github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added bootstrapping for clients, cleaned up sql files

pull/263/head
Justin Richer 2012-12-05 15:04:14 -05:00
parent cf7ceb74f3
commit ba7ddf17f9
4 changed files with 104 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
openid-connect-server/src/main/resources/db/clients.sql
View File

@ -0,0 +1,67 @@
--
-- Turn off autocommit and start a transaction so that we can use the temp tables
--
SET AUTOCOMMIT FALSE;
START TRANSACTION;
--
-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
--
INSERT INTO client_details_TEMP (client_id, client_secret, application_name, allow_refresh, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds) VALUES
('client', 'secret', 'Test Client', true, false, null, 3600, 600);
INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
('client', 'openid'),
('client', 'profile'),
('client', 'email'),
('client', 'address'),
('client', 'phone'),
('client', 'offline');
INSERT INTO redirect_uri_TEMP (owner_id, redirect_uri) VALUES
('client', 'http://localhost/'),
('client', 'http://localhost:8080/');
INSERT INTO authorized_grant_type_TEMP (owner_id, authorized_grant_type) VALUES
('client', 'autorization_code'),
('client', 'implicit');
--
-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
--
MERGE INTO client_details
USING (SELECT client_id, client_secret, application_name, allow_refresh, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds FROM client_details_TEMP) AS vals(client_id, client_secret, application_name, allow_refresh, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds)
ON vals.client_id = client_details.client_id
WHEN NOT MATCHED THEN
INSERT (client_id, client_secret, application_name, allow_refresh, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds) VALUES(client_id, client_secret, application_name, allow_refresh, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds);
MERGE INTO client_scope
USING (SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id) AS vals(id, scope)
ON vals.id = client_scope.owner_id AND vals.scope = client_scope.scope
WHEN NOT MATCHED THEN
INSERT (owner_id, scope) values (vals.id, vals.scope);
MERGE INTO redirect_uri
USING (SELECT id, redirect_uri FROM redirect_uri_TEMP, client_details WHERE client_details.client_id = redirect_uri_TEMP.owner_id) AS vals(id, redirect_uri)
ON vals.id = redirect_uri.owner_id AND vals.redirect_uri = redirect_uri.redirect_uri
WHEN NOT MATCHED THEN
INSERT (owner_id, redirect_uri) values (vals.id, vals.redirect_uri);
MERGE INTO authorized_grant_type
USING (SELECT id, authorized_grant_type FROM authorized_grant_type_TEMP, client_details WHERE client_details.client_id = authorized_grant_type_TEMP.owner_id) AS vals(id, authorized_grant_type)
ON vals.id = authorized_grant_type.owner_id AND vals.authorized_grant_type = authorized_grant_type.authorized_grant_type
WHEN NOT MATCHED THEN
INSERT (owner_id, authorized_grant_type) values (vals.id, vals.authorized_grant_type);
--
-- Close the transaction and turn autocommit back on
--
COMMIT;
SET AUTOCOMMIT TRUE;

16
openid-connect-server/src/main/resources/db/tables/database_tables.sql
View File

@ -68,10 +68,10 @@ CREATE TABLE IF NOT EXISTS blacklisted_site (
CREATE TABLE IF NOT EXISTS client_details ( CREATE TABLE IF NOT EXISTS client_details (
id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY, id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
client_description VARCHAR(256), client_description VARCHAR(256),
allow_refresh TINYINT, allow_refresh BOOLEAN,
allow_multiple_access_tokens TINYINT, allow_multiple_access_tokens BOOLEAN,
reuse_refresh_tokens TINYINT, reuse_refresh_tokens BOOLEAN,
dynamically_registered TINYINT, dynamically_registered BOOLEAN,
id_token_validity_seconds BIGINT, id_token_validity_seconds BIGINT,
client_id VARCHAR(256), client_id VARCHAR(256),
@ -105,7 +105,7 @@ CREATE TABLE IF NOT EXISTS client_details (
id_token_encrypted_response_int VARCHAR(256), id_token_encrypted_response_int VARCHAR(256),
default_max_age BIGINT, default_max_age BIGINT,
require_auth_time TINYINT, require_auth_time BOOLEAN,
default_acr VARCHAR(256) default_acr VARCHAR(256)
); );
@ -142,17 +142,17 @@ CREATE TABLE IF NOT EXISTS refresh_token (
); );
CREATE TABLE IF NOT EXISTS resource_id ( CREATE TABLE IF NOT EXISTS resource_id (
owner_id VARCHAR(256), owner_id BIGINT,
resource_id VARCHAR(256) resource_id VARCHAR(256)
); );
CREATE TABLE IF NOT EXISTS client_scope ( CREATE TABLE IF NOT EXISTS client_scope (
owner_id VARCHAR(4096), owner_id BIGINT,
scope VARCHAR(2048) scope VARCHAR(2048)
); );
CREATE TABLE IF NOT EXISTS token_scope ( CREATE TABLE IF NOT EXISTS token_scope (
owner_id VARCHAR(4096), owner_id BIGINT,
scope VARCHAR(2048) scope VARCHAR(2048)
); );

34
openid-connect-server/src/main/resources/db/tables/loading_temp_tables.sql
View File

@ -35,13 +35,31 @@ CREATE TEMPORARY TABLE IF NOT EXISTS user_info_TEMP (
updated_time VARCHAR(256) updated_time VARCHAR(256)
); );
CREATE TEMPORARY TABLE IF NOT EXISTS address_TEMP ( CREATE TEMPORARY TABLE IF NOT EXISTS client_details_TEMP (
id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY, client_description VARCHAR(256),
formatted VARCHAR(256), allow_refresh BOOLEAN,
street_address VARCHAR(256), dynamically_registered BOOLEAN,
locality VARCHAR(256), id_token_validity_seconds BIGINT,
region VARCHAR(256),
postal_code VARCHAR(256), client_id VARCHAR(256),
country VARCHAR(256) client_secret VARCHAR(2048),
access_token_validity_seconds BIGINT,
refresh_token_validity_seconds BIGINT,
application_name VARCHAR(256)
); );
CREATE TEMPORARY TABLE IF NOT EXISTS client_scope_TEMP (
owner_id VARCHAR(256),
scope VARCHAR(2048)
);
CREATE TEMPORARY TABLE IF NOT EXISTS redirect_uri_TEMP (
owner_id VARCHAR(256),
redirect_uri VARCHAR(2048)
);
CREATE TEMPORARY TABLE IF NOT EXISTS authorized_grant_type_TEMP (
owner_id VARCHAR(256),
authorized_grant_type VARCHAR(2000)
);

4
openid-connect-server/src/main/webapp/WEB-INF/data-context.xml
View File

@ -17,10 +17,12 @@
If you are using a file based HSQLDB you should not run this every time. --> If you are using a file based HSQLDB you should not run this every time. -->
<jdbc:initialize-database data-source="dataSource"> <jdbc:initialize-database data-source="dataSource">
<jdbc:script location="classpath:/db/tables/database_tables.sql"/> <jdbc:script location="classpath:/db/tables/database_tables.sql"/>
<!-- The following are for the jdbc-user-service spring security implementation --> <!-- The following file is for the jdbc-user-service spring security implementation -->
<jdbc:script location="classpath:/db/tables/security-schema.sql"/> <jdbc:script location="classpath:/db/tables/security-schema.sql"/>
<!-- The following files are for safely bootstrapping users and clients into the database -->
<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/> <jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/>
<jdbc:script location="classpath:/db/users.sql"/> <jdbc:script location="classpath:/db/users.sql"/>
<jdbc:script location="classpath:/db/clients.sql"/>
</jdbc:initialize-database> </jdbc:initialize-database>
<!-- The following is for connecting to a MySQL database that has been initialized with <!-- The following is for connecting to a MySQL database that has been initialized with