dendi-wang/thingsboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Group ClientRegistrations by Domain

Browse Source
This commit is contained in:
vzikratyi 2020-09-16 16:42:39 +03:00
parent 14939c27e6
commit c3407bfddc
8 changed files with 295 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java
View File

@ -28,10 +28,7 @@ import org.thingsboard.server.common.data.id.DashboardId;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId;
import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo; import org.thingsboard.server.common.data.oauth2.*;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
import org.thingsboard.server.common.data.security.Authority; import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.dao.oauth2.OAuth2Service; import org.thingsboard.server.dao.oauth2.OAuth2Service;
import org.thingsboard.server.queue.util.TbCoreComponent; import org.thingsboard.server.queue.util.TbCoreComponent;
@ -40,6 +37,7 @@ import org.thingsboard.server.service.security.permission.Resource;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.util.List; import java.util.List;
import java.util.stream.Collectors;
@RestController @RestController
@TbCoreComponent @TbCoreComponent
@ -67,15 +65,13 @@ public class OAuth2Controller extends BaseController {
try { try {
Authority authority = getCurrentUser().getAuthority(); Authority authority = getCurrentUser().getAuthority();
checkOAuth2ConfigPermissions(Operation.READ); checkOAuth2ConfigPermissions(Operation.READ);
List<OAuth2ClientRegistration> clientRegistrations = null;
if (Authority.SYS_ADMIN.equals(authority)) { if (Authority.SYS_ADMIN.equals(authority)) {
clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID); return oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID);
} else if (Authority.TENANT_ADMIN.equals(authority)) { } else if (Authority.TENANT_ADMIN.equals(authority)) {
clientRegistrations = oAuth2Service.findClientRegistrationsByTenantId(getCurrentUser().getTenantId()); return oAuth2Service.findClientsParamsByTenantId(getCurrentUser().getTenantId());
} else { } else {
throw new IllegalStateException("Authority " + authority + " cannot get client registrations."); throw new IllegalStateException("Authority " + authority + " cannot get client registrations.");
} }
return new OAuth2ClientsParams(clientRegistrations);
} catch (Exception e) { } catch (Exception e) {
throw handleException(e); throw handleException(e);
} }
@ -84,11 +80,24 @@ public class OAuth2Controller extends BaseController {
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')") @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@RequestMapping(value = "/oauth2/config", method = RequestMethod.POST) @RequestMapping(value = "/oauth2/config", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK) @ResponseStatus(value = HttpStatus.OK)
public OAuth2ClientRegistration saveClientRegistration(@RequestBody OAuth2ClientRegistration clientRegistration) throws ThingsboardException { public OAuth2ClientsParams saveClientParams(@RequestBody OAuth2ClientsParams clientsParams) throws ThingsboardException {
try { try {
clientRegistration.setTenantId(getCurrentUser().getTenantId()); TenantId tenantId;
checkEntity(clientRegistration.getId(), clientRegistration, Resource.OAUTH2_CONFIGURATION); Authority authority = getCurrentUser().getAuthority();
return oAuth2Service.saveClientRegistration(clientRegistration); if (Authority.SYS_ADMIN.equals(authority)) {
tenantId = TenantId.SYS_TENANT_ID;
} else if (Authority.TENANT_ADMIN.equals(authority)) {
tenantId = getCurrentUser().getTenantId();
} else {
throw new IllegalStateException("Authority " + authority + " cannot save client registrations.");
}
List<ClientRegistrationDto> clientRegistrationDtos = clientsParams.getOAuth2DomainDtos().stream()
.flatMap(domainParams -> domainParams.getClientRegistrations().stream())
.collect(Collectors.toList());
for (ClientRegistrationDto clientRegistrationDto : clientRegistrationDtos) {
checkEntity(clientRegistrationDto.getId(), () -> tenantId, Resource.OAUTH2_CONFIGURATION);
}
return oAuth2Service.saveClientsParams(tenantId, clientsParams);
} catch (Exception e) { } catch (Exception e) {
throw handleException(e); throw handleException(e);
} }

