Dev

openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUser.java

@@ -0,0 +1,78 @@
+package org.mitre.openid.connect.model;
+
+
+import com.google.common.collect.Sets;
+import java.util.Collection;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+public class DefaultUser implements UserDetails {
+
+	private String username;
+	private String password;
+	private Collection<GrantedAuthority> authorities;
+	private Boolean enabled;
+
+	public DefaultUser() {
+		this.authorities = Sets.newConcurrentHashSet();
+		this.enabled = true;
+	}
+
+	@Override
+	public Collection<? extends GrantedAuthority> getAuthorities() {
+		return authorities;
+	}
+
+	public void setAuthorities(Collection<GrantedAuthority> authorities) {
+		this.authorities = authorities;
+	}
+
+	public void addAuthorities(GrantedAuthority authority) {
+		if (this.authorities == null) {
+			this.authorities = Sets.newConcurrentHashSet();
+		}
+		this.authorities.add(authority);
+	}
+
+	@Override
+	public String getPassword() {
+		return password;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	@Override
+	public String getUsername() {
+		return username;
+	}
+
+	public void setUsername(String username) {
+		this.username = username.toLowerCase();
+	}
+
+	@Override
+	public boolean isAccountNonExpired() {
+		return false;
+	}
+
+	@Override
+	public boolean isAccountNonLocked() {
+		return false;
+	}
+
+	@Override
+	public boolean isCredentialsNonExpired() {
+		return false;
+	}
+
+	@Override
+	public boolean isEnabled() {
+		return enabled;
+	}
+
+	public void setEnabled(boolean enabled) {
+		this.enabled = enabled;
+	}
+}

openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java

@@ -42,4 +42,5 @@ public interface UserInfoRepository {
 	 */
 	public UserInfo getByEmailAddress(String email);
 
+	UserInfo save(UserInfo userinfo);
 }

openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java

@@ -52,4 +52,5 @@ public interface UserInfoService {
 	 */
 	public UserInfo getByEmailAddress(String email);
 
+	UserInfo save(UserInfo userinfo);
 }

openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserService.java

@@ -0,0 +1,15 @@
+package org.mitre.openid.connect.service;
+
+
+import org.springframework.security.core.userdetails.UserDetails;
+
+public interface UserService {
+
+	UserDetails loadUserByUsername(String username);
+
+	void save(UserDetails user);
+
+	void deleteUser(String username);
+
+	void changePassword(String oldPassword, String newPassword);
+}

openid-connect-server-webapp/pom.xml

@@ -116,6 +116,10 @@
 			<groupId>org.hsqldb</groupId>
 			<artifactId>hsqldb</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>mysql</groupId>
+			<artifactId>mysql-connector-java</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.eclipse.persistence</groupId>
 			<artifactId>org.eclipse.persistence.jpa</artifactId>

openid-connect-server-webapp/src/main/resources/db/mysql/loading_temp_tables.sql

@@ -0,0 +1,75 @@
+--
+-- Temporary tables used during the bootstrapping process to safely load users and clients.
+-- These are not needed if you're not using the users.sql/clients.sql files to bootstrap the database.
+--
+
+CREATE TEMPORARY TABLE IF NOT EXISTS authorities_TEMP (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint ix_authority_TEMP unique (username,authority));
+
+CREATE TEMPORARY TABLE IF NOT EXISTS users_TEMP (
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS user_info_TEMP (
+	sub VARCHAR(256) not null primary key,
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_details_TEMP (
+	client_description VARCHAR(256),
+	dynamically_registered BOOLEAN,
+	id_token_validity_seconds BIGINT,
+
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	allow_introspection BOOLEAN,
+
+	client_name VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_scope_TEMP (
+	owner_id VARCHAR(256),
+	scope VARCHAR(2048)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_redirect_uri_TEMP (
+	owner_id VARCHAR(256),
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_grant_type_TEMP (
+	owner_id VARCHAR(256),
+	grant_type VARCHAR(2000)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
+	scope VARCHAR(256),
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN,
+	default_scope BOOLEAN,
+	structured BOOLEAN,
+	structured_param_description VARCHAR(256)
+);

openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-    Copyright 2017 The MITRE Corporation
+    Copyright 2016 The MITRE Corporation
       and the MIT Internet Trust Consortium
 
     Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,110 +18,29 @@
 <beans xmlns="http://www.springframework.org/schema/beans"
 	   xmlns:jdbc="http://www.springframework.org/schema/jdbc"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
-       						http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.3.xsd">
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
+       						http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.1.xsd">
 
-	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
-		<property name="driverClassName" value="org.hsqldb.jdbcDriver" />
-		<property name="jdbcUrl" value="jdbc:hsqldb:mem:oic;sql.syntax_mys=true" />
-<!-- 		<property name="jdbcUrl" value="jdbc:hsqldb:file:/tmp/oic;sql.syntax_mys=true" /> -->
-		<property name="username" value="oic" />
-		<property name="password" value="oic" />
-	</bean>
-
-	<!-- Use the following to set up the OIC tables in the in-memory DB
- 		   If you are using a file based HSQLDB you should not run this every time. -->
-	<jdbc:initialize-database data-source="dataSource">
-		<jdbc:script location="classpath:/db/hsql/hsql_database_tables.sql"/>
-		<!-- The following file is for the jdbc-user-service spring security implementation -->
-		<jdbc:script location="classpath:/db/hsql/security-schema.sql"/>
-		<!-- The following files are for safely bootstrapping users and clients into the database -->
-		<jdbc:script location="classpath:/db/hsql/loading_temp_tables.sql"/>
-		<jdbc:script location="classpath:/db/hsql/users.sql"/>
-		<jdbc:script location="classpath:/db/hsql/clients.sql"/>
-		<jdbc:script location="classpath:/db/hsql/scopes.sql"/>
-	</jdbc:initialize-database>
-
-	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
- 		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.HSQLPlatform" />
-		<property name="showSql" value="true" />
-	</bean>
-
-	<!--  The following is for connecting to a MySQL database that has been initialized with 
+	<!--  The following is for connecting to a MySQL database that has been initialized with
 			src/main/resources/db/mysql/mysql_database_tables.sql -->
-<!-- 	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close"> -->
-<!-- 		<property name="driverClassName" value="com.mysql.jdbc.Driver" /> -->
-<!-- 		<property name="jdbcUrl" value="jdbc:mysql://127.0.0.1:3306/oic" /> -->
-<!-- 		<property name="username" value="oic" /> -->
-<!-- 		<property name="password" value="oic" /> -->
-<!--  	</bean> -->
-
-<!-- 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter"> -->
-<!-- 		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" /> -->
-<!-- 		<property name="showSql" value="true" /> -->
-<!-- 	</bean> -->
-
-	<!-- You can optionally initialize the database with test values here, 
-		but this is not recommended for real systems -->
-<!-- 	<jdbc:initialize-database data-source="dataSource"> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/mysql_database_tables.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/security-schema.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/mysql/users.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/mysql/clients.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/mysql/scopes.sql"/> -->
-<!-- 	</jdbc:initialize-database> -->
-
-	<!--  The following is for connecting to a PostgreSQL database that has been initialized with
-			src/main/resources/db/psql/psql_database_tables.sql -->
-	<!--
 	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
-		<property name="driverClassName" value="org.postgresql.Driver" />
-		<property name="jdbcUrl" value="jdbc:postgresql://localhost/oic" />
+		<property name="driverClassName" value="com.mysql.jdbc.Driver" />
+		<property name="jdbcUrl" value="jdbc:mysql://localhost:3306/oic" />
 		<property name="username" value="oic" />
 		<property name="password" value="oic" />
 	</bean>
 
