Group ClientRegistrations by Domain

application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java

@@ -28,10 +28,7 @@ import org.thingsboard.server.common.data.id.DashboardId;
 import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
 import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId;
 import org.thingsboard.server.common.data.id.TenantId;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
+import org.thingsboard.server.common.data.oauth2.*;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.dao.oauth2.OAuth2Service;
 import org.thingsboard.server.queue.util.TbCoreComponent;
@@ -40,6 +37,7 @@ import org.thingsboard.server.service.security.permission.Resource;
 
 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
+import java.util.stream.Collectors;
 
 @RestController
 @TbCoreComponent
@@ -67,15 +65,13 @@ public class OAuth2Controller extends BaseController {
         try {
             Authority authority = getCurrentUser().getAuthority();
             checkOAuth2ConfigPermissions(Operation.READ);
-            List<OAuth2ClientRegistration> clientRegistrations = null;
             if (Authority.SYS_ADMIN.equals(authority)) {
-                clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
+                return oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID);
             } else if (Authority.TENANT_ADMIN.equals(authority)) {
-                clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(getCurrentUser().getTenantId());
+                return oAuth2Service.findClientsParamsByTenantId(getCurrentUser().getTenantId());
             } else {
                 throw new IllegalStateException("Authority " + authority + " cannot get client registrations.");
             }
-            return new OAuth2ClientsParams(clientRegistrations);
         } catch (Exception e) {
             throw handleException(e);
         }
@@ -84,11 +80,24 @@ public class OAuth2Controller extends BaseController {
     @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
     @RequestMapping(value = "/oauth2/config", method = RequestMethod.POST)
     @ResponseStatus(value = HttpStatus.OK)
-    public OAuth2ClientRegistration saveClientRegistration(@RequestBody OAuth2ClientRegistration clientRegistration) throws ThingsboardException {
+    public OAuth2ClientsParams saveClientParams(@RequestBody OAuth2ClientsParams clientsParams) throws ThingsboardException {
         try {
-            clientRegistration.setTenantId(getCurrentUser().getTenantId());
+            TenantId tenantId;
-            checkEntity(clientRegistration.getId(), clientRegistration, Resource.OAUTH2_CONFIGURATION);
+            Authority authority = getCurrentUser().getAuthority();
-            return oAuth2Service.saveClientRegistration(clientRegistration);
+            if (Authority.SYS_ADMIN.equals(authority)) {
+                tenantId = TenantId.SYS_TENANT_ID;
+            } else if (Authority.TENANT_ADMIN.equals(authority)) {
+                tenantId = getCurrentUser().getTenantId();
+            } else {
+                throw new IllegalStateException("Authority " + authority + " cannot save client registrations.");
+            }
+            List<ClientRegistrationDto> clientRegistrationDtos = clientsParams.getOAuth2DomainDtos().stream()
+                    .flatMap(domainParams -> domainParams.getClientRegistrations().stream())
+                    .collect(Collectors.toList());
+            for (ClientRegistrationDto clientRegistrationDto : clientRegistrationDtos) {
+                checkEntity(clientRegistrationDto.getId(), () -> tenantId, Resource.OAUTH2_CONFIGURATION);
+            }
+            return oAuth2Service.saveClientsParams(tenantId, clientsParams);
         } catch (Exception e) {
             throw handleException(e);
         }

common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java

@@ -19,6 +19,7 @@ import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
+import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
 
 import java.util.List;
 import java.util.UUID;
@@ -26,9 +27,9 @@ import java.util.UUID;
 public interface OAuth2Service {
     List<OAuth2ClientInfo> getOAuth2Clients(String domainName);
 
-    OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration);
+    OAuth2ClientsParams saveClientsParams(TenantId tenantId, OAuth2ClientsParams clientsParams);
 
-    List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId);
+    OAuth2ClientsParams findClientsParamsByTenantId(TenantId tenantId);
 
     OAuth2ClientRegistration findClientRegistration(UUID id);
 

common/data/src/main/java/org/thingsboard/server/common/data/oauth2/ClientRegistrationDto.java