5
common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java
View File

@ -19,6 +19,7 @@ import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo; import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration; import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
import java.util.List; import java.util.List;
import java.util.UUID; import java.util.UUID;
@ -26,9 +27,9 @@ import java.util.UUID;
public interface OAuth2Service { public interface OAuth2Service {
List<OAuth2ClientInfo> getOAuth2Clients(String domainName); List<OAuth2ClientInfo> getOAuth2Clients(String domainName);
OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration); OAuth2ClientsParams saveClientsParams(TenantId tenantId, OAuth2ClientsParams clientsParams);
List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId); OAuth2ClientsParams findClientsParamsByTenantId(TenantId tenantId);
OAuth2ClientRegistration findClientRegistration(UUID id); OAuth2ClientRegistration findClientRegistration(UUID id);

31
common/data/src/main/java/org/thingsboard/server/common/data/oauth2/ClientRegistrationDto.java Normal file
View File

@ -0,0 +1,31 @@
package org.thingsboard.server.common.data.oauth2;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.*;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
import org.thingsboard.server.common.data.id.TenantId;
import java.util.List;
@EqualsAndHashCode
@Data
@ToString(exclude = {"clientSecret"})
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class ClientRegistrationDto {
private OAuth2ClientRegistrationId id;
private long createdTime;
private OAuth2MapperConfig mapperConfig;
private String clientId;
private String clientSecret;
private String authorizationUri;
private String accessTokenUri;
private List<String> scope;
private String userInfoUri;
private String userNameAttributeName;
private String jwkSetUri;
private String clientAuthenticationMethod;
private String loginButtonLabel;
private String loginButtonIcon;
}

2
common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientsDomainParams.java
View File

@ -28,5 +28,5 @@ import java.util.List;
public class OAuth2ClientsDomainParams { public class OAuth2ClientsDomainParams {
private String domainName; private String domainName;
private String redirectUriTemplate; private String redirectUriTemplate;
private List<OAuth2ClientRegistration> clientRegistrations; private List<ClientRegistrationDto> clientRegistrations;
} }

5
common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientsParams.java
View File

@ -16,8 +16,11 @@
package org.thingsboard.server.common.data.oauth2; package org.thingsboard.server.common.data.oauth2;
import lombok.*; import lombok.*;
import org.thingsboard.server.common.data.id.TenantId;
import java.util.Collection;
import java.util.List; import java.util.List;
import java.util.Objects;
@EqualsAndHashCode @EqualsAndHashCode
@Data @Data
@ -26,5 +29,5 @@ import java.util.List;
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor @AllArgsConstructor
public class OAuth2ClientsParams { public class OAuth2ClientsParams {
private List<OAuth2ClientRegistration> clientRegistrations; private List<OAuth2ClientsDomainParams> oAuth2DomainDtos;
} }

184
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java
View File

@ -33,8 +33,9 @@ import org.thingsboard.server.dao.service.DataValidator;
import org.thingsboard.server.dao.tenant.TenantService; import org.thingsboard.server.dao.tenant.TenantService;
import javax.transaction.Transactional; import javax.transaction.Transactional;
import java.util.List; import java.util.*;
import java.util.UUID; import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION; import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
@ -64,17 +65,22 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
} }
@Override @Override
public OAuth2ClientRegistration saveClientRegistration(OAuth2ClientRegistration clientRegistration) { @Transactional
log.trace("Executing saveClientRegistration [{}]", clientRegistration); public OAuth2ClientsParams saveClientsParams(TenantId tenantId, OAuth2ClientsParams clientsParams) {
clientRegistrationValidator.validate(clientRegistration, OAuth2ClientRegistration::getTenantId); log.trace("Executing saveClientsParams [{}] [{}]", tenantId, clientsParams);
return clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration); clientParamsValidator.accept(tenantId, clientsParams);
List<OAuth2ClientRegistration> inputClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, clientsParams);
List<OAuth2ClientRegistration> savedClientRegistrations = inputClientRegistrations.stream()
.map(clientRegistration -> clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration))
.collect(Collectors.toList());
return OAuth2Utils.toOAuth2ClientsParams(savedClientRegistrations);
} }
@Override @Override
public List<OAuth2ClientRegistration> findClientRegistrationsByTenantId(TenantId tenantId) { public OAuth2ClientsParams findClientsParamsByTenantId(TenantId tenantId) {
log.trace("Executing findClientRegistrationsByTenantId [{}]", tenantId); log.trace("Executing findClientsParamsByTenantId [{}]", tenantId);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId); validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
return clientRegistrationDao.findByTenantId(tenantId.getId()); return OAuth2Utils.toOAuth2ClientsParams(clientRegistrationDao.findByTenantId(tenantId.getId()));
} }
@Override @Override
@ -129,92 +135,90 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
} }
} }
private final DataValidator<OAuth2ClientRegistration> clientRegistrationValidator = private final BiConsumer<TenantId, OAuth2ClientsParams> clientParamsValidator = (tenantId, clientsParams) -> {
new DataValidator<OAuth2ClientRegistration>() { if (clientsParams == null || clientsParams.getOAuth2DomainDtos() == null
|| clientsParams.getOAuth2DomainDtos().isEmpty()) {
@Override throw new DataValidationException("Domain params should be specified!");
protected void validateCreate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) { }
for (OAuth2ClientsDomainParams domainParams : clientsParams.getOAuth2DomainDtos()) {
if (StringUtils.isEmpty(domainParams.getDomainName())) {
throw new DataValidationException("Domain name should be specified!");
}
if (StringUtils.isEmpty(domainParams.getRedirectUriTemplate())) {
throw new DataValidationException("Redirect URI template should be specified!");
}
if (domainParams.getClientRegistrations() == null || domainParams.getClientRegistrations().isEmpty()) {
throw new DataValidationException("Client registrations should be specified!");
}
for (ClientRegistrationDto clientRegistration : domainParams.getClientRegistrations()) {
if (StringUtils.isEmpty(clientRegistration.getClientId())) {
throw new DataValidationException("Client ID should be specified!");
} }
if (StringUtils.isEmpty(clientRegistration.getClientSecret())) {
@Override throw new DataValidationException("Client secret should be specified!");
protected void validateUpdate(TenantId tenantId, OAuth2ClientRegistration clientRegistration) {
} }
if (StringUtils.isEmpty(clientRegistration.getAuthorizationUri())) {
@Override throw new DataValidationException("Authorization uri should be specified!");
protected void validateDataImpl(TenantId tenantId, OAuth2ClientRegistration clientRegistration) { }
if (StringUtils.isEmpty(clientRegistration.getDomainName())) { if (StringUtils.isEmpty(clientRegistration.getAccessTokenUri())) {
throw new DataValidationException("Domain name should be specified!"); throw new DataValidationException("Token uri should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getScope())) {
throw new DataValidationException("Scope should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getUserInfoUri())) {
throw new DataValidationException("User info uri should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getUserNameAttributeName())) {
throw new DataValidationException("User name attribute name should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getClientAuthenticationMethod())) {
throw new DataValidationException("Client authentication method should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getLoginButtonLabel())) {
