made required claims sets stick in the database

pull/820/merge
Justin Richer 2015-06-26 17:17:51 -04:00
parent 667c766273
commit b8a5486995
5 changed files with 56 additions and 9 deletions

View File

@ -20,6 +20,7 @@ package org.mitre.uma.model;
import java.util.Collection;
import java.util.Set;
import javax.persistence.Basic;
import javax.persistence.CascadeType;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
@ -45,6 +46,7 @@ import javax.persistence.Table;
public class RequiredClaimSet {
private Long id;
private String name;
private Collection<Claim> claimsRequired;
private Set<String> scopes;
@ -65,13 +67,29 @@ public class RequiredClaimSet {
this.id = id;
}
/**
* @return the name
*/
@Basic
@Column(name = "name")
public String getName() {
return name;
}
/**
* @param name the name to set
*/
public void setName(String name) {
this.name = name;
}
/**
* @return the claimsRequired
*/
@OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
@JoinTable(
name = "claim_to_permission_ticket",
joinColumns = @JoinColumn(name = "permission_ticket_id"),
name = "claim_to_claim_set",
joinColumns = @JoinColumn(name = "required_claim_set_id"),
inverseJoinColumns = @JoinColumn(name = "claim_id")
)
public Collection<Claim> getClaimsRequired() {

View File

@ -327,7 +327,8 @@ CREATE TABLE IF NOT EXISTS claim_to_permission_ticket (
CREATE TABLE IF NOT EXISTS required_claim_set (
id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
resource_set_id BIGINT NOT NULL
name VARCHAR(1024),
resource_set_id BIGINT
);
CREATE TABLE IF NOT EXISTS required_claim_set_scope (

View File

@ -47,6 +47,7 @@ public class MatchAllClaimsProcessor implements ClaimsProcessingService {
// we found something that's satisfied the claims, let's go with it!
return unmatched;
} else {
// otherwise add it to the stack to send back
allUnmatched.addAll(unmatched);
}
}

View File

@ -97,7 +97,7 @@ public class PermissionRegistrationEndpoint {
if (rsid == null || scopes == null || scopes.isEmpty()){
// missing information
m.addAttribute("code", HttpStatus.BAD_REQUEST);
m.addAttribute("errorMessage", "Missing required component of resource registration request.");
m.addAttribute("errorMessage", "Missing required component of permission registration request.");
return JsonErrorView.VIEWNAME;
}

View File

@ -28,6 +28,8 @@ import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.mitre.openid.connect.view.HttpCodeView;
import org.mitre.openid.connect.view.JsonEntityView;
import org.mitre.openid.connect.view.JsonErrorView;
import org.mitre.uma.model.Claim;
import org.mitre.uma.model.RequiredClaimSet;
import org.mitre.uma.model.ResourceSet;
import org.mitre.uma.service.ResourceSetService;
import org.mitre.uma.view.ResourceSetEntityAbbreviatedView;
@ -36,22 +38,19 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.MimeTypeUtils;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParseException;
@ -121,7 +120,35 @@ public class ResourceSetRegistrationEndpoint {
m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Resource request was missing one or more required fields.");
return JsonErrorView.VIEWNAME;
}
////
//// TEMP
////
Set<Claim> claims = new HashSet<>();
Claim e = new Claim();
e.setIssuer(Sets.newHashSet("https://healthauth.org/"));
e.setName("email");
e.setValue("alice@healthauth.org");
claims.add(e);
/* TODO: claims need to be multi-typed
Claim ev = new Claim();
ev.setIssuer(Sets.newHashSet("https://healthauth.org/"));
e.setName("email_verified");
ev.setValue(true);
claims.add(e);
*/
RequiredClaimSet reqired = new RequiredClaimSet();
reqired.setScopes(rs.getScopes());
reqired.setClaimsRequired(claims);
rs.setRequiredClaimSets(Sets.newHashSet(reqired));
////
//// END TEMP
////
ResourceSet saved = resourceSetService.saveNew(rs);
m.addAttribute(HttpCodeView.CODE, HttpStatus.CREATED);