@@ -0,0 +1,31 @@
+package org.thingsboard.server.common.data.oauth2;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.*;
+import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
+import org.thingsboard.server.common.data.id.TenantId;
+
+import java.util.List;
+
+@EqualsAndHashCode
+@Data
+@ToString(exclude = {"clientSecret"})
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class ClientRegistrationDto {
+    private OAuth2ClientRegistrationId id;
+    private long createdTime;
+    private OAuth2MapperConfig mapperConfig;
+    private String clientId;
+    private String clientSecret;
+    private String authorizationUri;
+    private String accessTokenUri;
+    private List<String> scope;
+    private String userInfoUri;
+    private String userNameAttributeName;
+    private String jwkSetUri;
+    private String clientAuthenticationMethod;
+    private String loginButtonLabel;
+    private String loginButtonIcon;
+}

common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientsDomainParams.java

@@ -28,5 +28,5 @@ import java.util.List;
 public class OAuth2ClientsDomainParams {
     private String domainName;
     private String redirectUriTemplate;
-    private List<OAuth2ClientRegistration> clientRegistrations;
+    private List<ClientRegistrationDto> clientRegistrations;
 }

common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientsParams.java

@@ -16,8 +16,11 @@
 package org.thingsboard.server.common.data.oauth2;
 
 import lombok.*;
+import org.thingsboard.server.common.data.id.TenantId;
 
+import java.util.Collection;
 import java.util.List;
+import java.util.Objects;
 
 @EqualsAndHashCode
 @Data
@@ -26,5 +29,5 @@ import java.util.List;
 @NoArgsConstructor
 @AllArgsConstructor
 public class OAuth2ClientsParams {
-    private List<OAuth2ClientRegistration> clientRegistrations;
+    private List<OAuth2ClientsDomainParams> oAuth2DomainDtos;
 }

dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java

@@ -33,8 +33,9 @@ import org.thingsboard.server.dao.service.DataValidator;
 import org.thingsboard.server.dao.tenant.TenantService;
 
 import javax.transaction.Transactional;
-import java.util.List;
+import java.util.*;
-import java.util.UUID;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
 import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
@@ -64,17 +65,22 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
     }
 
     @Override
-    public OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration) {
+    @Transactional
-        log.trace("Executing saveClientRegistration [{}]", clientRegistration);
+    public OAuth2ClientsParams saveClientsParams(TenantId tenantId, OAuth2ClientsParams clientsParams) {
-        clientRegistrationValidator.validate(clientRegistration, OAuth2ClientRegistration::getTenantId);
+        log.trace("Executing saveClientsParams [{}] [{}]", tenantId, clientsParams);
-        return clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration);
+        clientParamsValidator.accept(tenantId, clientsParams);
+        List<OAuth2ClientRegistration> inputClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, clientsParams);
+        List<OAuth2ClientRegistration> savedClientRegistrations = inputClientRegistrations.stream()
+                .map(clientRegistration -> clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration))
+                .collect(Collectors.toList());
+        return OAuth2Utils.toOAuth2ClientsParams(savedClientRegistrations);
     }
 
     @Override
-    public List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId) {
+    public OAuth2ClientsParams findClientsParamsByTenantId(TenantId tenantId) {
-        log.trace("Executing findClientRegistrationsByTenantId [{}]", tenantId);
+        log.trace("Executing findClientsParamsByTenantId [{}]", tenantId);
         validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
-        return clientRegistrationDao.findByTenantId(tenantId.getId());
+        return OAuth2Utils.toOAuth2ClientsParams(clientRegistrationDao.findByTenantId(tenantId.getId()));
     }
 
     @Override
@@ -129,25 +135,22 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
         }
     }
 
-    private final DataValidator<OAuth2ClientRegistration> clientRegistrationValidator =
+    private final BiConsumer<TenantId, OAuth2ClientsParams> clientParamsValidator = (tenantId, clientsParams) -> {
-            new DataValidator<OAuth2ClientRegistration>() {
+        if (clientsParams == null || clientsParams.getOAuth2DomainDtos() == null
-
+                || clientsParams.getOAuth2DomainDtos().isEmpty()) {
-                @Override
+            throw new DataValidationException("Domain params should be specified!");
-                protected void validateCreate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
         }
-
+        for (OAuth2ClientsDomainParams domainParams : clientsParams.getOAuth2DomainDtos()) {
-                @Override
+            if (StringUtils.isEmpty(domainParams.getDomainName())) {
-                protected void validateUpdate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
-                }
-
-                @Override
-                protected void validateDataImpl(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
-                    if (StringUtils.isEmpty(clientRegistration.getDomainName())) {
                 throw new DataValidationException("Domain name should be specified!");
             }
-                    if (StringUtils.isEmpty(clientRegistration.getRedirectUriTemplate())) {
+            if (StringUtils.isEmpty(domainParams.getRedirectUriTemplate())) {
                 throw new DataValidationException("Redirect URI template should be specified!");
             }
+            if (domainParams.getClientRegistrations() == null || domainParams.getClientRegistrations().isEmpty()) {
+                throw new DataValidationException("Client registrations should be specified!");
+            }
+            for (ClientRegistrationDto clientRegistration : domainParams.getClientRegistrations()) {
                 if (StringUtils.isEmpty(clientRegistration.getClientId())) {
                     throw new DataValidationException("Client ID should be specified!");
                 }
@@ -207,14 +210,15 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
                         throw new DataValidationException("Custom mapper URL should be specified!");
                     }
                 }
-                    if (clientRegistration.getTenantId() == null) {
+            }
+        }
+        if (tenantId == null) {
             throw new DataValidationException("Client registration should be assigned to tenant!");
-                    } else if (!TenantId.SYS_TENANT_ID.equals(clientRegistration.getTenantId())) {
+        } else if (!TenantId.SYS_TENANT_ID.equals(tenantId)) {
-                        Tenant tenant = tenantService.findTenantById(clientRegistration.getTenantId());
+            Tenant tenant = tenantService.findTenantById(tenantId);
             if (tenant == null) {
                 throw new DataValidationException("Client registration is referencing to non-existent tenant!");
             }
         }
-                }
     };
 }

dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java

@@ -16,10 +16,14 @@
 package org.thingsboard.server.dao.oauth2;
 
 import org.springframework.util.StringUtils;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
+import org.thingsboard.server.common.data.id.TenantId;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
+import org.thingsboard.server.common.data.oauth2.*;
-import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
 
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 public class OAuth2Utils {
@@ -33,4 +37,68 @@ public class OAuth2Utils {
         client.setIcon(clientRegistration.getLoginButtonIcon());
         return client;
     }
+
+    public static List<OAuth2ClientRegistration> toClientRegistrations(TenantId tenantId, OAuth2ClientsParams clientsParams) {
+        return clientsParams.getOAuth2DomainDtos().stream()
+                .flatMap(domainParams -> domainParams.getClientRegistrations().stream()
+                        .map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(tenantId, domainParams.getDomainName(),
+                                domainParams.getRedirectUriTemplate(), clientRegistrationDto)
+                        ))
+                .collect(Collectors.toList());
+    }
+
+    public static OAuth2ClientsParams toOAuth2ClientsParams(List<OAuth2ClientRegistration> clientRegistrations) {
+        Map<String, OAuth2ClientsDomainParams> domainParamsMap = new HashMap<>();
+        for (OAuth2ClientRegistration clientRegistration : clientRegistrations) {
+            String domainName = clientRegistration.getDomainName();
+            OAuth2ClientsDomainParams domainParams = domainParamsMap.computeIfAbsent(domainName,
+                    key -> new OAuth2ClientsDomainParams(domainName, clientRegistration.getRedirectUriTemplate(), new ArrayList<>())
+            );
+            domainParams.getClientRegistrations()
+                    .add(toClientRegistrationDto(clientRegistration));
+        }
+        return new OAuth2ClientsParams(new ArrayList<>(domainParamsMap.values()));
+    }
+
+    public static ClientRegistrationDto toClientRegistrationDto(OAuth2ClientRegistration oAuth2ClientRegistration) {
+        return ClientRegistrationDto.builder()
+                .id(oAuth2ClientRegistration.getId())
+                .createdTime(oAuth2ClientRegistration.getCreatedTime())
+                .mapperConfig(oAuth2ClientRegistration.getMapperConfig())
+                .clientId(oAuth2ClientRegistration.getClientId())
+                .clientSecret(oAuth2ClientRegistration.getClientSecret())
+                .authorizationUri(oAuth2ClientRegistration.getAuthorizationUri())
+                .accessTokenUri(oAuth2ClientRegistration.getAccessTokenUri())
+                .scope(oAuth2ClientRegistration.getScope())
+                .userInfoUri(oAuth2ClientRegistration.getUserInfoUri())
+                .userNameAttributeName(oAuth2ClientRegistration.getUserNameAttributeName())
+                .jwkSetUri(oAuth2ClientRegistration.getJwkSetUri())
+                .clientAuthenticationMethod(oAuth2ClientRegistration.getClientAuthenticationMethod())
+                .loginButtonLabel(oAuth2ClientRegistration.getLoginButtonLabel())
+                .loginButtonIcon(oAuth2ClientRegistration.getLoginButtonIcon())
+                .build();
+    }
+
+    public static OAuth2ClientRegistration toClientRegistration(TenantId tenantId, String domainName, String redirectUriTemplate,
+                                                                 ClientRegistrationDto clientRegistrationDto) {
+        OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
+        clientRegistration.setId(clientRegistrationDto.getId());
+        clientRegistration.setTenantId(tenantId);
+        clientRegistration.setCreatedTime(clientRegistrationDto.getCreatedTime());
+        clientRegistration.setDomainName(domainName);
+        clientRegistration.setRedirectUriTemplate(redirectUriTemplate);
+        clientRegistration.setMapperConfig(clientRegistrationDto.getMapperConfig());
+        clientRegistration.setClientId(clientRegistrationDto.getClientId());
+        clientRegistration.setClientSecret(clientRegistrationDto.getClientSecret());
+        clientRegistration.setAuthorizationUri(clientRegistrationDto.getAuthorizationUri());
+        clientRegistration.setAccessTokenUri(clientRegistrationDto.getAccessTokenUri());
+        clientRegistration.setScope(clientRegistrationDto.getScope());
+        clientRegistration.setUserInfoUri(clientRegistrationDto.getUserInfoUri());
+        clientRegistration.setUserNameAttributeName(clientRegistrationDto.getUserNameAttributeName());
+        clientRegistration.setJwkSetUri(clientRegistrationDto.getJwkSetUri());
+        clientRegistration.setClientAuthenticationMethod(clientRegistrationDto.getClientAuthenticationMethod());
+        clientRegistration.setLoginButtonLabel(clientRegistrationDto.getLoginButtonLabel());
+        clientRegistration.setLoginButtonIcon(clientRegistrationDto.getLoginButtonIcon());
+        return clientRegistration;
+    }
 }

dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java

@@ -38,6 +38,7 @@ import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
+import static org.thingsboard.server.dao.oauth2.OAuth2Utils.toClientRegistrations;
 
 public class BaseOAuth2ServiceTest extends AbstractServiceTest {
 
@@ -90,9 +91,13 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
     @Test
     public void testCreateNewSystemParams() {
         OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
-        OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration);
+        OAuth2ClientsParams savedClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
+        Assert.assertNotNull(savedClientsParams);
 
-        Assert.assertNotNull(savedClientRegistration);
+        List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, savedClientsParams);
+        Assert.assertEquals(1, savedClientRegistrations.size());
+
+        OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
         Assert.assertNotNull(savedClientRegistration.getId());
         clientRegistration.setId(savedClientRegistration.getId());
         clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
@@ -102,12 +107,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
     @Test
     public void testFindSystemParamsByTenant() {
         OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
-        oAuth2Service.saveClientRegistration(clientRegistration);
+        oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
 
-        List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
+        OAuth2ClientsParams foundClientsParams = oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID);
-        Assert.assertEquals(1, clientRegistrationsByTenantId.size());
+        Assert.assertEquals(1, foundClientsParams.getOAuth2DomainDtos().size());
         Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
-        OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
+
+        List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, foundClientsParams);
+        OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
         Assert.assertNotNull(foundClientRegistration);
         clientRegistration.setId(foundClientRegistration.getId());
         clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
@@ -117,7 +124,13 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
     @Test
     public void testCreateNewTenantParams() {
         OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
-        OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration);
+        OAuth2ClientsParams savedClientsParams = oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
+        Assert.assertNotNull(savedClientsParams);
+
+        List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, savedClientsParams);
+        Assert.assertEquals(1, savedClientRegistrations.size());
+
+        OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
 
         Assert.assertNotNull(savedClientRegistration);
         Assert.assertNotNull(savedClientRegistration.getId());
@@ -129,12 +142,15 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
     @Test
     public void testFindTenantParams() {
         OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
-        oAuth2Service.saveClientRegistration(clientRegistration);
+        oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
 
-        List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(tenantId);
+        OAuth2ClientsParams foundClientsParams = oAuth2Service.findClientsParamsByTenantId(tenantId);
-        Assert.assertEquals(1, clientRegistrationsByTenantId.size());
+        Assert.assertEquals(1, foundClientsParams.getOAuth2DomainDtos().size());
         Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
-        OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
+
+        List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, foundClientsParams);
+        OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
+
         Assert.assertNotNull(foundClientRegistration);
         clientRegistration.setId(foundClientRegistration.getId());
         clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
@@ -146,18 +162,20 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
         OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
         OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
 
-        OAuth2ClientRegistration savedTenantClientRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration);
+        OAuth2ClientsParams savedTenantClientsParams = oAuth2Service.saveClientsParams(tenantId,
-        OAuth2ClientRegistration savedSysAdminClientRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
+                OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
+        OAuth2ClientsParams savedSysAdminClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID,
+                OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
 
         Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
 
-        Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(tenantId).get(0));
+        Assert.assertEquals(savedTenantClientsParams, oAuth2Service.findClientsParamsByTenantId(tenantId));
-        Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID).get(0));
+        Assert.assertEquals(savedSysAdminClientsParams, oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID));
 
-        Assert.assertEquals(savedTenantClientRegistration,
+        OAuth2ClientRegistration savedTenantClientRegistration = toClientRegistrations(tenantId, savedTenantClientsParams).get(0);
-                oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId()));
+        Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId()));
-        Assert.assertEquals(savedSysAdminClientRegistration,
+        OAuth2ClientRegistration savedSysAdminClientRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminClientsParams).get(0);
-                oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId()));
+        Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId()));
     }
 
     @Test
@@ -166,8 +184,8 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
         OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
         OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
 
-        oAuth2Service.saveClientRegistration(tenantClientRegistration);
+        oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
-        oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
+        oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
 
         List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName);
 
@@ -183,8 +201,8 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
         String testDomainName = "test_domain";
         OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
         OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
-        oAuth2Service.saveClientRegistration(tenantClientRegistration);
+        oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
-        oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
+        oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
         List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain");
         Assert.assertTrue(oAuth2Clients.isEmpty());
     }
@@ -193,8 +211,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
     public void testDeleteOAuth2ClientRegistration() {
         OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
         OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
-        OAuth2ClientRegistration savedTenantRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration);
+
-        OAuth2ClientRegistration savedSysAdminRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration);
+        OAuth2ClientsParams savedTenantClientsParams = oAuth2Service.saveClientsParams(tenantId,
+                OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
+        OAuth2ClientsParams savedSysAdminClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID,
+                OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
+
+        OAuth2ClientRegistration savedTenantRegistration = toClientRegistrations(tenantId, savedTenantClientsParams).get(0);
+        OAuth2ClientRegistration savedSysAdminRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminClientsParams).get(0);
 
         oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId());
         List<OAuth2ClientRegistration> foundRegistrations = oAuth2Service.findAllClientRegistrations();
@@ -204,29 +228,39 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
 
     @Test
     public void testDeleteTenantOAuth2ClientRegistrations() {
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId));
+        oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId));
+                validClientRegistration(tenantId, "domain"),
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId));
+                validClientRegistration(tenantId, "domain"),
+                validClientRegistration(tenantId, "domain")
+        )));
         Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size());
-        Assert.assertEquals(3, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
+        Assert.assertEquals(1, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
 
         oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
         Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size());
-        Assert.assertEquals(0, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
+        Assert.assertEquals(0, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
     }
 
     @Test
     public void testDeleteTenantDomainOAuth2ClientRegistrations() {
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain1"));
+        oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain1"));
+                validClientRegistration(tenantId, "domain1"),
-        oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain2"));
+                validClientRegistration(tenantId, "domain1"),
-        oAuth2Service.saveClientRegistration(validClientRegistration(TenantId.SYS_TENANT_ID, "domain2"));
+                validClientRegistration(tenantId, "domain2")
+        )));
+        oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
+                validClientRegistration(TenantId.SYS_TENANT_ID, "domain2")
+        )));
         Assert.assertEquals(4, oAuth2Service.findAllClientRegistrations().size());
-        Assert.assertEquals(3, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
+        OAuth2ClientsParams tenantClientsParams = oAuth2Service.findClientsParamsByTenantId(tenantId);
+        List<OAuth2ClientRegistration> tenantClientRegistrations = toClientRegistrations(tenantId, tenantClientsParams);
+        Assert.assertEquals(2, tenantClientsParams.getOAuth2DomainDtos().size());
+        Assert.assertEquals(3, tenantClientRegistrations.size());
 
         oAuth2Service.deleteClientRegistrationsByDomain(tenantId, "domain1");
         Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
-        Assert.assertEquals(1, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size());
+        Assert.assertEquals(1, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
+        Assert.assertEquals(1, toClientRegistrations(tenantId, oAuth2Service.findClientsParamsByTenantId(tenantId)).size());
     }
 
     private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException {