简柏林 / thingskit · Commits

Commit 61a6fdbc03694ac4656a2bafc1e8be4018dfc49d

Authored by vzikratyi
1 parent 58464c54

Moved OAuth2 config to separate table in DB

Inline Side-by-side
Showing 30 changed files with 939 additions and 945 deletions
  1 +--
  2 +-- Copyright © 2016-2020 The Thingsboard Authors
  3 +--
  4 +-- Licensed under the Apache License, Version 2.0 (the "License");
  5 +-- you may not use this file except in compliance with the License.
  6 +-- You may obtain a copy of the License at
  7 +--
  8 +-- http://www.apache.org/licenses/LICENSE-2.0
  9 +--
  10 +-- Unless required by applicable law or agreed to in writing, software
  11 +-- distributed under the License is distributed on an "AS IS" BASIS,
  12 +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 +-- See the License for the specific language governing permissions and
  14 +-- limitations under the License.
  15 +--
  16 +
  17 +DROP TABLE IF EXISTS oauth2_client_registration;
  18 +
  19 +CREATE TABLE IF NOT EXISTS oauth2_client_registration (
  20 + id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
  21 + created_time bigint NOT NULL,
  22 + additional_info varchar,
  23 + tenant_id uuid,
  24 + registration_id varchar(255),
  25 + domain_name varchar(255),
  26 + client_id varchar(255),
  27 + client_secret varchar(255),
  28 + authorization_uri varchar(255),
  29 + token_uri varchar(255),
  30 + redirect_uri_template varchar(255),
  31 + scope varchar(255),
  32 + user_info_uri varchar(255),
  33 + user_name_attribute_name varchar(255),
  34 + jwk_set_uri varchar(255),
  35 + client_authentication_method varchar(255),
  36 + login_button_label varchar(255),
  37 + login_button_icon varchar(255),
  38 + allow_user_creation boolean,
  39 + activate_user boolean,
  40 + type varchar(31),
  41 + basic_email_attribute_key varchar(31),
  42 + basic_first_name_attribute_key varchar(31),
  43 + basic_last_name_attribute_key varchar(31),
  44 + basic_tenant_name_strategy varchar(31),
  45 + basic_tenant_name_pattern varchar(255),
  46 + basic_customer_name_pattern varchar(255),
  47 + basic_default_dashboard_name varchar(255),
  48 + basic_always_full_screen boolean,
  49 + custom_url varchar(255),
  50 + custom_username varchar(255),
  51 + custom_password varchar(255),
  52 + CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
  53 +);
\ No newline at end of file
... ...
... ... @@ -47,22 +47,10 @@ import org.thingsboard.server.common.data.asset.AssetInfo;
47 47 import org.thingsboard.server.common.data.audit.ActionType;
48 48 import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
49 49 import org.thingsboard.server.common.data.exception.ThingsboardException;
50   -import org.thingsboard.server.common.data.id.AlarmId;
51   -import org.thingsboard.server.common.data.id.AssetId;
52   -import org.thingsboard.server.common.data.id.CustomerId;
53   -import org.thingsboard.server.common.data.id.DashboardId;
54   -import org.thingsboard.server.common.data.id.DeviceId;
55   -import org.thingsboard.server.common.data.id.EntityId;
56   -import org.thingsboard.server.common.data.id.EntityIdFactory;
57   -import org.thingsboard.server.common.data.id.EntityViewId;
58   -import org.thingsboard.server.common.data.id.RuleChainId;
59   -import org.thingsboard.server.common.data.id.RuleNodeId;
60   -import org.thingsboard.server.common.data.id.TenantId;
61   -import org.thingsboard.server.common.data.id.UserId;
62   -import org.thingsboard.server.common.data.id.WidgetTypeId;
63   -import org.thingsboard.server.common.data.id.WidgetsBundleId;
  50 +import org.thingsboard.server.common.data.id.*;
64 51 import org.thingsboard.server.common.data.kv.AttributeKvEntry;
65 52 import org.thingsboard.server.common.data.kv.DataType;
  53 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
66 54 import org.thingsboard.server.common.data.page.PageLink;
67 55 import org.thingsboard.server.common.data.page.SortOrder;
68 56 import org.thingsboard.server.common.data.page.TimePageLink;
... ... @@ -87,6 +75,7 @@ import org.thingsboard.server.dao.entityview.EntityViewService;
87 75 import org.thingsboard.server.dao.exception.DataValidationException;
88 76 import org.thingsboard.server.dao.exception.IncorrectParameterException;
89 77 import org.thingsboard.server.dao.model.ModelConstants;
  78 +import org.thingsboard.server.dao.oauth2.OAuth2Service;
90 79 import org.thingsboard.server.dao.relation.RelationService;
91 80 import org.thingsboard.server.dao.rule.RuleChainService;
92 81 import org.thingsboard.server.dao.tenant.TenantService;
... ... @@ -162,6 +151,9 @@ public abstract class BaseController {
162 151 protected DashboardService dashboardService;
163 152
164 153 @Autowired
  154 + protected OAuth2Service oAuth2Service;
  155 +
  156 + @Autowired
165 157 protected ComponentDiscoveryService componentDescriptorService;
166 158
167 159 @Autowired
... ... @@ -390,6 +382,9 @@ public abstract class BaseController {
390 382 case WIDGET_TYPE:
391 383 checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation);
392 384 return;
  385 + case OAUTH2_CLIENT_REGISTRATION:
  386 + checkOAuth2ClientRegistrationId(new OAuth2ClientRegistrationId(entityId.getId()), operation);
  387 + return;
393 388 default:
394 389 throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType());
395 390 }
... ... @@ -542,6 +537,18 @@ public abstract class BaseController {
542 537 }
543 538 }
544 539
  540 + OAuth2ClientRegistration checkOAuth2ClientRegistrationId(OAuth2ClientRegistrationId clientRegistrationId, Operation operation) throws ThingsboardException {
  541 + try {
  542 + validateId(clientRegistrationId, "Incorrect oAuth2ClientRegistrationId " + clientRegistrationId);
  543 + OAuth2ClientRegistration clientRegistration = oAuth2Service.findClientRegistrationById(getCurrentUser().getTenantId(), clientRegistrationId);
  544 + checkNotNull(clientRegistration);
  545 + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation, clientRegistrationId, clientRegistration);
  546 + return clientRegistration;
  547 + } catch (Exception e) {
  548 + throw handleException(e, false);
  549 + }
  550 + }
  551 +
545 552 ComponentDescriptor checkComponentDescriptorByClazz(String clazz) throws ThingsboardException {
546 553 try {
547 554 log.debug("[{}] Lookup component descriptor", clazz);
... ...
... ... @@ -20,8 +20,12 @@ import org.springframework.beans.factory.annotation.Autowired;
20 20 import org.springframework.http.HttpStatus;
21 21 import org.springframework.security.access.prepost.PreAuthorize;
22 22 import org.springframework.web.bind.annotation.*;
  23 +import org.thingsboard.server.common.data.Dashboard;
  24 +import org.thingsboard.server.common.data.EntityType;
  25 +import org.thingsboard.server.common.data.audit.ActionType;
23 26 import org.thingsboard.server.common.data.exception.ThingsboardException;
24   -import org.thingsboard.server.common.data.id.EntityId;
  27 +import org.thingsboard.server.common.data.id.DashboardId;
  28 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
25 29 import org.thingsboard.server.common.data.id.TenantId;
26 30 import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
27 31 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
... ... @@ -40,14 +44,14 @@ import java.util.List;
40 44 @RequestMapping("/api")
41 45 @Slf4j
42 46 public class OAuth2Controller extends BaseController {
43   - @Autowired
44   - private OAuth2Service oauth2Service;
  47 + public static final String CLIENT_REGISTRATION_ID = "clientRegistrationId";
  48 + private static final String REGISTRATION_ID = "registrationId";
45 49
46 50 @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)
47 51 @ResponseBody
48 52 public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {
49 53 try {
50   - return oauth2Service.getOAuth2Clients(request.getServerName());
  54 + return oAuth2Service.getOAuth2Clients(request.getServerName());
51 55 } catch (Exception e) {
52 56 throw handleException(e);
53 57 }
... ... @@ -60,13 +64,15 @@ public class OAuth2Controller extends BaseController {
60 64 try {
61 65 Authority authority = getCurrentUser().getAuthority();
62 66 checkOAuth2ConfigPermissions(Operation.READ);
63   - OAuth2ClientsParams oAuth2ClientsParams = null;
  67 + List<OAuth2ClientRegistration> clientRegistrations = null;
64 68 if (Authority.SYS_ADMIN.equals(authority)) {
65   - oAuth2ClientsParams = oauth2Service.getSystemOAuth2ClientsParams();
  69 + clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
66 70 } else if (Authority.TENANT_ADMIN.equals(authority)) {
67   - oAuth2ClientsParams = oauth2Service.getTenantOAuth2ClientsParams(getCurrentUser().getTenantId());
  71 + clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(getCurrentUser().getTenantId());
  72 + } else {
  73 + throw new IllegalStateException("Authority " + authority + " cannot get client registrations.");
68 74 }
69   - return oAuth2ClientsParams;
  75 + return new OAuth2ClientsParams(clientRegistrations);
70 76 } catch (Exception e) {
71 77 throw handleException(e);
72 78 }
... ... @@ -75,18 +81,37 @@ public class OAuth2Controller extends BaseController {
75 81 @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
76 82 @RequestMapping(value = "/oauth2/config", method = RequestMethod.POST)
77 83 @ResponseStatus(value = HttpStatus.OK)
78   - public OAuth2ClientsParams saveClientParams(@RequestBody OAuth2ClientsParams oAuth2ClientsParams) throws ThingsboardException {
  84 + public OAuth2ClientRegistration saveClientRegistration(@RequestBody OAuth2ClientRegistration clientRegistration) throws ThingsboardException {
79 85 try {
80   - Authority authority = getCurrentUser().getAuthority();
81   - checkOAuth2ConfigPermissions(Operation.WRITE);
82   - OAuth2ClientsParams savedOAuth2ClientsParams = null;
83   - if (Authority.SYS_ADMIN.equals(authority)) {
84   - savedOAuth2ClientsParams = oauth2Service.saveSystemOAuth2ClientsParams(oAuth2ClientsParams);
85   - } else if (Authority.TENANT_ADMIN.equals(authority)) {
86   - savedOAuth2ClientsParams = oauth2Service.saveTenantOAuth2ClientsParams(getCurrentUser().getTenantId(), oAuth2ClientsParams);
87   - }
88   - return savedOAuth2ClientsParams;
  86 + clientRegistration.setTenantId(getCurrentUser().getTenantId());
  87 + checkEntity(clientRegistration.getId(), clientRegistration, Resource.OAUTH2_CONFIGURATION);
  88 + return oAuth2Service.saveClientRegistration(clientRegistration);
  89 + } catch (Exception e) {
  90 + throw handleException(e);
  91 + }
  92 + }
  93 +
  94 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
  95 + @RequestMapping(value = "/oauth2/config/{clientRegistrationId}", method = RequestMethod.DELETE)
  96 + @ResponseStatus(value = HttpStatus.OK)
  97 + public void deleteClientRegistration(@PathVariable(CLIENT_REGISTRATION_ID) String strClientRegistrationId) throws ThingsboardException {
  98 + checkParameter(CLIENT_REGISTRATION_ID, strClientRegistrationId);
  99 + try {
  100 + OAuth2ClientRegistrationId clientRegistrationId = new OAuth2ClientRegistrationId(toUUID(strClientRegistrationId));
  101 + OAuth2ClientRegistration clientRegistration = checkOAuth2ClientRegistrationId(clientRegistrationId, Operation.DELETE);
  102 + oAuth2Service.deleteClientRegistrationById(getCurrentUser().getTenantId(), clientRegistrationId);
  103 +
  104 + logEntityAction(clientRegistrationId, clientRegistration,
  105 + null,
  106 + ActionType.DELETED, null, strClientRegistrationId);
  107 +
89 108 } catch (Exception e) {
  109 +
  110 + logEntityAction(emptyId(EntityType.OAUTH2_CLIENT_REGISTRATION),
  111 + null,
  112 + null,
  113 + ActionType.DELETED, e, strClientRegistrationId);
  114 +
90 115 throw handleException(e);
91 116 }
92 117 }
... ... @@ -96,7 +121,7 @@ public class OAuth2Controller extends BaseController {
96 121 @ResponseBody
97 122 public Boolean isOAuth2ConfigurationAllowed() throws ThingsboardException {
98 123 try {
99   - return oauth2Service.isOAuth2ClientRegistrationAllowed(getTenantId());
  124 + return oAuth2Service.isOAuth2ClientRegistrationAllowed(getTenantId());
100 125 } catch (Exception e) {
101 126 throw handleException(e);
102 127 }
... ... @@ -105,4 +130,8 @@ public class OAuth2Controller extends BaseController {
105 130 private void checkOAuth2ConfigPermissions(Operation operation) throws ThingsboardException {
106 131 accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation);
107 132 }
  133 +
  134 + private void checkOAuth2ConfigPermissions(Operation operation, OAuth2ClientRegistration clientRegistration) throws ThingsboardException {
  135 + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation, clientRegistration.getId(), clientRegistration);
  136 + }
108 137 }
... ...
... ... @@ -173,6 +173,9 @@ public class ThingsboardInstallService {
173 173 databaseEntitiesUpgradeService.upgradeDatabase("3.0.1");
174 174 log.info("Updating system data...");
175 175 systemDataLoaderService.updateSystemWidgets();
  176 + case "3.1.0":
  177 + log.info("Upgrading ThingsBoard from version 3.1.0 to 3.2.0 ...");
  178 + databaseEntitiesUpgradeService.upgradeDatabase("3.1.0");
176 179 break;
177 180 default:
178 181 throw new RuntimeException("Unable to upgrade ThingsBoard, unsupported fromVersion: " + upgradeFromVersion);
... ...
... ... @@ -294,6 +294,15 @@ public class SqlDatabaseUpgradeService implements DatabaseEntitiesUpgradeService
294 294 } catch (Exception e) {
295 295 log.error("Failed updating schema!!!", e);
296 296 }
  297 + case "3.1.0":
  298 + try (Connection conn = DriverManager.getConnection(dbUrl, dbUserName, dbPassword)) {
  299 + log.info("Updating schema ...");
  300 + schemaUpdateFile = Paths.get(installScripts.getDataDir(), "upgrade", "3.1.0", "schema_update.sql");
  301 + loadSql(schemaUpdateFile, conn);
  302 + log.info("Schema updated.");
  303 + } catch (Exception e) {
  304 + log.error("Failed updating schema!!!", e);
  305 + }
297 306 break;
298 307 default:
299 308 throw new RuntimeException("Unable to upgrade SQL database, unsupported fromVersion: " + fromVersion);
... ...
... ... @@ -65,11 +65,9 @@ public class Oauth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS
65 65 try {
66 66 OAuth2AuthenticationToken token = (OAuth2AuthenticationToken) authentication;
67 67
68   - Pair<TenantId, OAuth2ClientRegistration> clientRegistrationPair = oAuth2Service.getClientRegistrationWithTenant(token.getAuthorizedClientRegistrationId());
69   - TenantId tenantId = clientRegistrationPair.getKey();
70   - OAuth2ClientRegistration clientRegistration = clientRegistrationPair.getValue();
  68 + OAuth2ClientRegistration clientRegistration = oAuth2Service.findClientRegistrationByRegistrationId(token.getAuthorizedClientRegistrationId());
71 69 OAuth2ClientMapper mapper = oauth2ClientMapperProvider.getOAuth2ClientMapperByType(clientRegistration.getMapperConfig().getType());
72   - SecurityUser securityUser = mapper.getOrCreateUserByClientPrincipal(token, tenantId, clientRegistration.getMapperConfig());
  70 + SecurityUser securityUser = mapper.getOrCreateUserByClientPrincipal(token, clientRegistration.getTenantId(), clientRegistration.getMapperConfig());
73 71
74 72 JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
75 73 JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
... ...
... ... @@ -32,7 +32,7 @@ public enum Resource {
32 32 USER(EntityType.USER),
33 33 WIDGETS_BUNDLE(EntityType.WIDGETS_BUNDLE),
34 34 WIDGET_TYPE(EntityType.WIDGET_TYPE),
35   - OAUTH2_CONFIGURATION(),
  35 + OAUTH2_CONFIGURATION(EntityType.OAUTH2_CLIENT_REGISTRATION),
36 36 ;
37 37
38 38 private final EntityType entityType;
... ...
... ... @@ -113,5 +113,13 @@ public class TenantAdminPermissions extends AbstractPermissions {
113 113 public boolean hasPermission(SecurityUser user, Operation operation) {
114 114 return oAuth2Service.isOAuth2ClientRegistrationAllowed(user.getTenantId());
115 115 }
  116 +
  117 + @Override
  118 + public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) {
  119 + if (!user.getTenantId().equals(entity.getTenantId())) {
  120 + return false;
  121 + }
  122 + return hasPermission(user, operation);
  123 + }
116 124 };
117 125 }
... ...
... ... @@ -15,39 +15,30 @@
15 15 */
16 16 package org.thingsboard.server.dao.oauth2;
17 17
18   -import org.apache.commons.lang3.tuple.Pair;
19   -import org.thingsboard.server.common.data.id.CustomerId;
20   -import org.thingsboard.server.common.data.id.EntityId;
  18 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
21 19 import org.thingsboard.server.common.data.id.TenantId;
22   -import org.thingsboard.server.common.data.oauth2.ExtendedOAuth2ClientRegistration;
23 20 import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
24 21 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
25   -import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
26 22
27 23 import java.util.List;
28   -import java.util.Map;
  24 +import java.util.UUID;
29 25
30 26 public interface OAuth2Service {
31   - Pair<TenantId, OAuth2ClientRegistration> getClientRegistrationWithTenant(String registrationId);
32   -
33   - ExtendedOAuth2ClientRegistration getExtendedClientRegistration(String registrationId);
34   -
35 27 List<OAuth2ClientInfo> getOAuth2Clients(String domainName);
36 28
37   - OAuth2ClientsParams saveSystemOAuth2ClientsParams(OAuth2ClientsParams oAuth2ClientsParams);
  29 + OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration);
38 30
39   - OAuth2ClientsParams saveTenantOAuth2ClientsParams(TenantId tenantId, OAuth2ClientsParams oAuth2ClientsParams);
  31 + List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId);
40 32
41   - OAuth2ClientsParams getSystemOAuth2ClientsParams();
  33 + OAuth2ClientRegistration findClientRegistrationByRegistrationId(String registrationId);
42 34
43   - OAuth2ClientsParams getTenantOAuth2ClientsParams(TenantId tenantId);
  35 + OAuth2ClientRegistration findClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id);
44 36
45   - void deleteTenantOAuth2ClientsParams(TenantId tenantId);
  37 + List<OAuth2ClientRegistration> findAllClientRegistrations();
46 38
47   - void deleteSystemOAuth2ClientsParams();
  39 + void deleteClientRegistrationsByTenantId(TenantId tenantId);
48 40
49   - boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId);
50   -
51   - Map<TenantId, OAuth2ClientsParams> getAllOAuth2ClientsParams();
  41 + void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id);
52 42
  43 + boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId);
53 44 }
... ...
... ... @@ -19,5 +19,5 @@ package org.thingsboard.server.common.data;
19 19 * @author Andrew Shvayka
20 20 */
21 21 public enum EntityType {
22   - TENANT, CUSTOMER, USER, DASHBOARD, ASSET, DEVICE, ALARM, RULE_CHAIN, RULE_NODE, ENTITY_VIEW, WIDGETS_BUNDLE, WIDGET_TYPE
  22 + TENANT, CUSTOMER, USER, DASHBOARD, ASSET, DEVICE, ALARM, RULE_CHAIN, RULE_NODE, ENTITY_VIEW, WIDGETS_BUNDLE, WIDGET_TYPE, OAUTH2_CLIENT_REGISTRATION
23 23 }
... ...
... ... @@ -62,6 +62,8 @@ public class EntityIdFactory {
62 62 return new WidgetsBundleId(uuid);
63 63 case WIDGET_TYPE:
64 64 return new WidgetTypeId(uuid);
  65 + case OAUTH2_CLIENT_REGISTRATION:
  66 + return new OAuth2ClientRegistrationId(uuid);
65 67 }
66 68 throw new IllegalArgumentException("EntityType " + type + " is not supported!");
67 69 }
... ...
common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationId.java renamed from common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2IntegrationId.java
... ... @@ -17,19 +17,23 @@ package org.thingsboard.server.common.data.id;
17 17
18 18 import com.fasterxml.jackson.annotation.JsonCreator;
19 19 import com.fasterxml.jackson.annotation.JsonProperty;
  20 +import org.thingsboard.server.common.data.EntityType;
20 21
21 22 import java.util.UUID;
22 23
23   -public class OAuth2IntegrationId extends UUIDBased {
24   -
25   - private static final long serialVersionUID = 1L;
  24 +public class OAuth2ClientRegistrationId extends UUIDBased implements EntityId {
26 25
27 26 @JsonCreator
28   - public OAuth2IntegrationId(@JsonProperty("id") UUID id) {
  27 + public OAuth2ClientRegistrationId(@JsonProperty("id") UUID id) {
29 28 super(id);
30 29 }
31 30
32   - public static OAuth2IntegrationId fromString(String oauth2IntegrationId) {
33   - return new OAuth2IntegrationId(UUID.fromString(oauth2IntegrationId));
  31 + public static OAuth2ClientRegistrationId fromString(String clientRegistrationId) {
  32 + return new OAuth2ClientRegistrationId(UUID.fromString(clientRegistrationId));
  33 + }
  34 +
  35 + @Override
  36 + public EntityType getEntityType() {
  37 + return EntityType.OAUTH2_CLIENT_REGISTRATION;
34 38 }
35 39 }
... ...
... ... @@ -17,27 +17,20 @@ package org.thingsboard.server.common.data.oauth2;
17 17
18 18 import lombok.Data;
19 19 import lombok.EqualsAndHashCode;
20   -import org.thingsboard.server.common.data.BaseData;
21   -import org.thingsboard.server.common.data.id.OAuth2IntegrationId;
  20 +import lombok.NoArgsConstructor;
  21 +import lombok.AllArgsConstructor;
22 22
23   -@EqualsAndHashCode(callSuper = true)
  23 +@EqualsAndHashCode
24 24 @Data
25   -public class OAuth2ClientInfo extends BaseData<OAuth2IntegrationId> {
  25 +@NoArgsConstructor
  26 +@AllArgsConstructor
  27 +public class OAuth2ClientInfo {
26 28
27 29 private String name;
28 30 private String icon;
29 31 private String url;
30 32
31   - public OAuth2ClientInfo() {
32   - super();
33   - }
34   -
35   - public OAuth2ClientInfo(OAuth2IntegrationId id) {
36   - super(id);
37   - }
38   -
39 33 public OAuth2ClientInfo(OAuth2ClientInfo oauth2ClientInfo) {
40   - super(oauth2ClientInfo);
41 34 this.name = oauth2ClientInfo.getName();
42 35 this.icon = oauth2ClientInfo.getIcon();
43 36 this.url = oauth2ClientInfo.getUrl();
... ...
... ... @@ -15,21 +15,26 @@
15 15 */
16 16 package org.thingsboard.server.common.data.oauth2;
17 17
  18 +import com.fasterxml.jackson.annotation.JsonProperty;
18 19 import lombok.*;
19 20 import org.thingsboard.server.common.data.BaseData;
20   -import org.thingsboard.server.common.data.id.OAuth2IntegrationId;
  21 +import org.thingsboard.server.common.data.HasName;
  22 +import org.thingsboard.server.common.data.HasTenantId;
  23 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
  24 +import org.thingsboard.server.common.data.id.TenantId;
21 25
22 26 import java.util.List;
23 27
24   -@EqualsAndHashCode
  28 +@EqualsAndHashCode(callSuper = true)
25 29 @Data
26 30 @ToString(exclude = {"clientSecret"})
27   -@Builder(toBuilder = true)
28 31 @NoArgsConstructor
29   -@AllArgsConstructor
30   -public class OAuth2ClientRegistration {
  32 +public class OAuth2ClientRegistration extends BaseData<OAuth2ClientRegistrationId> implements HasTenantId, HasName {
31 33
  34 + private TenantId tenantId;
32 35 private String registrationId;
  36 + private String domainName;
  37 + private String redirectUriTemplate;
33 38 private OAuth2MapperConfig mapperConfig;
34 39 private String clientId;
35 40 private String clientSecret;
... ... @@ -42,4 +47,30 @@ public class OAuth2ClientRegistration {
42 47 private String clientAuthenticationMethod;
43 48 private String loginButtonLabel;
44 49 private String loginButtonIcon;
  50 +
  51 + public OAuth2ClientRegistration(OAuth2ClientRegistration clientRegistration) {
  52 + super(clientRegistration);
  53 + this.tenantId = clientRegistration.getTenantId();
  54 + this.registrationId = clientRegistration.getRegistrationId();
  55 + this.domainName = clientRegistration.getDomainName();
  56 + this.redirectUriTemplate = clientRegistration.getRedirectUriTemplate();
  57 + this.mapperConfig = clientRegistration.mapperConfig;
  58 + this.clientId = clientRegistration.clientId;
  59 + this.clientSecret = clientRegistration.clientSecret;
  60 + this.authorizationUri = clientRegistration.authorizationUri;
  61 + this.accessTokenUri = clientRegistration.accessTokenUri;
  62 + this.scope = clientRegistration.scope;
  63 + this.userInfoUri = clientRegistration.userInfoUri;
  64 + this.userNameAttributeName = clientRegistration.userNameAttributeName;
  65 + this.jwkSetUri = clientRegistration.jwkSetUri;
  66 + this.clientAuthenticationMethod = clientRegistration.clientAuthenticationMethod;
  67 + this.loginButtonLabel = clientRegistration.loginButtonLabel;
  68 + this.loginButtonIcon = clientRegistration.loginButtonIcon;
  69 + }
  70 +
  71 + @Override
  72 + @JsonProperty(access = JsonProperty.Access.READ_ONLY)
  73 + public String getName() {
  74 + return loginButtonLabel;
  75 + }
45 76 }
... ...
... ... @@ -26,5 +26,5 @@ import java.util.List;
26 26 @NoArgsConstructor
27 27 @AllArgsConstructor
28 28 public class OAuth2ClientsParams {
29   - private List<OAuth2ClientsDomainParams> clientsDomainsParams;
  29 + private List<OAuth2ClientRegistration> clientRegistrations;
30 30 }
\ No newline at end of file
... ...
... ... @@ -355,22 +355,22 @@ public class ModelConstants {
355 355 public static final String RULE_NODE_CONFIGURATION_PROPERTY = "configuration";
356 356
357 357 /**
358   - * Cassandra OAuth2 client registration constants.
  358 + * OAuth2 client registration constants.
359 359 */
  360 + public static final String OAUTH2_TENANT_ID_PROPERTY = TENANT_ID_PROPERTY;
360 361 public static final String OAUTH2_CLIENT_REGISTRATION_COLUMN_FAMILY_NAME = "oauth2_client_registration";
361 362 public static final String OAUTH2_CLIENT_REGISTRATION_ID_PROPERTY = "registration_id";
  363 + public static final String OAUTH2_DOMAIN_NAME_PROPERTY = "domain_name";
362 364 public static final String OAUTH2_CLIENT_ID_PROPERTY = "client_id";
363 365 public static final String OAUTH2_CLIENT_SECRET_PROPERTY = "client_secret";
364 366 public static final String OAUTH2_AUTHORIZATION_URI_PROPERTY = "authorization_uri";
365 367 public static final String OAUTH2_TOKEN_URI_PROPERTY = "token_uri";
366 368 public static final String OAUTH2_REDIRECT_URI_TEMPLATE_PROPERTY = "redirect_uri_template";
367 369 public static final String OAUTH2_SCOPE_PROPERTY = "scope";
368   - public static final String OAUTH2_AUTHORIZATION_GRANT_TYPE_PROPERTY = "authorization_grant_type";
369 370 public static final String OAUTH2_USER_INFO_URI_PROPERTY = "user_info_uri";
370 371 public static final String OAUTH2_USER_NAME_ATTRIBUTE_NAME_PROPERTY = "user_name_attribute_name";
371 372 public static final String OAUTH2_JWK_SET_URI_PROPERTY = "jwk_set_uri";
372 373 public static final String OAUTH2_CLIENT_AUTHENTICATION_METHOD_PROPERTY = "client_authentication_method";
373   - public static final String OAUTH2_CLIENT_NAME_PROPERTY = "client_name";
374 374 public static final String OAUTH2_LOGIN_BUTTON_LABEL_PROPERTY = "login_button_label";
375 375 public static final String OAUTH2_LOGIN_BUTTON_ICON_PROPERTY = "login_button_icon";
376 376 public static final String OAUTH2_ALLOW_USER_CREATION_PROPERTY = "allow_user_creation";
... ...
  1 +/**
  2 + * Copyright © 2016-2020 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.dao.model.sql;
  17 +
  18 +import lombok.Data;
  19 +import lombok.EqualsAndHashCode;
  20 +import org.hibernate.annotations.TypeDef;
  21 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
  22 +import org.thingsboard.server.common.data.id.TenantId;
  23 +import org.thingsboard.server.common.data.oauth2.*;
  24 +import org.thingsboard.server.dao.model.BaseSqlEntity;
  25 +import org.thingsboard.server.dao.model.ModelConstants;
  26 +import org.thingsboard.server.dao.util.mapping.JsonStringType;
  27 +
  28 +import javax.persistence.*;
  29 +import java.util.Arrays;
  30 +import java.util.UUID;
  31 +
  32 +@Data
  33 +@EqualsAndHashCode(callSuper = true)
  34 +@Entity
  35 +@TypeDef(name = "json", typeClass = JsonStringType.class)
  36 +@Table(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_COLUMN_FAMILY_NAME)
  37 +public class OAuth2ClientRegistrationEntity extends BaseSqlEntity<OAuth2ClientRegistration> {
  38 +
  39 + @Column(name = ModelConstants.OAUTH2_TENANT_ID_PROPERTY, columnDefinition = "uuid")
  40 + private UUID tenantId;
  41 +
  42 + @Column(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_ID_PROPERTY)
  43 + private String registrationId;
  44 + @Column(name = ModelConstants.OAUTH2_DOMAIN_NAME_PROPERTY)
  45 + private String domainName;
  46 + @Column(name = ModelConstants.OAUTH2_CLIENT_ID_PROPERTY)
  47 + private String clientId;
  48 + @Column(name = ModelConstants.OAUTH2_CLIENT_SECRET_PROPERTY)
  49 + private String clientSecret;
  50 + @Column(name = ModelConstants.OAUTH2_AUTHORIZATION_URI_PROPERTY)
  51 + private String authorizationUri;
  52 + @Column(name = ModelConstants.OAUTH2_TOKEN_URI_PROPERTY)
  53 + private String tokenUri;
  54 + @Column(name = ModelConstants.OAUTH2_REDIRECT_URI_TEMPLATE_PROPERTY)
  55 + private String redirectUriTemplate;
  56 + @Column(name = ModelConstants.OAUTH2_SCOPE_PROPERTY)
  57 + private String scope;
  58 + @Column(name = ModelConstants.OAUTH2_USER_INFO_URI_PROPERTY)
  59 + private String userInfoUri;
  60 + @Column(name = ModelConstants.OAUTH2_USER_NAME_ATTRIBUTE_NAME_PROPERTY)
  61 + private String userNameAttributeName;
  62 + @Column(name = ModelConstants.OAUTH2_JWK_SET_URI_PROPERTY)
  63 + private String jwkSetUri;
  64 + @Column(name = ModelConstants.OAUTH2_CLIENT_AUTHENTICATION_METHOD_PROPERTY)
  65 + private String clientAuthenticationMethod;
  66 + @Column(name = ModelConstants.OAUTH2_LOGIN_BUTTON_LABEL_PROPERTY)
  67 + private String loginButtonLabel;
  68 + @Column(name = ModelConstants.OAUTH2_LOGIN_BUTTON_ICON_PROPERTY)
  69 + private String loginButtonIcon;
  70 + @Column(name = ModelConstants.OAUTH2_ALLOW_USER_CREATION_PROPERTY)
  71 + private Boolean allowUserCreation;
  72 + @Column(name = ModelConstants.OAUTH2_ACTIVATE_USER_PROPERTY)
  73 + private Boolean activateUser;
  74 + @Enumerated(EnumType.STRING)
  75 + @Column(name = ModelConstants.OAUTH2_MAPPER_TYPE_PROPERTY)
  76 + private MapperType type;
  77 + @Column(name = ModelConstants.OAUTH2_EMAIL_ATTRIBUTE_KEY_PROPERTY)
  78 + private String emailAttributeKey;
  79 + @Column(name = ModelConstants.OAUTH2_FIRST_NAME_ATTRIBUTE_KEY_PROPERTY)
  80 + private String firstNameAttributeKey;
  81 + @Column(name = ModelConstants.OAUTH2_LAST_NAME_ATTRIBUTE_KEY_PROPERTY)
  82 + private String lastNameAttributeKey;
  83 + @Enumerated(EnumType.STRING)
  84 + @Column(name = ModelConstants.OAUTH2_TENANT_NAME_STRATEGY_PROPERTY)
  85 + private TenantNameStrategyType tenantNameStrategy;
  86 + @Column(name = ModelConstants.OAUTH2_TENANT_NAME_PATTERN_PROPERTY)
  87 + private String tenantNamePattern;
  88 + @Column(name = ModelConstants.OAUTH2_CUSTOMER_NAME_PATTERN_PROPERTY)
  89 + private String customerNamePattern;
  90 + @Column(name = ModelConstants.OAUTH2_DEFAULT_DASHBOARD_NAME_PROPERTY)
  91 + private String defaultDashboardName;
  92 + @Column(name = ModelConstants.OAUTH2_ALWAYS_FULL_SCREEN_PROPERTY)
  93 + private Boolean alwaysFullScreen;
  94 + @Column(name = ModelConstants.OAUTH2_MAPPER_URL_PROPERTY)
  95 + private String url;
  96 + @Column(name = ModelConstants.OAUTH2_MAPPER_USERNAME_PROPERTY)
  97 + private String username;
  98 + @Column(name = ModelConstants.OAUTH2_MAPPER_PASSWORD_PROPERTY)
  99 + private String password;
  100 +
  101 + public OAuth2ClientRegistrationEntity() {
  102 + super();
  103 + }
  104 +
  105 + public OAuth2ClientRegistrationEntity(OAuth2ClientRegistration clientRegistration) {
  106 + if (clientRegistration.getId() != null) {
  107 + this.setUuid(clientRegistration.getId().getId());
  108 + }
  109 + if (clientRegistration.getTenantId() != null) {
  110 + this.tenantId = clientRegistration.getTenantId().getId();
  111 + }
  112 + this.domainName = clientRegistration.getDomainName();
  113 + this.createdTime = clientRegistration.getCreatedTime();
  114 + this.registrationId = clientRegistration.getRegistrationId();
  115 + this.clientId = clientRegistration.getClientId();
  116 + this.clientSecret = clientRegistration.getClientSecret();
  117 + this.authorizationUri = clientRegistration.getAuthorizationUri();
  118 + this.tokenUri = clientRegistration.getAccessTokenUri();
  119 + this.redirectUriTemplate = clientRegistration.getRedirectUriTemplate();
  120 + this.scope = clientRegistration.getScope().stream().reduce((result, element) -> result + "," + element).orElse("");
  121 + this.userInfoUri = clientRegistration.getUserInfoUri();
  122 + this.userNameAttributeName = clientRegistration.getUserNameAttributeName();
  123 + this.jwkSetUri = clientRegistration.getJwkSetUri();
  124 + this.clientAuthenticationMethod = clientRegistration.getClientAuthenticationMethod();
  125 + this.loginButtonLabel = clientRegistration.getLoginButtonLabel();
  126 + this.loginButtonIcon = clientRegistration.getLoginButtonIcon();
  127 + OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
  128 + if (mapperConfig != null) {
  129 + this.allowUserCreation = mapperConfig.isAllowUserCreation();
  130 + this.activateUser = mapperConfig.isActivateUser();
  131 + this.type = mapperConfig.getType();
  132 + OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasic();
  133 + if (basicConfig != null) {
  134 + this.emailAttributeKey = basicConfig.getEmailAttributeKey();
  135 + this.firstNameAttributeKey = basicConfig.getFirstNameAttributeKey();
  136 + this.lastNameAttributeKey = basicConfig.getLastNameAttributeKey();
  137 + this.tenantNameStrategy = basicConfig.getTenantNameStrategy();
  138 + this.tenantNamePattern = basicConfig.getTenantNamePattern();
  139 + this.customerNamePattern = basicConfig.getCustomerNamePattern();
  140 + this.defaultDashboardName = basicConfig.getDefaultDashboardName();
  141 + this.alwaysFullScreen = basicConfig.isAlwaysFullScreen();
  142 + }
  143 + OAuth2CustomMapperConfig customConfig = mapperConfig.getCustom();
  144 + if (customConfig != null) {
  145 + this.url = customConfig.getUrl();
  146 + this.username = customConfig.getUsername();
  147 + this.password = customConfig.getPassword();
  148 + }
  149 + }
  150 + }
  151 +
  152 + @Override
  153 + public OAuth2ClientRegistration toData() {
  154 + OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
  155 + clientRegistration.setId(new OAuth2ClientRegistrationId(id));
  156 + clientRegistration.setTenantId(new TenantId(tenantId));
  157 + clientRegistration.setRegistrationId(registrationId);
  158 + clientRegistration.setDomainName(domainName);
  159 + clientRegistration.setCreatedTime(createdTime);
  160 + clientRegistration.setMapperConfig(
  161 + OAuth2MapperConfig.builder()
  162 + .allowUserCreation(allowUserCreation)
  163 + .activateUser(activateUser)
  164 + .type(type)
  165 + .basic(
  166 + type == MapperType.BASIC ?
  167 + OAuth2BasicMapperConfig.builder()
  168 + .emailAttributeKey(emailAttributeKey)
  169 + .firstNameAttributeKey(firstNameAttributeKey)
  170 + .lastNameAttributeKey(lastNameAttributeKey)
  171 + .tenantNameStrategy(tenantNameStrategy)
  172 + .tenantNamePattern(tenantNamePattern)
  173 + .customerNamePattern(customerNamePattern)
  174 + .defaultDashboardName(defaultDashboardName)
  175 + .alwaysFullScreen(alwaysFullScreen)
  176 + .build()
  177 + : null
  178 + )
  179 + .custom(
  180 + type == MapperType.CUSTOM ?
  181 + OAuth2CustomMapperConfig.builder()
  182 + .url(url)
  183 + .username(username)
  184 + .password(password)
  185 + .build()
  186 + : null
  187 + )
  188 + .build()
  189 + );
  190 + clientRegistration.setClientId(clientId);
  191 + clientRegistration.setClientSecret(clientSecret);
  192 + clientRegistration.setAuthorizationUri(authorizationUri);
  193 + clientRegistration.setAccessTokenUri(tokenUri);
  194 + clientRegistration.setRedirectUriTemplate(redirectUriTemplate);
  195 + clientRegistration.setScope(Arrays.asList(scope.split(",")));
  196 + clientRegistration.setUserInfoUri(userInfoUri);
  197 + clientRegistration.setUserNameAttributeName(userNameAttributeName);
  198 + clientRegistration.setJwkSetUri(jwkSetUri);
  199 + clientRegistration.setClientAuthenticationMethod(clientAuthenticationMethod);
  200 + clientRegistration.setLoginButtonLabel(loginButtonLabel);
  201 + clientRegistration.setLoginButtonIcon(loginButtonIcon);
  202 + return clientRegistration;
  203 + }
  204 +}
... ...
... ... @@ -32,19 +32,19 @@ public class HybridClientRegistrationRepository implements ClientRegistrationRep
32 32
33 33 @Override
34 34 public ClientRegistration findByRegistrationId(String registrationId) {
35   - ExtendedOAuth2ClientRegistration localExtendedClientRegistration = oAuth2Service.getExtendedClientRegistration(registrationId);
36   - return localExtendedClientRegistration == null ?
37   - null : toSpringClientRegistration(localExtendedClientRegistration.getRedirectUriTemplate(), localExtendedClientRegistration.getClientRegistration());
  35 + OAuth2ClientRegistration oAuth2ClientRegistration = oAuth2Service.findClientRegistrationByRegistrationId(registrationId);
  36 + return oAuth2ClientRegistration == null ?
  37 + null : toSpringClientRegistration(oAuth2ClientRegistration);
38 38 }
39 39
40   - private ClientRegistration toSpringClientRegistration(String redirectUriTemplate, OAuth2ClientRegistration localClientRegistration){
  40 + private ClientRegistration toSpringClientRegistration(OAuth2ClientRegistration localClientRegistration){
41 41 return ClientRegistration.withRegistrationId(localClientRegistration.getRegistrationId())
42 42 .clientName(localClientRegistration.getRegistrationId())
43 43 .clientId(localClientRegistration.getClientId())
44 44 .authorizationUri(localClientRegistration.getAuthorizationUri())
45 45 .clientSecret(localClientRegistration.getClientSecret())
46 46 .tokenUri(localClientRegistration.getAccessTokenUri())
47   - .redirectUriTemplate(redirectUriTemplate)
  47 + .redirectUriTemplate(localClientRegistration.getRedirectUriTemplate())
48 48 .scope(localClientRegistration.getScope())
49 49 .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
50 50 .userInfoUri(localClientRegistration.getUserInfoUri())
... ...
  1 +/**
  2 + * Copyright © 2016-2020 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.dao.oauth2;
  17 +
  18 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
  19 +import org.thingsboard.server.dao.Dao;
  20 +
  21 +import java.util.List;
  22 +import java.util.UUID;
  23 +
  24 +public interface OAuth2ClientRegistrationDao extends Dao<OAuth2ClientRegistration> {
  25 + OAuth2ClientRegistration findByRegistrationId(String registrationId);
  26 +
  27 + List<OAuth2ClientRegistration> findAll();
  28 +
  29 + List<OAuth2ClientRegistration> findByTenantId(UUID tenantId);
  30 +
  31 + List<OAuth2ClientRegistration> findByDomainName(String domainName);
  32 +
  33 + boolean removeByRegistrationId(String registrationId);
  34 +
  35 + int removeByTenantId(UUID tenantId);
  36 +}
... ...
... ... @@ -15,366 +15,119 @@
15 15 */
16 16 package org.thingsboard.server.dao.oauth2;
17 17
18   -import com.fasterxml.jackson.core.JsonProcessingException;
19 18 import com.fasterxml.jackson.databind.JsonNode;
20   -import com.fasterxml.jackson.databind.ObjectMapper;
21   -import com.fasterxml.jackson.databind.node.ObjectNode;
22   -import com.google.common.util.concurrent.Futures;
23   -import com.google.common.util.concurrent.ListenableFuture;
24   -import com.google.common.util.concurrent.MoreExecutors;
25 19 import lombok.extern.slf4j.Slf4j;
26   -import org.apache.commons.lang3.tuple.ImmutablePair;
27   -import org.apache.commons.lang3.tuple.Pair;
  20 +import org.hibernate.exception.ConstraintViolationException;
28 21 import org.springframework.beans.factory.annotation.Autowired;
29   -import org.springframework.core.env.Environment;
30 22 import org.springframework.stereotype.Service;
31   -import org.springframework.transaction.annotation.Transactional;
32 23 import org.springframework.util.StringUtils;
33   -import org.thingsboard.server.common.data.*;
34   -import org.thingsboard.server.common.data.id.*;
35   -import org.thingsboard.server.common.data.kv.*;
  24 +import org.thingsboard.server.common.data.Tenant;
  25 +import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
  26 +import org.thingsboard.server.common.data.exception.ThingsboardException;
  27 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
  28 +import org.thingsboard.server.common.data.id.TenantId;
36 29 import org.thingsboard.server.common.data.oauth2.*;
37   -import org.thingsboard.server.dao.attributes.AttributesService;
  30 +import org.thingsboard.server.dao.entity.AbstractEntityService;
38 31 import org.thingsboard.server.dao.exception.DataValidationException;
39   -import org.thingsboard.server.dao.exception.IncorrectParameterException;
40   -import org.thingsboard.server.dao.lock.LockKey;
41   -import org.thingsboard.server.dao.lock.LockService;
42   -import org.thingsboard.server.dao.settings.AdminSettingsService;
  32 +import org.thingsboard.server.dao.service.DataValidator;
43 33 import org.thingsboard.server.dao.tenant.TenantService;
44 34
45   -import java.io.IOException;
46   -import java.util.*;
47   -import java.util.concurrent.ExecutionException;
48   -import java.util.function.Consumer;
  35 +import javax.transaction.Transactional;
  36 +import java.util.List;
  37 +import java.util.UUID;
49 38 import java.util.stream.Collectors;
50 39
51   -import static org.thingsboard.server.dao.oauth2.OAuth2Utils.*;
  40 +import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
  41 +import static org.thingsboard.server.dao.service.Validator.validateId;
  42 +import static org.thingsboard.server.dao.service.Validator.validateString;
52 43
53 44 @Slf4j
54 45 @Service
55   -public class OAuth2ServiceImpl implements OAuth2Service {
56   - private static final ObjectMapper mapper = new ObjectMapper();
57   -
58   - @Autowired
59   - private Environment environment;
60   -
61   - @Autowired
62   - private AdminSettingsService adminSettingsService;
63   -
64   - @Autowired
65   - private AttributesService attributesService;
  46 +public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Service {
  47 + public static final String INCORRECT_TENANT_ID = "Incorrect tenantId ";
  48 + public static final String INCORRECT_CLIENT_REGISTRATION_ID = "Incorrect clientRegistrationId ";
  49 + public static final String INCORRECT_REGISTRATION_ID = "Incorrect registrationId ";
  50 + public static final String INCORRECT_DOMAIN_NAME = "Incorrect domainName ";
66 51
67 52 @Autowired
68 53 private TenantService tenantService;
69 54
70 55 @Autowired
71   - private LockService lockService;
72   -
73   - private boolean isInstall() {
74   - return environment.acceptsProfiles("install");
75   - }
76   -
77   - @Override
78   - public Pair<TenantId, OAuth2ClientRegistration> getClientRegistrationWithTenant(String registrationId) {
79   - return getExtendedOAuth2ClientRegistrationWithTenant(registrationId)
80   - .map(pair -> ImmutablePair.of(pair.getLeft(), pair.getRight().getClientRegistration()))
81   - .orElse(null);
82   - }
83   -
84   - @Override
85   - public ExtendedOAuth2ClientRegistration getExtendedClientRegistration(String registrationId) {
86   - return getExtendedOAuth2ClientRegistrationWithTenant(registrationId)
87   - .map(Pair::getValue)
88   - .orElse(null);
89   -
90   - }
91   -
92   - private Optional<Pair<TenantId, ExtendedOAuth2ClientRegistration>> getExtendedOAuth2ClientRegistrationWithTenant(String registrationId) {
93   - return getAllOAuth2ClientsParams().entrySet().stream()
94   - .map(entry -> {
95   - TenantId tenantId = entry.getKey();
96   - return entry.getValue().getClientsDomainsParams().stream()
97   - .flatMap(domainParams ->
98   - domainParams.getClientRegistrations().stream()
99   - .map(clientRegistration -> new ExtendedOAuth2ClientRegistration(domainParams.getRedirectUriTemplate(), clientRegistration))
100   - )
101   - .filter(registration -> registrationId.equals(registration.getClientRegistration().getRegistrationId()))
102   - .findFirst()
103   - .map(extendedClientRegistration -> ImmutablePair.of(tenantId, extendedClientRegistration))
104   - .orElse(null);
105   -
106   - })
107   - .filter(Objects::nonNull)
108   - .findFirst()
109   - .map(entry -> ImmutablePair.of(entry.getKey(), entry.getValue()))
110   - ;
111   - }
112   -
  56 + private OAuth2ClientRegistrationDao clientRegistrationDao;
113 57
114 58 @Override
115 59 public List<OAuth2ClientInfo> getOAuth2Clients(String domainName) {
116   - OAuth2ClientsDomainParams oAuth2ClientsDomainParams = getMergedOAuth2ClientsParams(domainName);
117   - return oAuth2ClientsDomainParams != null && oAuth2ClientsDomainParams.getClientRegistrations() != null ?
118   - oAuth2ClientsDomainParams.getClientRegistrations().stream()
119   - .map(OAuth2Utils::toClientInfo)
120   - .collect(Collectors.toList())
121   - : Collections.emptyList()
122   - ;
123   - }
124   -
125   - @Override
126   - public OAuth2ClientsParams saveSystemOAuth2ClientsParams(OAuth2ClientsParams oAuth2ClientsParams) {
127   - validate(oAuth2ClientsParams);
128   - validateRegistrationIdUniqueness(oAuth2ClientsParams, TenantId.SYS_TENANT_ID);
129   -
130   - transactionalSaveSystemOAuth2ClientsParams(oAuth2ClientsParams);
131   -
132   - return getSystemOAuth2ClientsParams();
133   - }
134   -
135   - @Transactional
136   - private void transactionalSaveSystemOAuth2ClientsParams(OAuth2ClientsParams oAuth2ClientsParams) {
137   - long acquireStart = System.currentTimeMillis();
138   - lockService.transactionLock(LockKey.OAUTH2_CONFIG);
139   - log.trace("[{}] Waited for lock {} ms.", TenantId.SYS_TENANT_ID, System.currentTimeMillis() - acquireStart);
140   -
141   - validateRegistrationIdUniqueness(oAuth2ClientsParams, TenantId.SYS_TENANT_ID);
142   - AdminSettings oauth2SystemAdminSettings = adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAUTH2_CLIENT_REGISTRATIONS_PARAMS);
143   - if (oauth2SystemAdminSettings == null) {
144   - oauth2SystemAdminSettings = createSystemAdminSettings();
145   - }
146   - String json = toJson(oAuth2ClientsParams);
147   - ((ObjectNode) oauth2SystemAdminSettings.getJsonValue()).put(SYSTEM_SETTINGS_OAUTH2_VALUE, json);
148   - adminSettingsService.saveAdminSettings(TenantId.SYS_TENANT_ID, oauth2SystemAdminSettings);
  60 + log.trace("Executing getOAuth2Clients [{}]", domainName);
  61 + validateString(domainName, INCORRECT_DOMAIN_NAME + domainName);
  62 + return clientRegistrationDao.findByDomainName(domainName).stream()
  63 + .map(OAuth2Utils::toClientInfo)
  64 + .collect(Collectors.toList());
149 65 }
150 66
151 67 @Override
152   - public OAuth2ClientsParams saveTenantOAuth2ClientsParams(TenantId tenantId, OAuth2ClientsParams oAuth2ClientsParams) {
153   - validate(oAuth2ClientsParams);
154   - validateRegistrationIdUniqueness(oAuth2ClientsParams, tenantId);
155   -
156   - transactionalSaveTenantOAuth2ClientsParams(tenantId, oAuth2ClientsParams);
157   -
158   - return getTenantOAuth2ClientsParams(tenantId);
159   - }
160   -
161   - @Transactional
162   - private void transactionalSaveTenantOAuth2ClientsParams(TenantId tenantId, OAuth2ClientsParams oAuth2ClientsParams) {
163   - long acquireStart = System.currentTimeMillis();
164   - lockService.transactionLock(LockKey.OAUTH2_CONFIG);
165   - log.trace("[{}] Waited for lock {} ms.", tenantId, System.currentTimeMillis() - acquireStart);
166   -
167   - validateRegistrationIdUniqueness(oAuth2ClientsParams, tenantId);
168   -
169   - Set<String> domainNames = oAuth2ClientsParams.getClientsDomainsParams().stream()
170   - .map(OAuth2ClientsDomainParams::getDomainName)
171   - .collect(Collectors.toSet());
172   - processTenantAdminSettings(tenantId, domainNames);
173   -
174   - List<AttributeKvEntry> attributes = createOAuth2ClientsParamsAttributes(oAuth2ClientsParams);
  68 + public OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration) {
  69 + log.trace("Executing saveClientRegistration [{}]", clientRegistration);
  70 + clientRegistrationValidator.validate(clientRegistration, OAuth2ClientRegistration::getTenantId);
  71 + OAuth2ClientRegistration savedClientRegistration;
175 72 try {
176   - attributesService.save(tenantId, tenantId, DataConstants.SERVER_SCOPE, attributes).get();
177   - } catch (Exception e) {
178   - log.error("Unable to save OAuth2 Client Registration Params to attributes!", e);
179   - throw new IncorrectParameterException("Unable to save OAuth2 Client Registration Params to attributes!");
180   - }
181   - }
182   -
183   - private List<AttributeKvEntry> createOAuth2ClientsParamsAttributes(OAuth2ClientsParams oAuth2ClientsParams) {
184   - String json = toJson(oAuth2ClientsParams);
185   - List<AttributeKvEntry> attributes = new ArrayList<>();
186   - long ts = System.currentTimeMillis();
187   - attributes.add(new BaseAttributeKvEntry(new StringDataEntry(OAUTH2_CLIENT_REGISTRATIONS_PARAMS, json), ts));
188   - return attributes;
189   - }
190   -
191   - private void processTenantAdminSettings(TenantId tenantId, Set<String> domainNames) {
192   - OAuth2ClientsParams existentClientsParams = getTenantOAuth2ClientsParams(tenantId);
193   -
194   - Set<String> existentDomainNames = existentClientsParams != null && existentClientsParams.getClientsDomainsParams() != null ?
195   - existentClientsParams.getClientsDomainsParams().stream()
196   - .map(OAuth2ClientsDomainParams::getDomainName)
197   - .collect(Collectors.toSet())
198   - : Collections.emptySet();
199   -
200   - Set<String> domainNamesToAdd = domainNames.stream()
201   - .filter(domainName -> !existentDomainNames.contains(domainName))
202   - .collect(Collectors.toSet());
203   - Set<String> domainNamesToDelete = existentDomainNames.stream()
204   - .filter(domainName -> !domainNames.contains(domainName))
205   - .collect(Collectors.toSet());
206   -
207   - domainNamesToAdd.forEach(domainName -> {
208   - String domainSettingsKey = constructAdminSettingsDomainKey(domainName);
209   - if (adminSettingsService.findAdminSettingsByKey(tenantId, domainSettingsKey) != null) {
210   - log.error("Current domain name [{}] already registered in the system!", domainName);
211   - throw new IncorrectParameterException("Current domain name [" + domainName + "] already registered in the system!");
212   - }
213   - });
214   -
215   - domainNamesToAdd.forEach(domainName -> {
216   - String domainSettingsKey = constructAdminSettingsDomainKey(domainName);
217   - AdminSettings tenantAdminSettings = createTenantAdminSettings(tenantId, domainSettingsKey);
218   - adminSettingsService.saveAdminSettings(tenantId, tenantAdminSettings);
219   - });
220   -
221   - domainNamesToDelete.forEach(domainName -> {
222   - String domainSettingsKey = constructAdminSettingsDomainKey(domainName);
223   - adminSettingsService.deleteAdminSettingsByKey(tenantId, domainSettingsKey);
224   - });
225   - }
226   -
227   - private AdminSettings createTenantAdminSettings(TenantId tenantId, String clientRegistrationsKey) {
228   - AdminSettings clientRegistrationParamsSettings = new AdminSettings();
229   - clientRegistrationParamsSettings.setKey(clientRegistrationsKey);
230   - ObjectNode node = mapper.createObjectNode();
231   - node.put("entityType", EntityType.TENANT.name());
232   - node.put("entityId", tenantId.toString());
233   - clientRegistrationParamsSettings.setJsonValue(node);
234   - return clientRegistrationParamsSettings;
235   - }
236   -
237   - private AdminSettings createSystemAdminSettings() {
238   - AdminSettings clientRegistrationParamsSettings = new AdminSettings();
239   - clientRegistrationParamsSettings.setKey(OAUTH2_CLIENT_REGISTRATIONS_PARAMS);
240   - ObjectNode clientRegistrationsNode = mapper.createObjectNode();
241   -
242   - clientRegistrationParamsSettings.setJsonValue(clientRegistrationsNode);
243   -
244   - return clientRegistrationParamsSettings;
245   - }
246   -
247   - private void validateRegistrationIdUniqueness(OAuth2ClientsParams inputOAuth2ClientsParams, TenantId tenantId) {
248   - List<String> registrationIds = toClientRegistrationStream(inputOAuth2ClientsParams)
249   - .map(OAuth2ClientRegistration::getRegistrationId)
250   - .collect(Collectors.toList());
251   -
252   - boolean regIdDuplicates = registrationIds.stream()
253   - .anyMatch(registrationId -> Collections.frequency(registrationIds, registrationId) > 1);
254   - if (regIdDuplicates) {
255   - throw new DataValidationException("All registration IDs should be unique!");
256   - }
257   -
258   - getAllOAuth2ClientsParams().forEach((paramsTenantId, oAuth2ClientsParams) -> {
259   - if (tenantId.equals(paramsTenantId)) return;
260   - Set<String> duplicatedRegistrationIds = toClientRegistrationStream(oAuth2ClientsParams)
261   - .map(OAuth2ClientRegistration::getRegistrationId)
262   - .filter(registrationIds::contains)
263   - .collect(Collectors.toSet());
264   - if (!duplicatedRegistrationIds.isEmpty()) {
265   - log.error("RegistrationIds [{}] are already registered in the system!", duplicatedRegistrationIds);
266   - throw new IncorrectParameterException("RegistrationIds [" + duplicatedRegistrationIds + "] are already registered in the system!");
267   - }
268   - });
269   - }
270   -
271   - private void validate(OAuth2ClientsParams oAuth2ClientsParams) {
272   - validateRedirectUris(oAuth2ClientsParams);
273   - validateDomainNames(oAuth2ClientsParams);
274   -
275   - toClientRegistrationStream(oAuth2ClientsParams)
276   - .forEach(validator);
277   - }
278   -
279   - private void validateDomainNames(OAuth2ClientsParams oAuth2ClientsParams) {
280   - List<String> domainNames = oAuth2ClientsParams.getClientsDomainsParams().stream()
281   - .map(OAuth2ClientsDomainParams::getDomainName)
282   - .collect(Collectors.toList());
283   -
284   - domainNames.forEach(domainName -> {
285   - if (StringUtils.isEmpty(domainName)) {
286   - throw new DataValidationException("Domain name should be specified!");
  73 + savedClientRegistration = clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration);
  74 + } catch (Exception t) {
  75 + ConstraintViolationException e = extractConstraintViolationException(t).orElse(null);
  76 + if (e != null && e.getConstraintName() != null && e.getConstraintName().equalsIgnoreCase("oauth2_registration_id_unq_key")) {
  77 + throw new DataValidationException("Client registration with such registrationId already exists!");
  78 + } else {
  79 + throw t;
287 80 }
288   - });
289   -
290   - boolean duplicateDomainNames = domainNames.stream()
291   - .anyMatch(domainName -> Collections.frequency(domainNames, domainName) > 1);
292   - if (duplicateDomainNames) {
293   - throw new DataValidationException("All domain names should be unique!");
294 81 }
  82 + return savedClientRegistration;
295 83 }
296 84
297   - private void validateRedirectUris(OAuth2ClientsParams oAuth2ClientsParams) {
298   - oAuth2ClientsParams.getClientsDomainsParams().stream()
299   - .forEach(oAuth2ClientsDomainParams -> {
300   - if (StringUtils.isEmpty(oAuth2ClientsDomainParams.getRedirectUriTemplate())) {
301   - throw new DataValidationException("Redirect uri template should be specified!");
302   - }
303   - });
  85 + @Override
  86 + public List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId) {
  87 + log.trace("Executing findClientRegistrationsByTenantId [{}]", tenantId);
  88 + validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
  89 + return clientRegistrationDao.findByTenantId(tenantId.getId());
304 90 }
305 91
306 92 @Override
307   - public OAuth2ClientsParams getSystemOAuth2ClientsParams() {
308   - AdminSettings oauth2ClientsParamsSettings = adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAUTH2_CLIENT_REGISTRATIONS_PARAMS);
309   - String json = null;
310   - if (oauth2ClientsParamsSettings != null) {
311   - json = oauth2ClientsParamsSettings.getJsonValue().get(SYSTEM_SETTINGS_OAUTH2_VALUE).asText();
312   - }
313   - return constructOAuth2ClientsParams(json);
  93 + public OAuth2ClientRegistration findClientRegistrationByRegistrationId(String registrationId) {
  94 + log.trace("Executing findClientRegistrationByRegistrationId [{}]", registrationId);
  95 + validateString(registrationId, INCORRECT_REGISTRATION_ID + registrationId);
  96 + return clientRegistrationDao.findByRegistrationId(registrationId);
314 97 }
315 98
316 99 @Override
317   - public OAuth2ClientsParams getTenantOAuth2ClientsParams(TenantId tenantId) {
318   - ListenableFuture<String> jsonFuture;
319   - if (isOAuth2ClientRegistrationAllowed(tenantId)) {
320   - jsonFuture = getOAuth2ClientsParamsAttribute(tenantId);
321   - } else {
322   - jsonFuture = Futures.immediateFuture("");
323   - }
324   - try {
325   - return Futures.transform(jsonFuture, this::constructOAuth2ClientsParams, MoreExecutors.directExecutor()).get();
326   - } catch (InterruptedException | ExecutionException e) {
327   - log.error("Failed to read OAuth2 Clients Params from attributes!", e);
328   - throw new RuntimeException("Failed to read OAuth2 Clients Params from attributes!", e);
329   - }
  100 + public OAuth2ClientRegistration findClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id) {
  101 + log.trace("Executing findClientRegistrationById [{}]", id);
  102 + validateId(id, INCORRECT_CLIENT_REGISTRATION_ID + id);
  103 + return clientRegistrationDao.findById(tenantId, id.getId());
330 104 }
331 105
332   - // TODO this is just for test, maybe there's a better way to test it without exporting to interface
333 106 @Override
334   - public Map<TenantId, OAuth2ClientsParams> getAllOAuth2ClientsParams() {
335   - OAuth2ClientsParams systemOAuth2ClientsParams = getSystemOAuth2ClientsParams();
336   - ListenableFuture<Map<UUID, String>> jsonFuture = getAllOAuth2ClientsParamsAttribute();
337   - try {
338   - return Futures.transform(jsonFuture,
339   - clientsParamsByKvEntryKey -> {
340   - Map<TenantId, OAuth2ClientsParams> tenantClientParams = clientsParamsByKvEntryKey != null ?
341   - clientsParamsByKvEntryKey.entrySet().stream()
342   - .collect(Collectors.toMap(
343   - entry -> new TenantId(entry.getKey()),
344   - entry -> constructOAuth2ClientsParams(entry.getValue())
345   - ))
346   - : new HashMap<>();
347   - if (systemOAuth2ClientsParams.getClientsDomainsParams() != null) {
348   - tenantClientParams.put(TenantId.SYS_TENANT_ID, systemOAuth2ClientsParams);
349   - }
350   - return tenantClientParams;
351   - },
352   - MoreExecutors.directExecutor()
353   - ).get();
354   - } catch (InterruptedException | ExecutionException e) {
355   - log.error("Failed to read OAuth2 Clients Params from attributes!", e);
356   - throw new RuntimeException("Failed to read OAuth2 Clients Params from attributes!", e);
357   - }
  107 + public List<OAuth2ClientRegistration> findAllClientRegistrations() {
  108 + log.trace("Executing findAllClientRegistrations");
  109 + return clientRegistrationDao.findAll();
358 110 }
359 111
360 112 @Override
361   - public void deleteTenantOAuth2ClientsParams(TenantId tenantId) {
362   - OAuth2ClientsParams params = getTenantOAuth2ClientsParams(tenantId);
363   - if (params == null || params.getClientsDomainsParams() == null) return;
364   - params.getClientsDomainsParams().forEach(domainParams -> {
365   - String settingsKey = constructAdminSettingsDomainKey(domainParams.getDomainName());
366   - adminSettingsService.deleteAdminSettingsByKey(tenantId, settingsKey);
367   - });
368   - attributesService.removeAll(tenantId, tenantId, DataConstants.SERVER_SCOPE, Collections.singletonList(OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
  113 + @Transactional
  114 + public void deleteClientRegistrationsByTenantId(TenantId tenantId) {
  115 + log.trace("Executing deleteClientRegistrationsByTenantId [{}]", tenantId);
  116 + validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
  117 + clientRegistrationDao.removeByTenantId(tenantId.getId());
369 118 }
370 119
371 120 @Override
372   - public void deleteSystemOAuth2ClientsParams() {
373   - adminSettingsService.deleteAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS);
  121 + public void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id) {
  122 + log.trace("Executing deleteClientRegistrationById [{}]", id);
  123 + validateId(id, INCORRECT_CLIENT_REGISTRATION_ID + id);
  124 + clientRegistrationDao.removeById(tenantId, id.getId());
374 125 }
375 126
376 127 @Override
377 128 public boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId) {
  129 + log.trace("Executing isOAuth2ClientRegistrationAllowed [{}]", tenantId);
  130 + validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
378 131 Tenant tenant = tenantService.findTenantById(tenantId);
379 132 if (tenant == null) return false;
380 133 JsonNode allowOAuth2ConfigurationJsonNode = tenant.getAdditionalInfo() != null ? tenant.getAdditionalInfo().get(ALLOW_OAUTH2_CONFIGURATION) : null;
... ... @@ -385,185 +138,98 @@ public class OAuth2ServiceImpl implements OAuth2Service {
385 138 }
386 139 }
387 140
388   - private ListenableFuture<String> getOAuth2ClientsParamsAttribute(TenantId tenantId) {
389   - ListenableFuture<List<AttributeKvEntry>> attributeKvEntriesFuture;
390   - try {
391   - attributeKvEntriesFuture = attributesService.find(tenantId, tenantId, DataConstants.SERVER_SCOPE,
392   - Collections.singletonList(OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
393   - } catch (Exception e) {
394   - log.error("Unable to read OAuth2 Clients Params from attributes!", e);
395   - throw new IncorrectParameterException("Unable to read OAuth2 Clients Params from attributes!");
396   - }
397   - return Futures.transform(attributeKvEntriesFuture, attributeKvEntries -> {
398   - if (attributeKvEntries != null && !attributeKvEntries.isEmpty()) {
399   - AttributeKvEntry kvEntry = attributeKvEntries.get(0);
400   - return kvEntry.getValueAsString();
401   - } else {
402   - return "";
403   - }
404   - }, MoreExecutors.directExecutor());
405   - }
406   -
407   - // TODO maybe it's better to load all tenants and get attribute for each one
408   - private ListenableFuture<Map<UUID, String>> getAllOAuth2ClientsParamsAttribute() {
409   - ListenableFuture<List<EntityAttributeKvEntry>> entityAttributeKvEntriesFuture;
410   - try {
411   - entityAttributeKvEntriesFuture = attributesService.findAllByAttributeKey(OAUTH2_CLIENT_REGISTRATIONS_PARAMS);
412   - } catch (Exception e) {
413   - log.error("Unable to read OAuth2 Clients Params from attributes!", e);
414   - throw new IncorrectParameterException("Unable to read OAuth2 Clients Params from attributes!");
415   - }
416   - return Futures.transform(entityAttributeKvEntriesFuture, attributeKvEntries -> {
417   - if (attributeKvEntries != null && !attributeKvEntries.isEmpty()) {
418   - return attributeKvEntries.stream()
419   - .collect(Collectors.toMap(EntityAttributeKvEntry::getEntityId, EntityAttributeKvEntry::getValueAsString));
420   - } else {
421   - return Collections.emptyMap();
422   - }
423   - }, MoreExecutors.directExecutor());
424   - }
425   -
426   - private OAuth2ClientsDomainParams getMergedOAuth2ClientsParams(String domainName) {
427   - OAuth2ClientsDomainParams result = OAuth2ClientsDomainParams.builder()
428   - .domainName(domainName)
429   - .clientRegistrations(new ArrayList<>())
430   - .build();
431   -
432   - OAuth2ClientsParams systemOAuth2ClientsParams = getSystemOAuth2ClientsParams();
433   - OAuth2ClientsDomainParams systemOAuth2ClientsDomainParams = systemOAuth2ClientsParams != null && systemOAuth2ClientsParams.getClientsDomainsParams() != null ?
434   - systemOAuth2ClientsParams.getClientsDomainsParams().stream()
435   - .filter(oAuth2ClientsDomainParams -> domainName.equals(oAuth2ClientsDomainParams.getDomainName()))
436   - .findFirst()
437   - .orElse(null)
438   - : null;
439   -
440   - result = mergeDomainParams(result, systemOAuth2ClientsDomainParams);
441   -
442   - AdminSettings oauth2ClientsSettings = adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, constructAdminSettingsDomainKey(domainName));
443   - if (oauth2ClientsSettings != null) {
444   - String strEntityType = oauth2ClientsSettings.getJsonValue().get("entityType").asText();
445   - String strEntityId = oauth2ClientsSettings.getJsonValue().get("entityId").asText();
446   - EntityId entityId = EntityIdFactory.getByTypeAndId(strEntityType, strEntityId);
447   - if (!entityId.getEntityType().equals(EntityType.TENANT)) {
448   - log.error("Only tenant can configure OAuth2 for certain domain!");
449   - throw new IllegalStateException("Only tenant can configure OAuth2 for certain domain!");
450   - }
451   - TenantId tenantId = (TenantId) entityId;
452   - OAuth2ClientsParams tenantOAuth2ClientsParams = getTenantOAuth2ClientsParams(tenantId);
453   - OAuth2ClientsDomainParams tenantDomainsParams = tenantOAuth2ClientsParams != null && tenantOAuth2ClientsParams.getClientsDomainsParams() != null ?
454   - tenantOAuth2ClientsParams.getClientsDomainsParams().stream().findFirst().orElse(null) : null;
455   - result = mergeDomainParams(result, tenantDomainsParams);
456   - }
457   - return result;
458   - }
459   -
460   - private OAuth2ClientsDomainParams mergeDomainParams(OAuth2ClientsDomainParams sourceParams, OAuth2ClientsDomainParams newParams) {
461   - if (newParams == null) return sourceParams;
462   -
463   - OAuth2ClientsDomainParams.OAuth2ClientsDomainParamsBuilder mergedParamsBuilder = sourceParams.toBuilder();
464   -
465   - if (newParams.getClientRegistrations() != null) {
466   - List<OAuth2ClientRegistration> mergedClientRegistrations = sourceParams.getClientRegistrations() != null ?
467   - sourceParams.getClientRegistrations() : new ArrayList<>();
468   - mergedClientRegistrations.addAll(newParams.getClientRegistrations());
469   - mergedParamsBuilder.clientRegistrations(mergedClientRegistrations);
470   - }
471   -
472   - return mergedParamsBuilder.build();
473   - }
  141 + private DataValidator<OAuth2ClientRegistration> clientRegistrationValidator =
  142 + new DataValidator<OAuth2ClientRegistration>() {
474 143
475   - private OAuth2ClientsParams constructOAuth2ClientsParams(String json) {
476   - OAuth2ClientsParams result = null;
477   - if (!StringUtils.isEmpty(json)) {
478   - try {
479   - result = mapper.readValue(json, OAuth2ClientsParams.class);
480   - } catch (IOException e) {
481   - log.error("Unable to read OAuth2 Clients Params from JSON!", e);
482   - throw new IncorrectParameterException("Unable to read OAuth2 Clients Params from JSON!");
483   - }
484   - }
485   - if (result == null) {
486   - result = new OAuth2ClientsParams();
487   - }
488   - return result;
489   - }
  144 + @Override
  145 + protected void validateCreate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
  146 + }
490 147
491   - private String toJson(OAuth2ClientsParams oAuth2ClientsParams) {
492   - String json;
493   - try {
494   - json = mapper.writeValueAsString(oAuth2ClientsParams);
495   - } catch (JsonProcessingException e) {
496   - log.error("Unable to convert OAuth2 Client Registration Params to JSON!", e);
497   - throw new IncorrectParameterException("Unable to convert OAuth2 Client Registration Params to JSON!");
498   - }
499   - return json;
500   - }
  148 + @Override
  149 + protected void validateUpdate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
  150 + }
501 151
502   - private final Consumer<OAuth2ClientRegistration> validator = clientRegistration -> {
503   - if (StringUtils.isEmpty(clientRegistration.getRegistrationId())) {
504   - throw new DataValidationException("Registration ID should be specified!");
505   - }
506   - if (StringUtils.isEmpty(clientRegistration.getClientId())) {
507   - throw new DataValidationException("Client ID should be specified!");
508   - }
509   - if (StringUtils.isEmpty(clientRegistration.getClientSecret())) {
510   - throw new DataValidationException("Client secret should be specified!");
511   - }
512   - if (StringUtils.isEmpty(clientRegistration.getAuthorizationUri())) {
513   - throw new DataValidationException("Authorization uri should be specified!");
514   - }
515   - if (StringUtils.isEmpty(clientRegistration.getAccessTokenUri())) {
516   - throw new DataValidationException("Token uri should be specified!");
517   - }
518   - if (StringUtils.isEmpty(clientRegistration.getScope())) {
519   - throw new DataValidationException("Scope should be specified!");
520   - }
521   - if (StringUtils.isEmpty(clientRegistration.getUserInfoUri())) {
522   - throw new DataValidationException("User info uri should be specified!");
523   - }
524   - if (StringUtils.isEmpty(clientRegistration.getUserNameAttributeName())) {
525   - throw new DataValidationException("User name attribute name should be specified!");
526   - }
527   - if (StringUtils.isEmpty(clientRegistration.getJwkSetUri())) {
528   - throw new DataValidationException("Jwk set uri should be specified!");
529   - }
530   - if (StringUtils.isEmpty(clientRegistration.getClientAuthenticationMethod())) {
531   - throw new DataValidationException("Client authentication method should be specified!");
532   - }
533   - if (StringUtils.isEmpty(clientRegistration.getLoginButtonLabel())) {
534   - throw new DataValidationException("Login button label should be specified!");
535   - }
536   - OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
537   - if (mapperConfig == null) {
538   - throw new DataValidationException("Mapper config should be specified!");
539   - }
540   - if (mapperConfig.getType() == null) {
541   - throw new DataValidationException("Mapper config type should be specified!");
542   - }
543   - if (mapperConfig.getType() == MapperType.BASIC) {
544   - OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasic();
545   - if (basicConfig == null) {
546   - throw new DataValidationException("Basic config should be specified!");
547   - }
548   - if (StringUtils.isEmpty(basicConfig.getEmailAttributeKey())) {
549   - throw new DataValidationException("Email attribute key should be specified!");
550   - }
551   - if (basicConfig.getTenantNameStrategy() == null) {
552   - throw new DataValidationException("Tenant name strategy should be specified!");
553   - }
554   - if (basicConfig.getTenantNameStrategy() == TenantNameStrategyType.CUSTOM
555   - && StringUtils.isEmpty(basicConfig.getTenantNamePattern())) {
556   - throw new DataValidationException("Tenant name pattern should be specified!");
557   - }
558   - }
559   - if (mapperConfig.getType() == MapperType.CUSTOM) {
560   - OAuth2CustomMapperConfig customConfig = mapperConfig.getCustom();
561   - if (customConfig == null) {
562   - throw new DataValidationException("Custom config should be specified!");
563   - }
564   - if (StringUtils.isEmpty(customConfig.getUrl())) {
565   - throw new DataValidationException("Custom mapper URL should be specified!");
566   - }
567   - }
568   - };
  152 + @Override
  153 + protected void validateDataImpl(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
  154 + if (StringUtils.isEmpty(clientRegistration.getRegistrationId())) {
  155 + throw new DataValidationException("Registration ID should be specified!");
  156 + }
  157 + if (StringUtils.isEmpty(clientRegistration.getDomainName())) {
  158 + throw new DataValidationException("Domain name should be specified!");
  159 + }
  160 + if (StringUtils.isEmpty(clientRegistration.getRedirectUriTemplate())) {
  161 + throw new DataValidationException("Redirect URI template should be specified!");
  162 + }
  163 + if (StringUtils.isEmpty(clientRegistration.getClientId())) {
  164 + throw new DataValidationException("Client ID should be specified!");
  165 + }
  166 + if (StringUtils.isEmpty(clientRegistration.getClientSecret())) {
  167 + throw new DataValidationException("Client secret should be specified!");
  168 + }
  169 + if (StringUtils.isEmpty(clientRegistration.getAuthorizationUri())) {
  170 + throw new DataValidationException("Authorization uri should be specified!");
  171 + }
  172 + if (StringUtils.isEmpty(clientRegistration.getAccessTokenUri())) {
  173 + throw new DataValidationException("Token uri should be specified!");
  174 + }
  175 + if (StringUtils.isEmpty(clientRegistration.getScope())) {
  176 + throw new DataValidationException("Scope should be specified!");
  177 + }
  178 + if (StringUtils.isEmpty(clientRegistration.getUserInfoUri())) {
  179 + throw new DataValidationException("User info uri should be specified!");
  180 + }
  181 + if (StringUtils.isEmpty(clientRegistration.getUserNameAttributeName())) {
  182 + throw new DataValidationException("User name attribute name should be specified!");
  183 + }
  184 + if (StringUtils.isEmpty(clientRegistration.getJwkSetUri())) {
  185 + throw new DataValidationException("Jwk set uri should be specified!");
  186 + }
  187 + if (StringUtils.isEmpty(clientRegistration.getClientAuthenticationMethod())) {
  188 + throw new DataValidationException("Client authentication method should be specified!");
  189 + }
  190 + if (StringUtils.isEmpty(clientRegistration.getLoginButtonLabel())) {
  191 + throw new DataValidationException("Login button label should be specified!");
  192 + }
  193 + OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
  194 + if (mapperConfig == null) {
  195 + throw new DataValidationException("Mapper config should be specified!");
  196 + }
  197 + if (mapperConfig.getType() == null) {
  198 + throw new DataValidationException("Mapper config type should be specified!");
  199 + }
  200 + if (mapperConfig.getType() == MapperType.BASIC) {
  201 + OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasic();
  202 + if (basicConfig == null) {
  203 + throw new DataValidationException("Basic config should be specified!");
  204 + }
  205 + if (StringUtils.isEmpty(basicConfig.getEmailAttributeKey())) {
  206 + throw new DataValidationException("Email attribute key should be specified!");
  207 + }
  208 + if (basicConfig.getTenantNameStrategy() == null) {
  209 + throw new DataValidationException("Tenant name strategy should be specified!");
  210 + }
  211 + if (basicConfig.getTenantNameStrategy() == TenantNameStrategyType.CUSTOM
  212 + && StringUtils.isEmpty(basicConfig.getTenantNamePattern())) {
  213 + throw new DataValidationException("Tenant name pattern should be specified!");
  214 + }
  215 + }
  216 + if (mapperConfig.getType() == MapperType.CUSTOM) {
  217 + OAuth2CustomMapperConfig customConfig = mapperConfig.getCustom();
  218 + if (customConfig == null) {
  219 + throw new DataValidationException("Custom config should be specified!");
  220 + }
  221 + if (StringUtils.isEmpty(customConfig.getUrl())) {
  222 + throw new DataValidationException("Custom mapper URL should be specified!");
  223 + }
  224 + }
  225 + if (clientRegistration.getTenantId() == null) {
  226 + throw new DataValidationException("Client registration should be assigned to tenant!");
  227 + } else if (!TenantId.SYS_TENANT_ID.equals(clientRegistration.getTenantId())) {
  228 + Tenant tenant = tenantService.findTenantById(clientRegistration.getTenantId());
  229 + if (tenant == null) {
  230 + throw new DataValidationException("Client registration is referencing to non-existent tenant!");
  231 + }
  232 + }
  233 + }
  234 + };
569 235 }
... ...
... ... @@ -23,22 +23,9 @@ import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
23 23 import java.util.stream.Stream;
24 24
25 25 public class OAuth2Utils {
26   - public static final String OAUTH2_CLIENT_REGISTRATIONS_PARAMS = "oauth2ClientRegistrationsParams";
27   - public static final String OAUTH2_CLIENT_REGISTRATIONS_DOMAIN_NAME_PREFIX = "oauth2ClientRegistrationsDomainNamePrefix";
28 26 public static final String ALLOW_OAUTH2_CONFIGURATION = "allowOAuth2Configuration";
29   - public static final String SYSTEM_SETTINGS_OAUTH2_VALUE = "value";
30 27 public static final String OAUTH2_AUTHORIZATION_PATH_TEMPLATE = "/oauth2/authorization/%s";
31 28
32   - public static String constructAdminSettingsDomainKey(String domainName) {
33   - String clientRegistrationsKey;
34   - if (StringUtils.isEmpty(domainName)) {
35   - clientRegistrationsKey = OAUTH2_CLIENT_REGISTRATIONS_PARAMS;
36   - } else {
37   - clientRegistrationsKey = OAUTH2_CLIENT_REGISTRATIONS_DOMAIN_NAME_PREFIX + "_" + domainName;
38   - }
39   - return clientRegistrationsKey;
40   - }
41   -
42 29 public static OAuth2ClientInfo toClientInfo(OAuth2ClientRegistration clientRegistration) {
43 30 OAuth2ClientInfo client = new OAuth2ClientInfo();
44 31 client.setName(clientRegistration.getLoginButtonLabel());
... ... @@ -46,9 +33,4 @@ public class OAuth2Utils {
46 33 client.setIcon(clientRegistration.getLoginButtonIcon());
47 34 return client;
48 35 }
49   -
50   - public static Stream<OAuth2ClientRegistration> toClientRegistrationStream(OAuth2ClientsParams oAuth2ClientsParams) {
51   - return oAuth2ClientsParams.getClientsDomainsParams().stream()
52   - .flatMap(oAuth2ClientsDomainParams -> oAuth2ClientsDomainParams.getClientRegistrations().stream());
53   - }
54 36 }
... ...
  1 +/**
  2 + * Copyright © 2016-2020 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.dao.sql.oauth2;
  17 +
  18 +import lombok.RequiredArgsConstructor;
  19 +import org.springframework.data.repository.CrudRepository;
  20 +import org.springframework.stereotype.Component;
  21 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
  22 +import org.thingsboard.server.dao.DaoUtil;
  23 +import org.thingsboard.server.dao.model.sql.OAuth2ClientRegistrationEntity;
  24 +import org.thingsboard.server.dao.oauth2.OAuth2ClientRegistrationDao;
  25 +import org.thingsboard.server.dao.sql.JpaAbstractDao;
  26 +
  27 +import java.util.ArrayList;
  28 +import java.util.List;
  29 +import java.util.Optional;
  30 +import java.util.UUID;
  31 +import java.util.stream.Collectors;
  32 +
  33 +@Component
  34 +@RequiredArgsConstructor
  35 +public class JpaOAuth2ClientRegistrationDao extends JpaAbstractDao<OAuth2ClientRegistrationEntity, OAuth2ClientRegistration> implements OAuth2ClientRegistrationDao {
  36 + private final OAuth2ClientRegistrationRepository repository;
  37 +
  38 + @Override
  39 + protected Class<OAuth2ClientRegistrationEntity> getEntityClass() {
  40 + return OAuth2ClientRegistrationEntity.class;
  41 + }
  42 +
  43 + @Override
  44 + protected CrudRepository<OAuth2ClientRegistrationEntity, UUID> getCrudRepository() {
  45 + return repository;
  46 + }
  47 +
  48 + @Override
  49 + public OAuth2ClientRegistration findByRegistrationId(String registrationId) {
  50 + Optional<OAuth2ClientRegistrationEntity> entity = repository.findByRegistrationId(registrationId);
  51 + return DaoUtil.getData(entity);
  52 + }
  53 +
  54 + @Override
  55 + public List<OAuth2ClientRegistration> findAll() {
  56 + Iterable<OAuth2ClientRegistrationEntity> entities = repository.findAll();
  57 + List<OAuth2ClientRegistration> result = new ArrayList<>();
  58 + entities.forEach(entity -> {
  59 + result.add(DaoUtil.getData(entity));
  60 + });
  61 + return result;
  62 + }
  63 +
  64 + @Override
  65 + public List<OAuth2ClientRegistration> findByTenantId(UUID tenantId) {
  66 + List<OAuth2ClientRegistrationEntity> entities = repository.findAllByTenantId(tenantId);
  67 + return entities.stream().map(DaoUtil::getData).collect(Collectors.toList());
  68 + }
  69 +
  70 + @Override
  71 + public List<OAuth2ClientRegistration> findByDomainName(String domainName) {
  72 + List<OAuth2ClientRegistrationEntity> entities = repository.findAllByDomainName(domainName);
  73 + return entities.stream().map(DaoUtil::getData).collect(Collectors.toList());
  74 + }
  75 +
  76 + @Override
  77 + public boolean removeByRegistrationId(String registrationId) {
  78 + repository.deleteByRegistrationId(registrationId);
  79 + return !repository.existsByRegistrationId(registrationId);
  80 + }
  81 +
  82 + @Override
  83 + public int removeByTenantId(UUID tenantId) {
  84 + return repository.deleteByTenantId(tenantId);
  85 + }
  86 +}
... ...
  1 +/**
  2 + * Copyright © 2016-2020 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.dao.sql.oauth2;
  17 +
  18 +import org.springframework.data.repository.CrudRepository;
  19 +import org.thingsboard.server.dao.model.sql.OAuth2ClientRegistrationEntity;
  20 +
  21 +import java.util.List;
  22 +import java.util.Optional;
  23 +import java.util.UUID;
  24 +
  25 +public interface OAuth2ClientRegistrationRepository extends CrudRepository<OAuth2ClientRegistrationEntity, UUID> {
  26 + Optional<OAuth2ClientRegistrationEntity> findByRegistrationId(String registrationId);
  27 +
  28 + List<OAuth2ClientRegistrationEntity> findAllByTenantId(UUID tenantId);
  29 +
  30 + List<OAuth2ClientRegistrationEntity> findAllByDomainName(String domainName);
  31 +
  32 + int deleteByRegistrationId(String registrationId);
  33 +
  34 + int deleteByTenantId(UUID tenantId);
  35 +
  36 + boolean existsByRegistrationId(String registrationId);
  37 +}
... ...
... ... @@ -105,7 +105,7 @@ public class TenantServiceImpl extends AbstractEntityService implements TenantSe
105 105 public void deleteTenant(TenantId tenantId) {
106 106 log.trace("Executing deleteTenant [{}]", tenantId);
107 107 Validator.validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
108   - oAuth2Service.deleteTenantOAuth2ClientsParams(tenantId);
  108 + oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
109 109 customerService.deleteCustomersByTenantId(tenantId);
110 110 widgetsBundleService.deleteWidgetsBundlesByTenantId(tenantId);
111 111 dashboardService.deleteDashboardsByTenantId(tenantId);
... ...
... ... @@ -289,3 +289,40 @@ CREATE TABLE IF NOT EXISTS ts_kv_dictionary (
289 289 key_id int GENERATED BY DEFAULT AS IDENTITY(start with 0 increment by 1) UNIQUE,
290 290 CONSTRAINT ts_key_id_pkey PRIMARY KEY (key)
291 291 );
  292 +
  293 +
  294 +CREATE TABLE IF NOT EXISTS oauth2_client_registration (
  295 + id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
  296 + created_time bigint NOT NULL,
  297 + additional_info varchar,
  298 + tenant_id uuid,
  299 + registration_id varchar(255),
  300 + domain_name varchar(255),
  301 + client_id varchar(255),
  302 + client_secret varchar(255),
  303 + authorization_uri varchar(255),
  304 + token_uri varchar(255),
  305 + redirect_uri_template varchar(255),
  306 + scope varchar(255),
  307 + user_info_uri varchar(255),
  308 + user_name_attribute_name varchar(255),
  309 + jwk_set_uri varchar(255),
  310 + client_authentication_method varchar(255),
  311 + login_button_label varchar(255),
  312 + login_button_icon varchar(255),
  313 + allow_user_creation boolean,
  314 + activate_user boolean,
  315 + type varchar(31),
  316 + basic_email_attribute_key varchar(31),
  317 + basic_first_name_attribute_key varchar(31),
  318 + basic_last_name_attribute_key varchar(31),
  319 + basic_tenant_name_strategy varchar(31),
  320 + basic_tenant_name_pattern varchar(255),
  321 + basic_customer_name_pattern varchar(255),
  322 + basic_default_dashboard_name varchar(255),
  323 + basic_always_full_screen boolean,
  324 + custom_url varchar(255),
  325 + custom_username varchar(255),
  326 + custom_password varchar(255),
  327 + CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
  328 +);
... ...
... ... @@ -306,6 +306,42 @@ CREATE TABLE IF NOT EXISTS ts_kv_dictionary
306 306 CONSTRAINT ts_key_id_pkey PRIMARY KEY (key)
307 307 );
308 308
  309 +CREATE TABLE IF NOT EXISTS oauth2_client_registration (
  310 + id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
  311 + created_time bigint NOT NULL,
  312 + additional_info varchar,
  313 + tenant_id uuid,
  314 + registration_id varchar(255),
  315 + domain_name varchar(255),
  316 + client_id varchar(255),
  317 + client_secret varchar(255),
  318 + authorization_uri varchar(255),
  319 + token_uri varchar(255),
  320 + redirect_uri_template varchar(255),
  321 + scope varchar(255),
  322 + user_info_uri varchar(255),
  323 + user_name_attribute_name varchar(255),
  324 + jwk_set_uri varchar(255),
  325 + client_authentication_method varchar(255),
  326 + login_button_label varchar(255),
  327 + login_button_icon varchar(255),
  328 + allow_user_creation boolean,
  329 + activate_user boolean,
  330 + type varchar(31),
  331 + basic_email_attribute_key varchar(31),
  332 + basic_first_name_attribute_key varchar(31),
  333 + basic_last_name_attribute_key varchar(31),
  334 + basic_tenant_name_strategy varchar(31),
  335 + basic_tenant_name_pattern varchar(255),
  336 + basic_customer_name_pattern varchar(255),
  337 + basic_default_dashboard_name varchar(255),
  338 + basic_always_full_screen boolean,
  339 + custom_url varchar(255),
  340 + custom_username varchar(255),
  341 + custom_password varchar(255),
  342 + CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
  343 +);
  344 +
309 345 CREATE OR REPLACE PROCEDURE cleanup_events_by_ttl(IN ttl bigint, IN debug_ttl bigint, INOUT deleted bigint)
310 346 LANGUAGE plpgsql AS
311 347 $$
... ...
... ... @@ -23,6 +23,7 @@ import org.junit.Test;
23 23 import org.springframework.beans.factory.annotation.Autowired;
24 24 import org.thingsboard.server.common.data.DataConstants;
25 25 import org.thingsboard.server.common.data.Tenant;
  26 +import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
26 27 import org.thingsboard.server.common.data.id.TenantId;
27 28 import org.thingsboard.server.common.data.oauth2.*;
28 29 import org.thingsboard.server.dao.attributes.AttributesService;
... ... @@ -30,6 +31,7 @@ import org.thingsboard.server.dao.exception.DataValidationException;
30 31 import org.thingsboard.server.dao.oauth2.OAuth2Service;
31 32 import org.thingsboard.server.dao.oauth2.OAuth2Utils;
32 33
  34 +import javax.transaction.Transactional;
33 35 import java.io.IOException;
34 36 import java.util.*;
35 37 import java.util.stream.Collectors;
... ... @@ -55,24 +57,15 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
55 57 Assert.assertNotNull(savedTenant);
56 58 tenantId = savedTenant.getId();
57 59
58   - Assert.assertNull(oAuth2Service.getSystemOAuth2ClientsParams().getClientsDomainsParams());
59   - Assert.assertNull(oAuth2Service.getTenantOAuth2ClientsParams(tenantId).getClientsDomainsParams());
60   -
61   - Assert.assertTrue(attributesService.findAll(tenantId, tenantId, DataConstants.SERVER_SCOPE).get().isEmpty());
62   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
  60 + Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty());
63 61 }
64 62
65 63 @After
66 64 public void after() throws Exception {
67   - clearSysAdmin();
68   -
69 65 tenantService.deleteTenant(tenantId);
  66 + oAuth2Service.deleteClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
70 67
71   - Assert.assertNull(oAuth2Service.getSystemOAuth2ClientsParams().getClientsDomainsParams());
72   - Assert.assertNull(oAuth2Service.getTenantOAuth2ClientsParams(tenantId).getClientsDomainsParams());
73   -
74   - Assert.assertTrue(attributesService.findAll(tenantId, tenantId, DataConstants.SERVER_SCOPE).get().isEmpty());
75   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
  68 + Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty());
76 69 }
77 70
78 71 @Test
... ... @@ -93,226 +86,107 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
93 86 Assert.assertTrue(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId));
94 87 }
95 88
96   - @Test
97   - public void testSaveSystemOAuth2() throws IOException {
98   - updateTenantAllowOAuth2Setting(true);
99   - Assert.assertTrue(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId));
100   - }
101   -
102   - @Test(expected = DataValidationException.class)
103   - public void testSaveSystemParamsWithDuplicateDomains() {
104   - oAuth2Service.saveSystemOAuth2ClientsParams(clientsParamsWithDuplicateDomains());
105   - }
106   -
107   - @Test(expected = DataValidationException.class)
108   - public void testSaveSystemParamsWithDuplicateRegistrationIds() {
109   - oAuth2Service.saveSystemOAuth2ClientsParams(clientsParamsWithDuplicateRegistrationIds());
110   - }
111   -
112 89 @Test(expected = DataValidationException.class)
113   - public void testSaveTenantParamsWithDuplicateRegistrationIds() {
114   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParamsWithDuplicateRegistrationIds());
115   - }
116   -
117   - @Test
118   - public void testSaveSystemParams() {
119   - OAuth2ClientsParams clientsParams = validClientsParams();
120   - OAuth2ClientsParams savedClientParams = oAuth2Service.saveSystemOAuth2ClientsParams(clientsParams);
121   -
122   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
123   - Assert.assertEquals(clientsParams, savedClientParams);
124   - }
125   -
126   - @Test
127   - public void testSaveSystemParamsWithMultipleDomains() {
128   - OAuth2ClientsParams clientsParams = validClientsParamsWithThreeDomains();
129   - OAuth2ClientsParams savedClientParams = oAuth2Service.saveSystemOAuth2ClientsParams(clientsParams);
  90 + public void testSaveDuplicateRegistrationId() {
  91 + OAuth2ClientRegistration first = validClientRegistration("duplicated_reg_id", TenantId.SYS_TENANT_ID);
  92 + OAuth2ClientRegistration second = validClientRegistration("duplicated_reg_id", tenantId);
130 93
131   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
132   - Assert.assertEquals(clientsParams, savedClientParams);
  94 + oAuth2Service.saveClientRegistration(first);
  95 + oAuth2Service.saveClientRegistration(second);
133 96 }
134 97
135 98 @Test
136   - public void testFindSystemParams() {
137   - OAuth2ClientsParams clientsParams = validClientsParams();
138   - oAuth2Service.saveSystemOAuth2ClientsParams(clientsParams);
139   -
140   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
141   -
142   - OAuth2ClientsParams foundClientParams = oAuth2Service.getSystemOAuth2ClientsParams();
143   - Assert.assertNotNull(foundClientParams);
144   - Assert.assertEquals(clientsParams, foundClientParams);
145   - }
146   -
147   - @Test
148   - public void testSaveTenantParams() {
149   - OAuth2ClientsParams clientsParams = validClientsParams();
150   - OAuth2ClientsDomainParams domainParams = clientsParams.getClientsDomainsParams().get(0);
151   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainParams.getDomainName());
152   -
153   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
154   -
155   - OAuth2ClientsParams savedClientParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParams);
156   -
157   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
158   - Assert.assertNotNull(savedClientParams);
159   -
160   - OAuth2ClientsDomainParams savedDomainParams = savedClientParams.getClientsDomainsParams().get(0);
161   - Assert.assertEquals(domainParams.getDomainName(), savedDomainParams.getDomainName());
162   - Assert.assertEquals(domainParams.getClientRegistrations(), savedDomainParams.getClientRegistrations());
  99 + public void testCreateNewSystemParams() {
  100 + OAuth2ClientRegistration clientRegistration = validClientRegistration(UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
  101 + OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration);
  102 +
  103 + Assert.assertNotNull(savedClientRegistration);
  104 + Assert.assertNotNull(savedClientRegistration.getId());
  105 + clientRegistration.setId(savedClientRegistration.getId());
  106 + clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
  107 + Assert.assertEquals(clientRegistration, savedClientRegistration);
163 108 }
164 109
165 110 @Test
166   - public void testSaveTenantMultipleParams() {
167   - OAuth2ClientsParams clientsParams = validClientsParamsWithThreeDomains();
168   -
169   - clientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
170   - String domainName = oAuth2ClientsDomainParams.getDomainName();
171   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
172   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
173   - });
174   -
175   - OAuth2ClientsParams savedClientParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParams);
176   - Assert.assertNotNull(savedClientParams);
177   -
178   - clientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
179   - String domainName = oAuth2ClientsDomainParams.getDomainName();
180   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
181   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
182   - });
183   -
184   - Assert.assertEquals(clientsParams, savedClientParams);
  111 + public void testFindSystemParamsByTenant() {
  112 + OAuth2ClientRegistration clientRegistration = validClientRegistration(UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
  113 + oAuth2Service.saveClientRegistration(clientRegistration);
  114 +
  115 + List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
  116 + Assert.assertEquals(1, clientRegistrationsByTenantId.size());
  117 + Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
  118 + OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
  119 + Assert.assertNotNull(foundClientRegistration);
  120 + clientRegistration.setId(foundClientRegistration.getId());
  121 + clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
  122 + Assert.assertEquals(clientRegistration, foundClientRegistration);
185 123 }
186 124
187 125 @Test
188   - public void testRewriteSameDomainTenantParams() {
189   - OAuth2ClientsParams clientsParams = validClientsParamsWithThreeDomains();
190   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParams);
191   -
192   - List<OAuth2ClientsDomainParams> clientsDomainsParams = clientsParams.getClientsDomainsParams();
193   - OAuth2ClientsParams updatedClientsParams = validClientsParamsWithThreeDomains();
194   - String sameDomainName = clientsDomainsParams.get(0).getDomainName();
195   - updatedClientsParams.getClientsDomainsParams().get(0).setDomainName(sameDomainName);
196   - OAuth2ClientsParams rewrittenClientParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, updatedClientsParams);
197   - Assert.assertEquals(updatedClientsParams, rewrittenClientParams);
198   -
199   - clientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
200   - String domainName = oAuth2ClientsDomainParams.getDomainName();
201   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
202   - if (domainName.equals(sameDomainName)) {
203   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
204   - } else {
205   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
206   - }
207   - });
208   - updatedClientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
209   - String domainName = oAuth2ClientsDomainParams.getDomainName();
210   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
211   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
212   - });
  126 + public void testCreateNewTenantParams() {
  127 + OAuth2ClientRegistration clientRegistration = validClientRegistration(UUID.randomUUID().toString(), tenantId);
  128 + OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration);
  129 +
  130 + Assert.assertNotNull(savedClientRegistration);
  131 + Assert.assertNotNull(savedClientRegistration.getId());
  132 + clientRegistration.setId(savedClientRegistration.getId());
  133 + clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
  134 + Assert.assertEquals(clientRegistration, savedClientRegistration);
213 135 }
214 136
215 137 @Test
216   - public void testAddDeleteTenantDomainParams() {
217   - OAuth2ClientsParams clientsParams = validClientsParamsWithThreeDomains();
218   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParams);
219   -
220   - List<OAuth2ClientsDomainParams> clientsDomainsParams = clientsParams.getClientsDomainsParams();
221   - OAuth2ClientsParams updatedClientsParams = validClientsParamsWithThreeDomains();
222   - for (int i = 0; i < updatedClientsParams.getClientsDomainsParams().size(); i++) {
223   - String domainName = clientsDomainsParams.get(i).getDomainName();
224   - updatedClientsParams.getClientsDomainsParams().get(i).setDomainName(domainName);
225   - }
226   - OAuth2ClientsParams rewrittenClientParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, updatedClientsParams);
227   - Assert.assertEquals(updatedClientsParams, rewrittenClientParams);
228   -
229   - clientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
230   - String domainName = oAuth2ClientsDomainParams.getDomainName();
231   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
232   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
233   - });
  138 + public void testFindTenantParams() {
  139 + OAuth2ClientRegistration clientRegistration = validClientRegistration(UUID.randomUUID().toString(), tenantId);
  140 + oAuth2Service.saveClientRegistration(clientRegistration);
  141 +
  142 + List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(tenantId);
  143 + Assert.assertEquals(1, clientRegistrationsByTenantId.size());
  144 + Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
  145 + OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
  146 + Assert.assertNotNull(foundClientRegistration);
  147 + clientRegistration.setId(foundClientRegistration.getId());
  148 + clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
  149 + Assert.assertEquals(clientRegistration, foundClientRegistration);
234 150 }
235 151
236 152 @Test
237   - public void testFindTenantParams() {
238   - OAuth2ClientsParams clientsParams = validClientsParams();
239   - OAuth2ClientsDomainParams domainParams = clientsParams.getClientsDomainsParams().get(0);
240   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainParams.getDomainName());
  153 + public void testGetClientRegistrationWithTenant() {
  154 + OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(UUID.randomUUID().toString(), tenantId);
  155 + OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
241 156
242   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
  157 + OAuth2ClientRegistration savedTenantClientRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration);
  158 + OAuth2ClientRegistration savedSysAdminClientRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
243 159
244   - OAuth2ClientsParams savedClientsParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, clientsParams);
  160 + Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
245 161
246   - Assert.assertNotNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
  162 + Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(tenantId).get(0));
  163 + Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID).get(0));
247 164
248   - OAuth2ClientsParams foundClientsParams = oAuth2Service.getTenantOAuth2ClientsParams(tenantId);
249   - Assert.assertEquals(savedClientsParams, foundClientsParams);
250   - }
  165 + Assert.assertEquals(savedTenantClientRegistration,
  166 + oAuth2Service.findClientRegistrationByRegistrationId(savedTenantClientRegistration.getRegistrationId()));
  167 + Assert.assertEquals(savedSysAdminClientRegistration,
  168 + oAuth2Service.findClientRegistrationByRegistrationId(savedSysAdminClientRegistration.getRegistrationId()));
251 169
252   - @Test
253   - public void testGetClientRegistrationWithTenant() {
254   - OAuth2ClientsParams tenantClientsParams = validClientsParams();
255   - OAuth2ClientsParams sysAdminClientsParams = validClientsParams();
256   -
257   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, tenantClientsParams);
258   - oAuth2Service.saveSystemOAuth2ClientsParams(sysAdminClientsParams);
259   -
260   - OAuth2Utils.toClientRegistrationStream(tenantClientsParams)
