tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Remove OAuth2Config functionality from Tenant

pull/3557/head
vzikratyi 6 years ago
parent
556cb5aa5d
commit
e778b3155a
28 changed files with 118 additions and 498 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      application/src/main/data/upgrade/3.1.1/schema_update.sql
  2. 43
      application/src/main/java/org/thingsboard/server/controller/BaseController.java
  3. 13
      application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java
  4. 66
      application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java
  5. 1
      application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java
  6. 14
      application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java
  7. 5
      application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java
  8. 5
      application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java
  9. 3
      application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java
  10. 2
      application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java
  11. 21
      application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java
  12. 37
      application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java
  13. 12
      common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java
  14. 4
      common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java
  15. 4
      common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java
  16. 7
      dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java
  17. 7
      dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationTemplateEntity.java
  18. 6
      dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ClientRegistrationDao.java
  19. 8
      dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java
  20. 74
      dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java
  21. 12
      dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java
  22. 16
      dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java
  23. 6
      dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/OAuth2ClientRegistrationRepository.java
  24. 1
      dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java
  25. 2
      dao/src/main/resources/sql/schema-entities-hsql.sql
  26. 2
      dao/src/main/resources/sql/schema-entities.sql
  27. 23
      dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java
  28. 220
      dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java

2
application/src/main/data/upgrade/3.1.1/schema_update.sql
View File

@ -20,7 +20,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
domain_name varchar(255),
client_id varchar(255),
client_secret varchar(255),
@ -57,7 +56,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
provider_id varchar(255),
authorization_uri varchar(255),
token_uri varchar(255),

43
application/src/main/java/org/thingsboard/server/controller/BaseController.java
View File

@ -27,19 +27,7 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.thingsboard.server.common.data.Customer;
import org.thingsboard.server.common.data.Dashboard;
import org.thingsboard.server.common.data.DashboardInfo;
import org.thingsboard.server.common.data.DataConstants;
import org.thingsboard.server.common.data.Device;
import org.thingsboard.server.common.data.DeviceInfo;
import org.thingsboard.server.common.data.EntityType;
import org.thingsboard.server.common.data.EntityView;
import org.thingsboard.server.common.data.EntityViewInfo;
import org.thingsboard.server.common.data.HasName;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.Tenant;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.*;
import org.thingsboard.server.common.data.alarm.Alarm;
import org.thingsboard.server.common.data.alarm.AlarmInfo;
import org.thingsboard.server.common.data.asset.Asset;
@ -50,8 +38,6 @@ import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.*;
import org.thingsboard.server.common.data.kv.AttributeKvEntry;
import org.thingsboard.server.common.data.kv.DataType;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.page.SortOrder;
import org.thingsboard.server.common.data.page.TimePageLink;
@ -388,10 +374,7 @@ public abstract class BaseController {
checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation);
return;
case OAUTH2_CLIENT_REGISTRATION:
checkOAuth2ClientRegistrationId(new OAuth2ClientRegistrationId(entityId.getId()), operation);
return;
case OAUTH2_CLIENT_REGISTRATION_TEMPLATE:
checkOAuth2ClientRegistrationTemplateId(new OAuth2ClientRegistrationTemplateId(entityId.getId()), operation);
return;
default:
throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType());
@ -545,30 +528,6 @@ public abstract class BaseController {
}
}
OAuth2ClientRegistration checkOAuth2ClientRegistrationId(OAuth2ClientRegistrationId clientRegistrationId, Operation operation) throws ThingsboardException {
try {
validateId(clientRegistrationId, "Incorrect oAuth2ClientRegistrationId " + clientRegistrationId);
OAuth2ClientRegistration clientRegistration = oAuth2Service.findClientRegistration(clientRegistrationId.getId());
checkNotNull(clientRegistration);
accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation, clientRegistrationId, clientRegistration);
return clientRegistration;
} catch (Exception e) {
throw handleException(e, false);
}
}
OAuth2ClientRegistrationTemplate checkOAuth2ClientRegistrationTemplateId(OAuth2ClientRegistrationTemplateId clientRegistrationTemplateId, Operation operation) throws ThingsboardException {
try {
validateId(clientRegistrationTemplateId, "Incorrect oAuth2ClientRegistrationTemplateId " + clientRegistrationTemplateId);
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = oAuth2ConfigTemplateService.findClientRegistrationTemplateById(clientRegistrationTemplateId);
checkNotNull(clientRegistrationTemplate);
accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, operation, clientRegistrationTemplateId, clientRegistrationTemplate);
return clientRegistrationTemplate;
} catch (Exception e) {
throw handleException(e, false);
}
}
ComponentDescriptor checkComponentDescriptorByClazz(String clazz) throws ThingsboardException {
try {
log.debug("[{}] Lookup component descriptor", clazz);

