Skip to main content
summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoberto E. Escobar2014-08-07 02:43:19 +0000
committerRoberto E. Escobar2014-09-29 22:55:15 +0000
commitb97305ea50a13bc09c73c00de18c88a1eea5361e (patch)
tree1887bea9483e52296396702c0dbd71c89d3e814c
parent0dc09cc1fbc973d58c9d89f2787955578b8e9b83 (diff)
downloadorg.eclipse.osee-b97305ea50a13bc09c73c00de18c88a1eea5361e.tar.gz
org.eclipse.osee-b97305ea50a13bc09c73c00de18c88a1eea5361e.tar.xz
org.eclipse.osee-b97305ea50a13bc09c73c00de18c88a1eea5361e.zip
feature[ats_ATS64260]: Create OAuth2 ORCS Client Storage
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin.test/src/org/eclipse/osee/orcs/account/admin/integration/JdbcJaxRsOAuthStorageTest.java161
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/META-INF/MANIFEST.MF5
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.client.storage.provider.xml9
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.oauth.storage.xml11
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientArtifact.java142
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientCredentialStorage.java171
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorage.java215
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorageProvider.java88
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/JdbcJaxRsOAuthStorage.java87
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthClientCredential.java32
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthTypes.java45
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/schema/OAUTH.DS.SCHEMA.xml24
-rw-r--r--plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/types/OseeTypes_OAuth.osee92
-rw-r--r--plugins/org.eclipse.osee.orcs.db.mock/data/hsql.zipbin58980 -> 59105 bytes
-rw-r--r--plugins/org.eclipse.osee.x.server.p2/demo/hsql.zipbin118612 -> 119198 bytes
15 files changed, 1066 insertions, 16 deletions
diff --git a/plugins/org.eclipse.osee.orcs.account.admin.test/src/org/eclipse/osee/orcs/account/admin/integration/JdbcJaxRsOAuthStorageTest.java b/plugins/org.eclipse.osee.orcs.account.admin.test/src/org/eclipse/osee/orcs/account/admin/integration/JdbcJaxRsOAuthStorageTest.java
index f3ce2cd8b62..db6e802f99f 100644
--- a/plugins/org.eclipse.osee.orcs.account.admin.test/src/org/eclipse/osee/orcs/account/admin/integration/JdbcJaxRsOAuthStorageTest.java
+++ b/plugins/org.eclipse.osee.orcs.account.admin.test/src/org/eclipse/osee/orcs/account/admin/integration/JdbcJaxRsOAuthStorageTest.java
@@ -11,12 +11,18 @@
package org.eclipse.osee.orcs.account.admin.integration;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.mockito.Mockito.when;
import static org.mockito.MockitoAnnotations.initMocks;
import java.util.Arrays;
+import java.util.LinkedHashMap;
import java.util.List;
+import java.util.Map;
+import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
+import org.eclipse.osee.framework.jdk.core.util.GUID;
import org.eclipse.osee.jaxrs.server.security.JaxRsOAuthStorage;
+import org.eclipse.osee.jaxrs.server.security.OAuthClient;
import org.eclipse.osee.jaxrs.server.security.OAuthCodeGrant;
import org.eclipse.osee.jaxrs.server.security.OAuthToken;
import org.eclipse.osee.jaxrs.server.security.OAuthTokenType;
@@ -26,6 +32,7 @@ import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
+import org.junit.rules.TestName;
import org.junit.rules.TestRule;
import org.mockito.Mock;
@@ -61,12 +68,30 @@ public class JdbcJaxRsOAuthStorageTest {
private static final String RT_GRANT_TYPE_1 = "rt-grant-type-1";
private static final OAuthTokenType RT_TYPE_1 = OAuthTokenType.REFRESH_TOKEN;
+ public static final String CLIENT_GUID = GUID.create();
+ public static final List<String> APPLICATION_CERTIFICATE = Arrays.asList("certificate-1");
+ public static final String APPLICATION_DESCRIPTION = "description-1";
+ public static final String APPLICATION_LOGO_URI = "logo-uri-1";
+ public static final String APPLICATION_NAME = "application-name-1";
+ public static final String APPLICATION_WEB_URI = "web-uri-1";
+ public static final String CLIENT_KEY = "client-key-1";
+ public static final String CLIENT_SECRET = "client-secret-1";
+ public static final boolean IS_CONFIDENTIAL = true;
+
+ public static final List<String> GRANT_TYPES = Arrays.asList("grant-1", "grant-2", "grant-3");
+ public static final List<String> REDIRECT_URIS = Arrays.asList("uri-1", "uri2");
+ public static final List<String> ALLOWED_AUDIENCES = Arrays.asList("audience-1");
+ public static final List<String> REGISTERED_SCOPES = Arrays.asList("scope-1", "scope-2", "scope-3");
+
@Rule
public TestRule osgi = OrcsIntegrationRule.integrationRule(this, "osee.demo.hsql");
@Rule
public ExpectedException thrown = ExpectedException.none();
+ @Rule
+ public TestName testName = new TestName();
+
@OsgiService
private JaxRsOAuthStorage storage;
@@ -74,12 +99,21 @@ public class JdbcJaxRsOAuthStorageTest {
@Mock private OAuthCodeGrant authCode;
@Mock private OAuthToken accessToken;
@Mock private OAuthToken refreshToken;
+ @Mock private OseePrincipal principal;
+ @Mock private OAuthClient client;
// @formatter:on
+ public static Map<String, String> applicationProperties;
+
@Before
public void testSetup() {
initMocks(this);
+ applicationProperties = new LinkedHashMap<String, String>();
+ applicationProperties.put("a", "1");
+ applicationProperties.put("b", "2");
+ applicationProperties.put("c", "3");
+
when(authCode.getUuid()).thenReturn(CODE_UUID);
when(authCode.getClientId()).thenReturn(CLIENT_ID);
when(authCode.getSubjectId()).thenReturn(SUBJECT_ID);
@@ -112,10 +146,125 @@ public class JdbcJaxRsOAuthStorageTest {
when(refreshToken.getType()).thenReturn(RT_TYPE_1);
when(refreshToken.getGrantType()).thenReturn(RT_GRANT_TYPE_1);
when(refreshToken.getAudience()).thenReturn(AUDIENCE);
+
+ when(principal.getGuid()).thenReturn(-1L);
+
+ when(client.getGuid()).thenReturn(CLIENT_GUID);
+ when(client.getClientUuid()).thenReturn(CLIENT_ID);
+ when(client.getSubjectId()).thenReturn(SUBJECT_ID);
+ when(client.getApplicationName()).thenReturn(APPLICATION_NAME);
