diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java index ae7872b9c..8c8d451ec 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java @@ -28,6 +28,8 @@ import javax.persistence.CollectionTable; import javax.persistence.Column; import javax.persistence.ElementCollection; import javax.persistence.Entity; +import javax.persistence.EnumType; +import javax.persistence.Enumerated; import javax.persistence.FetchType; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; @@ -55,15 +57,17 @@ import org.springframework.security.oauth2.provider.ClientDetails; }) public class ClientDetailsEntity implements ClientDetails { + private static final long serialVersionUID = -1617727085733786296L; + private Long id; /** Our own fields **/ - private String clientDescription = "";//this is ours + private String clientDescription = ""; // human-readable description private Boolean allowRefresh = false; // do we allow refresh tokens for this client? private Boolean allowMultipleAccessTokens = false; // do we allow multiple access tokens, or not? private Boolean reuseRefreshToken = false; // do we let someone reuse a refresh token? - private Integer idTokenValiditySeconds = 0; //timeout for id tokens - private Boolean dynamicallyRegistered = false; + private Boolean dynamicallyRegistered = false; // was this client dynamically registered? + private Integer idTokenValiditySeconds; //timeout for id tokens /** Fields from ClientDetails interface **/ private String clientId = ""; @@ -588,7 +592,7 @@ public class ClientDetailsEntity implements ClientDetails { - @Basic + @Enumerated(EnumType.STRING) @Column(name="application_type") public AppType getApplicationType() { return applicationType; @@ -608,7 +612,7 @@ public class ClientDetailsEntity implements ClientDetails { this.applicationName = applicationName; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="token_endpoint_auth_type") public AuthType getTokenEndpointAuthType() { return tokenEndpointAuthType; @@ -712,7 +716,7 @@ public class ClientDetailsEntity implements ClientDetails { this.sectorIdentifierUrl = sectorIdentifierUrl; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="requre_signed_request_object") public JwsAlgorithm getRequireSignedRequestObject() { return requireSignedRequestObject; @@ -723,7 +727,7 @@ public class ClientDetailsEntity implements ClientDetails { this.requireSignedRequestObject = requireSignedRequestObject; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="user_info_signed_response_alg") public JwsAlgorithm getUserInfoSignedResponseAlg() { return userInfoSignedResponseAlg; @@ -733,7 +737,7 @@ public class ClientDetailsEntity implements ClientDetails { this.userInfoSignedResponseAlg = userInfoSignedResponseAlg; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="user_info_encrypted_response_alg") public JweAlgorithms getUserInfoEncryptedResponseAlg() { return userInfoEncryptedResponseAlg; @@ -744,7 +748,7 @@ public class ClientDetailsEntity implements ClientDetails { this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="user_info_encrypted_response_enc") public JweAlgorithms getUserInfoEncryptedResponseEnc() { return userInfoEncryptedResponseEnc; @@ -755,7 +759,7 @@ public class ClientDetailsEntity implements ClientDetails { this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="user_info_encrypted_response_int") public JweAlgorithms getUserInfoEncryptedResponseInt() { return userInfoEncryptedResponseInt; @@ -766,7 +770,7 @@ public class ClientDetailsEntity implements ClientDetails { this.userInfoEncryptedResponseInt = userInfoEncryptedResponseInt; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="id_token_signed_response_alg") public JwsAlgorithm getIdTokenSignedResponseAlg() { return idTokenSignedResponseAlg; @@ -776,7 +780,7 @@ public class ClientDetailsEntity implements ClientDetails { this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="id_token_encrypted_response_alg") public JweAlgorithms getIdTokenEncryptedResponseAlg() { return idTokenEncryptedResponseAlg; @@ -787,7 +791,7 @@ public class ClientDetailsEntity implements ClientDetails { this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="id_token_encrypted_response_enc") public JweAlgorithms getIdTokenEncryptedReponseEnc() { return idTokenEncryptedReponseEnc; @@ -798,7 +802,7 @@ public class ClientDetailsEntity implements ClientDetails { this.idTokenEncryptedReponseEnc = idTokenEncryptedReponseEnc; } - @Basic + @Enumerated(EnumType.STRING) @Column(name="id_token_encrypted_response_int") public JweAlgorithms getIdTokenEncryptedResponseInt() { return idTokenEncryptedResponseInt; diff --git a/openid-connect-server/db/tables/database_tables.sql b/openid-connect-server/db/tables/database_tables.sql index 4167e4ba6..26845a788 100644 --- a/openid-connect-server/db/tables/database_tables.sql +++ b/openid-connect-server/db/tables/database_tables.sql @@ -3,9 +3,9 @@ CREATE TABLE access_token ( token_value VARCHAR(4096), expiration TIMESTAMP, token_type VARCHAR(256), - refresh_token_id VARCHAR(256), + refresh_token_id BIGINT, client_id VARCHAR(256), - auth_holder_id VARCHAR(256), + auth_holder_id BIGINT, id_token_string VARCHAR(4096) ); @@ -20,14 +20,14 @@ CREATE TABLE address ( ); CREATE TABLE allowed_scope ( - owner_id VARCHAR(256), + owner_id BIGINT, allowed_scope VARCHAR(256) ); CREATE TABLE approved_site ( id BIGINT AUTO_INCREMENT PRIMARY KEY, - user_id VARCHAR(256), - client_id VARCHAR(256), + user_id VARCHAR(4096), + client_id VARCHAR(4096), creation_date DATE, access_date DATE, timeout_date DATE, @@ -36,17 +36,17 @@ CREATE TABLE approved_site ( CREATE TABLE authentication_holder ( id BIGINT AUTO_INCREMENT PRIMARY KEY, - owner_id VARCHAR(256), + owner_id BIGINT, authentication LONGBLOB ); CREATE TABLE authority ( - owner_id VARCHAR(4096), + owner_id BIGINT, authority LONGBLOB ); CREATE TABLE authorized_grant_type ( - owner_id VARCHAR(256), + owner_id BIGINT, authorized_grant_type VARCHAR(2000) ); @@ -56,11 +56,11 @@ CREATE TABLE client_details ( allow_refresh TINYINT, allow_multiple_access_tokens TINYINT, reuse_refresh_tokens TINYINT, - id_token_validity_seconds BIGINT, dynamically_registered TINYINT, + id_token_validity_seconds BIGINT, client_id VARCHAR(256), - client_secret VARCHAR(2000), + client_secret VARCHAR(2048), access_token_validity_seconds BIGINT, refresh_token_validity_seconds BIGINT, @@ -69,13 +69,13 @@ CREATE TABLE client_details ( token_endpoint_auth_type VARCHAR(256), user_id_type VARCHAR(256), - logo_url VARCHAR(256), - policy_url VARCHAR(256), - jwk_url VARCHAR(256), - jwk_encryption_url VARCHAR(256), - x509_url VARCHAR(256), - x509_encryption_url VARCHAR(256), - sector_identifier_url VARCHAR(256), + logo_url VARCHAR(2048), + policy_url VARCHAR(2048), + jwk_url VARCHAR(2048), + jwk_encryption_url VARCHAR(2048), + x509_url VARCHAR(2048), + x509_encryption_url VARCHAR(2048), + sector_identifier_url VARCHAR(2048), requre_signed_request_object VARCHAR(256), @@ -95,7 +95,7 @@ CREATE TABLE client_details ( ); CREATE TABLE contact ( - owner_id VARCHAR(256), + owner_id BIGINT, contact VARCHAR(256) ); @@ -114,14 +114,15 @@ CREATE TABLE idtokenclaims ( ); CREATE TABLE redirect_uri ( - owner_id VARCHAR(256), - redirect_uri VARCHAR(2000) + owner_id BIGINT, + redirect_uri VARCHAR(2048) ); CREATE TABLE refresh_token ( id BIGINT AUTO_INCREMENT PRIMARY KEY, token_value VARCHAR(4096), expiration TIMESTAMP, + auth_holder_id BIGINT, client_id VARCHAR(256) );