throw new DataValidationException("Login button label should be specified!");
}
OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
if (mapperConfig == null) {
throw new DataValidationException("Mapper config should be specified!");
}
if (mapperConfig.getType() == null) {
throw new DataValidationException("Mapper config type should be specified!");
}
if (mapperConfig.getType() == MapperType.BASIC) {
OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasic();
if (basicConfig == null) {
throw new DataValidationException("Basic config should be specified!");
} }
if (StringUtils.isEmpty(clientRegistration.getRedirectUriTemplate())) { if (StringUtils.isEmpty(basicConfig.getEmailAttributeKey())) {
throw new DataValidationException("Redirect URI template should be specified!"); throw new DataValidationException("Email attribute key should be specified!");
} }
if (StringUtils.isEmpty(clientRegistration.getClientId())) { if (basicConfig.getTenantNameStrategy() == null) {
throw new DataValidationException("Client ID should be specified!"); throw new DataValidationException("Tenant name strategy should be specified!");
} }
if (StringUtils.isEmpty(clientRegistration.getClientSecret())) { if (basicConfig.getTenantNameStrategy() == TenantNameStrategyType.CUSTOM
throw new DataValidationException("Client secret should be specified!"); && StringUtils.isEmpty(basicConfig.getTenantNamePattern())) {
} throw new DataValidationException("Tenant name pattern should be specified!");
if (StringUtils.isEmpty(clientRegistration.getAuthorizationUri())) {
throw new DataValidationException("Authorization uri should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getAccessTokenUri())) {
throw new DataValidationException("Token uri should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getScope())) {
throw new DataValidationException("Scope should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getUserInfoUri())) {
throw new DataValidationException("User info uri should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getUserNameAttributeName())) {
throw new DataValidationException("User name attribute name should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getClientAuthenticationMethod())) {
throw new DataValidationException("Client authentication method should be specified!");
}
if (StringUtils.isEmpty(clientRegistration.getLoginButtonLabel())) {
throw new DataValidationException("Login button label should be specified!");
}
OAuth2MapperConfig mapperConfig = clientRegistration.getMapperConfig();
if (mapperConfig == null) {
throw new DataValidationException("Mapper config should be specified!");
}
if (mapperConfig.getType() == null) {
throw new DataValidationException("Mapper config type should be specified!");
}
if (mapperConfig.getType() == MapperType.BASIC) {
OAuth2BasicMapperConfig basicConfig = mapperConfig.getBasic();
if (basicConfig == null) {
throw new DataValidationException("Basic config should be specified!");
}
if (StringUtils.isEmpty(basicConfig.getEmailAttributeKey())) {
throw new DataValidationException("Email attribute key should be specified!");
}
if (basicConfig.getTenantNameStrategy() == null) {
throw new DataValidationException("Tenant name strategy should be specified!");
}
if (basicConfig.getTenantNameStrategy() == TenantNameStrategyType.CUSTOM
&& StringUtils.isEmpty(basicConfig.getTenantNamePattern())) {
throw new DataValidationException("Tenant name pattern should be specified!");
}
}
if (mapperConfig.getType() == MapperType.CUSTOM) {
OAuth2CustomMapperConfig customConfig = mapperConfig.getCustom();
if (customConfig == null) {
throw new DataValidationException("Custom config should be specified!");
}
if (StringUtils.isEmpty(customConfig.getUrl())) {
throw new DataValidationException("Custom mapper URL should be specified!");
}
}
if (clientRegistration.getTenantId() == null) {
throw new DataValidationException("Client registration should be assigned to tenant!");
} else if (!TenantId.SYS_TENANT_ID.equals(clientRegistration.getTenantId())) {
Tenant tenant = tenantService.findTenantById(clientRegistration.getTenantId());
if (tenant == null) {
throw new DataValidationException("Client registration is referencing to non-existent tenant!");
}
} }
} }
}; if (mapperConfig.getType() == MapperType.CUSTOM) {
OAuth2CustomMapperConfig customConfig = mapperConfig.getCustom();
if (customConfig == null) {
throw new DataValidationException("Custom config should be specified!");
}
if (StringUtils.isEmpty(customConfig.getUrl())) {
throw new DataValidationException("Custom mapper URL should be specified!");
}
}
}
}
if (tenantId == null) {
throw new DataValidationException("Client registration should be assigned to tenant!");
} else if (!TenantId.SYS_TENANT_ID.equals(tenantId)) {
Tenant tenant = tenantService.findTenantById(tenantId);
if (tenant == null) {
throw new DataValidationException("Client registration is referencing to non-existent tenant!");
}
}
};
} }

74
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java
View File

@ -16,10 +16,14 @@
package org.thingsboard.server.dao.oauth2; package org.thingsboard.server.dao.oauth2;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo; import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration; import org.thingsboard.server.common.data.oauth2.*;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream; import java.util.stream.Stream;
public class OAuth2Utils { public class OAuth2Utils {
@ -33,4 +37,68 @@ public class OAuth2Utils {
client.setIcon(clientRegistration.getLoginButtonIcon()); client.setIcon(clientRegistration.getLoginButtonIcon());
return client; return client;
} }
public static List<OAuth2ClientRegistration> toClientRegistrations(TenantId tenantId, OAuth2ClientsParams clientsParams) {
return clientsParams.getOAuth2DomainDtos().stream()
.flatMap(domainParams -> domainParams.getClientRegistrations().stream()
.map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(tenantId, domainParams.getDomainName(),
domainParams.getRedirectUriTemplate(), clientRegistrationDto)
))
.collect(Collectors.toList());
}
public static OAuth2ClientsParams toOAuth2ClientsParams(List<OAuth2ClientRegistration> clientRegistrations) {
Map<String, OAuth2ClientsDomainParams> domainParamsMap = new HashMap<>();
for (OAuth2ClientRegistration clientRegistration : clientRegistrations) {
String domainName = clientRegistration.getDomainName();
OAuth2ClientsDomainParams domainParams = domainParamsMap.computeIfAbsent(domainName,
key -> new OAuth2ClientsDomainParams(domainName, clientRegistration.getRedirectUriTemplate(), new ArrayList<>())
);
domainParams.getClientRegistrations()
.add(toClientRegistrationDto(clientRegistration));
}
return new OAuth2ClientsParams(new ArrayList<>(domainParamsMap.values()));
}
public static ClientRegistrationDto toClientRegistrationDto(OAuth2ClientRegistration oAuth2ClientRegistration) {
return ClientRegistrationDto.builder()
.id(oAuth2ClientRegistration.getId())
.createdTime(oAuth2ClientRegistration.getCreatedTime())
.mapperConfig(oAuth2ClientRegistration.getMapperConfig())
.clientId(oAuth2ClientRegistration.getClientId())
.clientSecret(oAuth2ClientRegistration.getClientSecret())
.authorizationUri(oAuth2ClientRegistration.getAuthorizationUri())
.accessTokenUri(oAuth2ClientRegistration.getAccessTokenUri())
.scope(oAuth2ClientRegistration.getScope())
.userInfoUri(oAuth2ClientRegistration.getUserInfoUri())
.userNameAttributeName(oAuth2ClientRegistration.getUserNameAttributeName())
.jwkSetUri(oAuth2ClientRegistration.getJwkSetUri())
.clientAuthenticationMethod(oAuth2ClientRegistration.getClientAuthenticationMethod())
.loginButtonLabel(oAuth2ClientRegistration.getLoginButtonLabel())
.loginButtonIcon(oAuth2ClientRegistration.getLoginButtonIcon())
.build();
}
public static OAuth2ClientRegistration toClientRegistration(TenantId tenantId, String domainName, String redirectUriTemplate,
ClientRegistrationDto clientRegistrationDto) {
OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
clientRegistration.setId(clientRegistrationDto.getId());
clientRegistration.setTenantId(tenantId);
clientRegistration.setCreatedTime(clientRegistrationDto.getCreatedTime());
clientRegistration.setDomainName(domainName);
clientRegistration.setRedirectUriTemplate(redirectUriTemplate);
clientRegistration.setMapperConfig(clientRegistrationDto.getMapperConfig());
clientRegistration.setClientId(clientRegistrationDto.getClientId());
clientRegistration.setClientSecret(clientRegistrationDto.getClientSecret());
clientRegistration.setAuthorizationUri(clientRegistrationDto.getAuthorizationUri());
clientRegistration.setAccessTokenUri(clientRegistrationDto.getAccessTokenUri());
clientRegistration.setScope(clientRegistrationDto.getScope());
clientRegistration.setUserInfoUri(clientRegistrationDto.getUserInfoUri());
clientRegistration.setUserNameAttributeName(clientRegistrationDto.getUserNameAttributeName());
clientRegistration.setJwkSetUri(clientRegistrationDto.getJwkSetUri());
clientRegistration.setClientAuthenticationMethod(clientRegistrationDto.getClientAuthenticationMethod());
clientRegistration.setLoginButtonLabel(clientRegistrationDto.getLoginButtonLabel());
clientRegistration.setLoginButtonIcon(clientRegistrationDto.getLoginButtonIcon());
return clientRegistration;
}
} }

