getId() { - return id; - } - - - public void setId(Long id) { - this.id = id; - } - - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((country == null) ? 0 : country.hashCode()); - result = prime * result + ((formatted == null) ? 0 : formatted.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); - result = prime * result + ((locality == null) ? 0 : locality.hashCode()); - result = prime * result + ((postalCode == null) ? 0 : postalCode.hashCode()); - result = prime * result + ((region == null) ? 0 : region.hashCode()); - result = prime * result + ((streetAddress == null) ? 0 : streetAddress.hashCode()); - return result; - } - - - @Override - public boolean equals(Object obj) { - if (this == obj) { - return true; - } - if (obj == null) { - return false; - } - if (!(obj instanceof DefaultAddress)) { - return false; - } - DefaultAddress other = (DefaultAddress) obj; - if (country == null) { - if (other.country != null) { - return false; - } - } else if (!country.equals(other.country)) { - return false; - } - if (formatted == null) { - if (other.formatted != null) { - return false; - } - } else if (!formatted.equals(other.formatted)) { - return false; - } - if (id == null) { - if (other.id != null) { - return false; - } - } else if (!id.equals(other.id)) { - return false; - } - if (locality == null) { - if (other.locality != null) { - return false; - } - } else if (!locality.equals(other.locality)) { - return false; - } - if (postalCode == null) { - if (other.postalCode != null) { - return false; - } - } else if (!postalCode.equals(other.postalCode)) { - return false; - } - if (region == null) { - if (other.region != null) { - return false; - } - } else if (!region.equals(other.region)) { - return false; - } - if (streetAddress == null) { - return other.streetAddress == null; - } else return streetAddress.equals(other.streetAddress); - } - } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultUserInfo.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultUserInfo.java index da1d4112b..740b6dda7 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultUserInfo.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/DefaultUserInfo.java @@ -17,13 +17,17 @@ *******************************************************************************/ package cz.muni.ics.openid.connect.model; +import static cz.muni.ics.openid.connect.model.DefaultUserInfo.PARAM_EMAIL; +import static cz.muni.ics.openid.connect.model.DefaultUserInfo.PARAM_USERNAME; +import static cz.muni.ics.openid.connect.model.DefaultUserInfo.QUERY_BY_EMAIL; +import static cz.muni.ics.openid.connect.model.DefaultUserInfo.QUERY_BY_USERNAME; + import com.google.gson.JsonObject; import com.google.gson.JsonParser; import cz.muni.ics.openid.connect.model.convert.JsonObjectStringConverter; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; -import javax.persistence.Basic; import javax.persistence.CascadeType; import javax.persistence.Column; import javax.persistence.Convert; @@ -36,12 +40,29 @@ import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.OneToOne; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name="user_info") @NamedQueries({ - @NamedQuery(name=DefaultUserInfo.QUERY_BY_USERNAME, query = "select u from DefaultUserInfo u WHERE u.preferredUsername = :" + DefaultUserInfo.PARAM_USERNAME), - @NamedQuery(name=DefaultUserInfo.QUERY_BY_EMAIL, query = "select u from DefaultUserInfo u WHERE u.email = :" + DefaultUserInfo.PARAM_EMAIL) + @NamedQuery(name = QUERY_BY_USERNAME, + query = "SELECT u FROM DefaultUserInfo u " + + "WHERE u.preferredUsername = :" + PARAM_USERNAME), + @NamedQuery(name = QUERY_BY_EMAIL, + query = "SELECT u FROM DefaultUserInfo u " + + "WHERE u.email = :" + PARAM_EMAIL) }) public class DefaultUserInfo implements UserInfo { @@ -53,44 +74,77 @@ public class DefaultUserInfo implements UserInfo { private static final long serialVersionUID = 6078310513185681918L; - private Long id; - private String sub; - private String preferredUsername; - private String name; - private String givenName; - private String familyName; - private String middleName; - private String nickname; - private String profile; - private String picture; - private String website; - private String email; - private Boolean emailVerified; - private String gender; - private String zoneinfo; - private String locale; - private String phoneNumber; - private Boolean phoneNumberVerified; - private DefaultAddress address; - private String updatedTime; - private String birthdate; - private transient JsonObject src; // source JSON if this is loaded remotely - - @Id - @GeneratedValue(strategy=GenerationType.IDENTITY) + @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") - public Long getId() { - return id; - } + private Long id; - public void setId(Long id) { - this.id = id; - } + @Column(name = "sub") + private String sub; + + @Column(name = "preferred_username") + private String preferredUsername; + + @Column(name = "name") + private String name; + + @Column(name = "given_name") + private String givenName; + + @Column(name = "family_name") + private String familyName; + + @Column(name = "middle_name") + private String middleName; + + @Column(name = "nickname") + private String nickname; + + @Column(name = "profile") + private String profile; + + @Column(name = "picture") + private String picture; + + @Column(name = "website") + private String website; + + @Column(name = "email") + private String email; + + @Column(name = "email_verified") + private Boolean emailVerified; + + @Column(name = "gender") + private String gender; + + @Column(name = "zone_info") + private String zoneinfo; + + @Column(name = "locale") + private String locale; + + @Column(name = "phone_number") + private String phoneNumber; + + @Column(name = "phone_number_verified") + private Boolean phoneNumberVerified; + + @OneToOne(targetEntity = DefaultAddress.class, cascade = CascadeType.ALL) + @JoinColumn(name = "address_id") + private DefaultAddress address; + + @Column(name = "updated_time") + private String updatedTime; + + @Column(name = "birthdate") + private String birthdate; + + @Column(name = "src") + @Convert(converter = JsonObjectStringConverter.class) + private transient JsonObject source; // source JSON if this is loaded remotely @Override - @Basic - @Column(name="sub") public String getSub() { return sub; } @@ -101,8 +155,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="preferred_username") public String getPreferredUsername() { return this.preferredUsername; } @@ -113,8 +165,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "name") public String getName() { return name; } @@ -125,8 +175,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="given_name") public String getGivenName() { return givenName; } @@ -137,8 +185,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="family_name") public String getFamilyName() { return familyName; } @@ -149,8 +195,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="middle_name") public String getMiddleName() { return middleName; } @@ -161,8 +205,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "nickname") public String getNickname() { return nickname; } @@ -173,8 +215,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "profile") public String getProfile() { return profile; } @@ -185,8 +225,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "picture") public String getPicture() { return picture; } @@ -197,8 +235,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "website") public String getWebsite() { return website; } @@ -209,8 +245,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "email") public String getEmail() { return email; } @@ -221,8 +255,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="email_verified") public Boolean getEmailVerified() { return emailVerified; } @@ -233,8 +265,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "gender") public String getGender() { return gender; } @@ -245,8 +275,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="zone_info") public String getZoneinfo() { return zoneinfo; } @@ -257,8 +285,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name = "locale") public String getLocale() { return locale; } @@ -269,8 +295,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="phone_number") public String getPhoneNumber() { return phoneNumber; } @@ -281,8 +305,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="phone_number_verified") public Boolean getPhoneNumberVerified() { return phoneNumberVerified; } @@ -293,8 +315,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @OneToOne(targetEntity = DefaultAddress.class, cascade = CascadeType.ALL) - @JoinColumn(name="address_id") public Address getAddress() { return address; } @@ -309,8 +329,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="updated_time") public String getUpdatedTime() { return updatedTime; } @@ -321,8 +339,6 @@ public class DefaultUserInfo implements UserInfo { } @Override - @Basic - @Column(name="birthdate") public String getBirthdate() { return birthdate; } @@ -334,7 +350,7 @@ public class DefaultUserInfo implements UserInfo { @Override public JsonObject toJson() { - if (src == null) { + if (source == null) { JsonObject obj = new JsonObject(); obj.addProperty("sub", this.getSub()); @@ -372,10 +388,14 @@ public class DefaultUserInfo implements UserInfo { } return obj; } else { - return src; + return source; } } + @Override + public JsonObject getSource() { + return source; + } public static UserInfo fromJson(JsonObject obj) { DefaultUserInfo ui = new DefaultUserInfo(); @@ -420,213 +440,16 @@ public class DefaultUserInfo implements UserInfo { return ui; } - @Override - @Basic - @Column(name = "src") - @Convert(converter = JsonObjectStringConverter.class) - public JsonObject getSource() { - return src; - } - - public void setSource(JsonObject src) { - this.src = src; - } - private static String nullSafeGetString(JsonObject obj, String field) { return obj.has(field) && obj.get(field).isJsonPrimitive() ? obj.get(field).getAsString() : null; } - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((address == null) ? 0 : address.hashCode()); - result = prime * result + ((birthdate == null) ? 0 : birthdate.hashCode()); - result = prime * result + ((email == null) ? 0 : email.hashCode()); - result = prime * result + ((emailVerified == null) ? 0 : emailVerified.hashCode()); - result = prime * result + ((familyName == null) ? 0 : familyName.hashCode()); - result = prime * result + ((gender == null) ? 0 : gender.hashCode()); - result = prime * result + ((givenName == null) ? 0 : givenName.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); - result = prime * result + ((locale == null) ? 0 : locale.hashCode()); - result = prime * result + ((middleName == null) ? 0 : middleName.hashCode()); - result = prime * result + ((name == null) ? 0 : name.hashCode()); - result = prime * result + ((nickname == null) ? 0 : nickname.hashCode()); - result = prime * result + ((phoneNumber == null) ? 0 : phoneNumber.hashCode()); - result = prime * result + ((phoneNumberVerified == null) ? 0 : phoneNumberVerified.hashCode()); - result = prime * result + ((picture == null) ? 0 : picture.hashCode()); - result = prime * result + ((preferredUsername == null) ? 0 : preferredUsername.hashCode()); - result = prime * result + ((profile == null) ? 0 : profile.hashCode()); - result = prime * result + ((sub == null) ? 0 : sub.hashCode()); - result = prime * result + ((updatedTime == null) ? 0 : updatedTime.hashCode()); - result = prime * result + ((website == null) ? 