13
application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java
View File

@ -25,8 +25,6 @@ import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate;
import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.security.permission.Operation;
import org.thingsboard.server.service.security.permission.Resource;
import java.util.List;
@ -42,8 +40,6 @@ public class OAuth2ConfigTemplateController extends BaseController {
@ResponseStatus(value = HttpStatus.OK)
public OAuth2ClientRegistrationTemplate saveClientRegistrationTemplate(@RequestBody OAuth2ClientRegistrationTemplate clientRegistrationTemplate) throws ThingsboardException {
try {
clientRegistrationTemplate.setTenantId(getCurrentUser().getTenantId());
checkEntity(clientRegistrationTemplate.getId(), clientRegistrationTemplate, Resource.OAUTH2_CONFIGURATION_TEMPLATE);
return oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate);
} catch (Exception e) {
throw handleException(e);
@ -57,10 +53,10 @@ public class OAuth2ConfigTemplateController extends BaseController {
checkParameter(CLIENT_REGISTRATION_TEMPLATE_ID, strClientRegistrationTemplateId);
try {
OAuth2ClientRegistrationTemplateId clientRegistrationTemplateId = new OAuth2ClientRegistrationTemplateId(toUUID(strClientRegistrationTemplateId));
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = checkOAuth2ClientRegistrationTemplateId(clientRegistrationTemplateId, Operation.DELETE);
oAuth2ConfigTemplateService.deleteClientRegistrationTemplateById(clientRegistrationTemplateId);
logEntityAction(clientRegistrationTemplateId, clientRegistrationTemplate,
logEntityAction(clientRegistrationTemplateId,
null,
null,
ActionType.DELETED, null, strClientRegistrationTemplateId);
@ -80,14 +76,9 @@ public class OAuth2ConfigTemplateController extends BaseController {
@ResponseBody
public List<OAuth2ClientRegistrationTemplate> getClientRegistrationTemplates() throws ThingsboardException {
try {
checkOAuth2ConfigTemplatePermissions(Operation.READ);
return oAuth2ConfigTemplateService.findAllClientRegistrationTemplates();
} catch (Exception e) {
throw handleException(e);
}
}
private void checkOAuth2ConfigTemplatePermissions(Operation operation) throws ThingsboardException {
accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, operation);
}
}

66
application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java
View File