106
dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java
View File

@ -38,6 +38,7 @@ import java.util.stream.Collectors;
import java.util.stream.Stream; import java.util.stream.Stream;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION; import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.toClientRegistrations;
public class BaseOAuth2ServiceTest extends AbstractServiceTest { public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@ -90,9 +91,13 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test @Test
public void testCreateNewSystemParams() { public void testCreateNewSystemParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration); OAuth2ClientsParams savedClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
Assert.assertNotNull(savedClientsParams);
Assert.assertNotNull(savedClientRegistration); List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, savedClientsParams);
Assert.assertEquals(1, savedClientRegistrations.size());
OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
Assert.assertNotNull(savedClientRegistration.getId()); Assert.assertNotNull(savedClientRegistration.getId());
clientRegistration.setId(savedClientRegistration.getId()); clientRegistration.setId(savedClientRegistration.getId());
clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime()); clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
@ -102,12 +107,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test @Test
public void testFindSystemParamsByTenant() { public void testFindSystemParamsByTenant() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
oAuth2Service.saveClientRegistration(clientRegistration); oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID); OAuth2ClientsParams foundClientsParams = oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID);
Assert.assertEquals(1, clientRegistrationsByTenantId.size()); Assert.assertEquals(1, foundClientsParams.getOAuth2DomainDtos().size());
Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, foundClientsParams);
OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
Assert.assertNotNull(foundClientRegistration); Assert.assertNotNull(foundClientRegistration);
clientRegistration.setId(foundClientRegistration.getId()); clientRegistration.setId(foundClientRegistration.getId());
clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime()); clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
@ -117,7 +124,13 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test @Test
public void testCreateNewTenantParams() { public void testCreateNewTenantParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId); OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
OAuth2ClientRegistration savedClientRegistration = oAuth2Service.saveClientRegistration(clientRegistration); OAuth2ClientsParams savedClientsParams = oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
Assert.assertNotNull(savedClientsParams);
List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, savedClientsParams);
Assert.assertEquals(1, savedClientRegistrations.size());
OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
Assert.assertNotNull(savedClientRegistration); Assert.assertNotNull(savedClientRegistration);
Assert.assertNotNull(savedClientRegistration.getId()); Assert.assertNotNull(savedClientRegistration.getId());
@ -129,12 +142,15 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test @Test
public void testFindTenantParams() { public void testFindTenantParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId); OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
oAuth2Service.saveClientRegistration(clientRegistration); oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(clientRegistration)));
List<OAuth2ClientRegistration> clientRegistrationsByTenantId = oAuth2Service.findClientRegistrationsByTenantId(tenantId); OAuth2ClientsParams foundClientsParams = oAuth2Service.findClientsParamsByTenantId(tenantId);
Assert.assertEquals(1, clientRegistrationsByTenantId.size()); Assert.assertEquals(1, foundClientsParams.getOAuth2DomainDtos().size());
Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
OAuth2ClientRegistration foundClientRegistration = clientRegistrationsByTenantId.get(0);
List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, foundClientsParams);
OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
Assert.assertNotNull(foundClientRegistration); Assert.assertNotNull(foundClientRegistration);
clientRegistration.setId(foundClientRegistration.getId()); clientRegistration.setId(foundClientRegistration.getId());
clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime()); clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
@ -146,18 +162,20 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId); OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
OAuth2ClientRegistration savedTenantClientRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration); OAuth2ClientsParams savedTenantClientsParams = oAuth2Service.saveClientsParams(tenantId,
OAuth2ClientRegistration savedSysAdminClientRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration); OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
OAuth2ClientsParams savedSysAdminClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID,
OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(tenantId).get(0)); Assert.assertEquals(savedTenantClientsParams, oAuth2Service.findClientsParamsByTenantId(tenantId));
Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID).get(0)); Assert.assertEquals(savedSysAdminClientsParams, oAuth2Service.findClientsParamsByTenantId(TenantId.SYS_TENANT_ID));
Assert.assertEquals(savedTenantClientRegistration, OAuth2ClientRegistration savedTenantClientRegistration = toClientRegistrations(tenantId, savedTenantClientsParams).get(0);
oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId())); Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId()));
Assert.assertEquals(savedSysAdminClientRegistration, OAuth2ClientRegistration savedSysAdminClientRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminClientsParams).get(0);
oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId())); Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId()));
} }
@Test @Test
@ -166,8 +184,8 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName); OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName); OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
oAuth2Service.saveClientRegistration(tenantClientRegistration); oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
oAuth2Service.saveClientRegistration(sysAdminClientRegistration); oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName); List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName);
@ -183,8 +201,8 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
String testDomainName = "test_domain"; String testDomainName = "test_domain";
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName); OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName); OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
oAuth2Service.saveClientRegistration(tenantClientRegistration); oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
oAuth2Service.saveClientRegistration(sysAdminClientRegistration); oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain"); List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain");
Assert.assertTrue(oAuth2Clients.isEmpty()); Assert.assertTrue(oAuth2Clients.isEmpty());
} }
@ -193,8 +211,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
public void testDeleteOAuth2ClientRegistration() { public void testDeleteOAuth2ClientRegistration() {
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId); OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
OAuth2ClientRegistration savedTenantRegistration = oAuth2Service.saveClientRegistration(tenantClientRegistration);
OAuth2ClientRegistration savedSysAdminRegistration = oAuth2Service.saveClientRegistration(sysAdminClientRegistration); OAuth2ClientsParams savedTenantClientsParams = oAuth2Service.saveClientsParams(tenantId,
OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(tenantClientRegistration)));
OAuth2ClientsParams savedSysAdminClientsParams = oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID,
OAuth2Utils.toOAuth2ClientsParams(Collections.singletonList(sysAdminClientRegistration)));
OAuth2ClientRegistration savedTenantRegistration = toClientRegistrations(tenantId, savedTenantClientsParams).get(0);
OAuth2ClientRegistration savedSysAdminRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminClientsParams).get(0);
oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId()); oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId());
List<OAuth2ClientRegistration> foundRegistrations = oAuth2Service.findAllClientRegistrations(); List<OAuth2ClientRegistration> foundRegistrations = oAuth2Service.findAllClientRegistrations();
@ -204,29 +228,39 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test @Test
public void testDeleteTenantOAuth2ClientRegistrations() { public void testDeleteTenantOAuth2ClientRegistrations() {
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId)); oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId)); validClientRegistration(tenantId, "domain"),
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId)); validClientRegistration(tenantId, "domain"),
validClientRegistration(tenantId, "domain")
)));
Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(3, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size()); Assert.assertEquals(1, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
oAuth2Service.deleteClientRegistrationsByTenantId(tenantId); oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(0, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size()); Assert.assertEquals(0, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
} }
@Test @Test
public void testDeleteTenantDomainOAuth2ClientRegistrations() { public void testDeleteTenantDomainOAuth2ClientRegistrations() {
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain1")); oAuth2Service.saveClientsParams(tenantId, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain1")); validClientRegistration(tenantId, "domain1"),
oAuth2Service.saveClientRegistration(validClientRegistration(tenantId, "domain2")); validClientRegistration(tenantId, "domain1"),
oAuth2Service.saveClientRegistration(validClientRegistration(TenantId.SYS_TENANT_ID, "domain2")); validClientRegistration(tenantId, "domain2")
)));
oAuth2Service.saveClientsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toOAuth2ClientsParams(Arrays.asList(
validClientRegistration(TenantId.SYS_TENANT_ID, "domain2")
)));
Assert.assertEquals(4, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(4, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(3, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size()); OAuth2ClientsParams tenantClientsParams = oAuth2Service.findClientsParamsByTenantId(tenantId);
List<OAuth2ClientRegistration> tenantClientRegistrations = toClientRegistrations(tenantId, tenantClientsParams);
Assert.assertEquals(2, tenantClientsParams.getOAuth2DomainDtos().size());
Assert.assertEquals(3, tenantClientRegistrations.size());
oAuth2Service.deleteClientRegistrationsByDomain(tenantId, "domain1"); oAuth2Service.deleteClientRegistrationsByDomain(tenantId, "domain1");
Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size()); Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(1, oAuth2Service.findClientRegistrationsByTenantId(tenantId).size()); Assert.assertEquals(1, oAuth2Service.findClientsParamsByTenantId(tenantId).getOAuth2DomainDtos().size());
Assert.assertEquals(1, toClientRegistrations(tenantId, oAuth2Service.findClientsParamsByTenantId(tenantId)).size());
} }
private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException { private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException {