Fixed reading/writing of approved access tokens
arielak
Justin Richer
parent
0320bae15c
commit
a8377513a6
|
|
@ -89,6 +89,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
/* (non-Javadoc)
|
||||
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
|
||||
*/
|
||||
|
||||
@Override
|
||||
public void exportData(JsonWriter writer) throws IOException {
|
||||
throw new UnsupportedOperationException("Not supported.");
|
||||
|
|
@ -140,7 +141,6 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
}
|
||||
fixObjectReferences();
|
||||
}
|
||||
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
|
@ -206,7 +206,6 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
|
||||
|
|
@ -291,7 +290,6 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
|
|
@ -425,9 +423,9 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
reader.endObject();
|
||||
return new OAuth2Request(authorizationParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, null);
|
||||
}
|
||||
|
||||
Map<Long, Long> grantOldToNewIdMap = new HashMap<Long, Long>();
|
||||
Map<Long, Long> grantToWhitelistedSiteRefs = new HashMap<Long, Long>();
|
||||
Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<Long, Set<Long>>();
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
|
|
@ -439,6 +437,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
ApprovedSite site = new ApprovedSite();
|
||||
Long currentId = null;
|
||||
Long whitelistedSiteId = null;
|
||||
Set<Long> tokenIds = null;
|
||||
reader.beginObject();
|
||||
while (reader.hasNext()) {
|
||||
switch (reader.peek()) {
|
||||
|
|
@ -468,6 +467,8 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
site.setAllowedScopes(allowedScopes);
|
||||
} else if (name.equals("whitelistedSiteId")) {
|
||||
whitelistedSiteId = reader.nextLong();
|
||||
} else if (name.equals("approvedAccessTokens")) {
|
||||
tokenIds = readSet(reader);
|
||||
} else {
|
||||
logger.debug("Found unexpected entry");
|
||||
reader.skipValue();
|
||||
|
|
@ -482,15 +483,17 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
if(whitelistedSiteId != null) {
|
||||
if (whitelistedSiteId != null) {
|
||||
grantToWhitelistedSiteRefs.put(currentId, whitelistedSiteId);
|
||||
}
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading grants");
|
||||
}
|
||||
|
||||
Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
|
|
@ -573,6 +576,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading blacklisted sites");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -698,8 +702,9 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
}
|
||||
|
||||
/**
|
||||
* Read the list of system scopes from the reader and insert them
|
||||
* into the scope repository.
|
||||
* Read the list of system scopes from the reader and insert them into the
|
||||
* scope repository.
|
||||
*
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
|
|
@ -745,7 +750,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
}
|
||||
|
||||
private void fixObjectReferences() {
|
||||
for(Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
|
|
@ -754,7 +759,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for(Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
|
|
@ -764,7 +769,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
|
|
@ -773,7 +778,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
|
|
@ -783,7 +788,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
|
|
@ -794,7 +799,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToIdTokenRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToIdTokenRefs.keySet()) {
|
||||
Long oldIdTokenId = accessTokenToIdTokenRefs.get(oldAccessTokenId);
|
||||
Long newIdTokenId = accessTokenOldToNewIdMap.get(oldIdTokenId);
|
||||
OAuth2AccessTokenEntity idToken = tokenRepository.getAccessTokenById(newIdTokenId);
|
||||
|
|
@ -804,8 +809,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToIdTokenRefs.clear();
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
for(Long oldGrantId : grantToWhitelistedSiteRefs.keySet()) {
|
||||
for (Long oldGrantId : grantToWhitelistedSiteRefs.keySet()) {
|
||||
Long oldWhitelistedSiteId = grantToWhitelistedSiteRefs.get(oldGrantId);
|
||||
Long newWhitelistedSiteId = whitelistedSiteOldToNewIdMap.get(oldWhitelistedSiteId);
|
||||
WhitelistedSite wlSite = wlSiteRepository.getById(newWhitelistedSiteId);
|
||||
|
|
@ -814,7 +818,20 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
|
|||
approvedSite.setWhitelistedSite(wlSite);
|
||||
approvedSiteRepository.save(approvedSite);
|
||||
}
|
||||
grantOldToNewIdMap.clear();
|
||||
grantToWhitelistedSiteRefs.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
Set<OAuth2AccessTokenEntity> tokens = new HashSet<OAuth2AccessTokenEntity>();
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
tokens.add(tokenRepository.getAccessTokenById(newTokenId));
|
||||
}
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
site.setApprovedAccessTokens(tokens);
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ import com.google.gson.stream.JsonWriter;
|
|||
import java.io.IOException;
|
||||
import java.io.Serializable;
|
||||
import java.text.ParseException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -149,15 +148,8 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeRefreshTokens(JsonWriter writer) {
|
||||
Collection<OAuth2RefreshTokenEntity> tokens = new ArrayList<OAuth2RefreshTokenEntity>();
|
||||
try {
|
||||
tokens = tokenRepository.getAllRefreshTokens();
|
||||
} catch (Exception ex) {
|
||||
logger.error("Unable to read refresh tokens from data source", ex);
|
||||
}
|
||||
for (OAuth2RefreshTokenEntity token : tokens) {
|
||||
try {
|
||||
private void writeRefreshTokens(JsonWriter writer) throws IOException {
|
||||
for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
|
||||
writer.beginObject();
|
||||
writer.name("id").value(token.getId());
|
||||
writer.name("expiration").value(toUTCString(token.getExpiration()));
|
||||
|
|
@ -168,9 +160,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
writer.name("value").value(token.getValue());
|
||||
writer.endObject();
|
||||
logger.debug("Wrote refresh token {}", token.getId());
|
||||
} catch (IOException ex) {
|
||||
logger.error("Unable to write refresh token {}", token.getId(), ex);
|
||||
}
|
||||
}
|
||||
logger.info("Done writing refresh tokens");
|
||||
}
|
||||
|
|
@ -178,15 +167,8 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeAccessTokens(JsonWriter writer) {
|
||||
Collection<OAuth2AccessTokenEntity> tokens = new ArrayList<OAuth2AccessTokenEntity>();
|
||||
try {
|
||||
tokens = tokenRepository.getAllAccessTokens();
|
||||
} catch (Exception ex) {
|
||||
logger.error("Unable to read access tokens from data source", ex);
|
||||
}
|
||||
for (OAuth2AccessTokenEntity token : tokens) {
|
||||
try {
|
||||
private void writeAccessTokens(JsonWriter writer) throws IOException {
|
||||
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
|
||||
writer.beginObject();
|
||||
writer.name("id").value(token.getId());
|
||||
writer.name("expiration").value(toUTCString(token.getExpiration()));
|
||||
|
|
@ -208,9 +190,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
writer.name("value").value(token.getValue());
|
||||
writer.endObject();
|
||||
logger.debug("Wrote access token {}", token.getId());
|
||||
} catch (IOException ex) {
|
||||
logger.error("Unable to write access token {}", token.getId(), ex);
|
||||
}
|
||||
}
|
||||
logger.info("Done writing access tokens");
|
||||
}
|
||||
|
|
@ -218,15 +197,8 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeAuthenticationHolders(JsonWriter writer) {
|
||||
Collection<AuthenticationHolderEntity> holders = new ArrayList<AuthenticationHolderEntity>();
|
||||
try {
|
||||
holders = authHolderRepository.getAll();
|
||||
} catch (Exception ex) {
|
||||
logger.error("Unable to read authentication holders from data source", ex);
|
||||
}
|
||||
for (AuthenticationHolderEntity holder : holders) {
|
||||
try {
|
||||
private void writeAuthenticationHolders(JsonWriter writer) throws IOException {
|
||||
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) {
|
||||
writer.beginObject();
|
||||
writer.name("id").value(holder.getId());
|
||||
writer.name("ownerId").value(holder.getOwnerId());
|
||||
|
|
@ -240,9 +212,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
writer.endObject();
|
||||
writer.endObject();
|
||||
logger.debug("Wrote authentication holder {}", holder.getId());
|
||||
} catch (IOException ex) {
|
||||
logger.error("Unable to write authentication holder {}", holder.getId(), ex);
|
||||
}
|
||||
}
|
||||
logger.info("Done writing authentication holders");
|
||||
}
|
||||
|
|
@ -266,7 +235,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
writer.endArray();
|
||||
writer.name("resourceIds");
|
||||
writer.beginArray();
|
||||
if(authReq.getResourceIds() != null) {
|
||||
if (authReq.getResourceIds() != null) {
|
||||
for (String s : authReq.getResourceIds()) {
|
||||
writer.value(s);
|
||||
}
|
||||
|
|
@ -310,6 +279,13 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
writer.name("allowedScopes");
|
||||
writeNullSafeArray(writer, site.getAllowedScopes());
|
||||
writer.name("whitelistedSiteId").value(site.getIsWhitelisted() ? site.getWhitelistedSite().getId() : null);
|
||||
Set<OAuth2AccessTokenEntity> tokens = site.getApprovedAccessTokens();
|
||||
writer.name("approvedAccessTokens");
|
||||
writer.beginArray();
|
||||
for (OAuth2AccessTokenEntity token : tokens) {
|
||||
writer.value(token.getId());
|
||||
}
|
||||
writer.endArray();
|
||||
writer.endObject();
|
||||
logger.debug("Wrote grant {}", site.getId());
|
||||
}
|
||||
|
|
@ -347,7 +323,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
logger.info("Done writing blacklisted sites");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
|
|
@ -437,19 +412,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
logger.info("Done writing clients");
|
||||
}
|
||||
|
||||
private void writeNullSafeArray(JsonWriter writer, Set<String> items)
|
||||
throws IOException {
|
||||
if (items != null) {
|
||||
writer.beginArray();
|
||||
for (String s : items) {
|
||||
writer.value(s);
|
||||
}
|
||||
writer.endArray();
|
||||
} else {
|
||||
writer.nullValue();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
|
|
@ -518,7 +480,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
}
|
||||
fixObjectReferences();
|
||||
}
|
||||
|
||||
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
|
@ -584,7 +545,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading refresh tokens");
|
||||
}
|
||||
|
||||
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
|
||||
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
|
||||
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
|
||||
|
|
@ -669,7 +629,6 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading access tokens");
|
||||
}
|
||||
|
||||
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
|
|
@ -791,9 +750,9 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
responseTypes = readSet(reader);
|
||||
} else if (name.equals("extensions")) {
|
||||
Map<String, String> extEnc = readMap(reader);
|
||||
for(Entry<String, String> entry : extEnc.entrySet()) {
|
||||
for (Entry<String, String> entry : extEnc.entrySet()) {
|
||||
Serializable decoded = base64UrlDecodeObject(entry.getValue(), Serializable.class);
|
||||
if(decoded != null) {
|
||||
if (decoded != null) {
|
||||
extensions.put(entry.getKey(), decoded);
|
||||
}
|
||||
}
|
||||
|
|
@ -810,10 +769,9 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
reader.endObject();
|
||||
return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions);
|
||||
}
|
||||
|
||||
Map<Long, Long> grantOldToNewIdMap = new HashMap<Long, Long>();
|
||||
Map<Long, Long> grantToWhitelistedSiteRefs = new HashMap<Long, Long>();
|
||||
|
||||
Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<Long, Set<Long>>();
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -824,6 +782,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
ApprovedSite site = new ApprovedSite();
|
||||
Long currentId = null;
|
||||
Long whitelistedSiteId = null;
|
||||
Set<Long> tokenIds = null;
|
||||
reader.beginObject();
|
||||
while (reader.hasNext()) {
|
||||
switch (reader.peek()) {
|
||||
|
|
@ -853,6 +812,8 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
site.setAllowedScopes(allowedScopes);
|
||||
} else if (name.equals("whitelistedSiteId")) {
|
||||
whitelistedSiteId = reader.nextLong();
|
||||
} else if (name.equals("approvedAccessTokens")) {
|
||||
tokenIds = readSet(reader);
|
||||
} else {
|
||||
logger.debug("Found unexpected entry");
|
||||
reader.skipValue();
|
||||
|
|
@ -867,15 +828,17 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
reader.endObject();
|
||||
Long newId = approvedSiteRepository.save(site).getId();
|
||||
grantOldToNewIdMap.put(currentId, newId);
|
||||
if(whitelistedSiteId != null) {
|
||||
if (whitelistedSiteId != null) {
|
||||
grantToWhitelistedSiteRefs.put(currentId, whitelistedSiteId);
|
||||
}
|
||||
if (tokenIds != null) {
|
||||
grantToAccessTokensRefs.put(currentId, tokenIds);
|
||||
}
|
||||
logger.debug("Read grant {}", currentId);
|
||||
}
|
||||
reader.endArray();
|
||||
logger.info("Done reading grants");
|
||||
}
|
||||
|
||||
Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
|
||||
|
||||
/**
|
||||
|
|
@ -958,6 +921,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
reader.endArray();
|
||||
logger.info("Done reading blacklisted sites");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
|
|
@ -1083,8 +1047,9 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
}
|
||||
|
||||
/**
|
||||
* Read the list of system scopes from the reader and insert them
|
||||
* into the scope repository.
|
||||
* Read the list of system scopes from the reader and insert them into the
|
||||
* scope repository.
|
||||
*
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
|
|
@ -1130,7 +1095,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
}
|
||||
|
||||
private void fixObjectReferences() {
|
||||
for(Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
|
||||
String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
|
|
@ -1139,7 +1104,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToClientRefs.clear();
|
||||
for(Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
|
|
@ -1149,7 +1114,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveRefreshToken(refreshToken);
|
||||
}
|
||||
refreshTokenToAuthHolderRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
|
||||
String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
|
||||
ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
|
||||
Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
|
||||
|
|
@ -1158,7 +1123,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToClientRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
|
||||
Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
|
||||
Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
|
||||
AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
|
||||
|
|
@ -1168,7 +1133,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToAuthHolderRefs.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
|
||||
Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
|
||||
Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
|
||||
OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
|
||||
|
|
@ -1179,7 +1144,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
}
|
||||
accessTokenToRefreshTokenRefs.clear();
|
||||
refreshTokenOldToNewIdMap.clear();
|
||||
for(Long oldAccessTokenId : accessTokenToIdTokenRefs.keySet()) {
|
||||
for (Long oldAccessTokenId : accessTokenToIdTokenRefs.keySet()) {
|
||||
Long oldIdTokenId = accessTokenToIdTokenRefs.get(oldAccessTokenId);
|
||||
Long newIdTokenId = accessTokenOldToNewIdMap.get(oldIdTokenId);
|
||||
OAuth2AccessTokenEntity idToken = tokenRepository.getAccessTokenById(newIdTokenId);
|
||||
|
|
@ -1189,8 +1154,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
tokenRepository.saveAccessToken(accessToken);
|
||||
}
|
||||
accessTokenToIdTokenRefs.clear();
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
for(Long oldGrantId : grantToWhitelistedSiteRefs.keySet()) {
|
||||
for (Long oldGrantId : grantToWhitelistedSiteRefs.keySet()) {
|
||||
Long oldWhitelistedSiteId = grantToWhitelistedSiteRefs.get(oldGrantId);
|
||||
Long newWhitelistedSiteId = whitelistedSiteOldToNewIdMap.get(oldWhitelistedSiteId);
|
||||
WhitelistedSite wlSite = wlSiteRepository.getById(newWhitelistedSiteId);
|
||||
|
|
@ -1199,7 +1163,20 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
|
|||
approvedSite.setWhitelistedSite(wlSite);
|
||||
approvedSiteRepository.save(approvedSite);
|
||||
}
|
||||
grantOldToNewIdMap.clear();
|
||||
grantToWhitelistedSiteRefs.clear();
|
||||
for (Long oldGrantId : grantToAccessTokensRefs.keySet()) {
|
||||
Set<Long> oldAccessTokenIds = grantToAccessTokensRefs.get(oldGrantId);
|
||||
Set<OAuth2AccessTokenEntity> tokens = new HashSet<OAuth2AccessTokenEntity>();
|
||||
for(Long oldTokenId : oldAccessTokenIds) {
|
||||
Long newTokenId = accessTokenOldToNewIdMap.get(oldTokenId);
|
||||
tokens.add(tokenRepository.getAccessTokenById(newTokenId));
|
||||
}
|
||||
Long newGrantId = grantOldToNewIdMap.get(oldGrantId);
|
||||
ApprovedSite site = approvedSiteRepository.getById(newGrantId);
|
||||
site.setApprovedAccessTokens(tokens);
|
||||
approvedSiteRepository.save(site);
|
||||
}
|
||||
accessTokenOldToNewIdMap.clear();
|
||||
grantOldToNewIdMap.clear();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ package org.mitre.openid.connect.service.impl;
|
|||
|
||||
import com.google.common.io.BaseEncoding;
|
||||
import com.google.gson.stream.JsonReader;
|
||||
import com.google.gson.stream.JsonWriter;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
|
|
@ -145,4 +146,16 @@ public abstract class MITREidDataService_1_X implements MITREidDataService {
|
|||
return map;
|
||||
}
|
||||
|
||||
protected void writeNullSafeArray(JsonWriter writer, Set<String> items)
|
||||
throws IOException {
|
||||
if (items != null) {
|
||||
writer.beginArray();
|
||||
for (String s : items) {
|
||||
writer.value(s);
|
||||
}
|
||||
writer.endArray();
|
||||
} else {
|
||||
writer.nullValue();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue