From 4ab7dccca0621fce681f0150fd604a13bc50d07e Mon Sep 17 00:00:00 2001 From: shimingxy Date: Fri, 5 Jun 2020 15:22:08 +0800 Subject: [PATCH] OAuth20 update clientSecret Fix OAuth20 update clientSecret Fix --- .../domain/apps/AppsOAuth20Details.java | 659 +++++++++--------- .../client/JdbcClientDetailsService.java | 467 ++++++------- .../contorller/OAuth20DetailsController.java | 7 +- 3 files changed, 555 insertions(+), 578 deletions(-) diff --git a/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java b/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java index 5c0988ead..0c5f9d681 100644 --- a/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java +++ b/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java @@ -5,347 +5,322 @@ import javax.persistence.Table; import org.maxkey.domain.apps.oauth2.provider.client.BaseClientDetails; import org.springframework.util.StringUtils; +@Table(name = "APPS_OAUTH_CLIENT_DETAILS") +public class AppsOAuth20Details extends Apps { + + /** + * + */ + private static final long serialVersionUID = 6786113671104069370L; + + private String clientId; + + private String clientSecret; + + private String scope; + + private String resourceIds; + + private String authorizedGrantTypes; + + private String registeredRedirectUris; + + private String authorities; + + private Integer accessTokenValiditySeconds; + + private Integer refreshTokenValiditySeconds; + + private String approvalPrompt; + + // for OpenID Connect + private String idTokenSigningAlgorithm; + private String idTokenEncryptedAlgorithm; + private String idTokenEncryptionMethod; + + private String userInfoSigningAlgorithm; + private String userInfoEncryptedAlgorithm; + private String userInfoEncryptionMethod; + + private String jwksUri; + + /** + * + */ + public AppsOAuth20Details() { + super(); + + } + + /** + * + */ + public AppsOAuth20Details(Apps application, BaseClientDetails baseClientDetails) { + super(); + this.id = application.getId(); + this.setName(application.getName()); + this.setLoginUrl(application.getLoginUrl()); + this.setCategory(application.getCategory()); + this.setProtocol(application.getProtocol()); + this.setIcon(application.getIcon()); + this.clientId = application.getId(); + + this.setSortIndex(application.getSortIndex()); + this.setVendor(application.getVendor()); + this.setVendorUrl(application.getVendorUrl()); + + this.clientSecret = baseClientDetails.getClientSecret(); + this.scope = baseClientDetails.getScope().toString(); + this.resourceIds = baseClientDetails.getResourceIds().toString(); + this.authorizedGrantTypes = baseClientDetails.getAuthorizedGrantTypes().toString(); + this.registeredRedirectUris = StringUtils + .collectionToCommaDelimitedString(baseClientDetails.getRegisteredRedirectUri()); + this.authorities = baseClientDetails.getAuthorities().toString(); + this.accessTokenValiditySeconds = baseClientDetails.getAccessTokenValiditySeconds(); + this.refreshTokenValiditySeconds = baseClientDetails.getRefreshTokenValiditySeconds(); + this.approvalPrompt = baseClientDetails.isAutoApprove("all") + ""; + + this.idTokenEncryptedAlgorithm = baseClientDetails.getIdTokenEncryptedAlgorithm(); + this.idTokenEncryptionMethod = baseClientDetails.getIdTokenEncryptionMethod(); + this.idTokenSigningAlgorithm = baseClientDetails.getIdTokenSigningAlgorithm(); + + this.userInfoEncryptedAlgorithm = baseClientDetails.getUserInfoEncryptedAlgorithm(); + this.userInfoEncryptionMethod = baseClientDetails.getUserInfoEncryptionMethod(); + this.userInfoSigningAlgorithm = baseClientDetails.getUserInfoSigningAlgorithm(); + + this.jwksUri = baseClientDetails.getJwksUri(); + + } + + /** + * @return the clientId + */ + public String getClientId() { + return clientId; + } + + /** + * @return the approvalPrompt + */ + public String getApprovalPrompt() { + return approvalPrompt; + } + + /** + * @param approvalPrompt the approvalPrompt to set + */ + public void setApprovalPrompt(String approvalPrompt) { + this.approvalPrompt = approvalPrompt; + } + + /** + * @param clientId the clientId to set + */ + public void setClientId(String clientId) { + this.clientId = clientId; + } + + /** + * @return the clientSecret + */ + public String getClientSecret() { + return clientSecret; + } + + /** + * @param clientSecret the clientSecret to set + */ + public void setClientSecret(String clientSecret) { + this.clientSecret = clientSecret; + } + + /** + * @return the scope + */ + public String getScope() { + return scope; + } + + /** + * @param scope the scope to set + */ + public void setScope(String scope) { + this.scope = scope; + } + + /** + * @return the resourceIds + */ + public String getResourceIds() { + return resourceIds; + } + + /** + * @param resourceIds the resourceIds to set + */ + public void setResourceIds(String resourceIds) { + this.resourceIds = resourceIds; + } + + /** + * @return the authorizedGrantTypes + */ + public String getAuthorizedGrantTypes() { + return authorizedGrantTypes; + } + + /** + * @param authorizedGrantTypes the authorizedGrantTypes to set + */ + public void setAuthorizedGrantTypes(String authorizedGrantTypes) { + this.authorizedGrantTypes = authorizedGrantTypes; + } + + /** + * @return the registeredRedirectUris + */ + public String getRegisteredRedirectUris() { + return registeredRedirectUris; + } + + /** + * @param registeredRedirectUris the registeredRedirectUris to set + */ + public void setRegisteredRedirectUris(String registeredRedirectUris) { + this.registeredRedirectUris = registeredRedirectUris; + } + + /** + * @return the authorities + */ + public String getAuthorities() { + return authorities; + } + + /** + * @param authorities the authorities to set + */ + public void setAuthorities(String authorities) { + this.authorities = authorities; + } + + /** + * @return the accessTokenValiditySeconds + */ + public Integer getAccessTokenValiditySeconds() { + return accessTokenValiditySeconds; + } + + /** + * @param accessTokenValiditySeconds the accessTokenValiditySeconds to set + */ + public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { + this.accessTokenValiditySeconds = accessTokenValiditySeconds; + } + + /** + * @return the refreshTokenValiditySeconds + */ + public Integer getRefreshTokenValiditySeconds() { + return refreshTokenValiditySeconds; + } + + /** + * @param refreshTokenValiditySeconds the refreshTokenValiditySeconds to set + */ + public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { + this.refreshTokenValiditySeconds = refreshTokenValiditySeconds; + } + + public String getIdTokenSigningAlgorithm() { + return idTokenSigningAlgorithm; + } + + public void setIdTokenSigningAlgorithm(String idTokenSigningAlgorithm) { + this.idTokenSigningAlgorithm = idTokenSigningAlgorithm; + } + + public String getIdTokenEncryptedAlgorithm() { + return idTokenEncryptedAlgorithm; + } + + public void setIdTokenEncryptedAlgorithm(String idTokenEncryptedAlgorithm) { + this.idTokenEncryptedAlgorithm = idTokenEncryptedAlgorithm; + } + + public String getIdTokenEncryptionMethod() { + return idTokenEncryptionMethod; + } + + public void setIdTokenEncryptionMethod(String idTokenEncryptionMethod) { + this.idTokenEncryptionMethod = idTokenEncryptionMethod; + } + + public String getUserInfoSigningAlgorithm() { + return userInfoSigningAlgorithm; + } + + public void setUserInfoSigningAlgorithm(String userInfoSigningAlgorithm) { + this.userInfoSigningAlgorithm = userInfoSigningAlgorithm; + } + + public String getUserInfoEncryptedAlgorithm() { + return userInfoEncryptedAlgorithm; + } + + public void setUserInfoEncryptedAlgorithm(String userInfoEncryptedAlgorithm) { + this.userInfoEncryptedAlgorithm = userInfoEncryptedAlgorithm; + } + + public String getUserInfoEncryptionMethod() { + return userInfoEncryptionMethod; + } + + public void setUserInfoEncryptionMethod(String userInfoEncryptionMethod) { + this.userInfoEncryptionMethod = userInfoEncryptionMethod; + } + + public String getJwksUri() { + return jwksUri; + } + + public void setJwksUri(String jwksUri) { + this.jwksUri = jwksUri; + } + + public BaseClientDetails clientDetailsRowMapper() { + BaseClientDetails baseClientDetails = new BaseClientDetails(this.getId(), this.getId(), this.getScope(), + this.getAuthorizedGrantTypes(), "ROLE_CLIENT, ROLE_TRUSTED_CLIENT", this.getRegisteredRedirectUris()); + baseClientDetails.setAccessTokenValiditySeconds(this.getAccessTokenValiditySeconds()); + baseClientDetails.setRefreshTokenValiditySeconds(this.getRefreshTokenValiditySeconds()); + baseClientDetails.setClientSecret(this.getClientSecret()); + baseClientDetails.setAutoApproveScopes(baseClientDetails.getScope()); + + baseClientDetails.setIdTokenEncryptedAlgorithm(this.getIdTokenEncryptedAlgorithm()); + baseClientDetails.setIdTokenEncryptionMethod(this.getIdTokenEncryptionMethod()); + baseClientDetails.setIdTokenSigningAlgorithm(this.getIdTokenSigningAlgorithm()); + + baseClientDetails.setUserInfoEncryptedAlgorithm(this.getUserInfoEncryptedAlgorithm()); + baseClientDetails.setUserInfoEncryptionMethod(this.getUserInfoEncryptionMethod()); + baseClientDetails.setUserInfoSigningAlgorithm(this.getUserInfoSigningAlgorithm()); + + baseClientDetails.setJwksUri(this.getJwksUri()); + + return baseClientDetails; + } + + /* + * (non-Javadoc) + * + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return "OAuth20Details [clientId=" + clientId + ", clientSecret=" + clientSecret + ", scope=" + scope + + ", resourceIds=" + resourceIds + ", authorizedGrantTypes=" + authorizedGrantTypes + + ", registeredRedirectUris=" + registeredRedirectUris + ", authorities=" + authorities + + ", accessTokenValiditySeconds=" + accessTokenValiditySeconds + ", refreshTokenValiditySeconds=" + + refreshTokenValiditySeconds + "]"; + } -@Table(name = "APPS_OAUTH_CLIENT_DETAILS") -public class AppsOAuth20Details extends Apps { - - /** - * - */ - private static final long serialVersionUID = 6786113671104069370L; - - - private String clientId; - - private String clientSecret; - - private String scope ; - - private String resourceIds ; - - private String authorizedGrantTypes; - - private String registeredRedirectUris; - - private String authorities ; - - private Integer accessTokenValiditySeconds; - - private Integer refreshTokenValiditySeconds; - - private String approvalPrompt; - - //for OpenID Connect - private String idTokenSigningAlgorithm; - private String idTokenEncryptedAlgorithm; - private String idTokenEncryptionMethod; - - private String userInfoSigningAlgorithm; - private String userInfoEncryptedAlgorithm; - private String userInfoEncryptionMethod; - - private String jwksUri; - - /** - * - */ - public AppsOAuth20Details() { - super(); - - } - - /** - * - */ - public AppsOAuth20Details(Apps application,BaseClientDetails baseClientDetails) { - super(); - this.id=application.getId(); - this.setName(application.getName()); - this.setLoginUrl(application.getLoginUrl()); - this.setCategory(application.getCategory()); - this.setProtocol(application.getProtocol()); - this.setIcon(application.getIcon()); - this.clientId=application.getId(); - - this.setSortIndex(application.getSortIndex()); - this.setVendor(application.getVendor()); - this.setVendorUrl(application.getVendorUrl()); - - this.clientSecret=baseClientDetails.getClientSecret(); - this.scope=baseClientDetails.getScope().toString(); - this.resourceIds=baseClientDetails.getResourceIds().toString(); - this.authorizedGrantTypes=baseClientDetails.getAuthorizedGrantTypes().toString(); - this.registeredRedirectUris=StringUtils.collectionToCommaDelimitedString(baseClientDetails.getRegisteredRedirectUri()); - this.authorities=baseClientDetails.getAuthorities().toString(); - this.accessTokenValiditySeconds=baseClientDetails.getAccessTokenValiditySeconds(); - this.refreshTokenValiditySeconds=baseClientDetails.getRefreshTokenValiditySeconds(); - this.approvalPrompt=baseClientDetails.isAutoApprove("all")+""; - - this.idTokenEncryptedAlgorithm=baseClientDetails.getIdTokenEncryptedAlgorithm(); - this.idTokenEncryptionMethod=baseClientDetails.getIdTokenEncryptionMethod(); - this.idTokenSigningAlgorithm=baseClientDetails.getIdTokenSigningAlgorithm(); - - this.userInfoEncryptedAlgorithm=baseClientDetails.getUserInfoEncryptedAlgorithm(); - this.userInfoEncryptionMethod=baseClientDetails.getUserInfoEncryptionMethod(); - this.userInfoSigningAlgorithm=baseClientDetails.getUserInfoSigningAlgorithm(); - - this.jwksUri=baseClientDetails.getJwksUri(); - - } - - - /** - * @return the clientId - */ - public String getClientId() { - return clientId; - } - - - - - /** - * @return the approvalPrompt - */ - public String getApprovalPrompt() { - return approvalPrompt; - } - - /** - * @param approvalPrompt the approvalPrompt to set - */ - public void setApprovalPrompt(String approvalPrompt) { - this.approvalPrompt = approvalPrompt; - } - - /** - * @param clientId the clientId to set - */ - public void setClientId(String clientId) { - this.clientId = clientId; - } - - - /** - * @return the clientSecret - */ - public String getClientSecret() { - return clientSecret; - } - - - /** - * @param clientSecret the clientSecret to set - */ - public void setClientSecret(String clientSecret) { - this.clientSecret = clientSecret; - } - - - /** - * @return the scope - */ - public String getScope() { - return scope; - } - - - /** - * @param scope the scope to set - */ - public void setScope(String scope) { - this.scope = scope; - } - - - /** - * @return the resourceIds - */ - public String getResourceIds() { - return resourceIds; - } - - - /** - * @param resourceIds the resourceIds to set - */ - public void setResourceIds(String resourceIds) { - this.resourceIds = resourceIds; - } - - - /** - * @return the authorizedGrantTypes - */ - public String getAuthorizedGrantTypes() { - return authorizedGrantTypes; - } - - - /** - * @param authorizedGrantTypes the authorizedGrantTypes to set - */ - public void setAuthorizedGrantTypes(String authorizedGrantTypes) { - this.authorizedGrantTypes = authorizedGrantTypes; - } - - - /** - * @return the registeredRedirectUris - */ - public String getRegisteredRedirectUris() { - return registeredRedirectUris; - } - - - /** - * @param registeredRedirectUris the registeredRedirectUris to set - */ - public void setRegisteredRedirectUris(String registeredRedirectUris) { - this.registeredRedirectUris = registeredRedirectUris; - } - - - /** - * @return the authorities - */ - public String getAuthorities() { - return authorities; - } - - - /** - * @param authorities the authorities to set - */ - public void setAuthorities(String authorities) { - this.authorities = authorities; - } - - - /** - * @return the accessTokenValiditySeconds - */ - public Integer getAccessTokenValiditySeconds() { - return accessTokenValiditySeconds; - } - - - /** - * @param accessTokenValiditySeconds the accessTokenValiditySeconds to set - */ - public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { - this.accessTokenValiditySeconds = accessTokenValiditySeconds; - } - - - /** - * @return the refreshTokenValiditySeconds - */ - public Integer getRefreshTokenValiditySeconds() { - return refreshTokenValiditySeconds; - } - - - /** - * @param refreshTokenValiditySeconds the refreshTokenValiditySeconds to set - */ - public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { - this.refreshTokenValiditySeconds = refreshTokenValiditySeconds; - } - - - - public String getIdTokenSigningAlgorithm() { - return idTokenSigningAlgorithm; - } - - public void setIdTokenSigningAlgorithm(String idTokenSigningAlgorithm) { - this.idTokenSigningAlgorithm = idTokenSigningAlgorithm; - } - - public String getIdTokenEncryptedAlgorithm() { - return idTokenEncryptedAlgorithm; - } - - public void setIdTokenEncryptedAlgorithm(String idTokenEncryptedAlgorithm) { - this.idTokenEncryptedAlgorithm = idTokenEncryptedAlgorithm; - } - - public String getIdTokenEncryptionMethod() { - return idTokenEncryptionMethod; - } - - public void setIdTokenEncryptionMethod(String idTokenEncryptionMethod) { - this.idTokenEncryptionMethod = idTokenEncryptionMethod; - } - - public String getUserInfoSigningAlgorithm() { - return userInfoSigningAlgorithm; - } - - public void setUserInfoSigningAlgorithm(String userInfoSigningAlgorithm) { - this.userInfoSigningAlgorithm = userInfoSigningAlgorithm; - } - - public String getUserInfoEncryptedAlgorithm() { - return userInfoEncryptedAlgorithm; - } - - public void setUserInfoEncryptedAlgorithm(String userInfoEncryptedAlgorithm) { - this.userInfoEncryptedAlgorithm = userInfoEncryptedAlgorithm; - } - - public String getUserInfoEncryptionMethod() { - return userInfoEncryptionMethod; - } - - public void setUserInfoEncryptionMethod(String userInfoEncryptionMethod) { - this.userInfoEncryptionMethod = userInfoEncryptionMethod; - } - - public String getJwksUri() { - return jwksUri; - } - - public void setJwksUri(String jwksUri) { - this.jwksUri = jwksUri; - } - - public BaseClientDetails clientDetailsRowMapper(){ - BaseClientDetails baseClientDetails =new BaseClientDetails( this.getId(), - this.getId(), this.getScope(), this.getAuthorizedGrantTypes(), "ROLE_CLIENT, ROLE_TRUSTED_CLIENT", - this.getRegisteredRedirectUris()); - baseClientDetails.setAccessTokenValiditySeconds(this.getAccessTokenValiditySeconds()); - baseClientDetails.setRefreshTokenValiditySeconds(this.getRefreshTokenValiditySeconds()); - baseClientDetails.setClientSecret(this.getClientSecret()); - baseClientDetails.setAutoApproveScopes(baseClientDetails.getScope()); - - baseClientDetails.setIdTokenEncryptedAlgorithm(this.getIdTokenEncryptedAlgorithm()); - baseClientDetails.setIdTokenEncryptionMethod(this.getIdTokenEncryptionMethod()); - baseClientDetails.setIdTokenSigningAlgorithm(this.getIdTokenSigningAlgorithm()); - - baseClientDetails.setUserInfoEncryptedAlgorithm(this.getUserInfoEncryptedAlgorithm()); - baseClientDetails.setUserInfoEncryptionMethod(this.getUserInfoEncryptionMethod()); - baseClientDetails.setUserInfoSigningAlgorithm(this.getUserInfoSigningAlgorithm()); - - baseClientDetails.setJwksUri(this.getJwksUri()); - - return baseClientDetails; - } - - /* (non-Javadoc) - * @see java.lang.Object#toString() - */ - @Override - public String toString() { - return "OAuth20Details [clientId=" + clientId + ", clientSecret=" - + clientSecret + ", scope=" + scope + ", resourceIds=" - + resourceIds + ", authorizedGrantTypes=" - + authorizedGrantTypes + ", registeredRedirectUris=" - + registeredRedirectUris + ", authorities=" + authorities - + ", accessTokenValiditySeconds=" + accessTokenValiditySeconds - + ", refreshTokenValiditySeconds=" - + refreshTokenValiditySeconds + "]"; - } - } diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java index 69e01f4ea..7740582d6 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java @@ -54,288 +54,289 @@ import com.fasterxml.jackson.databind.ObjectMapper; */ public class JdbcClientDetailsService implements ClientDetailsService, ClientRegistrationService { - private static final Log logger = LogFactory.getLog(JdbcClientDetailsService.class); + private static final Log logger = LogFactory.getLog(JdbcClientDetailsService.class); - private JsonMapper mapper = createJsonMapper(); + private JsonMapper mapper = createJsonMapper(); - private static final String CLIENT_FIELDS_FOR_UPDATE = "RESOURCE_IDS, SCOPE, " - + "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, " - + "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, " - + "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, " - + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI"; + private static final String CLIENT_FIELDS_FOR_UPDATE = "RESOURCE_IDS, SCOPE, " + + "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, " + + "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, " + + "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, " + + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI"; - private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE; + private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE; - private static final String BASE_FIND_STATEMENT = "select client_id, " + CLIENT_FIELDS - + " from apps_oauth_client_details"; + private static final String BASE_FIND_STATEMENT = "select client_id, " + CLIENT_FIELDS + + " from apps_oauth_client_details"; - private static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id"; + private static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id"; - private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?"; + private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?"; - private static final String DEFAULT_INSERT_STATEMENT = "insert into apps_oauth_client_details (" + CLIENT_FIELDS - + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; + private static final String DEFAULT_INSERT_STATEMENT = "insert into apps_oauth_client_details (" + CLIENT_FIELDS + + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; - private static final String DEFAULT_UPDATE_STATEMENT = "update apps_oauth_client_details " + "set " - + CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?"; + private static final String DEFAULT_UPDATE_STATEMENT = "update apps_oauth_client_details " + "set " + + CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?"; - private static final String DEFAULT_UPDATE_SECRET_STATEMENT = "update apps_oauth_client_details " - + "set client_secret = ? where client_id = ?"; + private static final String DEFAULT_UPDATE_SECRET_STATEMENT = "update apps_oauth_client_details " + + "set client_secret = ? where client_id = ?"; - private static final String DEFAULT_DELETE_STATEMENT = "delete from apps_oauth_client_details where client_id = ?"; + private static final String DEFAULT_DELETE_STATEMENT = "delete from apps_oauth_client_details where client_id = ?"; - private RowMapper rowMapper = new ClientDetailsRowMapper(); + private RowMapper rowMapper = new ClientDetailsRowMapper(); - private String deleteClientDetailsSql = DEFAULT_DELETE_STATEMENT; + private String deleteClientDetailsSql = DEFAULT_DELETE_STATEMENT; - private String findClientDetailsSql = DEFAULT_FIND_STATEMENT; + private String findClientDetailsSql = DEFAULT_FIND_STATEMENT; - private String updateClientDetailsSql = DEFAULT_UPDATE_STATEMENT; + private String updateClientDetailsSql = DEFAULT_UPDATE_STATEMENT; - private String updateClientSecretSql = DEFAULT_UPDATE_SECRET_STATEMENT; + private String updateClientSecretSql = DEFAULT_UPDATE_SECRET_STATEMENT; - private String insertClientDetailsSql = DEFAULT_INSERT_STATEMENT; + private String insertClientDetailsSql = DEFAULT_INSERT_STATEMENT; - private String selectClientDetailsSql = DEFAULT_SELECT_STATEMENT; + private String selectClientDetailsSql = DEFAULT_SELECT_STATEMENT; - private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance(); + private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance(); - private final JdbcTemplate jdbcTemplate; + private final JdbcTemplate jdbcTemplate; - private JdbcListFactory listFactory; + private JdbcListFactory listFactory; - public JdbcClientDetailsService(DataSource dataSource) { - Assert.notNull(dataSource, "DataSource required"); - this.jdbcTemplate = new JdbcTemplate(dataSource); - this.listFactory = new DefaultJdbcListFactory(new NamedParameterJdbcTemplate(jdbcTemplate)); - } + public JdbcClientDetailsService(DataSource dataSource) { + Assert.notNull(dataSource, "DataSource required"); + this.jdbcTemplate = new JdbcTemplate(dataSource); + this.listFactory = new DefaultJdbcListFactory(new NamedParameterJdbcTemplate(jdbcTemplate)); + } - /** - * @param passwordEncoder the password encoder to set - */ - public void setPasswordEncoder(PasswordEncoder passwordEncoder) { - this.passwordEncoder = passwordEncoder; - } + /** + * @param passwordEncoder the password encoder to set + */ + public void setPasswordEncoder(PasswordEncoder passwordEncoder) { + this.passwordEncoder = passwordEncoder; + } - public ClientDetails loadClientByClientId(String clientId) { - ClientDetails details; - try { - details = jdbcTemplate.queryForObject(selectClientDetailsSql, new ClientDetailsRowMapper(), clientId); - } - catch (EmptyResultDataAccessException e) { - throw new NoSuchClientException("No client with requested id: " + clientId); - } + public ClientDetails loadClientByClientId(String clientId) { + ClientDetails details; + try { + details = jdbcTemplate.queryForObject(selectClientDetailsSql, new ClientDetailsRowMapper(), clientId); + } catch (EmptyResultDataAccessException e) { + throw new NoSuchClientException("No client with requested id: " + clientId); + } - return details; - } + return details; + } - public void addClientDetails(ClientDetails clientDetails) throws ClientAlreadyExistsException { - try { - jdbcTemplate.update(insertClientDetailsSql, getFields(clientDetails)); - } - catch (DuplicateKeyException e) { - throw new ClientAlreadyExistsException("Client already exists: " + clientDetails.getClientId(), e); - } - } + public void addClientDetails(ClientDetails clientDetails) throws ClientAlreadyExistsException { + try { + jdbcTemplate.update(insertClientDetailsSql, getFields(clientDetails)); + } catch (DuplicateKeyException e) { + throw new ClientAlreadyExistsException("Client already exists: " + clientDetails.getClientId(), e); + } + } - public void updateClientDetails(ClientDetails clientDetails) throws NoSuchClientException { - int count = jdbcTemplate.update(updateClientDetailsSql, getFieldsForUpdate(clientDetails)); - if (count != 1) { - throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId()); - } - } + public void updateClientDetails(ClientDetails clientDetails) throws NoSuchClientException { + int count = jdbcTemplate.update(updateClientDetailsSql, getFieldsForUpdate(clientDetails)); + if (count != 1) { + throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId()); + } + } - public void updateClientSecret(String clientId, String secret) throws NoSuchClientException { - int count = jdbcTemplate.update(updateClientSecretSql, passwordEncoder.encode(secret), clientId); - if (count != 1) { - throw new NoSuchClientException("No client found with id = " + clientId); - } - } + public void updateClientSecret(String clientId, String secret) throws NoSuchClientException { + int count = jdbcTemplate.update(updateClientSecretSql, passwordEncoder.encode(secret), clientId); + if (count != 1) { + throw new NoSuchClientException("No client found with id = " + clientId); + } + } - public void removeClientDetails(String clientId) throws NoSuchClientException { - int count = jdbcTemplate.update(deleteClientDetailsSql, clientId); - if (count != 1) { - throw new NoSuchClientException("No client found with id = " + clientId); - } - } + public void removeClientDetails(String clientId) throws NoSuchClientException { + int count = jdbcTemplate.update(deleteClientDetailsSql, clientId); + if (count != 1) { + throw new NoSuchClientException("No client found with id = " + clientId); + } + } - public List listClientDetails() { - return listFactory.getList(findClientDetailsSql, Collections. emptyMap(), rowMapper); - } + public List listClientDetails() { + return listFactory.getList(findClientDetailsSql, Collections.emptyMap(), rowMapper); + } - private Object[] getFields(ClientDetails clientDetails) { - Object[] fieldsForUpdate = getFieldsForUpdate(clientDetails); - Object[] fields = new Object[fieldsForUpdate.length + 1]; - System.arraycopy(fieldsForUpdate, 0, fields, 1, fieldsForUpdate.length); - fields[0] = clientDetails.getClientSecret() != null ? passwordEncoder.encode(clientDetails.getClientSecret()) - : null; - return fields; - } + private Object[] getFields(ClientDetails clientDetails) { + Object[] fieldsForUpdate = getFieldsForUpdate(clientDetails); + Object[] fields = new Object[fieldsForUpdate.length + 1]; + System.arraycopy(fieldsForUpdate, 0, fields, 1, fieldsForUpdate.length); + fields[0] = clientDetails.getClientSecret() != null ? passwordEncoder.encode(clientDetails.getClientSecret()) + : null; + return fields; + } - private Object[] getFieldsForUpdate(ClientDetails clientDetails) { - String json = null; - try { - json = mapper.write(clientDetails.getAdditionalInformation()); - } - catch (Exception e) { - logger.warn("Could not serialize additional information: " + clientDetails, e); - } - return new Object[] { - clientDetails.getResourceIds() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails - .getResourceIds()) : null, - clientDetails.getScope() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails - .getScope()) : null, - clientDetails.getAuthorizedGrantTypes() != null ? StringUtils - .collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) : null, - clientDetails.getRegisteredRedirectUri() != null ? StringUtils - .collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) : null, - clientDetails.getAuthorities() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails - .getAuthorities()) : null, clientDetails.getAccessTokenValiditySeconds(), - clientDetails.getRefreshTokenValiditySeconds(), json, getAutoApproveScopes(clientDetails), - clientDetails.getIdTokenSigningAlgorithm(),clientDetails.getIdTokenEncryptedAlgorithm(),clientDetails.getIdTokenEncryptionMethod(), - clientDetails.getUserInfoSigningAlgorithm(),clientDetails.getUserInfoEncryptedAlgorithm(),clientDetails.getUserInfoEncryptionMethod(), - clientDetails.getJwksUri(), - clientDetails.getClientId() }; - } + private Object[] getFieldsForUpdate(ClientDetails clientDetails) { + String json = null; + try { + json = mapper.write(clientDetails.getAdditionalInformation()); + } catch (Exception e) { + logger.warn("Could not serialize additional information: " + clientDetails, e); + } + return new Object[] { + clientDetails.getResourceIds() != null + ? StringUtils.collectionToCommaDelimitedString(clientDetails.getResourceIds()) + : null, + clientDetails.getScope() != null + ? StringUtils.collectionToCommaDelimitedString(clientDetails.getScope()) + : null, + clientDetails.getAuthorizedGrantTypes() != null + ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) + : null, + clientDetails.getRegisteredRedirectUri() != null + ? StringUtils.collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) + : null, + clientDetails.getAuthorities() != null + ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorities()) + : null, + clientDetails.getAccessTokenValiditySeconds(), clientDetails.getRefreshTokenValiditySeconds(), json, + getAutoApproveScopes(clientDetails), clientDetails.getIdTokenSigningAlgorithm(), + clientDetails.getIdTokenEncryptedAlgorithm(), clientDetails.getIdTokenEncryptionMethod(), + clientDetails.getUserInfoSigningAlgorithm(), clientDetails.getUserInfoEncryptedAlgorithm(), + clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), clientDetails.getClientId() }; + } - private String getAutoApproveScopes(ClientDetails clientDetails) { - if (clientDetails.isAutoApprove("true")) { - return "true"; // all scopes autoapproved - } - Set scopes = new HashSet(); - for (String scope : clientDetails.getScope()) { - if (clientDetails.isAutoApprove(scope)) { - scopes.add(scope); - } - } - return StringUtils.collectionToCommaDelimitedString(scopes); - } + private String getAutoApproveScopes(ClientDetails clientDetails) { + if (clientDetails.isAutoApprove("true")) { + return "true"; // all scopes autoapproved + } + Set scopes = new HashSet(); + for (String scope : clientDetails.getScope()) { + if (clientDetails.isAutoApprove(scope)) { + scopes.add(scope); + } + } + return StringUtils.collectionToCommaDelimitedString(scopes); + } - public void setSelectClientDetailsSql(String selectClientDetailsSql) { - this.selectClientDetailsSql = selectClientDetailsSql; - } + public void setSelectClientDetailsSql(String selectClientDetailsSql) { + this.selectClientDetailsSql = selectClientDetailsSql; + } - public void setDeleteClientDetailsSql(String deleteClientDetailsSql) { - this.deleteClientDetailsSql = deleteClientDetailsSql; - } + public void setDeleteClientDetailsSql(String deleteClientDetailsSql) { + this.deleteClientDetailsSql = deleteClientDetailsSql; + } - public void setUpdateClientDetailsSql(String updateClientDetailsSql) { - this.updateClientDetailsSql = updateClientDetailsSql; - } + public void setUpdateClientDetailsSql(String updateClientDetailsSql) { + this.updateClientDetailsSql = updateClientDetailsSql; + } - public void setUpdateClientSecretSql(String updateClientSecretSql) { - this.updateClientSecretSql = updateClientSecretSql; - } + public void setUpdateClientSecretSql(String updateClientSecretSql) { + this.updateClientSecretSql = updateClientSecretSql; + } - public void setInsertClientDetailsSql(String insertClientDetailsSql) { - this.insertClientDetailsSql = insertClientDetailsSql; - } + public void setInsertClientDetailsSql(String insertClientDetailsSql) { + this.insertClientDetailsSql = insertClientDetailsSql; + } - public void setFindClientDetailsSql(String findClientDetailsSql) { - this.findClientDetailsSql = findClientDetailsSql; - } + public void setFindClientDetailsSql(String findClientDetailsSql) { + this.findClientDetailsSql = findClientDetailsSql; + } - /** - * @param listFactory the list factory to set - */ - public void setListFactory(JdbcListFactory listFactory) { - this.listFactory = listFactory; - } + /** + * @param listFactory the list factory to set + */ + public void setListFactory(JdbcListFactory listFactory) { + this.listFactory = listFactory; + } - /** - * @param rowMapper the rowMapper to set - */ - public void setRowMapper(RowMapper rowMapper) { - this.rowMapper = rowMapper; - } + /** + * @param rowMapper the rowMapper to set + */ + public void setRowMapper(RowMapper rowMapper) { + this.rowMapper = rowMapper; + } - /** - * Row mapper for ClientDetails. - * - * @author Dave Syer - * - */ - private static class ClientDetailsRowMapper implements RowMapper { - private JsonMapper mapper = createJsonMapper(); + /** + * Row mapper for ClientDetails. + * + * @author Dave Syer + * + */ + private static class ClientDetailsRowMapper implements RowMapper { + private JsonMapper mapper = createJsonMapper(); - public ClientDetails mapRow(ResultSet rs, int rowNum) throws SQLException { - BaseClientDetails details = new BaseClientDetails(rs.getString(1), rs.getString(3), rs.getString(4), - rs.getString(5), rs.getString(7), rs.getString(6)); - details.setClientSecret(rs.getString(2)); - if (rs.getObject(8) != null) { - details.setAccessTokenValiditySeconds(rs.getInt(8)); - } - if (rs.getObject(9) != null) { - details.setRefreshTokenValiditySeconds(rs.getInt(9)); - } - - details.setIdTokenEncryptedAlgorithm(rs.getString("IDTOKENENCRYPTEDALGORITHM")); - details.setIdTokenEncryptionMethod(rs.getString("IDTOKENENCRYPTIONMETHOD")); - details.setIdTokenSigningAlgorithm(rs.getString("IDTOKENSIGNINGALGORITHM")); - - details.setUserInfoEncryptedAlgorithm(rs.getString("USERINFOCRYPTEDALGORITHM")); - details.setUserInfoEncryptionMethod(rs.getString("USERINFOENCRYPTIONMETHOD")); - details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM")); - details.setJwksUri(rs.getString("JWKSURI")); - - String json = rs.getString(10); - if (json != null) { - try { - @SuppressWarnings("unchecked") - Map additionalInformation = mapper.read(json, Map.class); - details.setAdditionalInformation(additionalInformation); - } - catch (Exception e) { - logger.warn("Could not decode JSON for additional information: " + details, e); - } - } - String scopes = rs.getString(11); - if (scopes != null) { - details.setAutoApproveScopes(StringUtils.commaDelimitedListToSet(scopes)); - } - return details; - } - } + public ClientDetails mapRow(ResultSet rs, int rowNum) throws SQLException { + BaseClientDetails details = new BaseClientDetails(rs.getString(1), rs.getString(3), rs.getString(4), + rs.getString(5), rs.getString(7), rs.getString(6)); + details.setClientSecret(rs.getString(2)); + if (rs.getObject(8) != null) { + details.setAccessTokenValiditySeconds(rs.getInt(8)); + } + if (rs.getObject(9) != null) { + details.setRefreshTokenValiditySeconds(rs.getInt(9)); + } - interface JsonMapper { - String write(Object input) throws Exception; + details.setIdTokenEncryptedAlgorithm(rs.getString("IDTOKENENCRYPTEDALGORITHM")); + details.setIdTokenEncryptionMethod(rs.getString("IDTOKENENCRYPTIONMETHOD")); + details.setIdTokenSigningAlgorithm(rs.getString("IDTOKENSIGNINGALGORITHM")); - T read(String input, Class type) throws Exception; - } + details.setUserInfoEncryptedAlgorithm(rs.getString("USERINFOCRYPTEDALGORITHM")); + details.setUserInfoEncryptionMethod(rs.getString("USERINFOENCRYPTIONMETHOD")); + details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM")); + details.setJwksUri(rs.getString("JWKSURI")); - private static JsonMapper createJsonMapper() { - if (ClassUtils.isPresent("com.fasterxml.jackson.databind.ObjectMapper", null)) { - return new Jackson2Mapper(); - } - return new NotSupportedJsonMapper(); - } + String json = rs.getString(10); + if (json != null) { + try { + @SuppressWarnings("unchecked") + Map additionalInformation = mapper.read(json, Map.class); + details.setAdditionalInformation(additionalInformation); + } catch (Exception e) { + logger.warn("Could not decode JSON for additional information: " + details, e); + } + } + String scopes = rs.getString(11); + if (scopes != null) { + details.setAutoApproveScopes(StringUtils.commaDelimitedListToSet(scopes)); + } + return details; + } + } - private static class Jackson2Mapper implements JsonMapper { - private com.fasterxml.jackson.databind.ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); + interface JsonMapper { + String write(Object input) throws Exception; - @Override - public String write(Object input) throws Exception { - return mapper.writeValueAsString(input); - } + T read(String input, Class type) throws Exception; + } - @Override - public T read(String input, Class type) throws Exception { - return mapper.readValue(input, type); - } - } + private static JsonMapper createJsonMapper() { + if (ClassUtils.isPresent("com.fasterxml.jackson.databind.ObjectMapper", null)) { + return new Jackson2Mapper(); + } + return new NotSupportedJsonMapper(); + } - private static class NotSupportedJsonMapper implements JsonMapper { - @Override - public String write(Object input) throws Exception { - throw new UnsupportedOperationException( - "Neither Jackson 1 nor 2 is available so JSON conversion cannot be done"); - } + private static class Jackson2Mapper implements JsonMapper { + private com.fasterxml.jackson.databind.ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); - @Override - public T read(String input, Class type) throws Exception { - throw new UnsupportedOperationException( - "Neither Jackson 1 nor 2 is available so JSON conversion cannot be done"); - } - } + @Override + public String write(Object input) throws Exception { + return mapper.writeValueAsString(input); + } + + @Override + public T read(String input, Class type) throws Exception { + return mapper.readValue(input, type); + } + } + + private static class NotSupportedJsonMapper implements JsonMapper { + @Override + public String write(Object input) throws Exception { + throw new UnsupportedOperationException( + "Neither Jackson 1 nor 2 is available so JSON conversion cannot be done"); + } + + @Override + public T read(String input, Class type) throws Exception { + throw new UnsupportedOperationException( + "Neither Jackson 1 nor 2 is available so JSON conversion cannot be done"); + } + } } diff --git a/maxkey-web-manage/src/main/java/org/maxkey/web/apps/contorller/OAuth20DetailsController.java b/maxkey-web-manage/src/main/java/org/maxkey/web/apps/contorller/OAuth20DetailsController.java index 1be347984..f082813b4 100644 --- a/maxkey-web-manage/src/main/java/org/maxkey/web/apps/contorller/OAuth20DetailsController.java +++ b/maxkey-web-manage/src/main/java/org/maxkey/web/apps/contorller/OAuth20DetailsController.java @@ -88,11 +88,12 @@ public class OAuth20DetailsController extends BaseAppContorller { // _logger.debug("-update application :" + oauth20Details); _logger.debug("-update oauth20Details use oauth20JdbcClientDetails" ); + oauth20Details.setClientSecret(oauth20Details.getSecret()); + oauth20JdbcClientDetailsService.updateClientDetails(oauth20Details.clientDetailsRowMapper()); + oauth20JdbcClientDetailsService.updateClientSecret(oauth20Details.getClientId(), oauth20Details.getClientSecret()); + transform(oauth20Details); - oauth20Details.setClientSecret(oauth20Details.getSecret()); - oauth20JdbcClientDetailsService.updateClientDetails(oauth20Details.clientDetailsRowMapper()); - oauth20JdbcClientDetailsService.updateClientSecret(oauth20Details.getClientId(), oauth20Details.getClientSecret()); if (appsService.updateApp(oauth20Details)) { new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success); } else {