Removed oauth2 entities from DB
This commit is contained in:
vzikratyi
parent
4d2813be85
commit
7fcf8a9894
@ -1,51 +0,0 @@
|
||||
--
|
||||
-- Copyright © 2016-2020 The Thingsboard Authors
|
||||
--
|
||||
-- Licensed under the Apache License, Version 2.0 (the "License");
|
||||
-- you may not use this file except in compliance with the License.
|
||||
-- You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing, software
|
||||
-- distributed under the License is distributed on an "AS IS" BASIS,
|
||||
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
-- See the License for the specific language governing permissions and
|
||||
-- limitations under the License.
|
||||
--
|
||||
|
||||
DROP TABLE IF EXISTS oauth2_client_registration;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS oauth2_client_registration (
|
||||
id varchar(31) NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
|
||||
registration_id varchar(255),
|
||||
client_id varchar(255),
|
||||
client_secret varchar(255),
|
||||
authorization_uri varchar(255),
|
||||
token_uri varchar(255),
|
||||
redirect_uri_template varchar(255),
|
||||
scope varchar(255),
|
||||
authorization_grant_type varchar(255),
|
||||
user_info_uri varchar(255),
|
||||
user_name_attribute_name varchar(255),
|
||||
jwk_set_uri varchar(255),
|
||||
client_authentication_method varchar(255),
|
||||
client_name varchar(255),
|
||||
login_button_label varchar(255),
|
||||
login_button_icon varchar(255),
|
||||
allow_user_creation boolean,
|
||||
activate_user boolean,
|
||||
type varchar(31),
|
||||
basic_email_attribute_key varchar(31),
|
||||
basic_first_name_attribute_key varchar(31),
|
||||
basic_last_name_attribute_key varchar(31),
|
||||
basic_tenant_name_strategy varchar(31),
|
||||
basic_tenant_name_pattern varchar(255),
|
||||
basic_customer_name_pattern varchar(255),
|
||||
basic_default_dashboard_name varchar(255),
|
||||
basic_always_full_screen boolean,
|
||||
custom_url varchar(255),
|
||||
custom_username varchar(255),
|
||||
custom_password varchar(255),
|
||||
CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
|
||||
);
|
||||
@ -21,7 +21,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.thingsboard.server.common.data.exception.ThingsboardException;
|
||||
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
|
||||
import org.thingsboard.server.dao.oauth2.OAuth2ClientRegistrationService;
|
||||
import org.thingsboard.server.dao.oauth2.OAuth2Service;
|
||||
import org.thingsboard.server.queue.util.TbCoreComponent;
|
||||
|
||||
@ -34,8 +33,6 @@ public class OAuth2Controller extends BaseController {
|
||||
|
||||
@Autowired
|
||||
private OAuth2Service oauth2Service;
|
||||
@Autowired
|
||||
private OAuth2ClientRegistrationService oAuth2ClientRegistrationService;
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
|
||||
@RequestMapping(value = "/oauth2/config/{" + REGISTRATION_ID + "}", method = RequestMethod.GET)
|
||||
@ -47,15 +44,4 @@ public class OAuth2Controller extends BaseController {
|
||||
throw handleException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
|
||||
@RequestMapping(value = "/oauth2/config", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
public OAuth2ClientRegistration saveClientRegistration(@RequestBody OAuth2ClientRegistration clientRegistration) throws ThingsboardException {
|
||||
try {
|
||||
return oAuth2ClientRegistrationService.saveClientRegistration(clientRegistration);
|
||||
} catch (Exception e) {
|
||||
throw handleException(e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,30 +0,0 @@
|
||||
/**
|
||||
* Copyright © 2016-2020 The Thingsboard Authors
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.thingsboard.server.dao.oauth2;
|
||||
|
||||
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface OAuth2ClientRegistrationService {
|
||||
OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration);
|
||||
|
||||
List<OAuth2ClientRegistration> findClientRegistrations();
|
||||
|
||||
OAuth2ClientRegistration findClientRegistrationsByRegistrationId(String registrationId);
|
||||
|
||||
void deleteClientRegistrationsByRegistrationId(String registrationId);
|
||||
}
|
||||
@ -1,194 +0,0 @@
|
||||
/**
|
||||
* Copyright © 2016-2020 The Thingsboard Authors
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.thingsboard.server.dao.model.sql;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import org.hibernate.annotations.TypeDef;
|
||||
import org.thingsboard.server.common.data.id.OAuth2IntegrationId;
|
||||
import org.thingsboard.server.common.data.oauth2.*;
|
||||
import org.thingsboard.server.dao.model.BaseSqlEntity;
|
||||
import org.thingsboard.server.dao.model.ModelConstants;
|
||||
import org.thingsboard.server.dao.util.mapping.JsonStringType;
|
||||
|
||||
import javax.persistence.*;
|
||||
|
||||
@Data
|
||||
@EqualsAndHashCode(callSuper = true)
|
||||
@Entity
|
||||
@TypeDef(name = "json", typeClass = JsonStringType.class)
|
||||
@Table(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_COLUMN_FAMILY_NAME)
|
||||
public class OAuth2ClientRegistrationEntity extends BaseSqlEntity<OAuth2ClientRegistration> {
|
||||
|
||||
@Column(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_ID_PROPERTY)
|
||||
private String registrationId;
|
||||
@Column(name = ModelConstants.OAUTH2_CLIENT_ID_PROPERTY)
|
||||
private String clientId;
|
||||
@Column(name = ModelConstants.OAUTH2_CLIENT_SECRET_PROPERTY)
|
||||
private String clientSecret;
|
||||
@Column(name = ModelConstants.OAUTH2_AUTHORIZATION_URI_PROPERTY)
|
||||
private String authorizationUri;
|
||||
@Column(name = ModelConstants.OAUTH2_TOKEN_URI_PROPERTY)
|
||||
private String tokenUri;
|
||||
@Column(name = ModelConstants.OAUTH2_REDIRECT_URI_TEMPLATE_PROPERTY)
|
||||
private String redirectUriTemplate;
|
||||
@Column(name = ModelConstants.OAUTH2_SCOPE_PROPERTY)
|
||||
private String scope;
|
||||
@Column(name = ModelConstants.OAUTH2_AUTHORIZATION_GRANT_TYPE_PROPERTY)
|
||||
private String authorizationGrantType;
|
||||
@Column(name = ModelConstants.OAUTH2_USER_INFO_URI_PROPERTY)
|
||||
private String userInfoUri;
|
||||
@Column(name = ModelConstants.OAUTH2_USER_NAME_ATTRIBUTE_NAME_PROPERTY)
|
||||
private String userNameAttributeName;
|
||||
@Column(name = ModelConstants.OAUTH2_JWK_SET_URI_PROPERTY)
|
||||
private String jwkSetUri;
|
||||
@Column(name = ModelConstants.OAUTH2_CLIENT_AUTHENTICATION_METHOD_PROPERTY)
|
||||
private String clientAuthenticationMethod;
|
||||
@Column(name = ModelConstants.OAUTH2_CLIENT_NAME_PROPERTY)
|
||||
private String clientName;
|
||||
@Column(name = ModelConstants.OAUTH2_LOGIN_BUTTON_LABEL_PROPERTY)
|
||||
private String loginButtonLabel;
|
||||
@Column(name = ModelConstants.OAUTH2_LOGIN_BUTTON_ICON_PROPERTY)
|
||||
private String loginButtonIcon;
|
||||
@Column(name = ModelConstants.OAUTH2_ALLOW_USER_CREATION_PROPERTY)
|
||||
private Boolean allowUserCreation;
|
||||
@Column(name = ModelConstants.OAUTH2_ACTIVATE_USER_PROPERTY)
|
||||
private Boolean activateUser;
|
||||
@Enumerated(EnumType.STRING)
|
||||
@Column(name = ModelConstants.OAUTH2_MAPPER_TYPE_PROPERTY)
|
||||
private MapperType type;
|
||||
@Column(name = ModelConstants.OAUTH2_EMAIL_ATTRIBUTE_KEY_PROPERTY)
|
||||
private String emailAttributeKey;
|
||||
@Column(name = ModelConstants.OAUTH2_FIRST_NAME_ATTRIBUTE_KEY_PROPERTY)
|
||||
private String firstNameAttributeKey;
|
||||
@Column(name = ModelConstants.OAUTH2_LAST_NAME_ATTRIBUTE_KEY_PROPERTY)
|
||||
private String lastNameAttributeKey;
|
||||
@Enumerated(EnumType.STRING)
|
||||
@Column(name = ModelConstants.OAUTH2_TENANT_NAME_STRATEGY_PROPERTY)
|
||||
private TenantNameStrategyType tenantNameStrategy;
|
||||
@Column(name = ModelConstants.OAUTH2_TENANT_NAME_PATTERN_PROPERTY)
|
||||
private String tenantNamePattern;
|
||||
@Column(name = ModelConstants.OAUTH2_CUSTOMER_NAME_PATTERN_PROPERTY)
|
||||
private String customerNamePattern;
|
||||
@Column(name = ModelConstants.OAUTH2_DEFAULT_DASHBOARD_NAME_PROPERTY)
|
||||
private String defaultDashboardName;
|
||||
@Column(name = ModelConstants.OAUTH2_ALWAYS_FULL_SCREEN_PROPERTY)
|
||||
private Boolean alwaysFullScreen;
|
||||
@Column(name = ModelConstants.OAUTH2_MAPPER_URL_PROPERTY)
|
||||
private String url;
|
||||
@Column(name = ModelConstants.OAUTH2_MAPPER_USERNAME_PROPERTY)
|
||||
private String username;
|
||||
@Column(name = ModelConstants.OAUTH2_MAPPER_PASSWORD_PROPERTY)
|
||||
private String password;
|
||||
|
||||
public OAuth2ClientRegistrationEntity() {
|
||||
super();
|
||||
}
|
||||
|
||||
public OAuth2ClientRegistrationEntity(OAuth2ClientRegistration clientRegistration) {
|
||||
if (clientRegistration.getId() != null) {
|
||||
this.setUuid(clientRegistration.getId().getId());
|
||||
}
|
||||
this.registrationId = clientRegistration.getRegistrationId();
|
||||
this.clientId = clientRegistration.getClientId();
|
||||
this.clientSecret = clientRegistration.getClientSecret();
|
||||
this.authorizationUri = clientRegistration.getAuthorizationUri();
|
||||
this.tokenUri = clientRegistration.getTokenUri();
|
||||
this.redirectUriTemplate = clientRegistration.getRedirectUriTemplate();
|
||||
this.scope = clientRegistration.getScope();
|
||||
this.authorizationGrantType = clientRegistration.getAuthorizationGrantType();
|
||||
this.userInfoUri = clientRegistration.getUserInfoUri();
|
||||
this.userNameAttributeName = clientRegistration.getUserNameAttributeName();
|
||||
this.jwkSetUri = clientRegistration.getJwkSetUri();
|
||||
this.clientAuthenticationMethod = clientRegistration.getClientAuthenticationMethod();
|
||||
this.clientName = clientRegistration.getClientName();
|
||||
this.loginButtonLabel = clientRegistration.getLoginButtonLabel();
|
||||
this.loginButtonIcon = clientRegistration.getLoginButtonIcon();
|
||||
OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
|
||||
if (mapperConfig != null) {
|
||||
this.allowUserCreation = mapperConfig.isAllowUserCreation();
|
||||
this.activateUser = mapperConfig.isActivateUser();
|
||||
this.type = mapperConfig.getType();
|
||||
OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasicConfig();
|
||||
if (basicConfig != null) {
|
||||
this.emailAttributeKey = basicConfig.getEmailAttributeKey();
|
||||
this.firstNameAttributeKey = basicConfig.getFirstNameAttributeKey();
|
||||
this.lastNameAttributeKey = basicConfig.getLastNameAttributeKey();
|
||||
this.tenantNameStrategy = basicConfig.getTenantNameStrategy();
|
||||
this.tenantNamePattern = basicConfig.getTenantNamePattern();
|
||||
this.customerNamePattern = basicConfig.getCustomerNamePattern();
|
||||
this.defaultDashboardName = basicConfig.getDefaultDashboardName();
|
||||
this.alwaysFullScreen = basicConfig.isAlwaysFullScreen();
|
||||
}
|
||||
OAuth2CustomMapperConfig customConfig = mapperConfig.getCustomConfig();
|
||||
if (customConfig != null) {
|
||||
this.url = customConfig.getUrl();
|
||||
this.username = customConfig.getUsername();
|
||||
this.password = customConfig.getPassword();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2ClientRegistration toData() {
|
||||
return OAuth2ClientRegistration.builder()
|
||||
.id(new OAuth2IntegrationId(toUUID(id)))
|
||||
.registrationId(registrationId)
|
||||
.mapperConfig(OAuth2MapperConfig.builder()
|
||||
.allowUserCreation(allowUserCreation)
|
||||
.activateUser(activateUser)
|
||||
.type(type)
|
||||
.basicConfig(
|
||||
type == MapperType.BASIC ?
|
||||
OAuth2BasicMapperConfig.builder()
|
||||
.emailAttributeKey(emailAttributeKey)
|
||||
.firstNameAttributeKey(firstNameAttributeKey)
|
||||
.lastNameAttributeKey(lastNameAttributeKey)
|
||||
.tenantNameStrategy(tenantNameStrategy)
|
||||
.tenantNamePattern(tenantNamePattern)
|
||||
.customerNamePattern(customerNamePattern)
|
||||
.defaultDashboardName(defaultDashboardName)
|
||||
.alwaysFullScreen(alwaysFullScreen)
|
||||
.build()
|
||||
: null
|
||||
)
|
||||
.customConfig(
|
||||
type == MapperType.CUSTOM ?
|
||||
OAuth2CustomMapperConfig.builder()
|
||||
.url(url)
|
||||
.username(username)
|
||||
.password(password)
|
||||
.build()
|
||||
: null
|
||||
)
|
||||
.build())
|
||||
.clientId(clientId)
|
||||
.clientSecret(clientSecret)
|
||||
.authorizationUri(authorizationUri)
|
||||
.tokenUri(tokenUri)
|
||||
.redirectUriTemplate(redirectUriTemplate)
|
||||
.scope(scope)
|
||||
.authorizationGrantType(authorizationGrantType)
|
||||
.userInfoUri(userInfoUri)
|
||||
.userNameAttributeName(userNameAttributeName)
|
||||
.jwkSetUri(jwkSetUri)
|
||||
.clientAuthenticationMethod(clientAuthenticationMethod)
|
||||
.clientName(clientName)
|
||||
.loginButtonLabel(loginButtonLabel)
|
||||
.loginButtonIcon(loginButtonIcon)
|
||||
.build();
|
||||
}
|
||||
}
|
||||
@ -1,15 +0,0 @@
|
||||
package org.thingsboard.server.dao.oauth2;
|
||||
|
||||
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface OAuth2ClientRegistrationDao {
|
||||
List<OAuth2ClientRegistration> find();
|
||||
|
||||
OAuth2ClientRegistration findByRegistrationId(String registrationId);
|
||||
|
||||
OAuth2ClientRegistration save(OAuth2ClientRegistration clientRegistration);
|
||||
|
||||
boolean removeByRegistrationId(String registrationId);
|
||||
}
|
||||
@ -1,148 +0,0 @@
|
||||
/**
|
||||
* Copyright © 2016-2020 The Thingsboard Authors
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.thingsboard.server.dao.oauth2;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.thingsboard.server.common.data.oauth2.*;
|
||||
import org.thingsboard.server.dao.exception.DataValidationException;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
import static org.thingsboard.server.dao.service.Validator.validateId;
|
||||
import static org.thingsboard.server.dao.service.Validator.validateString;
|
||||
|
||||
@Slf4j
|
||||
@Service
|
||||
public class OAuth2ClientRegistrationServiceImpl implements OAuth2ClientRegistrationService {
|
||||
public static final String INCORRECT_REGISTRATION_ID = "Incorrect registrationId ";
|
||||
|
||||
@Autowired
|
||||
private OAuth2ClientRegistrationDao clientRegistrationDao;
|
||||
|
||||
@Override
|
||||
public OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration) {
|
||||
log.trace("Executing saveClientRegistration [{}]", clientRegistration);
|
||||
// TODO add checking for duplicates and other validations
|
||||
return clientRegistrationDao.save(clientRegistration);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<OAuth2ClientRegistration> findClientRegistrations() {
|
||||
log.trace("Executing findClientRegistrations []");
|
||||
return clientRegistrationDao.find();
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2ClientRegistration findClientRegistrationsByRegistrationId(String registrationId) {
|
||||
log.trace("Executing findClientRegistrationsByRegistrationId [{}]", registrationId);
|
||||
validateString(registrationId, INCORRECT_REGISTRATION_ID + registrationId);
|
||||
return clientRegistrationDao.findByRegistrationId(registrationId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteClientRegistrationsByRegistrationId(String registrationId) {
|
||||
log.trace("Executing deleteClientRegistrationsByRegistrationId [{}]", registrationId);
|
||||
validateString(registrationId, INCORRECT_REGISTRATION_ID + registrationId);
|
||||
clientRegistrationDao.removeByRegistrationId(registrationId);
|
||||
}
|
||||
|
||||
private Consumer<OAuth2ClientRegistration> validator = clientRegistration -> {
|
||||
if (StringUtils.isEmpty(clientRegistration.getRegistrationId())) {
|
||||
throw new DataValidationException("Registration ID should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getClientId())) {
|
||||
throw new DataValidationException("Client ID should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getClientSecret())) {
|
||||
throw new DataValidationException("Client secret should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getAuthorizationUri())) {
|
||||
throw new DataValidationException("Authorization uri should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getTokenUri())) {
|
||||
throw new DataValidationException("Token uri should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getRedirectUriTemplate())) {
|
||||
throw new DataValidationException("Redirect uri template should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getScope())) {
|
||||
throw new DataValidationException("Scope should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getAuthorizationGrantType())) {
|
||||
throw new DataValidationException("Authorization grant type should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getUserInfoUri())) {
|
||||
throw new DataValidationException("User info uri should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getUserNameAttributeName())) {
|
||||
throw new DataValidationException("User name attribute name should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getJwkSetUri())) {
|
||||
throw new DataValidationException("Jwk set uri should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getClientAuthenticationMethod())) {
|
||||
throw new DataValidationException("Client authentication method should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getClientName())) {
|
||||
throw new DataValidationException("Client name should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(clientRegistration.getLoginButtonLabel())) {
|
||||
throw new DataValidationException("Login button label should be specified!");
|
||||
}
|
||||
OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
|
||||
if (mapperConfig == null) {
|
||||
throw new DataValidationException("Mapper config should be specified!");
|
||||
}
|
||||
if (mapperConfig.getType() == null) {
|
||||
throw new DataValidationException("Mapper config type should be specified!");
|
||||
}
|
||||
if (mapperConfig.getType() == MapperType.BASIC) {
|
||||
OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasicConfig();
|
||||
if (basicConfig == null) {
|
||||
throw new DataValidationException("Basic config should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(basicConfig.getEmailAttributeKey())) {
|
||||
throw new DataValidationException("Email attribute key should be specified!");
|
||||
}
|
||||
if (basicConfig.getTenantNameStrategy() == null) {
|
||||
throw new DataValidationException("Tenant name strategy should be specified!");
|
||||
}
|
||||
if (basicConfig.getTenantNameStrategy() == TenantNameStrategyType.CUSTOM
|
||||
&& StringUtils.isEmpty(basicConfig.getTenantNamePattern())) {
|
||||
throw new DataValidationException("Tenant name pattern should be specified!");
|
||||
}
|
||||
}
|
||||
if (mapperConfig.getType() == MapperType.CUSTOM) {
|
||||
OAuth2CustomMapperConfig customConfig = mapperConfig.getCustomConfig();
|
||||
if (customConfig == null) {
|
||||
throw new DataValidationException("Custom config should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(customConfig.getUrl())) {
|
||||
throw new DataValidationException("Custom mapper URL should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(customConfig.getUsername())) {
|
||||
throw new DataValidationException("Custom mapper username should be specified!");
|
||||
}
|
||||
if (StringUtils.isEmpty(customConfig.getPassword())) {
|
||||
throw new DataValidationException("Custom mapper password should be specified!");
|
||||
}
|
||||
}
|
||||
};
|
||||
}
|
||||
@ -15,15 +15,13 @@
|
||||
*/
|
||||
package org.thingsboard.server.dao.oauth2;
|
||||
|
||||
import com.google.common.collect.Sets;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.thingsboard.server.common.data.id.OAuth2IntegrationId;
|
||||
import org.thingsboard.server.common.data.oauth2.*;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.util.*;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
@ -36,24 +34,6 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
@Autowired(required = false)
|
||||
OAuth2Configuration oauth2Configuration;
|
||||
|
||||
@Autowired
|
||||
private OAuth2ClientRegistrationService clientRegistrationService;
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
if (oauth2Configuration == null || !oauth2Configuration.isEnabled()) {
|
||||
return;
|
||||
}
|
||||
Set<String> dbClientRegistration = clientRegistrationService.findClientRegistrations().stream()
|
||||
.map(OAuth2ClientRegistration::getRegistrationId)
|
||||
.collect(Collectors.toSet());
|
||||
// TODO decide what to do with same registrationIds in DB
|
||||
Sets.SetView<String> intersection = Sets.intersection(dbClientRegistration, oauth2Configuration.getClients().keySet());
|
||||
if (!intersection.isEmpty()) {
|
||||
throw new RuntimeException("OAuth2 configurations " + intersection + " are already stored in DB.");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<OAuth2ClientInfo> getOAuth2Clients() {
|
||||
if (oauth2Configuration == null || !oauth2Configuration.isEnabled()) {
|
||||
@ -69,17 +49,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
return client;
|
||||
});
|
||||
|
||||
Stream<OAuth2ClientInfo> dbConfiguration = clientRegistrationService.findClientRegistrations().stream()
|
||||
.map(clientRegistration -> {
|
||||
OAuth2ClientInfo client = new OAuth2ClientInfo();
|
||||
client.setName(clientRegistration.getLoginButtonLabel());
|
||||
client.setUrl(String.format(OAUTH2_AUTHORIZATION_PATH_TEMPLATE, clientRegistration.getRegistrationId()));
|
||||
client.setIcon(clientRegistration.getLoginButtonIcon());
|
||||
return client;
|
||||
});
|
||||
|
||||
return Stream.concat(startUpConfiguration, dbConfiguration)
|
||||
.collect(Collectors.toList());
|
||||
return startUpConfiguration.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -88,9 +58,9 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
OAuth2Client oAuth2Client = oauth2Configuration.getClients() == null ? null : oauth2Configuration.getClients().get(registrationId);
|
||||
if (oAuth2Client != null){
|
||||
return toClientRegistration(registrationId, oAuth2Client);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
|
||||
return clientRegistrationService.findClientRegistrationsByRegistrationId(registrationId);
|
||||
}
|
||||
|
||||
private OAuth2ClientRegistration toClientRegistration(String registrationId, OAuth2Client oAuth2Client) {
|
||||
|
||||
@ -1,77 +0,0 @@
|
||||
/**
|
||||
* Copyright © 2016-2020 The Thingsboard Authors
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.thingsboard.server.dao.sql.oauth2;
|
||||
|
||||
import com.datastax.oss.driver.api.core.uuid.Uuids;
|
||||
import com.google.common.collect.Lists;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
|
||||
import org.thingsboard.server.dao.DaoUtil;
|
||||
import org.thingsboard.server.dao.model.sql.OAuth2ClientRegistrationEntity;
|
||||
import org.thingsboard.server.dao.oauth2.OAuth2ClientRegistrationDao;
|
||||
import org.thingsboard.server.dao.util.SqlDao;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
@Slf4j
|
||||
@Component
|
||||
@SqlDao
|
||||
@RequiredArgsConstructor
|
||||
public class JpaOAuth2ClientRegistrationDao implements OAuth2ClientRegistrationDao {
|
||||
private final OAuth2ClientRegistrationRepository repository;
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public OAuth2ClientRegistration save(OAuth2ClientRegistration clientRegistration) {
|
||||
OAuth2ClientRegistrationEntity entity;
|
||||
try {
|
||||
entity = new OAuth2ClientRegistrationEntity(clientRegistration);
|
||||
} catch (Exception e) {
|
||||
log.error("Can't create entity for domain object {}", clientRegistration, e);
|
||||
throw new IllegalArgumentException("Can't create entity for domain object {" + clientRegistration + "}", e);
|
||||
}
|
||||
log.debug("Saving entity {}", entity);
|
||||
if (entity.getUuid() == null) {
|
||||
entity.setUuid(Uuids.timeBased());
|
||||
}
|
||||
entity = repository.save(entity);
|
||||
return DaoUtil.getData(entity);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<OAuth2ClientRegistration> find() {
|
||||
List<OAuth2ClientRegistrationEntity> entities = Lists.newArrayList(repository.findAll());
|
||||
return DaoUtil.convertDataList(entities);
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2ClientRegistration findByRegistrationId(String registrationId) {
|
||||
log.debug("Get entity by registration id {}", registrationId);
|
||||
Optional<OAuth2ClientRegistrationEntity> entity = repository.findByRegistrationId(registrationId);
|
||||
return DaoUtil.getData(entity);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeByRegistrationId(String registrationId) {
|
||||
repository.deleteByRegistrationId(registrationId);
|
||||
log.debug("Remove request: {}", registrationId);
|
||||
return !repository.existsByRegistrationId(registrationId);
|
||||
}
|
||||
}
|
||||
@ -1,30 +0,0 @@
|
||||
/**
|
||||
* Copyright © 2016-2020 The Thingsboard Authors
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.thingsboard.server.dao.sql.oauth2;
|
||||
|
||||
import org.springframework.data.repository.CrudRepository;
|
||||
import org.thingsboard.server.dao.model.sql.OAuth2ClientRegistrationEntity;
|
||||
import org.thingsboard.server.dao.util.SqlDao;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
@SqlDao
|
||||
public interface OAuth2ClientRegistrationRepository extends CrudRepository<OAuth2ClientRegistrationEntity, String> {
|
||||
Optional<OAuth2ClientRegistrationEntity> findByRegistrationId(String registrationId);
|
||||
int deleteByRegistrationId(String registrationId);
|
||||
boolean existsByRegistrationId(String registrationId);
|
||||
|
||||
}
|
||||
@ -251,38 +251,4 @@ CREATE TABLE IF NOT EXISTS entity_view (
|
||||
end_ts bigint,
|
||||
search_text varchar(255),
|
||||
additional_info varchar
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS oauth2_client_registration (
|
||||
id varchar(31) NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
|
||||
registration_id varchar(255),
|
||||
client_id varchar(255),
|
||||
client_secret varchar(255),
|
||||
authorization_uri varchar(255),
|
||||
token_uri varchar(255),
|
||||
redirect_uri_template varchar(255),
|
||||
scope varchar(255),
|
||||
authorization_grant_type varchar(255),
|
||||
user_info_uri varchar(255),
|
||||
user_name_attribute_name varchar(255),
|
||||
jwk_set_uri varchar(255),
|
||||
client_authentication_method varchar(255),
|
||||
client_name varchar(255),
|
||||
login_button_label varchar(255),
|
||||
login_button_icon varchar(255),
|
||||
allow_user_creation boolean,
|
||||
activate_user boolean,
|
||||
type varchar(31),
|
||||
basic_email_attribute_key varchar(31),
|
||||
basic_first_name_attribute_key varchar(31),
|
||||
basic_last_name_attribute_key varchar(31),
|
||||
basic_tenant_name_strategy varchar(31),
|
||||
basic_tenant_name_pattern varchar(255),
|
||||
basic_customer_name_pattern varchar(255),
|
||||
basic_default_dashboard_name varchar(255),
|
||||
basic_always_full_screen boolean,
|
||||
custom_url varchar(255),
|
||||
custom_username varchar(255),
|
||||
custom_password varchar(255),
|
||||
CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
|
||||
);
|
||||
);
|
||||
@ -253,40 +253,6 @@ CREATE TABLE IF NOT EXISTS entity_view (
|
||||
additional_info varchar
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS oauth2_client_registration (
|
||||
id varchar(31) NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
|
||||
registration_id varchar(255),
|
||||
client_id varchar(255),
|
||||
client_secret varchar(255),
|
||||
authorization_uri varchar(255),
|
||||
token_uri varchar(255),
|
||||
redirect_uri_template varchar(255),
|
||||
scope varchar(255),
|
||||
authorization_grant_type varchar(255),
|
||||
user_info_uri varchar(255),
|
||||
user_name_attribute_name varchar(255),
|
||||
jwk_set_uri varchar(255),
|
||||
client_authentication_method varchar(255),
|
||||
client_name varchar(255),
|
||||
login_button_label varchar(255),
|
||||
login_button_icon varchar(255),
|
||||
allow_user_creation boolean,
|
||||
activate_user boolean,
|
||||
type varchar(31),
|
||||
basic_email_attribute_key varchar(31),
|
||||
basic_first_name_attribute_key varchar(31),
|
||||
basic_last_name_attribute_key varchar(31),
|
||||
basic_tenant_name_strategy varchar(31),
|
||||
basic_tenant_name_pattern varchar(255),
|
||||
basic_customer_name_pattern varchar(255),
|
||||
basic_default_dashboard_name varchar(255),
|
||||
basic_always_full_screen boolean,
|
||||
custom_url varchar(255),
|
||||
custom_username varchar(255),
|
||||
custom_password varchar(255),
|
||||
CONSTRAINT oauth2_registration_id_unq_key UNIQUE (registration_id)
|
||||
);
|
||||
|
||||
CREATE OR REPLACE PROCEDURE cleanup_events_by_ttl(IN ttl bigint, IN debug_ttl bigint, INOUT deleted bigint)
|
||||
LANGUAGE plpgsql AS
|
||||
$$
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user