+ when(client.getApplicationDescription()).thenReturn(APPLICATION_DESCRIPTION);
+ when(client.getApplicationWebUri()).thenReturn(APPLICATION_WEB_URI);
+ when(client.getApplicationLogoUri()).thenReturn(APPLICATION_LOGO_URI);
+ when(client.getClientId()).thenReturn(CLIENT_KEY);
+ when(client.getClientSecret()).thenReturn(CLIENT_SECRET);
+ when(client.getApplicationCertificates()).thenReturn(APPLICATION_CERTIFICATE);
+ when(client.isConfidential()).thenReturn(IS_CONFIDENTIAL);
+
+ when(client.getAllowedGrantTypes()).thenReturn(GRANT_TYPES);
+ when(client.getRedirectUris()).thenReturn(REDIRECT_URIS);
+ when(client.getRegisteredAudiences()).thenReturn(ALLOWED_AUDIENCES);
+ when(client.getRegisteredScopes()).thenReturn(REGISTERED_SCOPES);
+ when(client.getProperties()).thenReturn(applicationProperties);
+
+ when(client.hasApplicationLogoSupplier()).thenReturn(false);
+ when(client.getApplicationLogoSupplier()).thenReturn(null);
+ }
+
+ @Test
+ public void testClientStorage() {
+ storage.storeClient(principal, client);
+
+ long clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(CLIENT_ID, clientUuid);
+
+ OAuthClient actualClient = storage.getClientByClientGuid(CLIENT_GUID);
+
+ assertEquals(CLIENT_GUID, actualClient.getGuid());
+ assertEquals(CLIENT_ID, actualClient.getClientUuid());
+ assertEquals(SUBJECT_ID, actualClient.getSubjectId());
+ assertEquals(APPLICATION_NAME, actualClient.getApplicationName());
+ assertEquals(APPLICATION_DESCRIPTION, actualClient.getApplicationDescription());
+ assertEquals(APPLICATION_WEB_URI, actualClient.getApplicationWebUri());
+ assertEquals(APPLICATION_LOGO_URI, actualClient.getApplicationLogoUri());
+ assertEquals(CLIENT_KEY, actualClient.getClientId());
+ assertEquals(CLIENT_SECRET, actualClient.getClientSecret());
+ assertEquals(APPLICATION_CERTIFICATE, actualClient.getApplicationCertificates());
+ assertEquals(IS_CONFIDENTIAL, actualClient.isConfidential());
+ assertEquals(GRANT_TYPES, actualClient.getAllowedGrantTypes());
+ assertEquals(REDIRECT_URIS, actualClient.getRedirectUris());
+ assertEquals(ALLOWED_AUDIENCES, actualClient.getRegisteredAudiences());
+ assertEquals(REGISTERED_SCOPES, actualClient.getRegisteredScopes());
+ assertEquals(applicationProperties, actualClient.getProperties());
+
+ actualClient = storage.getClientByClientKey(CLIENT_KEY);
+ assertEquals(CLIENT_GUID, actualClient.getGuid());
+ assertEquals(CLIENT_ID, actualClient.getClientUuid());
+ assertEquals(SUBJECT_ID, actualClient.getSubjectId());
+ assertEquals(APPLICATION_NAME, actualClient.getApplicationName());
+ assertEquals(APPLICATION_DESCRIPTION, actualClient.getApplicationDescription());
+ assertEquals(APPLICATION_WEB_URI, actualClient.getApplicationWebUri());
+ assertEquals(APPLICATION_LOGO_URI, actualClient.getApplicationLogoUri());
+ assertEquals(CLIENT_KEY, actualClient.getClientId());
+ assertEquals(CLIENT_SECRET, actualClient.getClientSecret());
+ assertEquals(APPLICATION_CERTIFICATE, actualClient.getApplicationCertificates());
+ assertEquals(IS_CONFIDENTIAL, actualClient.isConfidential());
+ assertEquals(GRANT_TYPES, actualClient.getAllowedGrantTypes());
+ assertEquals(REDIRECT_URIS, actualClient.getRedirectUris());
+ assertEquals(ALLOWED_AUDIENCES, actualClient.getRegisteredAudiences());
+ assertEquals(REGISTERED_SCOPES, actualClient.getRegisteredScopes());
+ assertEquals(applicationProperties, actualClient.getProperties());
+
+ storage.removeClient(principal, actualClient);
+
+ clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(-1L, clientUuid);
+
+ actualClient = storage.getClientByClientGuid(CLIENT_GUID);
+ assertNull(actualClient);
+
+ actualClient = storage.getClientByClientKey(CLIENT_KEY);
+ assertNull(actualClient);
+ }
+
+ @Test
+ public void testCascadeClientToTokenDeletion() {
+ storage.storeClient(principal, client);
+ storage.storeCodeGrant(authCode);
+ storage.storeToken(accessToken, refreshToken);
+ storage.relateTokens(refreshToken, accessToken);
+
+ long clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(CLIENT_ID, clientUuid);
+
+ OAuthClient actualClient = storage.getClientByClientGuid(CLIENT_GUID);
+ assertNotNull(actualClient);
+
+ OAuthToken accessToken = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, AT_GRANT_TYPE_1);
+ assertNotNull(accessToken);
+
+ OAuthToken refresh = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, RT_GRANT_TYPE_1);
+ assertNotNull(refresh);
+
+ storage.removeClient(principal, client);
+
+ clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(-1L, clientUuid);
+
+ actualClient = storage.getClientByClientGuid(CLIENT_GUID);
+ assertNull(actualClient);
+
+ accessToken = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, AT_GRANT_TYPE_1);
+ assertNull(accessToken);
+
+ refresh = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, RT_GRANT_TYPE_1);
+ assertNull(refresh);
}
@Test
public void testAuthCode() {
+ storage.storeClient(principal, client);
+
OAuthCodeGrant actual = storage.getCodeGrant(AUTH_CODE_1);
assertNull(actual);
@@ -138,10 +287,15 @@ public class JdbcJaxRsOAuthStorageTest {
actual = storage.getCodeGrant(AUTH_CODE_1);
assertNull(actual);
+
+ long clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(CLIENT_ID, clientUuid);
}
@Test
public void testAccessToken() {
+ storage.storeClient(principal, client);
+
storage.storeToken(accessToken);
OAuthToken actual = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, AT_GRANT_TYPE_1);
@@ -162,10 +316,15 @@ public class JdbcJaxRsOAuthStorageTest {
actual = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, AT_GRANT_TYPE_1);
assertNull(actual);
+
+ long clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(CLIENT_ID, clientUuid);
}
@Test
public void testAccessTokenWithRefreshToken() {
+ storage.storeClient(principal, client);
+
storage.storeToken(accessToken, refreshToken);
storage.relateTokens(refreshToken, accessToken);
@@ -222,5 +381,7 @@ public class JdbcJaxRsOAuthStorageTest {
refresh = storage.getPreauthorizedToken(CLIENT_ID, SUBJECT_ID, RT_GRANT_TYPE_1);
assertNull(refresh);
+ long clientUuid = storage.getClientUuidByKey(CLIENT_KEY);
+ assertEquals(CLIENT_ID, clientUuid);
}
}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/META-INF/MANIFEST.MF b/plugins/org.eclipse.osee.orcs.account.admin/META-INF/MANIFEST.MF
index ed9006eb53c..745e1dc53e1 100644
--- a/plugins/org.eclipse.osee.orcs.account.admin/META-INF/MANIFEST.MF
+++ b/plugins/org.eclipse.osee.orcs.account.admin/META-INF/MANIFEST.MF
@@ -6,7 +6,10 @@ Bundle-Version: 0.19.0.qualifier
Bundle-RequiredExecutionEnvironment: JavaSE-1.6
Bundle-Vendor: Eclipse Open System Engineering Environment
Service-Component: OSGI-INF/*.xml
-Import-Package: org.eclipse.osee.account.admin,
+Import-Package: com.google.common.io,
+ com.google.gson,
+ com.google.gson.reflect,
+ org.eclipse.osee.account.admin,
org.eclipse.osee.account.admin.ds,
org.eclipse.osee.database.schema,
org.eclipse.osee.executor.admin,
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.client.storage.provider.xml b/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.client.storage.provider.xml
new file mode 100644
index 00000000000..002c22c38d4
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.client.storage.provider.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<scr:component xmlns:scr="http://www.osgi.org/xmlns/scr/v1.1.0" >
+ <implementation class="org.eclipse.osee.orcs.account.admin.internal.oauth.ClientStorageProvider" />
+ <service>
+ <provide interface="org.eclipse.osee.orcs.account.admin.internal.oauth.ClientStorageProvider"/>
+ </service>
+ <reference bind="setLogger" cardinality="1..1" interface="org.eclipse.osee.logger.Log" name="Log" policy="static"/>
+ <reference bind="setOrcsApi" cardinality="1..1" interface="org.eclipse.osee.orcs.OrcsApi" name="OrcsApi" policy="static"/>
+</scr:component>
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.oauth.storage.xml b/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.oauth.storage.xml
index d4dfa5faec2..ac5dc9ed2a5 100644
--- a/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.oauth.storage.xml
+++ b/plugins/org.eclipse.osee.orcs.account.admin/OSGI-INF/jaxrs.jdbc.oauth.storage.xml
@@ -1,9 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<scr:component xmlns:scr="http://www.osgi.org/xmlns/scr/v1.1.0" activate="start" deactivate="stop">
<implementation class="org.eclipse.osee.orcs.account.admin.internal.oauth.JdbcJaxRsOAuthStorage" />
- <reference bind="setLogger" cardinality="1..1" interface="org.eclipse.osee.logger.Log" name="Log" policy="static"/>
- <reference bind="setDatabaseService" cardinality="1..1" interface="org.eclipse.osee.framework.database.IOseeDatabaseService" name="IOseeDatabaseService" policy="static"/>
- <service>
- <provide interface="org.eclipse.osee.jaxrs.server.security.JaxRsOAuthStorage"/>
- </service>
+ <service>
+ <provide interface="org.eclipse.osee.jaxrs.server.security.JaxRsOAuthStorage"/>
+ </service>
+ <reference bind="setLogger" cardinality="1..1" interface="org.eclipse.osee.logger.Log" name="Log" policy="static"/>
+ <reference bind="setDatabaseService" cardinality="1..1" interface="org.eclipse.osee.framework.database.IOseeDatabaseService" name="IOseeDatabaseService" policy="static"/>
+ <reference bind="setClientStorageProvider" cardinality="1..1" interface="org.eclipse.osee.orcs.account.admin.internal.oauth.ClientStorageProvider" name="ClientStorageProvider" policy="static"/>
</scr:component>
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientArtifact.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientArtifact.java
new file mode 100644
index 00000000000..8f5cfe3f1bc
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientArtifact.java
@@ -0,0 +1,142 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import java.io.InputStream;
+import java.lang.reflect.Type;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import org.eclipse.osee.framework.core.enums.CoreAttributeTypes;
+import org.eclipse.osee.framework.jdk.core.type.BaseIdentity;
+import org.eclipse.osee.framework.jdk.core.util.Strings;
+import org.eclipse.osee.jaxrs.server.security.OAuthClient;
+import org.eclipse.osee.orcs.data.ArtifactReadable;
+import com.google.common.io.InputSupplier;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.reflect.TypeToken;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public class ClientArtifact extends BaseIdentity<String> implements OAuthClient, InputSupplier<InputStream> {
+
+ private final GsonBuilder builder;
+ private final ArtifactReadable artifact;
+ private final OAuthClientCredential credential;
+
+ public ClientArtifact(GsonBuilder builder, ArtifactReadable artifact, OAuthClientCredential credential) {
+ super(artifact.getGuid());
+ this.builder = builder;
+ this.credential = credential;
+ this.artifact = artifact;
+ }
+
+ @Override
+ public long getClientUuid() {
+ return credential.getClientId();
+ }
+
+ @Override
+ public long getSubjectId() {
+ return credential.getSubjectId();
+ }
+
+ @Override
+ public String getApplicationName() {
+ return artifact.getName();
+ }
+
+ @Override
+ public String getApplicationDescription() {
+ return artifact.getSoleAttributeValue(CoreAttributeTypes.Description);
+ }
+
+ @Override
+ public String getApplicationWebUri() {
+ return artifact.getSoleAttributeAsString(OAuthTypes.OAUTH_CLIENT_WEBSITE_URI);
+ }
+
+ @Override
+ public String getApplicationLogoUri() {
+ return artifact.getSoleAttributeAsString(OAuthTypes.OAUTH_CLIENT_LOGO_URI);
+ }
+
+ @Override
+ public boolean isConfidential() {
+ return artifact.getSoleAttributeValue(OAuthTypes.OAUTH_CLIENT_IS_CONFIDENTIAL);
+ }
+
+ @Override
+ public List<String> getAllowedGrantTypes() {
+ return artifact.getAttributeValues(OAuthTypes.OAUTH_CLIENT_AUTHORIZED_GRANT_TYPE);
+ }
+
+ @Override
+ public List<String> getRedirectUris() {
+ return artifact.getAttributeValues(OAuthTypes.OAUTH_CLIENT_AUTHORIZED_REDIRECT_URI);
+ }
+
+ @Override
+ public List<String> getRegisteredScopes() {
+ return artifact.getAttributeValues(OAuthTypes.OAUTH_CLIENT_AUTHORIZED_SCOPE);
+ }
+
+ @Override
+ public List<String> getRegisteredAudiences() {
+ return artifact.getAttributeValues(OAuthTypes.OAUTH_CLIENT_AUTHORIZED_AUDIENCE);
+ }
+
+ @Override
+ public Map<String, String> getProperties() {
+ Map<String, String> toReturn = Collections.emptyMap();
+ String data = artifact.getSoleAttributeValue(OAuthTypes.OAUTH_CLIENT_PROPERTIES, null);
+ if (Strings.isValid(data)) {
+ Gson gson = builder.create();
+ Type typeOfHashMap = new TypeToken<Map<String, String>>() { //
+ }.getType();
+ toReturn = gson.fromJson(data, typeOfHashMap);
+ }
+ return toReturn;
+ }
+
+ @Override
+ public String getClientId() {
+ return credential.getClientKey();
+ }
+
+ @Override
+ public String getClientSecret() {
+ return credential.getClientSecret();
+ }
+
+ @Override
+ public List<String> getApplicationCertificates() {
+ return credential.getClientCertificates();
+ }
+
+ @Override
+ public boolean hasApplicationLogoSupplier() {
+ return artifact.getAttributeCount(CoreAttributeTypes.ImageContent) > 0;
+ }
+
+ @Override
+ public InputSupplier<InputStream> getApplicationLogoSupplier() {
+ return this;
+ }
+
+ @Override
+ public InputStream getInput() {
+ return artifact.getSoleAttributeValue(CoreAttributeTypes.ImageContent);
+ }
+
+}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientCredentialStorage.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientCredentialStorage.java
new file mode 100644
index 00000000000..a3cbc51cdb1
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientCredentialStorage.java
@@ -0,0 +1,171 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import org.eclipse.osee.framework.database.IOseeDatabaseService;
+import org.eclipse.osee.framework.database.core.IOseeStatement;
+import org.eclipse.osee.framework.jdk.core.util.Strings;
+import org.eclipse.osee.logger.Log;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public class ClientCredentialStorage extends AbstractDatabaseStorage<OAuthClientCredential> {
+
+ private static final String SELECT_CLIENT_CREDENTIAL_BY_CLIENT_ID_AND_APPLICATION_ID =
+ "SELECT * FROM osee_oauth_client_credential WHERE client_id= ? AND application_id = ?";
+
+ private static final String SELECT_CLIENT_CREDENTIAL_BY_APPLICATION_ID =
+ "SELECT * FROM osee_oauth_client_credential WHERE application_id = ?";
+
+ private static final String SELECT_CLIENT_CREDENTIAL_BY_CLIENT_KEY =
+ "SELECT * FROM osee_oauth_client_credential WHERE client_key = ?";
+
+ private static final String INSERT_CLIENT_CREDENTIAL =
+ "INSERT INTO osee_oauth_client_credential (client_id, application_id, subject_id, client_key, client_secret, client_cert) VALUES (?,?,?,?,?,?)";
+
+ private static final String DELETE_CLIENT_CREDENTIAL_BY_CLIENT_ID =
+ "DELETE FROM osee_oauth_client_credential WHERE client_id = ?";
+
+ private static final String UPDATE_BY_CLIENT_CREDENTIAL =
+ "UPDATE osee_oauth_client_credential SET subject_id = ?, client_key = ?, client_key = ?, client_secret = ?, client_cert = ? WHERE client_id = ? AND application_id = ?";
+
+ public ClientCredentialStorage(Log logger, IOseeDatabaseService dbService) {
+ super(logger, dbService);
+ }
+
+ @Override
+ protected Object[] asInsert(OAuthClientCredential data) {
+ return new Object[] {
+ data.getClientId(),
+ data.getApplicationId(),
+ data.getSubjectId(),
+ data.getClientKey(),
+ asVarcharOrNull(data.getClientSecret()),
+ asVarcharOrNull(asCertString(data.getClientCertificates()))};
+ }
+
+ @Override
+ protected Object[] asUpdate(OAuthClientCredential data) {
+ return new Object[] {
+ data.getSubjectId(),
+ data.getClientKey(),
+ asVarcharOrNull(data.getClientSecret()),
+ asVarcharOrNull(asCertString(data.getClientCertificates())),
+ data.getClientId(),
+ data.getApplicationId()};
+ }
+
+ @Override
+ protected Object[] asDelete(OAuthClientCredential data) {
+ return new Object[] {data.getClientId()};
+ }
+
+ public void update(OAuthClientCredential data) {
+ updateItems(UPDATE_BY_CLIENT_CREDENTIAL, data);
+ }
+
+ public OAuthClientCredential getByClientKey(String clientKey) {
+ return selectOneOrNull(SELECT_CLIENT_CREDENTIAL_BY_CLIENT_KEY, clientKey);
+ }
+
+ public OAuthClientCredential getByApplicationId(long applicationId) {
+ return selectOneOrNull(SELECT_CLIENT_CREDENTIAL_BY_APPLICATION_ID, applicationId);
+ }
+
+ public OAuthClientCredential getByClientIdAndApplicationId(long clientId, long applicationId) {
+ return selectOneOrNull(SELECT_CLIENT_CREDENTIAL_BY_CLIENT_ID_AND_APPLICATION_ID, clientId, applicationId);
+ }
+
+ public void insert(OAuthClientCredential data) {
+ insertItems(INSERT_CLIENT_CREDENTIAL, data);
+ }
+
+ public void delete(OAuthClientCredential data) {
+ deleteItems(DELETE_CLIENT_CREDENTIAL_BY_CLIENT_ID, data);
+ }
+
+ public void delete(Iterable<OAuthClientCredential> datas) {
+ deleteItems(DELETE_CLIENT_CREDENTIAL_BY_CLIENT_ID, datas);
+ }
+
+ @Override
+ protected OAuthClientCredential readData(IOseeStatement chStmt) {
+ final long clientId = chStmt.getLong("client_id");
+ final long applicationId = chStmt.getLong("application_id");
+ final long subjectId = chStmt.getLong("subject_id");
+
+ final String clientKey = chStmt.getString("client_key");
+ final String clientSecret = chStmt.getString("client_secret");
+ final String clientCert = chStmt.getString("client_cert");
+
+ List<String> certs = fromCertString(clientCert);
+ return newCredential(clientId, applicationId, subjectId, clientKey, clientSecret, certs);
+ }
+
+ private String asCertString(List<String> certs) {
+ return certs != null ? org.eclipse.osee.framework.jdk.core.util.Collections.toString(";", certs) : null;
+ }
+
+ private List<String> fromCertString(String certs) {
+ List<String> toReturn = null;
+ if (Strings.isValid(certs)) {
+ toReturn = new ArrayList<String>();
+ String[] certArray = certs.split(";");
+ for (String cert : certArray) {
+ toReturn.add(cert);
+ }
+ } else {
+ toReturn = Collections.emptyList();
+ }
+ return toReturn;
+ }
+
+ public OAuthClientCredential newCredential(final long clientId, final long applicationId, final long subjectId, final String clientKey, final String clientSecret, final List<String> clientCert) {
+ return new OAuthClientCredential() {
+
+ @Override
+ public long getClientId() {
+ return clientId;
+ }
+
+ @Override
+ public long getApplicationId() {
+ return applicationId;
+ }
+
+ @Override
+ public long getSubjectId() {
+ return subjectId;
+ }
+
+ @Override
+ public String getClientKey() {
+ return clientKey;
+ }
+
+ @Override
+ public String getClientSecret() {
+ return clientSecret;
+ }
+
+ @Override
+ public List<String> getClientCertificates() {
+ return clientCert;
+ }
+
+ };
+ }
+
+}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorage.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorage.java
new file mode 100644
index 00000000000..7d3159e7b15
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorage.java
@@ -0,0 +1,215 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_AUTHORIZED_AUDIENCE;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_AUTHORIZED_GRANT_TYPE;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_AUTHORIZED_REDIRECT_URI;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_AUTHORIZED_SCOPE;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_IS_CONFIDENTIAL;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_LOGO_URI;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_PROPERTIES;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_CLIENT_WEBSITE_URI;
+import static org.eclipse.osee.orcs.account.admin.internal.oauth.OAuthTypes.OAUTH_TYPES_ARTIFACT;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map;
+import org.eclipse.osee.framework.core.data.IOseeBranch;
+import org.eclipse.osee.framework.core.enums.CoreArtifactTypes;
+import org.eclipse.osee.framework.core.enums.CoreAttributeTypes;
+import org.eclipse.osee.framework.core.enums.SystemUser;
+import org.eclipse.osee.framework.jdk.core.type.OseeCoreException;
+import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
+import org.eclipse.osee.framework.jdk.core.type.ResultSet;
+import org.eclipse.osee.framework.jdk.core.util.Lib;
+import org.eclipse.osee.jaxrs.server.security.OAuthClient;
+import org.eclipse.osee.logger.Log;
+import org.eclipse.osee.orcs.ApplicationContext;
+import org.eclipse.osee.orcs.OrcsApi;
+import org.eclipse.osee.orcs.data.ArtifactId;
+import org.eclipse.osee.orcs.data.ArtifactReadable;
+import org.eclipse.osee.orcs.search.QueryBuilder;
+import org.eclipse.osee.orcs.search.QueryFactory;
+import org.eclipse.osee.orcs.transaction.TransactionBuilder;
+import org.eclipse.osee.orcs.transaction.TransactionFactory;
+import org.eclipse.osee.orcs.utility.OrcsUtil;
+import com.google.common.io.InputSupplier;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public class ClientStorage {
+
+ private final Log logger;
+ private final GsonBuilder builder;
+ private final OrcsApi orcsApi;
+ private final ApplicationContext context;
+ private final IOseeBranch storageBranch;
+
+ public ClientStorage(Log logger, GsonBuilder builder, OrcsApi orcsApi, ApplicationContext context, IOseeBranch storageBranch) {
+ super();
+ this.logger = logger;
+ this.builder = builder;
+ this.orcsApi = orcsApi;
+ this.context = context;
+ this.storageBranch = storageBranch;
+ }
+
+ private IOseeBranch getBranch() {
+ return storageBranch;
+ }
+
+ private int idToInt(long uuid) {
+ return Long.valueOf(uuid).intValue();
+ }
+
+ private QueryBuilder newQuery() {
+ QueryFactory queryFactory = orcsApi.getQueryFactory(context);
+ return queryFactory.fromBranch(getBranch());
+ }
+
+ private ArtifactReadable getAuthorById(long authorId) {
+ ArtifactReadable author;
+ if (authorId > -1L) {
+ int artId = idToInt(authorId);
+ author = newQuery().andLocalId(artId).getResults().getExactlyOne();
+ } else {
+ author = getSystemUser();
+ }
+ return author;
+ }
+
+ @SuppressWarnings("unchecked")
+ private ArtifactReadable getSystemUser() {
+ return newQuery().andIds(SystemUser.OseeSystem).getResults().getExactlyOne();
+ }
+
+ private TransactionBuilder newTransaction(OseePrincipal principal, String comment) {
+ long authorId = principal != null ? principal.getGuid() : -1L;
+ ArtifactReadable author = getAuthorById(authorId);
+
+ TransactionFactory transactionFactory = orcsApi.getTransactionFactory(context);
+ return transactionFactory.createTransaction(getBranch(), author, comment);
+ }
+
+ public ResultSet<ArtifactReadable> getClientByApplicationId(long applicationId) {
+ int id = idToInt(applicationId);
+ return newQuery().andIsOfType(OAUTH_CLIENT).andLocalId(id).getResults();
+ }
+
+ public ResultSet<ArtifactReadable> getClientByClientGuid(String guid) {
+ return newQuery().andIsOfType(OAUTH_CLIENT).andGuid(guid).getResults();
+ }
+
+ public boolean exists(String guid) {
+ return newQuery().andIsOfType(OAUTH_CLIENT).andGuid(guid).getCount() > 0;
+ }
+
+ public void insert(OseePrincipal principal, OAuthClient data) {
+ TransactionBuilder tx = newTransaction(principal, "Create OAuth Client");
+ ArtifactId artId = tx.createArtifact(OAUTH_CLIENT, data.getApplicationName(), data.getGuid());
+ txSetClient(tx, artId, data);
+ tx.commit();
+ }
+
+ public void update(OseePrincipal principal, OAuthClient data) {
+ ArtifactId artId = OrcsUtil.newArtifactId(data.getGuid(), data.getApplicationName());
+
+ TransactionBuilder tx = newTransaction(principal, "Update OAuth Client");
+ tx.setName(artId, data.getApplicationName());
+ txSetClient(tx, artId, data);
+ tx.commit();
+ }
+
+ private void txSetClient(TransactionBuilder tx, ArtifactId artId, OAuthClient data) {
+ //@formatter:off
+ tx.setSoleAttributeFromString(artId, CoreAttributeTypes.Description, data.getApplicationDescription());
+ tx.setSoleAttributeFromString(artId, OAUTH_CLIENT_WEBSITE_URI, data.getApplicationWebUri());
+ tx.setSoleAttributeFromString(artId, OAUTH_CLIENT_LOGO_URI, data.getApplicationLogoUri());
+
+ tx.setSoleAttributeValue(artId, OAUTH_CLIENT_IS_CONFIDENTIAL, data.isConfidential());
+
+ tx.setAttributesFromStrings(artId, OAUTH_CLIENT_AUTHORIZED_AUDIENCE, data.getRegisteredAudiences());
+ tx.setAttributesFromStrings(artId, OAUTH_CLIENT_AUTHORIZED_GRANT_TYPE, data.getAllowedGrantTypes());
+ tx.setAttributesFromStrings(artId, OAUTH_CLIENT_AUTHORIZED_REDIRECT_URI, data.getRedirectUris());
+ tx.setAttributesFromStrings(artId, OAUTH_CLIENT_AUTHORIZED_SCOPE, data.getRegisteredScopes());
+ //@formatter:on
+
+ InputSupplier<InputStream> supplier = data.getApplicationLogoSupplier();
+ if (supplier != null) {
+ try {
+ tx.setAttributesFromValues(artId, CoreAttributeTypes.ImageContent, supplier.getInput());
+ } catch (Exception ex) {
+ throw new OseeCoreException(ex, "Error reading logo data for [%s]", artId);
+ }
+ }
+
+ Map<String, String> props = data.getProperties();
+ Gson gson = builder.create();
+ String json = gson.toJson(props);
+ tx.setSoleAttributeValue(artId, OAUTH_CLIENT_PROPERTIES, json);
+ }
+
+ public void delete(OseePrincipal principal, OAuthClient data) {
+ ArtifactId artId = OrcsUtil.newArtifactId(data.getGuid(), data.getApplicationName());
+
+ TransactionBuilder tx = newTransaction(principal, "Delete OAuth Client");
+ tx.deleteArtifact(artId);
+ tx.commit();
+ }
+
+ @SuppressWarnings("unchecked")
+ private ResultSet<ArtifactReadable> getOAuthTypesDefinition() throws OseeCoreException {
+ return newQuery().andIds(OAUTH_TYPES_ARTIFACT).getResults();
+ }
+
+ public void storeTypes(InputSupplier<? extends InputStream> resource) {
+ TransactionBuilder tx = newTransaction(null, "Initialize OAuth Type Definitions");
+
+ ArtifactId artifactId = OAUTH_TYPES_ARTIFACT;
+ if (!typesExist()) {
+ tx.createArtifact(CoreArtifactTypes.OseeTypeDefinition, artifactId.getName(), artifactId.getGuid());
+ }
+ InputStream stream = null;
+ try {
+ stream = resource.getInput();
+ tx.setSoleAttributeFromStream(artifactId, CoreAttributeTypes.UriGeneralStringData, stream);
+ } catch (IOException ex) {
+ throw new OseeCoreException(ex);
+ } finally {
+ Lib.close(stream);
+ }
+ tx.commit();
+ reloadTypes();
+ }
+
+ private void reloadTypes() {
+ orcsApi.getOrcsTypes(context).invalidateAll();
+ }
+
+ public boolean typesExist() {
+ boolean result = false;
+ try {
+ result = !getOAuthTypesDefinition().isEmpty();
+ } catch (OseeCoreException ex) {
+ logger.warn(ex, "Error checking for OAuth Types");
+ }
+ return result;
+ }
+
+ public OAuthClient newClient(ArtifactReadable artifact, OAuthClientCredential credential) {
+ return new ClientArtifact(builder, artifact, credential);
+ }
+
+} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorageProvider.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorageProvider.java
new file mode 100644
index 00000000000..87f75cfedce
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/ClientStorageProvider.java
@@ -0,0 +1,88 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import java.io.BufferedInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.concurrent.Callable;
+import java.util.concurrent.FutureTask;
+import org.eclipse.osee.framework.core.data.IOseeBranch;
+import org.eclipse.osee.framework.core.enums.CoreBranches;
+import org.eclipse.osee.framework.jdk.core.type.LazyObject;
+import org.eclipse.osee.framework.jdk.core.util.GUID;
+import org.eclipse.osee.logger.Log;
+import org.eclipse.osee.orcs.ApplicationContext;
+import org.eclipse.osee.orcs.OrcsApi;
+import com.google.common.io.InputSupplier;
+import com.google.gson.GsonBuilder;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public class ClientStorageProvider extends LazyObject<ClientStorage> {
+
+ private static final String OAUTH_TYPES_DEFITIONS = "types/OseeTypes_OAuth.osee";
+
+ private Log logger;
+ private OrcsApi orcsApi;
+
+ public void setLogger(Log logger) {
+ this.logger = logger;
+ }
+
+ public void setOrcsApi(OrcsApi orcsApi) {
+ this.orcsApi = orcsApi;
+ }
+
+ @Override
+ protected FutureTask<ClientStorage> createLoaderTask() {
+ Callable<ClientStorage> callable = new Callable<ClientStorage>() {
+
+ @Override
+ public ClientStorage call() throws Exception {
+ GsonBuilder builder = new GsonBuilder();
+ IOseeBranch storageBranch = CoreBranches.COMMON;
+ ApplicationContext context = newApplicationContext(GUID.create());
+ ClientStorage clientStorage = new ClientStorage(logger, builder, orcsApi, context, storageBranch);
+
+ if (!clientStorage.typesExist()) {
+ clientStorage.storeTypes(newTypesSupplier());
+ }
+ return clientStorage;
+ }
+
+ };
+ return new FutureTask<ClientStorage>(callable);
+ }
+
+ private ApplicationContext newApplicationContext(final String sessionId) {
+ return new ApplicationContext() {
+
+ @Override
+ public String getSessionId() {
+ return sessionId;
+ }
+ };
+ }
+
+ private InputSupplier<InputStream> newTypesSupplier() {
+ return new InputSupplier<InputStream>() {
+
+ @Override
+ public InputStream getInput() throws IOException {
+ URL resource = getClass().getResource(OAUTH_TYPES_DEFITIONS);
+ return new BufferedInputStream(resource.openStream());
+ }
+ };
+ }
+} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/JdbcJaxRsOAuthStorage.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/JdbcJaxRsOAuthStorage.java
index 3e3329bfac7..20796067936 100644
--- a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/JdbcJaxRsOAuthStorage.java
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/JdbcJaxRsOAuthStorage.java
@@ -10,6 +10,7 @@
*******************************************************************************/
package org.eclipse.osee.orcs.account.admin.internal.oauth;
+import java.util.List;
import org.eclipse.osee.framework.database.IOseeDatabaseService;
import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
import org.eclipse.osee.jaxrs.server.security.JaxRsOAuthStorage;
@@ -17,6 +18,7 @@ import org.eclipse.osee.jaxrs.server.security.OAuthClient;
import org.eclipse.osee.jaxrs.server.security.OAuthCodeGrant;
import org.eclipse.osee.jaxrs.server.security.OAuthToken;
import org.eclipse.osee.logger.Log;
+import org.eclipse.osee.orcs.data.ArtifactReadable;
/**
* @author Roberto E. Escobar
@@ -28,6 +30,8 @@ public class JdbcJaxRsOAuthStorage implements JaxRsOAuthStorage {
private AuthCodeGrantStorage authCodeGrantStorage;
private TokenStorage tokenStorage;
+ private ClientCredentialStorage credentialStorage;
+ private ClientStorageProvider clientStorageProvider;
public void setLogger(Log logger) {
this.logger = logger;
@@ -37,15 +41,24 @@ public class JdbcJaxRsOAuthStorage implements JaxRsOAuthStorage {
this.dbService = dbService;
}
+ public void setClientStorageProvider(ClientStorageProvider clientStorageProvider) {
+ this.clientStorageProvider = clientStorageProvider;
+ }
+
public void start() {
authCodeGrantStorage = new AuthCodeGrantStorage(logger, dbService);
tokenStorage = new TokenStorage(logger, dbService);
+ credentialStorage = new ClientCredentialStorage(logger, dbService);
}
public void stop() {
//
}
+ private ClientStorage getClientStorage() {
+ return clientStorageProvider.get();
+ }
+
@Override
public OAuthCodeGrant getCodeGrant(String code) {
return authCodeGrantStorage.getByCode(code);
@@ -92,28 +105,82 @@ public class JdbcJaxRsOAuthStorage implements JaxRsOAuthStorage {
}
@Override
- public long getClientUuidByKey(String clientKey) {
- return 0;
+ public void storeClient(OseePrincipal principal, OAuthClient client) {
+ ClientStorage clientStorage = getClientStorage();
+
+ boolean exists = clientStorage.exists(client.getGuid());
+ if (exists) {
+ clientStorage.update(principal, client);
+ } else {
+ clientStorage.insert(principal, client);
+ }
+
+ ArtifactReadable artifact = clientStorage.getClientByClientGuid(client.getGuid()).getExactlyOne();
+
+ long clientId = client.getClientUuid();
+ long applicationId = artifact.getLocalId();
+
+ OAuthClientCredential credential = asCredential(client, applicationId);
+ if (credentialStorage.getByClientIdAndApplicationId(clientId, applicationId) != null) {
+ credentialStorage.update(credential);
+ } else {
+ credentialStorage.insert(credential);
+ }
+ }
+
+ OAuthClientCredential asCredential(OAuthClient client, long applicationId) {
+ long clientId = client.getClientUuid();
+ long subjectId = client.getSubjectId();
+
+ String clientKey = client.getClientId();
+ String clientSecret = client.getClientSecret();
+
+ List<String> clientCerts = client.getApplicationCertificates();
+ return credentialStorage.newCredential(clientId, applicationId, subjectId, clientKey, clientSecret, clientCerts);
}
@Override
- public OAuthClient getClientByClientGuid(String guid) {
- return null;
+ public void removeClient(OseePrincipal principal, OAuthClient client) {
+ getClientStorage().delete(principal, client);
+
+ OAuthClientCredential credential = asCredential(client, -1L);
+ credentialStorage.delete(credential);
}
@Override
- public OAuthClient getClientByClientKey(String clientKey) {
- return null;
+ public long getClientUuidByKey(String clientKey) {
+ OAuthClientCredential credential = credentialStorage.getByClientKey(clientKey);
+ return credential != null ? credential.getClientId() : -1L;
}
@Override
- public void storeClient(OseePrincipal principal, OAuthClient client) {
- //
+ public OAuthClient getClientByClientGuid(String guid) {
+ OAuthClient client = null;
+ ClientStorage clientStorage = getClientStorage();
+ ArtifactReadable artifact = clientStorage.getClientByClientGuid(guid).getOneOrNull();
+ if (artifact != null) {
+ Integer applicationId = artifact.getLocalId();
+
+ OAuthClientCredential credential = credentialStorage.getByApplicationId(applicationId);
+ client = clientStorage.newClient(artifact, credential);
+ }
+ return client;
}
@Override
- public void removeClient(OseePrincipal principal, OAuthClient client) {
- //
+ public OAuthClient getClientByClientKey(String clientKey) {
+ OAuthClientCredential credential = credentialStorage.getByClientKey(clientKey);
+ OAuthClient client = null;
+ if (credential != null) {
+ long applicationId = credential.getApplicationId();
+
+ ClientStorage clientStorage = getClientStorage();
+ ArtifactReadable artifact = clientStorage.getClientByApplicationId(applicationId).getOneOrNull();
+ if (artifact != null) {
+ client = clientStorage.newClient(artifact, credential);
+ }
+ }
+ return client;
}
}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthClientCredential.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthClientCredential.java
new file mode 100644
index 00000000000..2a1cfda93dc
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthClientCredential.java
@@ -0,0 +1,32 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import java.util.List;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public interface OAuthClientCredential {
+
+ long getClientId();
+
+ long getSubjectId();
+
+ long getApplicationId();
+
+ String getClientKey();
+
+ String getClientSecret();
+
+ List<String> getClientCertificates();
+
+}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthTypes.java b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthTypes.java
new file mode 100644
index 00000000000..2362963fdc1
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/OAuthTypes.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Boeing.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Boeing - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.osee.orcs.account.admin.internal.oauth;
+
+import org.eclipse.osee.framework.core.data.IArtifactType;
+import org.eclipse.osee.framework.core.data.IAttributeType;
+import org.eclipse.osee.framework.core.data.TokenFactory;
+import org.eclipse.osee.orcs.data.ArtifactId;
+import org.eclipse.osee.orcs.utility.OrcsUtil;
+
+/**
+ * @author Roberto E. Escobar
+ */
+public final class OAuthTypes {
+
+ private OAuthTypes() {
+ // Constants
+ }
+
+ // @formatter:off
+ public static final IArtifactType OAUTH_CLIENT = TokenFactory.createArtifactType(0x0A811854041F8326L, "OAuth Client");
+
+ public static final IAttributeType OAUTH_CLIENT_WEBSITE_URI = TokenFactory.createAttributeType(0x6C96C4E7AA77D058L, "Website URL");
+ public static final IAttributeType OAUTH_CLIENT_LOGO_URI = TokenFactory.createAttributeType(0x6CDB5B52A133AFB1L, "Logo URL");
+
+ public static final IAttributeType OAUTH_CLIENT_IS_CONFIDENTIAL = TokenFactory.createAttributeType(0x0774F815D1F9E731L, "Is Confidential");
+ public static final IAttributeType OAUTH_CLIENT_PROPERTIES = TokenFactory.createAttributeType(0x4E2EA052F480510AL, "Properties");
+
+ public static final IAttributeType OAUTH_CLIENT_AUTHORIZED_GRANT_TYPE = TokenFactory.createAttributeType(0x1ADA826121357000L, "Authorized Grant Type");
+ public static final IAttributeType OAUTH_CLIENT_AUTHORIZED_REDIRECT_URI = TokenFactory.createAttributeType(0x4B4665B8E1002F28L, "Authorized Redirect URI");
+ public static final IAttributeType OAUTH_CLIENT_AUTHORIZED_SCOPE = TokenFactory.createAttributeType(0x315964489A850F7AL, "Authorized Scope");
+ public static final IAttributeType OAUTH_CLIENT_AUTHORIZED_AUDIENCE = TokenFactory.createAttributeType(0x635EBFA0D4A82E22L, "Authorized Audience");
+ // @formatter:on
+
+ public static final ArtifactId OAUTH_TYPES_ARTIFACT = OrcsUtil.newArtifactId("AmgrOMuL6U7uL9hBWCAA", "OAuthTypes");
+
+}
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/schema/OAUTH.DS.SCHEMA.xml b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/schema/OAUTH.DS.SCHEMA.xml
index 421f4447bb6..79464a4c22e 100644
--- a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/schema/OAUTH.DS.SCHEMA.xml
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/schema/OAUTH.DS.SCHEMA.xml
@@ -19,6 +19,9 @@
<Index id="OSEE_OAUTH_AUTHORIZATION__C_IDX" type="UNIQUE" tablespace="osee_index">
<AppliesTo id="CODE" />
</Index>
+ <Constraint schema="OSEE" id="OSEE_OAUTH_AUTHORIZATION__CI_FK" type="FOREIGN KEY" appliesTo="CLIENT_ID">
+ <References schema="OSEE" table="OSEE_OAUTH_CLIENT_CREDENTIAL" column="CLIENT_ID" onDelete="CASCADE" />
+ </Constraint>
</Table>
<Table name="OSEE_OAUTH_TOKEN" schema="OSEE" tablespace="osee_data">
@@ -40,6 +43,27 @@
<Index id="OSEE_OAUTH_TOKEN__TK_IDX" type="UNIQUE" tablespace="osee_index">
<AppliesTo id="TOKEN_KEY" />
</Index>
+ <Constraint schema="OSEE" id="OSEE_OAUTH_TOKEN__CI_FK" type="FOREIGN KEY" appliesTo="CLIENT_ID">
+ <References schema="OSEE" table="OSEE_OAUTH_CLIENT_CREDENTIAL" column="CLIENT_ID" onDelete="CASCADE" />
+ </Constraint>
+ </Table>
+
+ <Table name="OSEE_OAUTH_CLIENT_CREDENTIAL" schema="OSEE" tablespace="osee_data">
+ <Column id="CLIENT_ID" defaultValue="not null" type="BIGINT" />
+ <Column id="APPLICATION_ID" defaultValue="not null" type="BIGINT" />
+ <Column id="SUBJECT_ID" defaultValue="not null" type="BIGINT" />
+
+ <Column id="CLIENT_KEY" defaultValue="not null" limits="255" type="VARCHAR" />
+ <Column id="CLIENT_SECRET" limits="255" type="VARCHAR" />
+ <Column id="CLIENT_CERT" limits="255" type="VARCHAR" />
+
+ <Constraint schema="OSEE" id="OSEE_OAUTH_CLIENT_CREDENTIAL__U_PK" type="PRIMARY KEY" appliesTo="CLIENT_ID" />
+ <Index id="OSEE_OAUTH_CLIENT_CREDENTIAL__CK_IDX" type="UNIQUE" tablespace="osee_index">
+ <AppliesTo id="CLIENT_KEY" />
+ </Index>
+ <Index id="OSEE_OAUTH_CLIENT_CREDENTIAL__AI_IDX" tablespace="osee_index">
+ <AppliesTo id="APPLICATION_ID" />
+ </Index>
</Table>
</TableConfig>
diff --git a/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/types/OseeTypes_OAuth.osee b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/types/OseeTypes_OAuth.osee
new file mode 100644
index 00000000000..2d45b30262d
--- /dev/null
+++ b/plugins/org.eclipse.osee.orcs.account.admin/src/org/eclipse/osee/orcs/account/admin/internal/oauth/types/OseeTypes_OAuth.osee
@@ -0,0 +1,92 @@
+import "platform:/plugin/org.eclipse.osee.framework.skynet.core/support/OseeTypes_Framework.osee"
+
+artifactType "OAuth Client" extends "Artifact" {
+ uuid 0x0A811854041F8326
+ attribute "Description"
+ attribute "Website URI"
+ attribute "Logo URI"
+ attribute "Is Confidential"
+ attribute "Authorized Grant Type"
+ attribute "Authorized Redirect URI"
+ attribute "Authorized Scope"
+ attribute "Authorized Audience"
+ attribute "Properties"
+ attribute "Image Content"
+}
+
+attributeType "Website URI" extends StringAttribute {
+ uuid 0x6C96C4E7AA77D058
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max 1
+ taggerId DefaultAttributeTaggerProvider
+}
+
+attributeType "Logo URI" extends StringAttribute {
+ uuid 0x6CDB5B52A133AFB1
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max 1
+ taggerId DefaultAttributeTaggerProvider
+}
+
+attributeType "Is Confidential" extends BooleanAttribute {
+ uuid 0x0774F815D1F9E731
+ dataProvider DefaultAttributeDataProvider
+ min 1
+ max 1
+ mediaType "text/plain"
+ defaultValue "true"
+}
+
+attributeType "Authorized Grant Type" extends EnumeratedAttribute {
+ uuid 0x1ADA826121357000
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max 4
+ taggerId DefaultAttributeTaggerProvider
+ enumType "oauth.grant.type"
+ mediaType "text/plain"
+}
+
+oseeEnumType "oauth.grant.type" {
+ uuid 0x1471F8E388582611
+ entry "Authorization Code Grant"
+ entry "Implicit Grant"
+ entry "Resource Owner Password Credentials Grant"
+ entry "Client Credentials Grant"
+}
+
+attributeType "Authorized Redirect URI" extends StringAttribute {
+ uuid 0x4B4665B8E1002F28
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max unlimited
+ taggerId DefaultAttributeTaggerProvider
+}
+
+attributeType "Authorized Scope" extends StringAttribute {
+ uuid 0x315964489A850F7A
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max unlimited
+ taggerId DefaultAttributeTaggerProvider
+ mediaType "text/plain"
+}
+
+attributeType "Authorized Audience" extends StringAttribute {
+ uuid 0x635EBFA0D4A82E22
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max unlimited
+ taggerId DefaultAttributeTaggerProvider
+ mediaType "text/plain"
+}
+
+attributeType "Properties" extends StringAttribute {
+ uuid 0x4E2EA052F480510A
+ dataProvider DefaultAttributeDataProvider
+ min 0
+ max 1
+ mediaType "application/json"
+}
diff --git a/plugins/org.eclipse.osee.orcs.db.mock/data/hsql.zip b/plugins/org.eclipse.osee.orcs.db.mock/data/hsql.zip
index 9fba55294b5..8b60be48892 100644
--- a/plugins/org.eclipse.osee.orcs.db.mock/data/hsql.zip
+++ b/plugins/org.eclipse.osee.orcs.db.mock/data/hsql.zip
Binary files differ
diff --git a/plugins/org.eclipse.osee.x.server.p2/demo/hsql.zip b/plugins/org.eclipse.osee.x.server.p2/demo/hsql.zip
index 9943676e6a5..9d1e7dd489f 100644
--- a/plugins/org.eclipse.osee.x.server.p2/demo/hsql.zip
+++ b/plugins/org.eclipse.osee.x.server.p2/demo/hsql.zip
Binary files differ

Back to the top