diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthenticationHolderEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthenticationHolderEntity.java
index 696759afa..0e37db09f 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthenticationHolderEntity.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthenticationHolderEntity.java
@@ -17,6 +17,9 @@
*******************************************************************************/
package cz.muni.ics.oauth2.model;
+import static cz.muni.ics.oauth2.model.AuthenticationHolderEntity.QUERY_ALL;
+import static cz.muni.ics.oauth2.model.AuthenticationHolderEntity.QUERY_GET_UNUSED;
+
import cz.muni.ics.oauth2.model.convert.SerializableStringConverter;
import cz.muni.ics.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
import java.io.Serializable;
@@ -25,7 +28,6 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
-import javax.persistence.Basic;
import javax.persistence.CascadeType;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
@@ -43,48 +45,98 @@ import javax.persistence.NamedQuery;
import javax.persistence.OneToOne;
import javax.persistence.Table;
import javax.persistence.Transient;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
@Entity
@Table(name = "authentication_holder")
@NamedQueries ({
- @NamedQuery(name = AuthenticationHolderEntity.QUERY_ALL, query = "select a from AuthenticationHolderEntity a"),
- @NamedQuery(name = AuthenticationHolderEntity.QUERY_GET_UNUSED, query = "select a from AuthenticationHolderEntity a where " +
- "a.id not in (select t.authenticationHolder.id from OAuth2AccessTokenEntity t) and " +
- "a.id not in (select r.authenticationHolder.id from OAuth2RefreshTokenEntity r) and " +
- "a.id not in (select c.authenticationHolder.id from AuthorizationCodeEntity c)")
+ @NamedQuery(name = QUERY_ALL,
+ query = "SELECT a FROM AuthenticationHolderEntity a"),
+ @NamedQuery(name = QUERY_GET_UNUSED,
+ query = "SELECT a FROM AuthenticationHolderEntity a " +
+ "WHERE a.id NOT IN (SELECT t.authenticationHolder.id FROM OAuth2AccessTokenEntity t) " +
+ "AND a.id NOT IN (SELECT r.authenticationHolder.id FROM OAuth2RefreshTokenEntity r) " +
+ "AND a.id NOT IN (SELECT c.authenticationHolder.id FROM AuthorizationCodeEntity c)")
})
public class AuthenticationHolderEntity {
public static final String QUERY_GET_UNUSED = "AuthenticationHolderEntity.getUnusedAuthenticationHolders";
public static final String QUERY_ALL = "AuthenticationHolderEntity.getAll";
- private Long id;
- private SavedUserAuthentication userAuth;
- private Collection<GrantedAuthority> authorities;
- private Set<String> resourceIds;
- private boolean approved;
- private String redirectUri;
- private Set<String> responseTypes;
- private Map<String, Serializable> extensions;
- private String clientId;
- private Set<String> scope;
- private Map<String, String> requestParameters;
-
- public AuthenticationHolderEntity() { }
-
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
- public Long getId() {
- return id;
- }
+ private Long id;
- public void setId(Long id) {
- this.id = id;
- }
+ @OneToOne(cascade=CascadeType.ALL)
+ @JoinColumn(name = "user_auth_id")
+ @CascadeOnDelete
+ private SavedUserAuthentication userAuth;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_authority", joinColumns = @JoinColumn(name = "owner_id"))
+ @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
+ @Column(name = "authority")
+ @CascadeOnDelete
+ private Collection<GrantedAuthority> authorities;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_resource_id", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "resource_id")
+ @CascadeOnDelete
+ private Set<String> resourceIds;
+
+ @Column(name = "approved")
+ private boolean approved;
+
+ @Column(name = "redirect_uri")
+ private String redirectUri;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_response_type", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "response_type")
+ @CascadeOnDelete
+ private Set<String> responseTypes;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_extension", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "val")
+ @MapKeyColumn(name = "extension")
+ @Convert(converter = SerializableStringConverter.class)
+ @CascadeOnDelete
+ private Map<String, Serializable> extensions;
+
+ @Column(name = "client_id")
+ private String clientId;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_scope", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "scope")
+ @CascadeOnDelete
+ private Set<String> scope;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "authentication_holder_request_parameter", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "val")
+ @MapKeyColumn(name = "param")
+ @CascadeOnDelete
+ private Map<String, String> requestParameters;
@Transient
public OAuth2Authentication getAuthentication() {
@@ -92,21 +144,17 @@ public class AuthenticationHolderEntity {
return new OAuth2Authentication(createOAuth2Request(), getUserAuth());
}
- private OAuth2Request createOAuth2Request() {
- return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions);
- }
-
public void setAuthentication(OAuth2Authentication authentication) {
// pull apart the request and save its bits
OAuth2Request o2Request = authentication.getOAuth2Request();
- setAuthorities(o2Request.getAuthorities() == null ? null : new HashSet<>(o2Request.getAuthorities()));
+ setAuthorities(convertToSetOrNull((Set<GrantedAuthority>) o2Request.getAuthorities()));
setClientId(o2Request.getClientId());
- setExtensions(o2Request.getExtensions() == null ? null : new HashMap<>(o2Request.getExtensions()));
+ setExtensions(convertToMapOrNull(o2Request.getExtensions()));
setRedirectUri(o2Request.getRedirectUri());
- setRequestParameters(o2Request.getRequestParameters() == null ? null : new HashMap<>(o2Request.getRequestParameters()));
- setResourceIds(o2Request.getResourceIds() == null ? null : new HashSet<>(o2Request.getResourceIds()));
- setResponseTypes(o2Request.getResponseTypes() == null ? null : new HashSet<>(o2Request.getResponseTypes()));
- setScope(o2Request.getScope() == null ? null : new HashSet<>(o2Request.getScope()));
+ setRequestParameters(convertToMapOrNull(o2Request.getRequestParameters()));
+ setResourceIds(convertToSetOrNull(o2Request.getResourceIds()));
+ setResponseTypes(convertToSetOrNull(o2Request.getResponseTypes()));
+ setScope(convertToSetOrNull(o2Request.getScope()));
setApproved(o2Request.isApproved());
if (authentication.getUserAuthentication() != null) {
@@ -116,114 +164,16 @@ public class AuthenticationHolderEntity {
}
}
- @OneToOne(cascade=CascadeType.ALL)
- @JoinColumn(name = "user_auth_id")
- public SavedUserAuthentication getUserAuth() {
- return userAuth;
+ private <T> Set<T> convertToSetOrNull(Collection<T> obj) {
+ return obj == null ? null: new HashSet<>(obj);
}
- public void setUserAuth(SavedUserAuthentication userAuth) {
- this.userAuth = userAuth;
+ private <T, S> Map<T, S> convertToMapOrNull(Map<T, S> obj) {
+ return obj == null ? null : new HashMap<>(obj);
}
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_authority", joinColumns=@JoinColumn(name="owner_id"))
- @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
- @Column(name="authority")
- public Collection<GrantedAuthority> getAuthorities() {
- return authorities;
- }
-
- public void setAuthorities(Collection<GrantedAuthority> authorities) {
- this.authorities = authorities;
- }
-
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_resource_id", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="resource_id")
- public Set<String> getResourceIds() {
- return resourceIds;
- }
-
- public void setResourceIds(Set<String> resourceIds) {
- this.resourceIds = resourceIds;
- }
-
- @Basic
- @Column(name="approved")
- public boolean isApproved() {
- return approved;
- }
-
- public void setApproved(boolean approved) {
- this.approved = approved;
- }
-
- @Basic
- @Column(name="redirect_uri")
- public String getRedirectUri() {
- return redirectUri;
- }
-
- public void setRedirectUri(String redirectUri) {
- this.redirectUri = redirectUri;
- }
-
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_response_type", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="response_type")
- public Set<String> getResponseTypes() {
- return responseTypes;
- }
-
- public void setResponseTypes(Set<String> responseTypes) {
- this.responseTypes = responseTypes;
- }
-
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_extension", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="val")
- @MapKeyColumn(name="extension")
- @Convert(converter= SerializableStringConverter.class)
- public Map<String, Serializable> getExtensions() {
- return extensions;
- }
-
- public void setExtensions(Map<String, Serializable> extensions) {
- this.extensions = extensions;
- }
-
- @Basic
- @Column(name="client_id")
- public String getClientId() {
- return clientId;
- }
-
- public void setClientId(String clientId) {
- this.clientId = clientId;
- }
-
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_scope", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="scope")
- public Set<String> getScope() {
- return scope;
- }
-
- public void setScope(Set<String> scope) {
- this.scope = scope;
- }
-
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="authentication_holder_request_parameter", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="val")
- @MapKeyColumn(name="param")
- public Map<String, String> getRequestParameters() {
- return requestParameters;
- }
-
- public void setRequestParameters(Map<String, String> requestParameters) {
- this.requestParameters = requestParameters;
+ private OAuth2Request createOAuth2Request() {
+ return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions);
}
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthorizationCodeEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthorizationCodeEntity.java
index 41881a852..aa0db789c 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthorizationCodeEntity.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/AuthorizationCodeEntity.java
@@ -18,7 +18,6 @@
package cz.muni.ics.oauth2.model;
import java.util.Date;
-import javax.persistence.Basic;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
@@ -30,17 +29,36 @@ import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.Table;
import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
/**
* Entity class for authorization codes
*
* @author aanganes
*/
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
@Entity
@Table(name = "authorization_code")
@NamedQueries({
- @NamedQuery(name = AuthorizationCodeEntity.QUERY_BY_VALUE, query = "select a from AuthorizationCodeEntity a where a.code = :code"),
- @NamedQuery(name = AuthorizationCodeEntity.QUERY_EXPIRATION_BY_DATE, query = "select a from AuthorizationCodeEntity a where a.expiration <= :" + AuthorizationCodeEntity.PARAM_DATE)
+ @NamedQuery(name = AuthorizationCodeEntity.QUERY_BY_VALUE,
+ query = "SELECT a FROM AuthorizationCodeEntity a " +
+ "WHERE a.code = :code"),
+ @NamedQuery(name = AuthorizationCodeEntity.QUERY_EXPIRATION_BY_DATE,
+ query = "SELECT a FROM AuthorizationCodeEntity a " +
+ "WHERE a.expiration <= :" + AuthorizationCodeEntity.PARAM_DATE)
})
public class AuthorizationCodeEntity {
@@ -49,58 +67,29 @@ public class AuthorizationCodeEntity {
public static final String PARAM_DATE = "date";
- private Long id;
- private String code;
- private AuthenticationHolderEntity authenticationHolder;
- private Date expiration;
-
- public AuthorizationCodeEntity() { }
-
- public AuthorizationCodeEntity(String code, AuthenticationHolderEntity authenticationHolder, Date expiration) {
- this.code = code;
- this.authenticationHolder = authenticationHolder;
- this.expiration = expiration;
- }
-
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
- public Long getId() {
- return id;
- }
+ private Long id;
- public void setId(Long id) {
- this.id = id;
- }
-
- @Basic
@Column(name = "code")
- public String getCode() {
- return code;
- }
-
- public void setCode(String code) {
- this.code = code;
- }
+ private String code;
@ManyToOne
@JoinColumn(name = "auth_holder_id")
- public AuthenticationHolderEntity getAuthenticationHolder() {
- return authenticationHolder;
- }
+ @CascadeOnDelete
+ private AuthenticationHolderEntity authenticationHolder;
- public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) {
- this.authenticationHolder = authenticationHolder;
- }
-
- @Basic
- @Temporal(javax.persistence.TemporalType.TIMESTAMP)
+ @Temporal(TemporalType.TIMESTAMP)
@Column(name = "expiration")
- public Date getExpiration() {
- return expiration;
- }
+ private Date expiration;
- public void setExpiration(Date expiration) {
+ public AuthorizationCodeEntity(String code,
+ AuthenticationHolderEntity authenticationHolder,
+ Date expiration)
+ {
+ this.code = code;
+ this.authenticationHolder = authenticationHolder;
this.expiration = expiration;
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/DeviceCode.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/DeviceCode.java
index d563e52cb..b01d4c502 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/DeviceCode.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/DeviceCode.java
@@ -16,10 +16,16 @@
package cz.muni.ics.oauth2.model;
+import static cz.muni.ics.oauth2.model.DeviceCode.PARAM_DATE;
+import static cz.muni.ics.oauth2.model.DeviceCode.PARAM_DEVICE_CODE;
+import static cz.muni.ics.oauth2.model.DeviceCode.PARAM_USER_CODE;
+import static cz.muni.ics.oauth2.model.DeviceCode.QUERY_BY_DEVICE_CODE;
+import static cz.muni.ics.oauth2.model.DeviceCode.QUERY_BY_USER_CODE;
+import static cz.muni.ics.oauth2.model.DeviceCode.QUERY_EXPIRED_BY_DATE;
+
import java.util.Date;
import java.util.Map;
import java.util.Set;
-import javax.persistence.Basic;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.ElementCollection;
@@ -35,16 +41,37 @@ import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.Table;
import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
/**
* @author jricher
*/
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
@Entity
@Table(name = "device_code")
@NamedQueries({
- @NamedQuery(name = DeviceCode.QUERY_BY_USER_CODE, query = "select d from DeviceCode d where d.userCode = :" + DeviceCode.PARAM_USER_CODE),
- @NamedQuery(name = DeviceCode.QUERY_BY_DEVICE_CODE, query = "select d from DeviceCode d where d.deviceCode = :" + DeviceCode.PARAM_DEVICE_CODE),
- @NamedQuery(name = DeviceCode.QUERY_EXPIRED_BY_DATE, query = "select d from DeviceCode d where d.expiration <= :" + DeviceCode.PARAM_DATE)
+ @NamedQuery(name = QUERY_BY_USER_CODE,
+ query = "SELECT d FROM DeviceCode d " +
+ "WHERE d.userCode = :" + PARAM_USER_CODE),
+ @NamedQuery(name = QUERY_BY_DEVICE_CODE,
+ query = "SELECT d FROM DeviceCode d " +
+ "WHERE d.deviceCode = :" + PARAM_DEVICE_CODE),
+ @NamedQuery(name = QUERY_EXPIRED_BY_DATE,
+ query = "SELECT d FROM DeviceCode d " +
+ "WHERE d.expiration <= :" + PARAM_DATE)
})
public class DeviceCode {
@@ -56,119 +83,55 @@ public class DeviceCode {
public static final String PARAM_DEVICE_CODE = "deviceCode";
public static final String PARAM_DATE = "date";
- private Long id;
- private String deviceCode;
- private String userCode;
- private Set<String> scope;
- private Date expiration;
- private String clientId;
- private Map<String, String> requestParameters;
- private boolean approved;
- private AuthenticationHolderEntity authenticationHolder;
-
- public DeviceCode() { }
-
- public DeviceCode(String deviceCode, String userCode, Set<String> scope, String clientId, Map<String, String> params) {
- this.deviceCode = deviceCode;
- this.userCode = userCode;
- this.scope = scope;
- this.clientId = clientId;
- this.requestParameters = params;
- }
-
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
- public Long getId() {
- return id;
- }
+ private Long id;
- public void setId(Long id) {
- this.id = id;
- }
-
- @Basic
@Column(name = "device_code")
- public String getDeviceCode() {
- return deviceCode;
- }
+ private String deviceCode;
- public void setDeviceCode(String deviceCode) {
- this.deviceCode = deviceCode;
- }
-
- @Basic
@Column(name = "user_code")
- public String getUserCode() {
- return userCode;
- }
-
- public void setUserCode(String userCode) {
- this.userCode = userCode;
- }
+ private String userCode;
@ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="device_code_scope", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="scope")
- public Set<String> getScope() {
- return scope;
- }
+ @CollectionTable(name = "device_code_scope", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "scope")
+ @CascadeOnDelete
+ private Set<String> scope;
- public void setScope(Set<String> scope) {
- this.scope = scope;
- }
-
- @Basic
- @Temporal(javax.persistence.TemporalType.TIMESTAMP)
+ @Temporal(TemporalType.TIMESTAMP)
@Column(name = "expiration")
- public Date getExpiration() {
- return expiration;
- }
+ private Date expiration;
- public void setExpiration(Date expiration) {
- this.expiration = expiration;
- }
-
- @Basic
@Column(name = "client_id")
- public String getClientId() {
- return clientId;
- }
-
- public void setClientId(String clientId) {
- this.clientId = clientId;
- }
+ private String clientId;
@ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="device_code_request_parameter", joinColumns=@JoinColumn(name="owner_id"))
- @Column(name="val")
- @MapKeyColumn(name="param")
- public Map<String, String> getRequestParameters() {
- return requestParameters;
- }
+ @CollectionTable(name = "device_code_request_parameter", joinColumns = @JoinColumn(name = "owner_id"))
+ @Column(name = "val")
+ @MapKeyColumn(name = "param")
+ @CascadeOnDelete
+ private Map<String, String> requestParameters;
- public void setRequestParameters(Map<String, String> params) {
- this.requestParameters = params;
- }
-
- @Basic
@Column(name = "approved")
- public boolean isApproved() {
- return approved;
- }
-
- public void setApproved(boolean approved) {
- this.approved = approved;
- }
+ private boolean approved;
@ManyToOne
@JoinColumn(name = "auth_holder_id")
- public AuthenticationHolderEntity getAuthenticationHolder() {
- return authenticationHolder;
- }
+ private AuthenticationHolderEntity authenticationHolder;
- public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) {
- this.authenticationHolder = authenticationHolder;
+ public DeviceCode(String deviceCode,
+ String userCode,
+ Set<String> scope,
+ String clientId,
+ Map<String, String> params)
+ {
+ this.deviceCode = deviceCode;
+ this.userCode = userCode;
+ this.scope = scope;
+ this.clientId = clientId;
+ this.requestParameters = params;
}
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2AccessTokenEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2AccessTokenEntity.java
index b11561828..1ceefc1be 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2AccessTokenEntity.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2AccessTokenEntity.java
@@ -20,6 +20,10 @@
*/
package cz.muni.ics.oauth2.model;
+import static cz.muni.ics.oauth2.model.OAuth2AccessTokenEntity.*;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.nimbusds.jwt.JWT;
import cz.muni.ics.oauth2.model.convert.JWTStringConverter;
import cz.muni.ics.openid.connect.model.ApprovedSite;
@@ -47,7 +51,15 @@ import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessTokenJackson2Deserializer;
import org.springframework.security.oauth2.common.OAuth2AccessTokenJackson2Serializer;
@@ -57,20 +69,42 @@ import org.springframework.security.oauth2.common.OAuth2RefreshToken;
* @author jricher
*
*/
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
@Entity
@Table(name = "access_token")
@NamedQueries({
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_ALL, query = "select a from OAuth2AccessTokenEntity a"),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_EXPIRED_BY_DATE, query = "select a from OAuth2AccessTokenEntity a where a.expiration <= :" + OAuth2AccessTokenEntity.PARAM_DATE),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_REFRESH_TOKEN, query = "select a from OAuth2AccessTokenEntity a where a.refreshToken = :" + OAuth2AccessTokenEntity.PARAM_REFERSH_TOKEN),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_CLIENT, query = "select a from OAuth2AccessTokenEntity a where a.client = :" + OAuth2AccessTokenEntity.PARAM_CLIENT),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_TOKEN_VALUE, query = "select a from OAuth2AccessTokenEntity a where a.jwt = :" + OAuth2AccessTokenEntity.PARAM_TOKEN_VALUE),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_APPROVED_SITE, query = "select a from OAuth2AccessTokenEntity a where a.approvedSite = :" + OAuth2AccessTokenEntity.PARAM_APPROVED_SITE),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_RESOURCE_SET, query = "select a from OAuth2AccessTokenEntity a join a.permissions p where p.resourceSet.id = :" + OAuth2AccessTokenEntity.PARAM_RESOURCE_SET_ID),
- @NamedQuery(name = OAuth2AccessTokenEntity.QUERY_BY_NAME, query = "select r from OAuth2AccessTokenEntity r where r.authenticationHolder.userAuth.name = :" + OAuth2AccessTokenEntity.PARAM_NAME)
+ @NamedQuery(name = QUERY_ALL,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a"),
+ @NamedQuery(name = QUERY_EXPIRED_BY_DATE,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a " +
+ "WHERE a.expiration <= :" + PARAM_DATE),
+ @NamedQuery(name = QUERY_BY_REFRESH_TOKEN,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a " +
+ "WHERE a.refreshToken = :" + PARAM_REFRESH_TOKEN),
+ @NamedQuery(name = QUERY_BY_CLIENT,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a " +
+ "WHERE a.client = :" + PARAM_CLIENT),
+ @NamedQuery(name = QUERY_BY_TOKEN_VALUE,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a " +
+ "WHERE a.jwtValue = :" + PARAM_TOKEN_VALUE),
+ @NamedQuery(name = QUERY_BY_APPROVED_SITE,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a " +
+ "WHERE a.approvedSite = :" + PARAM_APPROVED_SITE),
+ @NamedQuery(name = QUERY_BY_RESOURCE_SET,
+ query = "SELECT a FROM OAuth2AccessTokenEntity a JOIN a.permissions p " +
+ "WHERE p.resourceSet.id = :" + PARAM_RESOURCE_SET_ID),
+ @NamedQuery(name = QUERY_BY_NAME,
+ query = "SELECT r FROM OAuth2AccessTokenEntity r " +
+ "WHERE r.authenticationHolder.userAuth.name = :" + PARAM_NAME)
})
-@com.fasterxml.jackson.databind.annotation.JsonSerialize(using = OAuth2AccessTokenJackson2Serializer.class)
-@com.fasterxml.jackson.databind.annotation.JsonDeserialize(using = OAuth2AccessTokenJackson2Deserializer.class)
+@JsonSerialize(using = OAuth2AccessTokenJackson2Serializer.class)
+@JsonDeserialize(using = OAuth2AccessTokenJackson2Deserializer.class)
public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
public static final String QUERY_BY_APPROVED_SITE = "OAuth2AccessTokenEntity.getByApprovedSite";
@@ -84,7 +118,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
public static final String PARAM_TOKEN_VALUE = "tokenValue";
public static final String PARAM_CLIENT = "client";
- public static final String PARAM_REFERSH_TOKEN = "refreshToken";
+ public static final String PARAM_REFRESH_TOKEN = "refreshToken";
public static final String PARAM_DATE = "date";
public static final String PARAM_RESOURCE_SET_ID = "rsid";
public static final String PARAM_APPROVED_SITE = "approvedSite";
@@ -92,30 +126,52 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
public static final String ID_TOKEN_FIELD_NAME = "id_token";
- private Long id;
- private ClientDetailsEntity client;
- private AuthenticationHolderEntity authenticationHolder;
- private JWT jwtValue;
- private Date expiration;
- private String tokenType = OAuth2AccessToken.BEARER_TYPE;
- private OAuth2RefreshTokenEntity refreshToken;
- private Set<String> scope;
- private Set<Permission> permissions;
- private ApprovedSite approvedSite;
- private Map<String, Object> additionalInformation = new HashMap<>();
-
- public OAuth2AccessTokenEntity() { }
-
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
- public Long getId() {
- return id;
- }
+ private Long id;
- public void setId(Long id) {
- this.id = id;
- }
+ @ManyToOne
+ @JoinColumn(name = "client_id")
+ private ClientDetailsEntity client;
+
+ @ManyToOne
+ @JoinColumn(name = "auth_holder_id")
+ @CascadeOnDelete
+ private AuthenticationHolderEntity authenticationHolder;
+
+ @Column(name = "token_value")
+ @Convert(converter = JWTStringConverter.class)
+ private JWT jwtValue;
+
+ @Temporal(TemporalType.TIMESTAMP)
+ @Column(name = "expiration")
+ private Date expiration;
+
+ @Column(name = "token_type")
+ private String tokenType = OAuth2AccessToken.BEARER_TYPE;
+
+ @ManyToOne
+ @JoinColumn(name = "refresh_token_id")
+ private OAuth2RefreshTokenEntity refreshToken;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "token_scope", joinColumns = @JoinColumn(name = "owner_id"))
+ @CascadeOnDelete
+ private Set<String> scope;
+
+ @OneToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL)
+ @JoinTable(name = "access_token_permissions", joinColumns = @JoinColumn(name = "access_token_id"),
+ inverseJoinColumns = @JoinColumn(name = "permission_id"))
+ @CascadeOnDelete
+ private Set<Permission> permissions;
+
+ @ManyToOne
+ @JoinColumn(name = "approved_site_id")
+ private ApprovedSite approvedSite;
+
+ @Transient
+ private Map<String, Object> additionalInformation = new HashMap<>();
@Override
@Transient
@@ -123,26 +179,6 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
return additionalInformation;
}
- @ManyToOne
- @JoinColumn(name = "auth_holder_id")
- public AuthenticationHolderEntity getAuthenticationHolder() {
- return authenticationHolder;
- }
-
- public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) {
- this.authenticationHolder = authenticationHolder;
- }
-
- @ManyToOne
- @JoinColumn(name = "client_id")
- public ClientDetailsEntity getClient() {
- return client;
- }
-
- public void setClient(ClientDetailsEntity client) {
- this.client = client;
- }
-
@Override
@Transient
public String getValue() {
@@ -150,31 +186,16 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
}
@Override
- @Basic
- @Temporal(javax.persistence.TemporalType.TIMESTAMP)
- @Column(name = "expiration")
public Date getExpiration() {
return expiration;
}
- public void setExpiration(Date expiration) {
- this.expiration = expiration;
- }
-
@Override
- @Basic
- @Column(name="token_type")
public String getTokenType() {
return tokenType;
}
- public void setTokenType(String tokenType) {
- this.tokenType = tokenType;
- }
-
@Override
- @ManyToOne
- @JoinColumn(name="refresh_token_id")
public OAuth2RefreshTokenEntity getRefreshToken() {
return refreshToken;
}
@@ -191,33 +212,16 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
}
@Override
- @ElementCollection(fetch=FetchType.EAGER)
- @CollectionTable(joinColumns=@JoinColumn(name="owner_id"), name="token_scope")
public Set<String> getScope() {
return scope;
}
- public void setScope(Set<String> scope) {
- this.scope = scope;
- }
-
@Override
@Transient
public boolean isExpired() {
return getExpiration() != null && System.currentTimeMillis() > getExpiration().getTime();
}
- @Basic
- @Column(name="token_value")
- @Convert(converter = JWTStringConverter.class)
- public JWT getJwt() {
- return jwtValue;
- }
-
- public void setJwt(JWT jwt) {
- this.jwtValue = jwt;
- }
-
@Override
@Transient
public int getExpiresIn() {
@@ -232,27 +236,6 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
}
}
- @OneToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL)
- @JoinTable(name = "access_token_permissions", joinColumns = @JoinColumn(name = "access_token_id"),
- inverseJoinColumns = @JoinColumn(name = "permission_id"))
- public Set<Permission> getPermissions() {
- return permissions;
- }
-
- public void setPermissions(Set<Permission> permissions) {
- this.permissions = permissions;
- }
-
- @ManyToOne
- @JoinColumn(name="approved_site_id")
- public ApprovedSite getApprovedSite() {
- return approvedSite;
- }
-
- public void setApprovedSite(ApprovedSite approvedSite) {
- this.approvedSite = approvedSite;
- }
-
@Transient
public void setIdToken(JWT idToken) {
if (idToken != null) {
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2RefreshTokenEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2RefreshTokenEntity.java
index f31f1a7f5..05e99fa67 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2RefreshTokenEntity.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/OAuth2RefreshTokenEntity.java
@@ -20,10 +20,19 @@
*/
package cz.muni.ics.oauth2.model;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.PARAM_CLIENT;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.PARAM_DATE;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.PARAM_NAME;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.PARAM_TOKEN_VALUE;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.QUERY_ALL;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.QUERY_BY_CLIENT;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.QUERY_BY_NAME;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.QUERY_BY_TOKEN_VALUE;
+import static cz.muni.ics.oauth2.model.OAuth2RefreshTokenEntity.QUERY_EXPIRED_BY_DATE;
+
import com.nimbusds.jwt.JWT;
import cz.muni.ics.oauth2.model.convert.JWTStringConverter;
import java.util.Date;
-import javax.persistence.Basic;
import javax.persistence.Column;
import javax.persistence.Convert;
import javax.persistence.Entity;
@@ -37,20 +46,44 @@ import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.Table;
import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
/**
* @author jricher
*/
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
@Entity
@Table(name = "refresh_token")
@NamedQueries({
- @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_ALL, query = "select r from OAuth2RefreshTokenEntity r"),
- @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_EXPIRED_BY_DATE, query = "select r from OAuth2RefreshTokenEntity r where r.expiration <= :" + OAuth2RefreshTokenEntity.PARAM_DATE),
- @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_CLIENT, query = "select r from OAuth2RefreshTokenEntity r where r.client = :" + OAuth2RefreshTokenEntity.PARAM_CLIENT),
- @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_TOKEN_VALUE, query = "select r from OAuth2RefreshTokenEntity r where r.jwt = :" + OAuth2RefreshTokenEntity.PARAM_TOKEN_VALUE),
- @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_NAME, query = "select r from OAuth2RefreshTokenEntity r where r.authenticationHolder.userAuth.name = :" + OAuth2RefreshTokenEntity.PARAM_NAME)
+ @NamedQuery(name = QUERY_ALL,
+ query = "SELECT r FROM OAuth2RefreshTokenEntity r"),
+ @NamedQuery(name = QUERY_EXPIRED_BY_DATE,
+ query = "SELECT r FROM OAuth2RefreshTokenEntity r " +
+ "WHERE r.expiration <= :" + PARAM_DATE),
+ @NamedQuery(name = QUERY_BY_CLIENT,
+ query = "SELECT r FROM OAuth2RefreshTokenEntity r " +
+ "WHERE r.client = :" + PARAM_CLIENT),
+ @NamedQuery(name = QUERY_BY_TOKEN_VALUE,
+ query = "SELECT r FROM OAuth2RefreshTokenEntity r " +
+ "WHERE r.jwt = :" + PARAM_TOKEN_VALUE),
+ @NamedQuery(name = QUERY_BY_NAME,
+ query = "SELECT r FROM OAuth2RefreshTokenEntity r " +
+ "WHERE r.authenticationHolder.userAuth.name = :" + PARAM_NAME)
})
public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken {
@@ -65,34 +98,27 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken {
public static final String PARAM_DATE = "date";
public static final String PARAM_NAME = "name";
- private Long id;
- private AuthenticationHolderEntity authenticationHolder;
- private ClientDetailsEntity client;
- private JWT jwt;
- private Date expiration;
-
- public OAuth2RefreshTokenEntity() { }
-
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
- public Long getId() {
- return id;
- }
-
- public void setId(Long id) {
- this.id = id;
- }
+ private Long id;
@ManyToOne
@JoinColumn(name = "auth_holder_id")
- public AuthenticationHolderEntity getAuthenticationHolder() {
- return authenticationHolder;
- }
+ @CascadeOnDelete
+ private AuthenticationHolderEntity authenticationHolder;
- public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) {
- this.authenticationHolder = authenticationHolder;
- }
+ @ManyToOne(fetch = FetchType.EAGER)
+ @JoinColumn(name = "client_id")
+ private ClientDetailsEntity client;
+
+ @Column(name = "token_value")
+ @Convert(converter = JWTStringConverter.class)
+ private JWT jwt;
+
+ @Temporal(TemporalType.TIMESTAMP)
+ @Column(name = "expiration")
+ private Date expiration;
@Override
@Transient
@@ -100,41 +126,9 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken {
return jwt.serialize();
}
- @Basic
- @Temporal(javax.persistence.TemporalType.TIMESTAMP)
- @Column(name = "expiration")
- public Date getExpiration() {
- return expiration;
- }
-
- public void setExpiration(Date expiration) {
- this.expiration = expiration;
- }
-
@Transient
public boolean isExpired() {
return getExpiration() != null && System.currentTimeMillis() > getExpiration().getTime();
}
- @ManyToOne(fetch = FetchType.EAGER)
- @JoinColumn(name = "client_id")
- public ClientDetailsEntity getClient() {
- return client;
- }
-
- public void setClient(ClientDetailsEntity client) {
- this.client = client;
- }
-
- @Basic
- @Column(name="token_value")
- @Convert(converter = JWTStringConverter.class)
- public JWT getJwt() {
- return jwt;
- }
-
- public void setJwt(JWT jwt) {
- this.jwt = jwt;
- }
-
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SavedUserAuthentication.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SavedUserAuthentication.java
index 21511d2d2..faf9c5867 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SavedUserAuthentication.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/SavedUserAuthentication.java
@@ -34,8 +34,14 @@ import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.Table;
import javax.persistence.Transient;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
import lombok.ToString;
import lombok.extern.slf4j.Slf4j;
+import org.eclipse.persistence.annotations.CascadeOnDelete;
import org.opensaml.saml2.core.AuthnContext;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnStatement;
@@ -48,18 +54,39 @@ import org.springframework.security.providers.ExpiringUsernameAuthenticationToke
*
* @author jricher
*/
-@Entity
-@Table(name="saved_user_auth")
-@Slf4j
+@Getter
+@Setter
@ToString
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+// DB ANNOTATIONS
+@Entity
+@Table(name = "saved_user_auth")
public class SavedUserAuthentication implements Authentication {
private static final long serialVersionUID = -1804249963940323488L;
+ @Id
+ @GeneratedValue(strategy = GenerationType.IDENTITY)
+ @Column(name = "id")
private Long id;
+
+ @Basic
+ @Column(name="name")
private String name;
+
+ @ElementCollection(fetch = FetchType.EAGER)
+ @CollectionTable(name = "saved_user_auth_authority", joinColumns = @JoinColumn(name = "owner_id"))
+ @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
+ @Column(name = "authority")
+ @CascadeOnDelete
private Collection<GrantedAuthority> authorities;
+
+ @Column(name="authenticated")
private boolean authenticated;
+
+ @Column(name = "acr")
private String acr;
public SavedUserAuthentication(Authentication src) {
@@ -80,56 +107,17 @@ public class SavedUserAuthentication implements Authentication {
}
}
- public SavedUserAuthentication() { }
-
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- public Long getId() {
- return id;
- }
-
- public void setId(Long id) {
- this.id = id;
- }
-
@Override
- @Basic
- @Column(name="name")
public String getName() {
return name;
}
- public void setName(String name) {
- this.name = name;
- }
-
@Override
- @ElementCollection(fetch = FetchType.EAGER)
- @CollectionTable(name="saved_user_auth_authority", joinColumns=@JoinColumn(name="owner_id"))
- @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
- @Column(name="authority")
public Collection<GrantedAuthority> getAuthorities() {
return authorities;
}
- public void setAuthorities(Collection<GrantedAuthority> authorities) {
- this.authorities = authorities;
- }
-
- @Basic
- @Column(name = "acr")
- public String getAcr() {
- return acr;
- }
-
- public void setAcr(String acr) {
- this.acr = acr;
- }
-
@Override
- @Basic
- @Column(name="authenticated")
public boolean isAuthenticated() {
return authenticated;
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/repository/impl/JpaOAuth2TokenRepository.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/repository/impl/JpaOAuth2TokenRepository.java
index a7f31b409..ce64890dd 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/repository/impl/JpaOAuth2TokenRepository.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/repository/impl/JpaOAuth2TokenRepository.java
@@ -106,7 +106,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository {
@Transactional(value="defaultTransactionManager")
public void clearAccessTokensForRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
TypedQuery<OAuth2AccessTokenEntity> query = manager.createNamedQuery(OAuth2AccessTokenEntity.QUERY_BY_REFRESH_TOKEN, OAuth2AccessTokenEntity.class);
- query.setParameter(OAuth2AccessTokenEntity.PARAM_REFERSH_TOKEN, refreshToken);
+ query.setParameter(OAuth2AccessTokenEntity.PARAM_REFRESH_TOKEN, refreshToken);
List<OAuth2AccessTokenEntity> accessTokens = query.getResultList();
for (OAuth2AccessTokenEntity accessToken : accessTokens) {
removeAccessToken(accessToken);
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/PerunAccessTokenEnhancer.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/PerunAccessTokenEnhancer.java
index 50c0ee366..4e621b3ca 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/PerunAccessTokenEnhancer.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/PerunAccessTokenEnhancer.java
@@ -108,7 +108,7 @@ public class PerunAccessTokenEnhancer implements TokenEnhancer {
SignedJWT signed = new SignedJWT(header, claims);
jwtService.signJwt(signed);
- token.setJwt(signed);
+ token.setJwtValue(signed);
if (userInfo != null) {
//needs access token
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
index 5b9c0df12..2a06b47c1 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
@@ -281,7 +281,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
jwtService.signJwt(signed);
- token.setJwt(signed);
+ token.setJwtValue(signed);
return token;
}
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/token/ConnectTokenEnhancer.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/token/ConnectTokenEnhancer.java
index eb26c7ef9..fec35e513 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/token/ConnectTokenEnhancer.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/token/ConnectTokenEnhancer.java
@@ -96,7 +96,7 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
jwtService.signJwt(signed);
- token.setJwt(signed);
+ token.setJwtValue(signed);
/**
* Authorization request scope MUST include "openid" in OIDC, but access token request
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/util/IdTokenHashUtils.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/util/IdTokenHashUtils.java
index b4f9bee49..99254e219 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/util/IdTokenHashUtils.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/util/IdTokenHashUtils.java
@@ -56,7 +56,7 @@ public class IdTokenHashUtils {
*/
public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, OAuth2AccessTokenEntity token) {
- byte[] tokenBytes = token.getJwt().serialize().getBytes();
+ byte[] tokenBytes = token.getJwtValue().serialize().getBytes();
return getHash(signingAlg, tokenBytes);
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java
index e0227a96c..659e8f816 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/DynamicClientRegistrationEndpoint.java
@@ -752,7 +752,7 @@ public class DynamicClientRegistrationEndpoint {
try {
// Re-issue the token if it has been issued before [currentTime - validity]
Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
- if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
+ if(token.getJwtValue().getJWTClaimsSet().getIssueTime().before(validToDate)) {
log.info("Rotating the registration access token for " + client.getClientId());
tokenService.revokeAccessToken(token);
OAuth2AccessTokenEntity newToken = connectTokenService.createRegistrationAccessToken(client);
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java
index 256311ae0..9769565a9 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/ProtectedResourceRegistrationEndpoint.java
@@ -440,7 +440,7 @@ public class ProtectedResourceRegistrationEndpoint {
try {
// Re-issue the token if it has been issued before [currentTime - validity]
Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
- if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
+ if(token.getJwtValue().getJWTClaimsSet().getIssueTime().before(validToDate)) {
log.info("Rotating the registration access token for " + client.getClientId());
tokenService.revokeAccessToken(token);
OAuth2AccessTokenEntity newToken = connectTokenService.createResourceAccessToken(client);
diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/token/TestConnectTokenEnhancer.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/token/TestConnectTokenEnhancer.java
index 6921c6c22..2a4610fce 100644
--- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/token/TestConnectTokenEnhancer.java
+++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/token/TestConnectTokenEnhancer.java
@@ -92,7 +92,7 @@ public class TestConnectTokenEnhancer {
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
OAuth2AccessTokenEntity enhanced = (OAuth2AccessTokenEntity) enhancer.enhance(token, authentication);
- Assert.assertEquals("foo", enhanced.getJwt().getJWTClaimsSet().getClaim("test"));
+ Assert.assertEquals("foo", enhanced.getJwtValue().getJWTClaimsSet().getClaim("test"));
}
private void configure(ConnectTokenEnhancer e) {
diff --git a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/util/TestIdTokenHashUtils.java b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/util/TestIdTokenHashUtils.java
index c8689e439..ff4907b21 100644
--- a/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/util/TestIdTokenHashUtils.java
+++ b/perun-oidc-server/src/test/java/cz/muni/ics/openid/connect/util/TestIdTokenHashUtils.java
@@ -58,7 +58,7 @@ public class TestIdTokenHashUtils {
claims.setSubject("example_user");
claims.setClaim("alg", "HS256");
*/
- Mockito.when(mockToken256.getJwt()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJIUzI1NiIsInN1YiI6ImV4YW1wbGVfdXNlciIsImlzcyI6Ind3dy5leGFtcGxlLmNvbSIsInR5cCI6IkpXVCJ9."));
+ Mockito.when(mockToken256.getJwtValue()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJIUzI1NiIsInN1YiI6ImV4YW1wbGVfdXNlciIsImlzcyI6Ind3dy5leGFtcGxlLmNvbSIsInR5cCI6IkpXVCJ9."));
/*
* Claims for second token
@@ -68,7 +68,7 @@ public class TestIdTokenHashUtils {
claims.setSubject("another_user");
claims.setClaim("alg", "ES384");
*/
- Mockito.when(mockToken384.getJwt()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJFUzM4NCIsInN1YiI6ImFub3RoZXJfdXNlciIsImlzcyI6Ind3dy5hbm90aGVyLWV4YW1wbGUubmV0IiwidHlwIjoiSldUIn0."));
+ Mockito.when(mockToken384.getJwtValue()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJFUzM4NCIsInN1YiI6ImFub3RoZXJfdXNlciIsImlzcyI6Ind3dy5hbm90aGVyLWV4YW1wbGUubmV0IiwidHlwIjoiSldUIn0."));
/*
* Claims for third token:
@@ -78,13 +78,13 @@ public class TestIdTokenHashUtils {
claims.setSubject("different_user");
claims.setClaim("alg", "RS512");
*/
- Mockito.when(mockToken512.getJwt()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJSUzUxMiIsInN1YiI6ImRpZmZlcmVudF91c2VyIiwiaXNzIjoid3d3LmRpZmZlcmVudC5jb20iLCJ0eXAiOiJKV1QifQ."));
+ Mockito.when(mockToken512.getJwtValue()).thenReturn(JWTParser.parse("eyJhbGciOiJub25lIn0.eyJhbGciOiJSUzUxMiIsInN1YiI6ImRpZmZlcmVudF91c2VyIiwiaXNzIjoid3d3LmRpZmZlcmVudC5jb20iLCJ0eXAiOiJKV1QifQ."));
}
@Test
public void getAccessTokenHash256() {
- mockToken256.getJwt().serialize();
+ mockToken256.getJwtValue().serialize();
Base64URL expectedHash = new Base64URL("EP1gXNeESRH-n57baopfTQ");
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.HS256, mockToken256);
@@ -101,7 +101,7 @@ public class TestIdTokenHashUtils {
base64url of hash = BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK
*/
- mockToken384.getJwt().serialize();
+ mockToken384.getJwtValue().serialize();
Base64URL expectedHash = new Base64URL("BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK");
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.ES384, mockToken384);
@@ -118,7 +118,7 @@ public class TestIdTokenHashUtils {
base64url of hash = vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k
*/
- mockToken512.getJwt().serialize();
+ mockToken512.getJwtValue().serialize();
Base64URL expectedHash = new Base64URL("vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k");
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.RS512, mockToken512);