@ -23,16 +23,12 @@ import org.thingsboard.server.common.data.EntityType;
import org.thingsboard.server.common.data.audit.ActionType;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.*;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
import org.thingsboard.server.common.data.oauth2.OAuth2ClientsDomainParams;
import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.security.permission.Operation;
import org.thingsboard.server.service.security.permission.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.stream.Collectors;
@RestController
@TbCoreComponent
@ -52,62 +48,39 @@ public class OAuth2Controller extends BaseController {
}
}
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
@RequestMapping(value = "/oauth2/config", method = RequestMethod.GET, produces = "application/json")
@ResponseBody
public List<OAuth2ClientsDomainParams> getCurrentClientsParams() throws ThingsboardException {
try {
Authority authority = getCurrentUser().getAuthority();
checkOAuth2ConfigPermissions(Operation.READ);
if (Authority.SYS_ADMIN.equals(authority)) {
return oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID);
} else if (Authority.TENANT_ADMIN.equals(authority)) {
return oAuth2Service.findDomainsParamsByTenantId(getCurrentUser().getTenantId());
} else {
throw new IllegalStateException("Authority " + authority + " cannot get client registrations.");
}
return oAuth2Service.findDomainsParams();
} catch (Exception e) {
throw handleException(e);
}
}
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
@RequestMapping(value = "/oauth2/config", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public List<OAuth2ClientsDomainParams> saveClientParams(@RequestBody List<OAuth2ClientsDomainParams> domainsParams) throws ThingsboardException {
try {
TenantId tenantId;
Authority authority = getCurrentUser().getAuthority();
if (Authority.SYS_ADMIN.equals(authority)) {
tenantId = TenantId.SYS_TENANT_ID;
} else if (Authority.TENANT_ADMIN.equals(authority)) {
tenantId = getCurrentUser().getTenantId();
} else {
throw new IllegalStateException("Authority " + authority + " cannot save client registrations.");
}
List<ClientRegistrationDto> clientRegistrationDtos = domainsParams.stream()
.flatMap(domainParams -> domainParams.getClientRegistrations().stream())
.collect(Collectors.toList());
for (ClientRegistrationDto clientRegistrationDto : clientRegistrationDtos) {
checkEntity(clientRegistrationDto.getId(), () -> tenantId, Resource.OAUTH2_CONFIGURATION);
}
return oAuth2Service.saveDomainsParams(tenantId, domainsParams);
return oAuth2Service.saveDomainsParams(domainsParams);
} catch (Exception e) {
throw handleException(e);
}
}
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
@RequestMapping(value = "/oauth2/config/{clientRegistrationId}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.OK)
public void deleteClientRegistration(@PathVariable(CLIENT_REGISTRATION_ID) String strClientRegistrationId) throws ThingsboardException {
checkParameter(CLIENT_REGISTRATION_ID, strClientRegistrationId);
try {
OAuth2ClientRegistrationId clientRegistrationId = new OAuth2ClientRegistrationId(toUUID(strClientRegistrationId));
OAuth2ClientRegistration clientRegistration = checkOAuth2ClientRegistrationId(clientRegistrationId, Operation.DELETE);
oAuth2Service.deleteClientRegistrationById(getCurrentUser().getTenantId(), clientRegistrationId);
oAuth2Service.deleteClientRegistrationById(clientRegistrationId);
logEntityAction(clientRegistrationId, clientRegistration,
logEntityAction(clientRegistrationId,
null,
null,
ActionType.DELETED, null, strClientRegistrationId);
@ -123,13 +96,13 @@ public class OAuth2Controller extends BaseController {
}
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
@RequestMapping(value = "/oauth2/config/domain/{domain}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.OK)
public void deleteClientRegistrationForDomain(@PathVariable(DOMAIN) String domain) throws ThingsboardException {
checkParameter(DOMAIN, domain);
try {
oAuth2Service.deleteClientRegistrationsByDomain(getCurrentUser().getTenantId(), domain);
oAuth2Service.deleteClientRegistrationsByDomain(domain);
logEntityAction(emptyId(EntityType.OAUTH2_CLIENT_REGISTRATION), null,
null,
@ -144,19 +117,4 @@ public class OAuth2Controller extends BaseController {
throw handleException(e);
}
}
@PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
@RequestMapping(value = "/oauth2/config/isAllowed", method = RequestMethod.GET)
@ResponseBody
public Boolean isOAuth2ConfigurationAllowed() throws ThingsboardException {
try {
return oAuth2Service.isOAuth2ClientRegistrationAllowed(getTenantId());
} catch (Exception e) {
throw handleException(e);
}
}
private void checkOAuth2ConfigPermissions(Operation operation) throws ThingsboardException {
accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation);
}
}

1
application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java
View File

@ -224,7 +224,6 @@ public class InstallScripts {
try {
JsonNode oauth2ConfigTemplateJson = objectMapper.readTree(path.toFile());
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = objectMapper.treeToValue(oauth2ConfigTemplateJson, OAuth2ClientRegistrationTemplate.class);
clientRegistrationTemplate.setTenantId(TenantId.SYS_TENANT_ID);
oAuth2TemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate);
} catch (Exception e) {
log.error("Unable to load oauth2 config templates from json: [{}]", path.toString());