0 : website.hashCode()); - result = prime * result + ((zoneinfo == null) ? 0 : zoneinfo.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) { - return true; - } - if (obj == null) { - return false; - } - if (!(obj instanceof DefaultUserInfo)) { - return false; - } - DefaultUserInfo other = (DefaultUserInfo) obj; - if (address == null) { - if (other.address != null) { - return false; - } - } else if (!address.equals(other.address)) { - return false; - } - if (birthdate == null) { - if (other.birthdate != null) { - return false; - } - } else if (!birthdate.equals(other.birthdate)) { - return false; - } - if (email == null) { - if (other.email != null) { - return false; - } - } else if (!email.equals(other.email)) { - return false; - } - if (emailVerified == null) { - if (other.emailVerified != null) { - return false; - } - } else if (!emailVerified.equals(other.emailVerified)) { - return false; - } - if (familyName == null) { - if (other.familyName != null) { - return false; - } - } else if (!familyName.equals(other.familyName)) { - return false; - } - if (gender == null) { - if (other.gender != null) { - return false; - } - } else if (!gender.equals(other.gender)) { - return false; - } - if (givenName == null) { - if (other.givenName != null) { - return false; - } - } else if (!givenName.equals(other.givenName)) { - return false; - } - if (id == null) { - if (other.id != null) { - return false; - } - } else if (!id.equals(other.id)) { - return false; - } - if (locale == null) { - if (other.locale != null) { - return false; - } - } else if (!locale.equals(other.locale)) { - return false; - } - if (middleName == null) { - if (other.middleName != null) { - return false; - } - } else if (!middleName.equals(other.middleName)) { - return false; - } - if (name == null) { - if (other.name != null) { - return false; - } - } else if (!name.equals(other.name)) { - return false; - } - if (nickname == null) { - if (other.nickname != null) { - return false; - } - } else if (!nickname.equals(other.nickname)) { - return false; - } - if (phoneNumber == null) { - if (other.phoneNumber != null) { - return false; - } - } else if (!phoneNumber.equals(other.phoneNumber)) { - return false; - } - if (phoneNumberVerified == null) { - if (other.phoneNumberVerified != null) { - return false; - } - } else if (!phoneNumberVerified.equals(other.phoneNumberVerified)) { - return false; - } - if (picture == null) { - if (other.picture != null) { - return false; - } - } else if (!picture.equals(other.picture)) { - return false; - } - if (preferredUsername == null) { - if (other.preferredUsername != null) { - return false; - } - } else if (!preferredUsername.equals(other.preferredUsername)) { - return false; - } - if (profile == null) { - if (other.profile != null) { - return false; - } - } else if (!profile.equals(other.profile)) { - return false; - } - if (sub == null) { - if (other.sub != null) { - return false; - } - } else if (!sub.equals(other.sub)) { - return false; - } - if (updatedTime == null) { - if (other.updatedTime != null) { - return false; - } - } else if (!updatedTime.equals(other.updatedTime)) { - return false; - } - if (website == null) { - if (other.website != null) { - return false; - } - } else if (!website.equals(other.website)) { - return false; - } - if (zoneinfo == null) { - return other.zoneinfo == null; - } else return zoneinfo.equals(other.zoneinfo); - } - private void writeObject(ObjectOutputStream out) throws IOException { out.defaultWriteObject(); - if (src == null) { + if (source == null) { out.writeObject(null); } else { - out.writeObject(src.toString()); + out.writeObject(source.toString()); } } @@ -635,7 +458,7 @@ public class DefaultUserInfo implements UserInfo { Object o = in.readObject(); if (o != null) { JsonParser parser = new JsonParser(); - src = parser.parse((String)o).getAsJsonObject(); + source = parser.parse((String)o).getAsJsonObject(); } } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/PairwiseIdentifier.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/PairwiseIdentifier.java index a7f1a79b2..43f4cd668 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/PairwiseIdentifier.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/PairwiseIdentifier.java @@ -20,7 +20,11 @@ */ package cz.muni.ics.openid.connect.model; -import javax.persistence.Basic; +import static cz.muni.ics.openid.connect.model.PairwiseIdentifier.PARAM_SECTOR_IDENTIFIER; +import static cz.muni.ics.openid.connect.model.PairwiseIdentifier.PARAM_SUB; +import static cz.muni.ics.openid.connect.model.PairwiseIdentifier.QUERY_ALL; +import static cz.muni.ics.openid.connect.model.PairwiseIdentifier.QUERY_BY_SECTOR_IDENTIFIER; + import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; @@ -29,6 +33,12 @@ import javax.persistence.Id; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; /** * @@ -37,11 +47,22 @@ import javax.persistence.Table; * @author jricher * */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name = "pairwise_identifier") @NamedQueries({ - @NamedQuery(name=PairwiseIdentifier.QUERY_ALL, query = "select p from PairwiseIdentifier p"), - @NamedQuery(name=PairwiseIdentifier.QUERY_BY_SECTOR_IDENTIFIER, query = "select p from PairwiseIdentifier p WHERE p.userSub = :" + PairwiseIdentifier.PARAM_SUB + " AND p.sectorIdentifier = :" + PairwiseIdentifier.PARAM_SECTOR_IDENTIFIER) + @NamedQuery(name = QUERY_ALL, + query = "SELECT p FROM PairwiseIdentifier p"), + @NamedQuery(name = QUERY_BY_SECTOR_IDENTIFIER, + query = "SELECT p FROM PairwiseIdentifier p " + + "WHERE p.userSub = :" + PARAM_SUB + ' ' + + "AND p.sectorIdentifier = :" + PARAM_SECTOR_IDENTIFIER) }) public class PairwiseIdentifier { @@ -51,50 +72,18 @@ public class PairwiseIdentifier { public static final String PARAM_SECTOR_IDENTIFIER = "sectorIdentifier"; public static final String PARAM_SUB = "sub"; - private Long id; - private String identifier; - private String userSub; - private String sectorIdentifier; - @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name = "id") - public Long getId() { - return id; - } + private Long id; - public void setId(Long id) { - this.id = id; - } - - @Basic @Column(name = "identifier") - public String getIdentifier() { - return identifier; - } + private String identifier; - public void setIdentifier(String identifier) { - this.identifier = identifier; - } + @Column(name = PARAM_SUB) + private String userSub; - @Basic - @Column(name = PairwiseIdentifier.PARAM_SUB) - public String getUserSub() { - return userSub; - } - - public void setUserSub(String userSub) { - this.userSub = userSub; - } - - @Basic @Column(name = "sector_identifier") - public String getSectorIdentifier() { - return sectorIdentifier; - } - - public void setSectorIdentifier(String sectorIdentifier) { - this.sectorIdentifier = sectorIdentifier; - } + private String sectorIdentifier; } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/WhitelistedSite.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/WhitelistedSite.java index a7b70abb7..a3a213fa3 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/WhitelistedSite.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/model/WhitelistedSite.java @@ -17,8 +17,13 @@ *******************************************************************************/ package cz.muni.ics.openid.connect.model; +import static cz.muni.ics.openid.connect.model.WhitelistedSite.PARAM_CLIENT_ID; +import static cz.muni.ics.openid.connect.model.WhitelistedSite.PARAM_USER_ID; +import static cz.muni.ics.openid.connect.model.WhitelistedSite.QUERY_ALL; +import static cz.muni.ics.openid.connect.model.WhitelistedSite.QUERY_BY_CLIENT_ID; +import static cz.muni.ics.openid.connect.model.WhitelistedSite.QUERY_BY_CREATOR; + import java.util.Set; -import javax.persistence.Basic; import javax.persistence.CollectionTable; import javax.persistence.Column; import javax.persistence.ElementCollection; @@ -31,6 +36,13 @@ import javax.persistence.JoinColumn; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; +import lombok.AllArgsConstructor; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.ToString; +import org.eclipse.persistence.annotations.CascadeOnDelete; /** * Indicator that login to a site should be automatically granted @@ -38,12 +50,24 @@ import javax.persistence.Table; * @author jricher, aanganes * */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +@NoArgsConstructor +@AllArgsConstructor +// DB ANNOTATIONS @Entity @Table(name="whitelisted_site") @NamedQueries({ - @NamedQuery(name = WhitelistedSite.QUERY_ALL, query = "select w from WhitelistedSite w"), - @NamedQuery(name = WhitelistedSite.QUERY_BY_CLIENT_ID, query = "select w from WhitelistedSite w where w.clientId = :" + WhitelistedSite.PARAM_CLIENT_ID), - @NamedQuery(name = WhitelistedSite.QUERY_BY_CREATOR, query = "select w from WhitelistedSite w where w.creatorUserId = :" + WhitelistedSite.PARAM_USER_ID) + @NamedQuery(name = QUERY_ALL, + query = "SELECT w FROM WhitelistedSite w"), + @NamedQuery(name = QUERY_BY_CLIENT_ID, + query = "SELECT w FROM WhitelistedSite w " + + "WHERE w.clientId = :" + PARAM_CLIENT_ID), + @NamedQuery(name = QUERY_BY_CREATOR, + query = "SELECT w FROM WhitelistedSite w " + + "WHERE w.creatorUserId = :" + PARAM_USER_ID) }) public class WhitelistedSite { @@ -54,53 +78,21 @@ public class WhitelistedSite { public static final String PARAM_USER_ID = "userId"; public static final String PARAM_CLIENT_ID = "clientId"; - private Long id; - private String creatorUserId; - private String clientId; - private Set allowedScopes; - - public WhitelistedSite() { } - @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") - public Long getId() { - return id; - } + private Long id; - public void setId(Long id) { - this.id = id; - } + @Column(name = "creator_user_id") + private String creatorUserId; - @Basic - @Column(name="client_id") - public String getClientId() { - return clientId; - } - - public void setClientId(String clientId) { - this.clientId = clientId; - } + @Column(name = "client_id") + private String clientId; @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable(name="whitelisted_site_scope", joinColumns=@JoinColumn(name="owner_id")) - @Column(name="scope") - public Set getAllowedScopes() { - return allowedScopes; - } - - public void setAllowedScopes(Set allowedScopes) { - this.allowedScopes = allowedScopes; - } - - @Basic - @Column(name="creator_user_id") - public String getCreatorUserId() { - return creatorUserId; - } - - public void setCreatorUserId(String creatorUserId) { - this.creatorUserId = creatorUserId; - } + @CollectionTable(name = "whitelisted_site_scope", joinColumns = @JoinColumn(name = "owner_id")) + @Column(name = "scope") + @CascadeOnDelete + private Set allowedScopes; } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultUserInfoService.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultUserInfoService.java index a363bb882..f665cc56a 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultUserInfoService.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultUserInfoService.java @@ -18,7 +18,7 @@ package cz.muni.ics.openid.connect.service.impl; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.SubjectType; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.openid.connect.model.UserInfo; import cz.muni.ics.openid.connect.repository.UserInfoRepository; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ClientAPI.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ClientAPI.java index 73abb8708..be3e8a6e3 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ClientAPI.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ClientAPI.java @@ -76,10 +76,10 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.JWTParser; import cz.muni.ics.jwt.assertion.AssertionValidator; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AppType; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.SubjectType; import cz.muni.ics.oauth2.model.PKCEAlgorithm; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.oauth2.web.AuthenticationUtilities; import cz.muni.ics.openid.connect.exception.ValidationException; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java index 659e8f816..d6e78e6b5 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java @@ -66,12 +66,12 @@ import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWTClaimsSet; import cz.muni.ics.jwt.assertion.AssertionValidator; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AppType; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.SubjectType; import cz.muni.ics.oauth2.model.OAuth2AccessTokenEntity; import cz.muni.ics.oauth2.model.RegisteredClient; import cz.muni.ics.oauth2.model.SystemScope; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.oauth2.service.OAuth2TokenEntityService; import cz.muni.ics.oauth2.service.SystemScopeService; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java index 9769565a9..9b10f06b9 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java @@ -18,10 +18,10 @@ package cz.muni.ics.openid.connect.web; import com.google.common.base.Strings; import com.google.gson.JsonSyntaxException; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; import cz.muni.ics.oauth2.model.OAuth2AccessTokenEntity; import cz.muni.ics.oauth2.model.RegisteredClient; import cz.muni.ics.oauth2.model.SystemScope; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.oauth2.service.OAuth2TokenEntityService; import cz.muni.ics.oauth2.service.SystemScopeService; diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/ClientDetailsEntityTest.java b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/ClientDetailsEntityTest.java index 21707bf30..d55fc640e 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/ClientDetailsEntityTest.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/ClientDetailsEntityTest.java @@ -25,6 +25,9 @@ import static org.junit.Assert.assertEquals; import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import java.util.Date; import org.junit.Test; @@ -45,12 +48,12 @@ public class ClientDetailsEntityTest { c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); - c.setApplicationType(ClientDetailsEntity.AppType.WEB); + c.setApplicationType(AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + c.setSubjectType(SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); - c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + c.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); c.setJwksUri("https://client.example.org/my_public_keys.jwks"); c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5); c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256); @@ -61,12 +64,12 @@ public class ClientDetailsEntityTest { assertEquals("s6BhdRkqt3", c.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret()); - assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); + assertEquals(AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc()); diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/RegisteredClientTest.java b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/RegisteredClientTest.java index badfdbab5..e9b929244 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/RegisteredClientTest.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/model/RegisteredClientTest.java @@ -25,6 +25,9 @@ import static org.junit.Assert.assertEquals; import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import java.sql.Date; import org.junit.Test; @@ -49,12 +52,12 @@ public class RegisteredClientTest { c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); c.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); c.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); - c.setApplicationType(ClientDetailsEntity.AppType.WEB); + c.setApplicationType(AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + c.setSubjectType(SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); - c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + c.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); c.setJwksUri("https://client.example.org/my_public_keys.jwks"); c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5); c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256); @@ -66,12 +69,12 @@ public class RegisteredClientTest { assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); assertEquals("this.is.an.access.token.value.ffx83", c.getRegistrationAccessToken()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", c.getRegistrationClientUri()); - assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); + assertEquals(AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc()); @@ -88,13 +91,13 @@ public class RegisteredClientTest { c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); - c.setApplicationType(ClientDetailsEntity.AppType.WEB); + c.setApplicationType(AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + c.setSubjectType(SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); - c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + c.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); c.setJwksUri("https://client.example.org/my_public_keys.jwks"); c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5); c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256); @@ -113,12 +116,12 @@ public class RegisteredClientTest { assertEquals(new Date(1577858400L * 1000L), rc.getClientSecretExpiresAt()); assertEquals("this.is.an.access.token.value.ffx83", rc.getRegistrationAccessToken()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", rc.getRegistrationClientUri()); - assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType()); + assertEquals(AppType.WEB, rc.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris()); assertEquals("My Example", rc.getClientName()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, rc.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", rc.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc()); @@ -135,13 +138,13 @@ public class RegisteredClientTest { c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); - c.setApplicationType(ClientDetailsEntity.AppType.WEB); + c.setApplicationType(AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + c.setSubjectType(SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); - c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + c.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); c.setJwksUri("https://client.example.org/my_public_keys.jwks"); c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5); c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256); @@ -156,12 +159,12 @@ public class RegisteredClientTest { assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); assertEquals("this.is.an.access.token.value.ffx83", rc.getRegistrationAccessToken()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", rc.getRegistrationClientUri()); - assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType()); + assertEquals(AppType.WEB, rc.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris()); assertEquals("My Example", rc.getClientName()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, rc.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", rc.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc()); diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestBlacklistAwareRedirectResolver.java b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestBlacklistAwareRedirectResolver.java index d1cf58787..e57bdcbfd 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestBlacklistAwareRedirectResolver.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestBlacklistAwareRedirectResolver.java @@ -24,6 +24,7 @@ import static org.mockito.Mockito.when; import com.google.common.collect.ImmutableSet; import cz.muni.ics.oauth2.model.ClientDetailsEntity; +import cz.muni.ics.oauth2.model.enums.AppType; import cz.muni.ics.openid.connect.config.ConfigurationPropertiesBean; import cz.muni.ics.openid.connect.service.BlacklistedSiteService; import org.junit.Before; @@ -104,12 +105,12 @@ public class TestBlacklistAwareRedirectResolver { public void testRedirectMatches_default() { // this is not an exact match - boolean res1 = resolver.redirectMatches(pathUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res1 = resolver.redirectMatches(pathUri, goodUri, AppType.WEB); assertThat(res1, is(false)); // this is an exact match - boolean res2 = resolver.redirectMatches(goodUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res2 = resolver.redirectMatches(goodUri, goodUri, AppType.WEB); assertThat(res2, is(true)); @@ -122,12 +123,12 @@ public class TestBlacklistAwareRedirectResolver { resolver.setStrictMatch(false); // this is not an exact match (but that's OK) - boolean res1 = resolver.redirectMatches(pathUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res1 = resolver.redirectMatches(pathUri, goodUri, AppType.WEB); assertThat(res1, is(true)); // this is an exact match - boolean res2 = resolver.redirectMatches(goodUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res2 = resolver.redirectMatches(goodUri, goodUri, AppType.WEB); assertThat(res2, is(true)); @@ -136,12 +137,12 @@ public class TestBlacklistAwareRedirectResolver { @Test public void testHeartMode() { // this is not an exact match - boolean res1 = resolver.redirectMatches(pathUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res1 = resolver.redirectMatches(pathUri, goodUri, AppType.WEB); assertThat(res1, is(false)); // this is an exact match - boolean res2 = resolver.redirectMatches(goodUri, goodUri, ClientDetailsEntity.AppType.WEB); + boolean res2 = resolver.redirectMatches(goodUri, goodUri, AppType.WEB); assertThat(res2, is(true)); } diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java index bc141f2ed..655992121 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java @@ -27,6 +27,7 @@ import static org.junit.Assert.fail; import com.google.common.collect.Sets; import cz.muni.ics.oauth2.model.ClientDetailsEntity; import cz.muni.ics.oauth2.model.SystemScope; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.oauth2.repository.OAuth2ClientRepository; import cz.muni.ics.oauth2.repository.OAuth2TokenRepository; import cz.muni.ics.oauth2.service.SystemScopeService; @@ -362,7 +363,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("client_credentials"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -383,7 +384,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("client_credentials"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.NONE); + client.setTokenEndpointAuthMethod(AuthMethod.NONE); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -404,7 +405,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("implicit"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setJwksUri("https://foo.bar/jwks"); @@ -421,7 +422,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("authorization_code"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_POST); + client.setTokenEndpointAuthMethod(AuthMethod.SECRET_POST); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -440,7 +441,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("implicit"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -459,7 +460,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("client_credentials"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + client.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -478,7 +479,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("authorization_code"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); service.saveNewClient(client); @@ -493,7 +494,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("implicit"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.NONE); + client.setTokenEndpointAuthMethod(AuthMethod.NONE); service.saveNewClient(client); @@ -508,7 +509,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("client_credentials"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("http://foo.bar/")); @@ -525,7 +526,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("authorization_code"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("http://foo.bar/")); @@ -544,7 +545,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("authorization_code"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -565,7 +566,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("refresh_token"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("https://foo.bar/")); @@ -587,7 +588,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("refresh_token"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("http://foo.bar/")); @@ -607,7 +608,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { grantTypes.add("refresh_token"); client.setGrantTypes(grantTypes); - client.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.PRIVATE_KEY); + client.setTokenEndpointAuthMethod(AuthMethod.PRIVATE_KEY); client.setRedirectUris(Sets.newHashSet("http://localhost/", "https://foo.bar", "foo://bar")); diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessorTest.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessorTest.java index 2ef725bea..327d65d8a 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessorTest.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/ClientDetailsEntityJsonProcessorTest.java @@ -30,6 +30,9 @@ import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; import cz.muni.ics.oauth2.model.ClientDetailsEntity; import cz.muni.ics.oauth2.model.RegisteredClient; +import cz.muni.ics.oauth2.model.enums.AppType; +import cz.muni.ics.oauth2.model.enums.AuthMethod; +import cz.muni.ics.oauth2.model.enums.SubjectType; import java.sql.Date; import org.junit.Test; @@ -68,14 +71,14 @@ public class ClientDetailsEntityJsonProcessorTest { " }"; ClientDetailsEntity c = ClientDetailsEntityJsonProcessor.parse(json); - assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); + assertEquals(AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes()); assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc()); @@ -129,14 +132,14 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); assertEquals("this.is.an.access.token.value.ffx83", c.getRegistrationAccessToken()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", c.getRegistrationClientUri()); - assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); + assertEquals(AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes()); assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes()); - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); + assertEquals(SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); + assertEquals(AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri()); assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg()); assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc()); @@ -157,14 +160,14 @@ public class ClientDetailsEntityJsonProcessorTest { c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); c.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); c.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); - c.setApplicationType(ClientDetailsEntity.AppType.WEB); + c.setApplicationType(AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); c.setResponseTypes(ImmutableSet.of("code", "token")); c.setGrantTypes(ImmutableSet.of("authorization_code", "implicit")); - c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + c.setSubjectType(SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); - c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); + c.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC); c.setJwksUri("https://client.example.org/my_public_keys.jwks"); c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5); c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256); @@ -178,7 +181,7 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals(1577858400L, j.get("client_secret_expires_at").getAsNumber()); assertEquals("this.is.an.access.token.value.ffx83", j.get("registration_access_token").getAsString()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", j.get("registration_client_uri").getAsString()); - assertEquals(ClientDetailsEntity.AppType.WEB.getValue(), j.get("application_type").getAsString()); + assertEquals(AppType.WEB.getValue(), j.get("application_type").getAsString()); for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) { assertTrue(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2").contains(e.getAsString())); } @@ -189,9 +192,9 @@ public class ClientDetailsEntityJsonProcessorTest { for (JsonElement e : j.get("grant_types").getAsJsonArray()) { assertTrue(ImmutableSet.of("authorization_code", "implicit").contains(e.getAsString())); } - assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE.getValue(), j.get("subject_type").getAsString()); + assertEquals(SubjectType.PAIRWISE.getValue(), j.get("subject_type").getAsString()); assertEquals("https://other.example.net/file_of_redirect_uris.json", j.get("sector_identifier_uri").getAsString()); - assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC.getValue(), j.get("token_endpoint_auth_method").getAsString()); + assertEquals(AuthMethod.SECRET_BASIC.getValue(), j.get("token_endpoint_auth_method").getAsString()); assertEquals("https://client.example.org/my_public_keys.jwks", j.get("jwks_uri").getAsString()); assertEquals(JWEAlgorithm.RSA1_5.getName(), j.get("userinfo_encrypted_response_alg").getAsString()); assertEquals(EncryptionMethod.A128CBC_HS256.getName(), j.get("userinfo_encrypted_response_enc").getAsString()); diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/assertion/TestJWTBearerAuthenticationProvider.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/assertion/TestJWTBearerAuthenticationProvider.java index 555cce7d4..a610af3c7 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/assertion/TestJWTBearerAuthenticationProvider.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/assertion/TestJWTBearerAuthenticationProvider.java @@ -23,7 +23,7 @@ import com.nimbusds.jwt.SignedJWT; import cz.muni.ics.jwt.signer.service.JWTSigningAndValidationService; import cz.muni.ics.jwt.signer.service.impl.ClientKeyCacheService; import cz.muni.ics.oauth2.model.ClientDetailsEntity; -import cz.muni.ics.oauth2.model.ClientDetailsEntity.AuthMethod; +import cz.muni.ics.oauth2.model.enums.AuthMethod; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.openid.connect.config.ConfigurationPropertiesBean; import java.util.Arrays; diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestDefaultUserInfoService.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestDefaultUserInfoService.java index 68670348a..3224308c4 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestDefaultUserInfoService.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestDefaultUserInfoService.java @@ -24,6 +24,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNull; import cz.muni.ics.oauth2.model.ClientDetailsEntity; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.oauth2.service.ClientDetailsEntityService; import cz.muni.ics.openid.connect.model.DefaultUserInfo; import cz.muni.ics.openid.connect.model.UserInfo; @@ -112,29 +113,29 @@ public class TestDefaultUserInfoService { publicClient2 = new ClientDetailsEntity(); publicClient2.setClientId(publicClientId2); - publicClient2.setSubjectType(ClientDetailsEntity.SubjectType.PUBLIC); + publicClient2.setSubjectType(SubjectType.PUBLIC); // pairwise set 1 pairwiseClient1 = new ClientDetailsEntity(); pairwiseClient1.setClientId(pairwiseClientId1); - pairwiseClient1.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient1.setSubjectType(SubjectType.PAIRWISE); pairwiseClient1.setSectorIdentifierUri(sectorIdentifier1); pairwiseClient2 = new ClientDetailsEntity(); pairwiseClient2.setClientId(pairwiseClientId2); - pairwiseClient2.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient2.setSubjectType(SubjectType.PAIRWISE); pairwiseClient2.setSectorIdentifierUri(sectorIdentifier2); // pairwise set 2 pairwiseClient3 = new ClientDetailsEntity(); pairwiseClient3.setClientId(pairwiseClientId3); - pairwiseClient3.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient3.setSubjectType(SubjectType.PAIRWISE); pairwiseClient3.setSectorIdentifierUri(sectorIdentifier3); // pairwise with null sector pairwiseClient4 = new ClientDetailsEntity(); pairwiseClient4.setClientId(pairwiseClientId4); - pairwiseClient4.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient4.setSubjectType(SubjectType.PAIRWISE); diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java index 1a7bea6ae..743897c5c 100644 --- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java +++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java @@ -25,6 +25,7 @@ import static org.junit.Assert.assertNotSame; import com.google.common.collect.ImmutableSet; import cz.muni.ics.oauth2.model.ClientDetailsEntity; +import cz.muni.ics.oauth2.model.enums.SubjectType; import cz.muni.ics.openid.connect.model.DefaultUserInfo; import cz.muni.ics.openid.connect.model.PairwiseIdentifier; import cz.muni.ics.openid.connect.model.UserInfo; @@ -95,31 +96,31 @@ public class TestUUIDPairwiseIdentiferService { // pairwise set 1 pairwiseClient1 = new ClientDetailsEntity(); pairwiseClient1.setClientId(pairwiseClientId1); - pairwiseClient1.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient1.setSubjectType(SubjectType.PAIRWISE); pairwiseClient1.setSectorIdentifierUri(sectorIdentifier1); pairwiseClient2 = new ClientDetailsEntity(); pairwiseClient2.setClientId(pairwiseClientId2); - pairwiseClient2.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient2.setSubjectType(SubjectType.PAIRWISE); pairwiseClient2.setSectorIdentifierUri(sectorIdentifier2); // pairwise set 2 pairwiseClient3 = new ClientDetailsEntity(); pairwiseClient3.setClientId(pairwiseClientId3); - pairwiseClient3.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient3.setSubjectType(SubjectType.PAIRWISE); pairwiseClient3.setSectorIdentifierUri(sectorIdentifier3); pairwiseClient3.setRedirectUris(pairwiseClient3RedirectUris); // pairwise with null sector pairwiseClient4 = new ClientDetailsEntity(); pairwiseClient4.setClientId(pairwiseClientId4); - pairwiseClient4.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient4.setSubjectType(SubjectType.PAIRWISE); pairwiseClient4.setRedirectUris(pairwiseClient4RedirectUris); // pairwise with multiple redirects and no sector (error) pairwiseClient5 = new ClientDetailsEntity(); pairwiseClient5.setClientId(pairwiseClientId5); - pairwiseClient5.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); + pairwiseClient5.setSubjectType(SubjectType.PAIRWISE); pairwiseClient5.setRedirectUris(pairwiseClient5RedirectUris); // saved pairwise identifier from repository