+	<!--<jdbc:initialize-database data-source="dataSource">-->
+		<!--<jdbc:script location="classpath:/db/mysql/mysql_database_tables.sql"/>-->
+		<!--<jdbc:script location="classpath:/db/mysql/security-schema.sql"/>-->
+		<!--<jdbc:script location="classpath:/db/mysql/loading_temp_tables.sql"/>-->
+		<!--<jdbc:script location="classpath:/db/mysql/users.sql"/>-->
+		<!--<jdbc:script location="classpath:/db/mysql/clients.sql"/>-->
+		<!--<jdbc:script location="classpath:/db/mysql/scopes.sql"/>-->
+	<!--</jdbc:initialize-database>-->
 
 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
-		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.PostgreSQLPlatform" />
+		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" />
 		<property name="showSql" value="true" />
 	</bean>
-	-->
-
-	<!-- You can optionally initialize the database with test values here, 
-		but this is not recommended for real systems -->
-<!-- 	<jdbc:initialize-database data-source="dataSource"> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/psql_database_tables.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/security-schema.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/loading_temp_tables.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/users.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/clients.sql"/> -->
-<!-- 		<jdbc:script location="classpath:/db/psql/scopes.sql"/> -->
-<!-- 	</jdbc:initialize-database> -->
-
-	<!--  The following is for connecting to a Oracle database that has been initialized with
-			src/main/resources/db/oracle/oracle_database_tables.sql -->
-	<!--<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
-		<property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />
-		<property name="jdbcUrl" value="jdbc:oracle:thin:@localhost:1521:XE" />
-		<property name="username" value="oic" />
-		<property name="password" value="oic" />
-	</bean>-->
-
-	<!--<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
-		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.OraclePlatform" />
-		<property name="showSql" value="true" />
-	</bean>-->
-
-	<!-- Use the following to set up the OIC tables in the Oracle DB
-		   Below scripts are intended to be run once at startup. -->
-	<!--<jdbc:initialize-database data-source="dataSource">
-		<jdbc:script location="classpath:/db/oracle/oracle_database_tables.sql"/>
-		<jdbc:script location="classpath:/db/oracle/security-schema_oracle.sql"/>
-		<jdbc:script location="classpath:/db/oracle/loading_temp_tables_oracle.sql"/>
-		<jdbc:script location="classpath:/db/oracle/users_oracle.sql"/>
-		<jdbc:script location="classpath:/db/oracle/clients_oracle.sql"/>
-		<jdbc:script location="classpath:/db/oracle/scopes_oracle.sql"/>
-	</jdbc:initialize-database>-->
-</beans>
+</beans>

openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java

@@ -16,14 +16,16 @@
  *******************************************************************************/
 package org.mitre.openid.connect.repository.impl;
 
-import javax.persistence.EntityManager;
-import javax.persistence.PersistenceContext;
-import javax.persistence.TypedQuery;
-
 import org.mitre.openid.connect.model.DefaultUserInfo;
 import org.mitre.openid.connect.model.UserInfo;
 import org.mitre.openid.connect.repository.UserInfoRepository;
+import org.mitre.util.jpa.JpaUtil;
 import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.TypedQuery;
 
 import static org.mitre.util.jpa.JpaUtil.getSingleResult;
 
@@ -62,4 +64,10 @@ public UserInfo getByEmailAddress(String email) {
 		return getSingleResult(query.getResultList());
 	}
 
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public UserInfo save(UserInfo userinfo) {
+		return JpaUtil.saveOrUpdate(userinfo.getPreferredUsername(), manager, userinfo);
+	}
+
 }

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoService.java

@@ -74,4 +74,9 @@ public UserInfo getByEmailAddress(String email) {
 		return userInfoRepository.getByEmailAddress(email);
 	}
 
+	@Override
+	public UserInfo save(UserInfo userinfo) {
+		return userInfoRepository.save(userinfo);
+	}
+
 }