github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: 🐛 Fix possible SQL exceptions 

Fixed possible SQLExceptions by using the correct IDP_IDP and SP_ID
column names where it was missing. Also, removed usages of ResultSet
scrolling functionality, to prevent the SQL exceptions raised when
scrolling is not available.
pull/1580/head
Dominik Frantisek Bucik 2021-12-08 07:13:42 +01:00
parent c252db224c
commit b3bd9e94c7
No known key found for this signature in database
GPG Key ID: 25014C8DB2E7E62D
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ProxyStatisticsFilter.java
View File

@ -159,24 +159,32 @@ public class ProxyStatisticsFilter extends PerunRequestFilter {
}
private int extractSpId(Connection c, String spIdentifier) throws SQLException {
String getSpIdQuery = "SELECT * FROM " + serviceProvidersMapTableName + " WHERE identifier= ?";
String query = "SELECT " + spIdColumnName + " FROM " + serviceProvidersMapTableName +
" WHERE identifier = ? LIMIT 1";
try (PreparedStatement preparedStatement = c.prepareStatement(getSpIdQuery)) {
try (PreparedStatement preparedStatement = c.prepareStatement(query)) {
preparedStatement.setString(1, spIdentifier);
ResultSet rs = preparedStatement.executeQuery();
rs.first();
return rs.getInt("spId");
if (rs.next()) {
return rs.getInt(spIdColumnName);
} else {
throw new SQLException("No result found");
}
}
}
private int extractIdpId(Connection c, String idpEntityId) throws SQLException {
String getIdPIdQuery = "SELECT * FROM " + identityProvidersMapTableName + " WHERE identifier = ?";
String query = "SELECT " + idpIdColumnName + " FROM " + identityProvidersMapTableName +
" WHERE identifier = ? LIMIT 1";
try (PreparedStatement preparedStatement = c.prepareStatement(getIdPIdQuery)) {
try (PreparedStatement preparedStatement = c.prepareStatement(query)) {
preparedStatement.setString(1, idpEntityId);
ResultSet rs = preparedStatement.executeQuery();
rs.first();
return rs.getInt("idpId");
if (rs.next()) {
return rs.getInt(idpIdColumnName);
} else {
throw new SQLException("No result found");
}
}
}