261   - .forEach(clientRegistration -> {
262   - Pair<TenantId, OAuth2ClientRegistration> pair = oAuth2Service.getClientRegistrationWithTenant(clientRegistration.getRegistrationId());
263   - Assert.assertEquals(tenantId, pair.getKey());
264   - Assert.assertEquals(clientRegistration.getRegistrationId(), pair.getValue().getRegistrationId());
265   - });
266   - OAuth2Utils.toClientRegistrationStream(sysAdminClientsParams)
267   - .forEach(clientRegistration -> {
268   - Pair<TenantId, OAuth2ClientRegistration> pair = oAuth2Service.getClientRegistrationWithTenant(clientRegistration.getRegistrationId());
269   - Assert.assertNotNull(pair);
270   - Assert.assertEquals(TenantId.SYS_TENANT_ID, pair.getKey());
271   - Assert.assertEquals(clientRegistration.getRegistrationId(), pair.getValue().getRegistrationId());
272   - });
273   - }
274   -
275   - @Test
276   - public void testGetExtendedClientRegistration() {
277   - OAuth2ClientsParams tenantClientsParams = validClientsParams();
278   - OAuth2ClientsParams sysAdminClientsParams = validClientsParams();
279   -
280   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, tenantClientsParams);
281   - oAuth2Service.saveSystemOAuth2ClientsParams(sysAdminClientsParams);
282   -
283   - Stream.concat(
284   - OAuth2Utils.toClientRegistrationStream(tenantClientsParams),
285   - OAuth2Utils.toClientRegistrationStream(sysAdminClientsParams)
286   - )
287   - .forEach(clientRegistration -> {
288   - ExtendedOAuth2ClientRegistration foundExtendedClientRegistration = oAuth2Service.getExtendedClientRegistration(clientRegistration.getRegistrationId());
289   - Assert.assertNotNull(foundExtendedClientRegistration);
290   - Assert.assertEquals(clientRegistration, foundExtendedClientRegistration.getClientRegistration());
291   - });
  170 + Assert.assertEquals(savedTenantClientRegistration,
  171 + oAuth2Service.findClientRegistrationById(tenantId, savedTenantClientRegistration.getId()));
  172 + Assert.assertEquals(savedSysAdminClientRegistration,
  173 + oAuth2Service.findClientRegistrationById(TenantId.SYS_TENANT_ID, savedSysAdminClientRegistration.getId()));
292 174
293 175 }
294 176
295 177 @Test
296 178 public void testGetOAuth2Clients() {
297   - OAuth2ClientsParams tenantClientsParams = validClientsParams();
298   - OAuth2ClientsParams sysAdminClientsParams = validClientsParams();
299   -
300   - OAuth2ClientsDomainParams tenantDomainParams = tenantClientsParams.getClientsDomainsParams().get(0);
301   - OAuth2ClientsDomainParams systemDomainParams = sysAdminClientsParams.getClientsDomainsParams().get(0);
302   - systemDomainParams.setDomainName(tenantDomainParams.getDomainName());
  179 + String testDomainName = "test_domain";
  180 + OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(testDomainName, UUID.randomUUID().toString(), tenantId);
  181 + OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(testDomainName, UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
303 182
304   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, tenantClientsParams);
305   - oAuth2Service.saveSystemOAuth2ClientsParams(sysAdminClientsParams);
  183 + oAuth2Service.saveClientRegistration(tenantClientRegistration);
  184 + oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
306 185
307   - List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(tenantDomainParams.getDomainName());
308   -
309   - Set<String> actualLabels = Stream.concat(
310   - tenantDomainParams.getClientRegistrations().stream()
311   - .map(OAuth2ClientRegistration::getLoginButtonLabel),
312   - systemDomainParams.getClientRegistrations().stream()
313   - .map(OAuth2ClientRegistration::getLoginButtonLabel)
314   - ).collect(Collectors.toSet());
  186 + List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName);
315 187
  188 + Set<String> actualLabels = new HashSet<>(Arrays.asList(tenantClientRegistration.getLoginButtonLabel(),
  189 + sysAdminClientRegistration.getLoginButtonLabel()));
316 190
317 191 Set<String> foundLabels = oAuth2Clients.stream().map(OAuth2ClientInfo::getName).collect(Collectors.toSet());
318 192 Assert.assertEquals(actualLabels, foundLabels);
... ... @@ -320,67 +194,39 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
320 194
321 195 @Test
322 196 public void testGetEmptyOAuth2Clients() {
  197 + String testDomainName = "test_domain";
  198 + OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(testDomainName, UUID.randomUUID().toString(), tenantId);
  199 + OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(testDomainName, UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
  200 + oAuth2Service.saveClientRegistration(tenantClientRegistration);
  201 + oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
323 202 List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain");
324 203 Assert.assertTrue(oAuth2Clients.isEmpty());
325 204 }
326 205
327 206 @Test
328   - public void testGetAllOAuth2ClientsParams() {
329   - OAuth2ClientsParams tenantClientsParams = validClientsParams();
330   - OAuth2ClientsParams sysAdminClientsParams = validClientsParams();
331   -
332   - Map<TenantId, OAuth2ClientsParams> emptyParams = oAuth2Service.getAllOAuth2ClientsParams();
333   - Assert.assertTrue(emptyParams.isEmpty());
334   -
335   - OAuth2ClientsParams savedTenantParams = oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, tenantClientsParams);
336   - OAuth2ClientsParams savedSystemParams = oAuth2Service.saveSystemOAuth2ClientsParams(sysAdminClientsParams);
337   -
338   - Map<TenantId, OAuth2ClientsParams> clientsParams = oAuth2Service.getAllOAuth2ClientsParams();
339   -
340   - OAuth2ClientsParams foundTenantParams = clientsParams.get(tenantId);
341   - Assert.assertEquals(savedTenantParams, foundTenantParams);
342   -
343   - OAuth2ClientsParams foundSystemParams = clientsParams.get(TenantId.SYS_TENANT_ID);
344   - Assert.assertEquals(savedSystemParams, foundSystemParams);
345   - }
346   -
347   - @Test
348   - public void testDeleteSystemOAuth2ClientsParams() {
349   - OAuth2ClientsParams sysAdminClientsParams = validClientsParams();
350   -
351   - Assert.assertNull(oAuth2Service.getSystemOAuth2ClientsParams().getClientsDomainsParams());
352   -
353   - oAuth2Service.saveSystemOAuth2ClientsParams(sysAdminClientsParams);
354   -
355   - Assert.assertNotNull(oAuth2Service.getSystemOAuth2ClientsParams().getClientsDomainsParams());
356   -
357   - oAuth2Service.deleteSystemOAuth2ClientsParams();
358   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
  207 + public void testDeleteOAuth2ClientRegistration() {
  208 + OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(UUID.randomUUID().toString(), tenantId);
  209 + OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(UUID.randomUUID().toString(), TenantId.SYS_TENANT_ID);
  210 + OAuth2ClientRegistration savedTenantRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration);
  211 + OAuth2ClientRegistration savedSysAdminRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
  212 +
  213 + oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId());
  214 + List<OAuth2ClientRegistration> foundRegistrations = oAuth2Service.findAllClientRegistrations();
  215 + Assert.assertEquals(1, foundRegistrations.size());
  216 + Assert.assertEquals(savedSysAdminRegistration, foundRegistrations.get(0));
359 217 }
360 218
361 219 @Test
362   - public void testDeleteTenantOAuth2ClientsParams() {
363   - OAuth2ClientsParams tenantClientsParams = validClientsParams();
364   -
365   - Assert.assertNull(oAuth2Service.getTenantOAuth2ClientsParams(tenantId).getClientsDomainsParams());
366   -
367   - oAuth2Service.saveTenantOAuth2ClientsParams(tenantId, tenantClientsParams);
368   -
369   - Assert.assertNotNull(oAuth2Service.getTenantOAuth2ClientsParams(tenantId).getClientsDomainsParams());
370   -
371   - oAuth2Service.deleteTenantOAuth2ClientsParams(tenantId);
372   - Assert.assertNull(oAuth2Service.getTenantOAuth2ClientsParams(tenantId).getClientsDomainsParams());
373   - tenantClientsParams.getClientsDomainsParams().forEach(oAuth2ClientsDomainParams -> {
374   - String domainName = oAuth2ClientsDomainParams.getDomainName();
375   - String domainKey = OAuth2Utils.constructAdminSettingsDomainKey(domainName);
376   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(tenantId, domainKey));
377   - });
378   - }
379   -
380   -
381   - private void clearSysAdmin() {
382   - oAuth2Service.deleteSystemOAuth2ClientsParams();
383   - Assert.assertNull(adminSettingsService.findAdminSettingsByKey(TenantId.SYS_TENANT_ID, OAuth2Utils.OAUTH2_CLIENT_REGISTRATIONS_PARAMS));
  220 + public void testDeleteTenantOAuth2ClientRegistrations() {
  221 + oAuth2Service.saveClientRegistration(validClientRegistration(UUID.randomUUID().toString(), tenantId));
  222 + oAuth2Service.saveClientRegistration(validClientRegistration(UUID.randomUUID().toString(), tenantId));
  223 + oAuth2Service.saveClientRegistration(validClientRegistration(UUID.randomUUID().toString(), tenantId));
  224 + Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size());
  225 + Assert.assertEquals(3, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
  226 +
  227 + oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
  228 + Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size());
  229 + Assert.assertEquals(0, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
384 230 }
385 231
386 232 private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException {
... ... @@ -394,87 +240,17 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
394 240 }
395 241 }
396 242
397   - private OAuth2ClientsParams validClientsParams() {
398   - OAuth2ClientRegistration first = validClientRegistration();
399   - OAuth2ClientRegistration second = validClientRegistration();
400   - return OAuth2ClientsParams.builder()
401   - .clientsDomainsParams(Collections.singletonList(
402   - OAuth2ClientsDomainParams.builder()
403   - .domainName(UUID.randomUUID().toString())
404   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
405   - .clientRegistrations(Arrays.asList(first, second))
406   - .build()
407   - ))
408   - .build();
409   - }
410   -
411   - private OAuth2ClientsParams validClientsParamsWithThreeDomains() {
412   - OAuth2ClientRegistration first = validClientRegistration();
413   - OAuth2ClientRegistration second = validClientRegistration();
414   - OAuth2ClientRegistration third = validClientRegistration();
415   - return OAuth2ClientsParams.builder()
416   - .clientsDomainsParams(Arrays.asList(
417   - OAuth2ClientsDomainParams.builder()
418   - .domainName(UUID.randomUUID().toString())
419   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
420   - .clientRegistrations(Arrays.asList(first, second))
421   - .build(),
422   - OAuth2ClientsDomainParams.builder()
423   - .domainName(UUID.randomUUID().toString())
424   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
425   - .clientRegistrations(Arrays.asList(third))
426   - .build()
427   - ))
428   - .build();
429   - }
430   -
431   -
432   - private OAuth2ClientsParams clientsParamsWithDuplicateDomains() {
433   - OAuth2ClientRegistration first = validClientRegistration();
434   - OAuth2ClientRegistration second = validClientRegistration();
435   - OAuth2ClientRegistration third = validClientRegistration();
436   - return OAuth2ClientsParams.builder()
437   - .clientsDomainsParams(Arrays.asList(
438   - OAuth2ClientsDomainParams.builder()
439   - .domainName("domain")
440   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
441   - .clientRegistrations(Collections.singletonList(first))
442   - .build(),
443   - OAuth2ClientsDomainParams.builder()
444   - .domainName("domain")
445   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
446   - .clientRegistrations(Collections.singletonList(second))
447   - .build(),
448   - OAuth2ClientsDomainParams.builder()
449   - .domainName(UUID.randomUUID().toString())
450   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
451   - .clientRegistrations(Collections.singletonList(third))
452   - .build()
453   - ))
454   - .build();
455   - }
456   -
457   - private OAuth2ClientsParams clientsParamsWithDuplicateRegistrationIds() {
458   - OAuth2ClientRegistration first = validClientRegistration();
459   - first.setRegistrationId("registrationId");
460   - OAuth2ClientRegistration second = validClientRegistration();
461   - OAuth2ClientRegistration third = validClientRegistration();
462   - third.setRegistrationId("registrationId");
463   - return OAuth2ClientsParams.builder()
464   - .clientsDomainsParams(Arrays.asList(
465   - OAuth2ClientsDomainParams.builder()
466   - .domainName(UUID.randomUUID().toString())
467   - .redirectUriTemplate("http://localhost:8080/login/oauth2/code/")
468   - .clientRegistrations(Arrays.asList(first, second, third))
469   - .build()
470   - ))
471   - .build();
  243 + private OAuth2ClientRegistration validClientRegistration(String registrationId, TenantId tenantId) {
  244 + return validClientRegistration("domainName", registrationId, tenantId);
472 245 }
473 246
474   - private OAuth2ClientRegistration validClientRegistration() {
475   - return OAuth2ClientRegistration.builder()
476   - .registrationId(UUID.randomUUID().toString())
477   - .mapperConfig(OAuth2MapperConfig.builder()
  247 + private OAuth2ClientRegistration validClientRegistration(String domainName, String registrationId, TenantId tenantId) {
  248 + OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
  249 + clientRegistration.setTenantId(tenantId);
  250 + clientRegistration.setRegistrationId(registrationId);
  251 + clientRegistration.setDomainName(domainName);
  252 + clientRegistration.setMapperConfig(
  253 + OAuth2MapperConfig.builder()
478 254 .allowUserCreation(true)
479 255 .activateUser(true)
480 256 .type(MapperType.CUSTOM)
... ... @@ -483,17 +259,20 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
483 259 .url("localhost:8082")
484 260 .build()
485 261 )
486   - .build())
487   - .clientId("clientId")
488   - .clientSecret("clientSecret")
489   - .authorizationUri("authorizationUri")
490   - .accessTokenUri("tokenUri")
491   - .scope(Arrays.asList("scope1", "scope2"))
492   - .userInfoUri("userInfoUri")
493   - .userNameAttributeName("userNameAttributeName")
494   - .jwkSetUri("jwkSetUri")
495   - .clientAuthenticationMethod("clientAuthenticationMethod")
496   - .loginButtonLabel("loginButtonLabel")
497   - .build();
  262 + .build()
  263 + );
  264 + clientRegistration.setClientId("clientId");
  265 + clientRegistration.setClientSecret("clientSecret");
  266 + clientRegistration.setAuthorizationUri("authorizationUri");
  267 + clientRegistration.setAccessTokenUri("tokenUri");
  268 + clientRegistration.setRedirectUriTemplate("redirectUriTemplate");
  269 + clientRegistration.setScope(Arrays.asList("scope1", "scope2"));
  270 + clientRegistration.setUserInfoUri("userInfoUri");
  271 + clientRegistration.setUserNameAttributeName("userNameAttributeName");
  272 + clientRegistration.setJwkSetUri("jwkSetUri");
  273 + clientRegistration.setClientAuthenticationMethod("clientAuthenticationMethod");
  274 + clientRegistration.setLoginButtonLabel("loginButtonLabel");
  275 + clientRegistration.setLoginButtonIcon("loginButtonIcon");
  276 + return clientRegistration;
498 277 }
499 278 }
... ...
... ... @@ -20,4 +20,5 @@ DROP TABLE IF EXISTS widgets_bundle;
20 20 DROP TABLE IF EXISTS rule_node;
21 21 DROP TABLE IF EXISTS rule_chain;
22 22 DROP TABLE IF EXISTS entity_view;
  23 +DROP TABLE IF EXISTS oauth2_client_registration;
23 24 DROP FUNCTION IF EXISTS to_uuid;
... ...
... ... @@ -21,4 +21,5 @@ DROP TABLE IF EXISTS widgets_bundle;
21 21 DROP TABLE IF EXISTS rule_node;
22 22 DROP TABLE IF EXISTS rule_chain;
23 23 DROP TABLE IF EXISTS entity_view;
  24 +DROP TABLE IF EXISTS oauth2_client_registration;
24 25 DROP TABLE IF EXISTS tb_schema_settings;
\ No newline at end of file
... ...
... ... @@ -21,4 +21,5 @@ DROP TABLE IF EXISTS widgets_bundle;
21 21 DROP TABLE IF EXISTS rule_node;
22 22 DROP TABLE IF EXISTS rule_chain;
23 23 DROP TABLE IF EXISTS entity_view;
  24 +DROP TABLE IF EXISTS oauth2_client_registration;
24 25 DROP TABLE IF EXISTS tb_schema_settings;
\ No newline at end of file
... ...