From c2b9fd4db1d84d436a10bb5114d4685e914f4ff3 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Tue, 5 Feb 2013 11:11:41 -0500
Subject: [PATCH] system scope ordering consistency

---
 .../org/mitre/oauth2/model/SystemScope.java   | 12 ++++++++---
 .../oauth2/service/SystemScopeService.java    | 18 ++++++++++++++++
 .../impl/JpaSystemScopeRepository.java        |  5 ++---
 .../impl/DefaultSystemScopeService.java       | 21 +++++++++++++------
 4 files changed, 44 insertions(+), 12 deletions(-)

diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
index 6f2a28edf..e86d606e3 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
@@ -20,7 +20,7 @@ import javax.persistence.Table;
 @Entity
 @Table(name = "system_scope")
 @NamedQueries({
-	@NamedQuery(name = "SystemScope.findAll", query = "select s from SystemScope s"),
+	@NamedQuery(name = "SystemScope.findAll", query = "select s from SystemScope s ORDER BY s.id"),
 	@NamedQuery(name = "SystemScope.getByValue", query = "select s from SystemScope s WHERE s.value = :value")
 })
 public class SystemScope {
@@ -29,9 +29,15 @@ public class SystemScope {
 	private String value; // scope value
 	private String description; // human-readable description
 	private String icon; // class of the icon to display on the auth page	
-	private boolean allowDynReg; // can a dynamically registered client ask for this scope?
-	private boolean defaultScope; // is this a default scope for newly-registered clients?
+	private boolean allowDynReg = false; // can a dynamically registered client ask for this scope?
+	private boolean defaultScope = false; // is this a default scope for newly-registered clients?
 
+	/**
+	 * @param input
+	 */
+    public SystemScope(String value) {
+    	this.value = value;
+    }
 	/**
 	 * @return the id
 	 */
diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
index 347b31078..22883c066 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
@@ -15,8 +15,16 @@ public interface SystemScopeService {
 	
 	public Set<SystemScope> getAll();
 	
+	/**
+	 * Get all scopes that are defaulted to new clients on this system
+	 * @return
+	 */
 	public Set<SystemScope> getDefaults();
 	
+	/**
+	 * Get all scopes that are allowed for dynamic registration on this system
+	 * @return
+	 */
 	public Set<SystemScope> getDynReg();
 
 	public SystemScope getById(Long id);
@@ -27,8 +35,18 @@ public interface SystemScopeService {
 	
 	public SystemScope save(SystemScope scope);
 	
+	/**
+	 * Translate the set of scope strings into a set of SystemScope objects.
+	 * @param scope
+	 * @return
+	 */
 	public Set<SystemScope> fromStrings(Set<String> scope);
 	
+	/**
+	 * Pluck the scope values from the set of SystemScope objects and return a list of strings
+	 * @param scope
+	 * @return
+	 */
 	public Set<String> toStrings(Set<SystemScope> scope);
 
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
index 6a725737a..c11e81d03 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
@@ -3,12 +3,11 @@
  */
 package org.mitre.oauth2.repository.impl;
 
-import java.util.HashSet;
+import java.util.LinkedHashSet;
 import java.util.Set;
 
 import javax.persistence.EntityManager;
 import javax.persistence.PersistenceContext;
-import javax.persistence.PersistenceUnit;
 import javax.persistence.TypedQuery;
 
 import org.mitre.oauth2.model.SystemScope;
@@ -37,7 +36,7 @@ public class JpaSystemScopeRepository implements SystemScopeRepository {
 	public Set<SystemScope> getAll() {
 		TypedQuery<SystemScope> query = em.createNamedQuery("SystemScope.findAll", SystemScope.class);
 		
-		return new HashSet<SystemScope>(query.getResultList());
+		return new LinkedHashSet<SystemScope>(query.getResultList());
 	}
 
 	/* (non-Javadoc)
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
index d74b29b2a..8e368303b 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
@@ -3,7 +3,7 @@
  */
 package org.mitre.oauth2.service.impl;
 
-import java.util.HashSet;
+import java.util.LinkedHashSet;
 import java.util.Set;
 
 import javax.annotation.Nullable;
@@ -31,7 +31,6 @@ public class DefaultSystemScopeService implements SystemScopeService {
 	private SystemScopeRepository repository;
 	
 	private Predicate<SystemScope> isDefault = new Predicate<SystemScope>() {
-
 		@Override
         public boolean apply(@Nullable SystemScope input) {
 			return (input != null && input.isDefaultScope());
@@ -40,7 +39,6 @@ public class DefaultSystemScopeService implements SystemScopeService {
 	
 	
 	private Predicate<SystemScope> isDynReg = new Predicate<SystemScope>() {
-
 		@Override
         public boolean apply(@Nullable SystemScope input) {
 			return (input != null && input.isAllowDynReg());
@@ -50,7 +48,18 @@ public class DefaultSystemScopeService implements SystemScopeService {
 	private Function<String, SystemScope> stringToSystemScope = new Function<String, SystemScope>() {
 		@Override
         public SystemScope apply(@Nullable String input) {
-	        return getByValue(input);
+			if (input == null) {
+				return null;
+			} else {
+		        SystemScope s = getByValue(input);
+		        if (s != null) {
+		        	// get the real scope if it's available
+		        	return s;
+		        } else {
+		        	// make a fake one otherwise
+		        	return new SystemScope(input);
+		        }
+			}
         }
 	};
 	
@@ -130,7 +139,7 @@ public class DefaultSystemScopeService implements SystemScopeService {
     	if (scope == null) {
     		return null;
     	} else {
-    		return new HashSet<SystemScope>(Collections2.filter(Collections2.transform(scope, stringToSystemScope), Predicates.notNull()));
+    		return new LinkedHashSet<SystemScope>(Collections2.filter(Collections2.transform(scope, stringToSystemScope), Predicates.notNull()));
     	}
     }
 
@@ -142,7 +151,7 @@ public class DefaultSystemScopeService implements SystemScopeService {
     	if (scope == null) {
     		return null;
     	} else {
-    		return new HashSet<String>(Collections2.filter(Collections2.transform(scope, systemScopeToString), Predicates.notNull()));
+    		return new LinkedHashSet<String>(Collections2.filter(Collections2.transform(scope, systemScopeToString), Predicates.notNull()));
     	}
     }