14
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java
View File

@ -17,7 +17,6 @@ package org.thingsboard.server.service.security.auth.oauth2;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.google.common.base.Strings;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@ -34,7 +33,6 @@ import org.thingsboard.server.common.data.id.IdBased;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.page.PageData;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.page.TimePageLink;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.common.data.security.UserCredentials;
import org.thingsboard.server.dao.customer.CustomerService;
@ -49,7 +47,6 @@ import org.thingsboard.server.service.security.model.UserPrincipal;
import java.io.IOException;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
@ -79,7 +76,7 @@ public abstract class AbstractOAuth2ClientMapper {
private final Lock userCreationLock = new ReentrantLock();
protected SecurityUser getOrCreateSecurityUserFromOAuth2User(TenantId parentTenantId, OAuth2User oauth2User, boolean allowUserCreation, boolean activateUser) {
protected SecurityUser getOrCreateSecurityUserFromOAuth2User(OAuth2User oauth2User, boolean allowUserCreation, boolean activateUser) {
UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, oauth2User.getEmail());
User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, oauth2User.getEmail());
@ -99,13 +96,8 @@ public abstract class AbstractOAuth2ClientMapper {
} else {
user.setAuthority(Authority.CUSTOMER_USER);
}
TenantId tenantId;
if (TenantId.SYS_TENANT_ID.equals(parentTenantId)) {
tenantId = oauth2User.getTenantId() != null ?
oauth2User.getTenantId() : getTenantId(oauth2User.getTenantName());
} else {
tenantId = parentTenantId;
}
TenantId tenantId = oauth2User.getTenantId() != null ?
oauth2User.getTenantId() : getTenantId(oauth2User.getTenantName());
user.setTenantId(tenantId);
CustomerId customerId = oauth2User.getCustomerId() != null ?
oauth2User.getCustomerId() : getCustomerId(user.getTenantId(), oauth2User.getCustomerName());

5
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java
View File

@ -20,7 +20,6 @@ import org.apache.commons.lang3.text.StrSubstitutor;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig;
import org.thingsboard.server.dao.oauth2.OAuth2User;
import org.thingsboard.server.service.security.model.SecurityUser;
@ -35,7 +34,7 @@ public class BasicOAuth2ClientMapper extends AbstractOAuth2ClientMapper implemen
private static final String END_PLACEHOLDER_PREFIX = "}";
@Override
public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config) {
public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config) {
OAuth2User oauth2User = new OAuth2User();
Map<String, Object> attributes = token.getPrincipal().getAttributes();
String email = getStringAttributeByKey(attributes, config.getBasic().getEmailAttributeKey());
@ -59,7 +58,7 @@ public class BasicOAuth2ClientMapper extends AbstractOAuth2ClientMapper implemen
oauth2User.setDefaultDashboardName(config.getBasic().getDefaultDashboardName());
}
return getOrCreateSecurityUserFromOAuth2User(parentTenantId, oauth2User, config.isAllowUserCreation(), config.isActivateUser());
return getOrCreateSecurityUserFromOAuth2User(oauth2User, config.isAllowUserCreation(), config.isActivateUser());
}
private String getTenantName(Map<String, Object> attributes, OAuth2MapperConfig config) {

5
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java
View File

@ -23,7 +23,6 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authentic
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2CustomMapperConfig;
import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig;
import org.thingsboard.server.dao.oauth2.OAuth2User;
@ -39,9 +38,9 @@ public class CustomOAuth2ClientMapper extends AbstractOAuth2ClientMapper impleme
private RestTemplateBuilder restTemplateBuilder = new RestTemplateBuilder();
@Override
public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config) {
public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config) {
OAuth2User oauth2User = getOAuth2User(token, providerAccessToken, config.getCustom());
return getOrCreateSecurityUserFromOAuth2User(parentTenantId, oauth2User, config.isAllowUserCreation(), config.isActivateUser());
return getOrCreateSecurityUserFromOAuth2User(oauth2User, config.isAllowUserCreation(), config.isActivateUser());
}
private synchronized OAuth2User getOAuth2User(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2CustomMapperConfig custom) {

3
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java
View File

@ -16,10 +16,9 @@
package org.thingsboard.server.service.security.auth.oauth2;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig;
import org.thingsboard.server.service.security.model.SecurityUser;
public interface OAuth2ClientMapper {
SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config);
SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config);
}

2
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java
View File

@ -74,7 +74,7 @@ public class Oauth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS
token.getPrincipal().getName());
OAuth2ClientMapper mapper = oauth2ClientMapperProvider.getOAuth2ClientMapperByType(clientRegistration.getMapperConfig().getType());
SecurityUser securityUser = mapper.getOrCreateUserByClientPrincipal(token, oAuth2AuthorizedClient.getAccessToken().getTokenValue(),
clientRegistration.getTenantId(), clientRegistration.getMapperConfig());
clientRegistration.getMapperConfig());
JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);

21
application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java
View File

@ -19,14 +19,10 @@ import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.EntityId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.id.UserId;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.service.security.model.SecurityUser;
import java.util.HashMap;
import java.util.Optional;
@Component(value="sysAdminPermissions")
public class SysAdminPermissions extends AbstractPermissions {
@ -39,7 +35,7 @@ public class SysAdminPermissions extends AbstractPermissions {
put(Resource.USER, userPermissionChecker);
put(Resource.WIDGETS_BUNDLE, systemEntityPermissionChecker);
put(Resource.WIDGET_TYPE, systemEntityPermissionChecker);
put(Resource.OAUTH2_CONFIGURATION, sysAdminOAuth2ConfigPermissionChecker);
put(Resource.OAUTH2_CONFIGURATION, PermissionChecker.allowAllPermissionChecker);
put(Resource.OAUTH2_CONFIGURATION_TEMPLATE, PermissionChecker.allowAllPermissionChecker);
}
@ -67,19 +63,4 @@ public class SysAdminPermissions extends AbstractPermissions {
};
private final PermissionChecker sysAdminOAuth2ConfigPermissionChecker = new PermissionChecker() {
@Override
public boolean hasPermission(SecurityUser user, Operation operation) {
return true;
}
@Override
public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) {
if (entity.getTenantId() != null && !entity.getTenantId().isNullUid()) {
return false;
}
return true;
}
};
}

37
application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java
View File

@ -15,25 +15,17 @@
*/
package org.thingsboard.server.service.security.permission;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.EntityId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.id.UserId;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.dao.oauth2.OAuth2Service;
import org.thingsboard.server.service.security.model.SecurityUser;
import java.util.HashMap;
@Component(value="tenantAdminPermissions")
public class TenantAdminPermissions extends AbstractPermissions {
@Autowired
private OAuth2Service oAuth2Service;
public TenantAdminPermissions() {
super();
put(Resource.ALARM, tenantEntityPermissionChecker);
@ -47,8 +39,6 @@ public class TenantAdminPermissions extends AbstractPermissions {
put(Resource.USER, userPermissionChecker);
put(Resource.WIDGETS_BUNDLE, widgetsPermissionChecker);
put(Resource.WIDGET_TYPE, widgetsPermissionChecker);
put(Resource.OAUTH2_CONFIGURATION, tenantOAuth2ConfigPermissionChecker);
put(Resource.OAUTH2_CONFIGURATION_TEMPLATE, tenantOAuth2ConfigTemplatePermissionChecker);
}
public static final PermissionChecker tenantEntityPermissionChecker = new PermissionChecker() {
@ -108,31 +98,4 @@ public class TenantAdminPermissions extends AbstractPermissions {
}
};
private final PermissionChecker tenantOAuth2ConfigPermissionChecker = new PermissionChecker() {
@Override
public boolean hasPermission(SecurityUser user, Operation operation) {
return oAuth2Service.isOAuth2ClientRegistrationAllowed(user.getTenantId());
}
@Override
public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) {
if (!user.getTenantId().equals(entity.getTenantId())) {
return false;
}
return hasPermission(user, operation);
}
};
private static final PermissionChecker tenantOAuth2ConfigTemplatePermissionChecker = new PermissionChecker() {
@Override
public boolean hasPermission(SecurityUser user, Operation operation) {
return operation == Operation.READ;
}
@Override
public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) {
return operation == Operation.READ;
}
};
}

12
common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java
View File

@ -27,19 +27,15 @@ import java.util.UUID;
public interface OAuth2Service {
List<OAuth2ClientInfo> getOAuth2Clients(String domainName);
List<OAuth2ClientsDomainParams> saveDomainsParams(TenantId tenantId, List<OAuth2ClientsDomainParams> domainsParams);
List<OAuth2ClientsDomainParams> saveDomainsParams(List<OAuth2ClientsDomainParams> domainsParams);
List<OAuth2ClientsDomainParams> findDomainsParamsByTenantId(TenantId tenantId);
List<OAuth2ClientsDomainParams> findDomainsParams();
OAuth2ClientRegistration findClientRegistration(UUID id);
List<OAuth2ClientRegistration> findAllClientRegistrations();
void deleteClientRegistrationsByTenantId(TenantId tenantId);
void deleteClientRegistrationById(OAuth2ClientRegistrationId id);
void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id);
void deleteClientRegistrationsByDomain(TenantId tenantId, String domain);
boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId);
void deleteClientRegistrationsByDomain(String domain);
}

4
common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java
View File

@ -32,9 +32,8 @@ import java.util.List;
@Data
@ToString(exclude = {"clientSecret"})
@NoArgsConstructor
public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo<OAuth2ClientRegistrationId> implements HasTenantId, HasName {
public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo<OAuth2ClientRegistrationId> implements HasName {
private TenantId tenantId;
private String domainName;
private String redirectUriTemplate;
private OAuth2MapperConfig mapperConfig;
@ -52,7 +51,6 @@ public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo<
public OAuth2ClientRegistration(OAuth2ClientRegistration clientRegistration) {
super(clientRegistration);
this.tenantId = clientRegistration.tenantId;
this.domainName = clientRegistration.domainName;
this.redirectUriTemplate = clientRegistration.redirectUriTemplate;
this.mapperConfig = clientRegistration.mapperConfig;

4
common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java
View File

@ -31,9 +31,8 @@ import java.util.List;
@Data
@ToString
@NoArgsConstructor
public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditionalInfo<OAuth2ClientRegistrationTemplateId> implements HasTenantId, HasName {
public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditionalInfo<OAuth2ClientRegistrationTemplateId> implements HasName {
private TenantId tenantId;
private String providerId;
private OAuth2BasicMapperConfig basic;
private String authorizationUri;
@ -50,7 +49,6 @@ public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditio
public OAuth2ClientRegistrationTemplate(OAuth2ClientRegistrationTemplate clientRegistrationTemplate) {
super(clientRegistrationTemplate);
this.tenantId = clientRegistrationTemplate.tenantId;
this.providerId = clientRegistrationTemplate.providerId;
this.basic = clientRegistrationTemplate.basic;
this.authorizationUri = clientRegistrationTemplate.authorizationUri;

7
dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java
View File

@ -38,9 +38,6 @@ import java.util.UUID;
@Table(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_COLUMN_FAMILY_NAME)
public class OAuth2ClientRegistrationEntity extends BaseSqlEntity<OAuth2ClientRegistration> {
@Column(name = ModelConstants.OAUTH2_TENANT_ID_PROPERTY, columnDefinition = "uuid")
private UUID tenantId;
@Column(name = ModelConstants.OAUTH2_DOMAIN_NAME_PROPERTY)
private String domainName;
@Column(name = ModelConstants.OAUTH2_CLIENT_ID_PROPERTY)
@ -112,9 +109,6 @@ public class OAuth2ClientRegistrationEntity extends BaseSqlEntity<OAuth2ClientRe
if (clientRegistration.getId() != null) {
this.setUuid(clientRegistration.getId().getId());
}
if (clientRegistration.getTenantId() != null) {
this.tenantId = clientRegistration.getTenantId().getId();
}
this.domainName = clientRegistration.getDomainName();
this.createdTime = clientRegistration.getCreatedTime();
this.clientId = clientRegistration.getClientId();
@ -160,7 +154,6 @@ public class OAuth2ClientRegistrationEntity extends BaseSqlEntity<OAuth2ClientRe
public OAuth2ClientRegistration toData() {
OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
clientRegistration.setId(new OAuth2ClientRegistrationId(id));
clientRegistration.setTenantId(new TenantId(tenantId));
clientRegistration.setCreatedTime(createdTime);
clientRegistration.setDomainName(domainName);
clientRegistration.setAdditionalInfo(additionalInfo);

7
dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationTemplateEntity.java
View File

@ -39,9 +39,6 @@ import java.util.UUID;
@Table(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_TEMPLATE_COLUMN_FAMILY_NAME)
public class OAuth2ClientRegistrationTemplateEntity extends BaseSqlEntity<OAuth2ClientRegistrationTemplate> {
@Column(name = ModelConstants.OAUTH2_TENANT_ID_PROPERTY, columnDefinition = "uuid")
private UUID tenantId;
@Column(name = ModelConstants.OAUTH2_TEMPLATE_PROVIDER_ID_PROPERTY)
private String providerId;
@Column(name = ModelConstants.OAUTH2_AUTHORIZATION_URI_PROPERTY)
@ -95,9 +92,6 @@ public class OAuth2ClientRegistrationTemplateEntity extends BaseSqlEntity<OAuth2
if (clientRegistrationTemplate.getId() != null) {
this.setUuid(clientRegistrationTemplate.getId().getId());
}
if (clientRegistrationTemplate.getTenantId() != null) {
this.tenantId = clientRegistrationTemplate.getTenantId().getId();
}
this.createdTime = clientRegistrationTemplate.getCreatedTime();
this.providerId = clientRegistrationTemplate.getProviderId();
this.authorizationUri = clientRegistrationTemplate.getAuthorizationUri();
@ -129,7 +123,6 @@ public class OAuth2ClientRegistrationTemplateEntity extends BaseSqlEntity<OAuth2
public OAuth2ClientRegistrationTemplate toData() {
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = new OAuth2ClientRegistrationTemplate();
clientRegistrationTemplate.setId(new OAuth2ClientRegistrationTemplateId(id));
clientRegistrationTemplate.setTenantId(new TenantId(tenantId));
clientRegistrationTemplate.setCreatedTime(createdTime);
clientRegistrationTemplate.setAdditionalInfo(additionalInfo);

6
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ClientRegistrationDao.java
View File

@ -24,11 +24,7 @@ import java.util.UUID;
public interface OAuth2ClientRegistrationDao extends Dao<OAuth2ClientRegistration> {
List<OAuth2ClientRegistration> findAll();
List<OAuth2ClientRegistration> findByTenantId(UUID tenantId);
List<OAuth2ClientRegistration> findByDomainName(String domainName);
int removeByTenantIdAndDomainName(UUID tenantId, String domainName);
int removeByTenantId(UUID tenantId);
int removeByDomainName(String domainName);
}

8
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java
View File

@ -44,10 +44,10 @@ public class OAuth2ConfigTemplateServiceImpl extends AbstractEntityService imple
@Override
public OAuth2ClientRegistrationTemplate saveClientRegistrationTemplate(OAuth2ClientRegistrationTemplate clientRegistrationTemplate) {
log.trace("Executing saveClientRegistrationTemplate [{}]", clientRegistrationTemplate);
clientRegistrationTemplateValidator.validate(clientRegistrationTemplate, OAuth2ClientRegistrationTemplate::getTenantId);
clientRegistrationTemplateValidator.validate(clientRegistrationTemplate, o -> TenantId.SYS_TENANT_ID);
OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate;
try {
savedClientRegistrationTemplate = clientRegistrationTemplateDao.save(clientRegistrationTemplate.getTenantId(), clientRegistrationTemplate);
savedClientRegistrationTemplate = clientRegistrationTemplateDao.save(TenantId.SYS_TENANT_ID, clientRegistrationTemplate);
} catch (Exception t) {
ConstraintViolationException e = extractConstraintViolationException(t).orElse(null);
if (e != null && e.getConstraintName() != null && e.getConstraintName().equalsIgnoreCase("oauth2_template_provider_id_unq_key")) {
@ -98,10 +98,6 @@ public class OAuth2ConfigTemplateServiceImpl extends AbstractEntityService imple
if (clientRegistrationTemplate.getBasic() == null) {
throw new DataValidationException("Basic mapper config should be specified!");
}
if (clientRegistrationTemplate.getTenantId() == null
|| !TenantId.SYS_TENANT_ID.equals(clientRegistrationTemplate.getTenantId())) {
throw new DataValidationException("Client registration template should be assigned to system admin!");
}
}
};
}

74
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java
View File

@ -15,30 +15,22 @@
*/
package org.thingsboard.server.dao.oauth2;
import com.fasterxml.jackson.databind.JsonNode;
import lombok.extern.slf4j.Slf4j;
import org.hibernate.exception.ConstraintViolationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import org.thingsboard.server.common.data.Tenant;
import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.*;
import org.thingsboard.server.dao.entity.AbstractEntityService;
import org.thingsboard.server.dao.exception.DataValidationException;
import org.thingsboard.server.dao.service.DataValidator;
import org.thingsboard.server.dao.tenant.TenantService;
import javax.transaction.Transactional;
import java.util.*;
import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.stream.Collectors;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
import static org.thingsboard.server.dao.service.Validator.validateId;
import static org.thingsboard.server.dao.service.Validator.validateString;
@ -49,9 +41,6 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
public static final String INCORRECT_CLIENT_REGISTRATION_ID = "Incorrect clientRegistrationId ";
public static final String INCORRECT_DOMAIN_NAME = "Incorrect domainName ";
@Autowired
private TenantService tenantService;
@Autowired
private OAuth2ClientRegistrationDao clientRegistrationDao;
@ -66,21 +55,20 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
@Override
@Transactional
public List<OAuth2ClientsDomainParams> saveDomainsParams(TenantId tenantId, List<OAuth2ClientsDomainParams> domainsParams) {
log.trace("Executing saveDomainsParams [{}] [{}]", tenantId, domainsParams);
clientParamsValidator.accept(tenantId, domainsParams);
List<OAuth2ClientRegistration> inputClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, domainsParams);
public List<OAuth2ClientsDomainParams> saveDomainsParams(List<OAuth2ClientsDomainParams> domainsParams) {
log.trace("Executing saveDomainsParams [{}]", domainsParams);
clientParamsValidator.accept(domainsParams);
List<OAuth2ClientRegistration> inputClientRegistrations = OAuth2Utils.toClientRegistrations(domainsParams);
List<OAuth2ClientRegistration> savedClientRegistrations = inputClientRegistrations.stream()
.map(clientRegistration -> clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration))
.map(clientRegistration -> clientRegistrationDao.save(TenantId.SYS_TENANT_ID, clientRegistration))
.collect(Collectors.toList());
return OAuth2Utils.toDomainsParams(savedClientRegistrations);
}
@Override
public List<OAuth2ClientsDomainParams> findDomainsParamsByTenantId(TenantId tenantId) {
log.trace("Executing findDomainsParamsByTenantId [{}]", tenantId);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
return OAuth2Utils.toDomainsParams(clientRegistrationDao.findByTenantId(tenantId.getId()));
public List<OAuth2ClientsDomainParams> findDomainsParams() {
log.trace("Executing findDomainsParams");
return OAuth2Utils.toDomainsParams(clientRegistrationDao.findAll());
}
@Override
@ -97,45 +85,21 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
}
@Override
@Transactional
public void deleteClientRegistrationsByTenantId(TenantId tenantId) {
log.trace("Executing deleteClientRegistrationsByTenantId [{}]", tenantId);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
clientRegistrationDao.removeByTenantId(tenantId.getId());
}
@Override
public void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id) {
log.trace("Executing deleteClientRegistrationById [{}], [{}]", tenantId, id);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
public void deleteClientRegistrationById(OAuth2ClientRegistrationId id) {
log.trace("Executing deleteClientRegistrationById [{}]", id);
validateId(id, INCORRECT_CLIENT_REGISTRATION_ID + id);
clientRegistrationDao.removeById(tenantId, id.getId());
clientRegistrationDao.removeById(TenantId.SYS_TENANT_ID, id.getId());
}
@Override
@Transactional
public void deleteClientRegistrationsByDomain(TenantId tenantId, String domain) {
log.trace("Executing deleteClientRegistrationsByDomain [{}], [{}]", tenantId, domain);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
public void deleteClientRegistrationsByDomain(String domain) {
log.trace("Executing deleteClientRegistrationsByDomain [{}]", domain);
validateString(domain, INCORRECT_DOMAIN_NAME + domain);
clientRegistrationDao.removeByTenantIdAndDomainName(tenantId.getId(), domain);
clientRegistrationDao.removeByDomainName(domain);
}
@Override
public boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId) {
log.trace("Executing isOAuth2ClientRegistrationAllowed [{}]", tenantId);
validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
Tenant tenant = tenantService.findTenantById(tenantId);
if (tenant == null) return false;
JsonNode allowOAuth2ConfigurationJsonNode = tenant.getAdditionalInfo() != null ? tenant.getAdditionalInfo().get(ALLOW_OAUTH2_CONFIGURATION) : null;
if (allowOAuth2ConfigurationJsonNode == null) {
return false;
} else {
return allowOAuth2ConfigurationJsonNode.asBoolean();
}
}
private final BiConsumer<TenantId, List<OAuth2ClientsDomainParams>> clientParamsValidator = (tenantId, domainsParams) -> {
private final Consumer<List<OAuth2ClientsDomainParams>> clientParamsValidator = domainsParams -> {
if (domainsParams == null || domainsParams.isEmpty()) {
throw new DataValidationException("Domain params should be specified!");
}
@ -211,13 +175,5 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se
}
}
}
if (tenantId == null) {
throw new DataValidationException("Client registration should be assigned to tenant!");
} else if (!TenantId.SYS_TENANT_ID.equals(tenantId)) {
Tenant tenant = tenantService.findTenantById(tenantId);
if (tenant == null) {
throw new DataValidationException("Client registration is referencing to non-existent tenant!");
}
}
};
}

12
dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java
View File

@ -15,8 +15,6 @@
*/
package org.thingsboard.server.dao.oauth2;
import org.springframework.util.StringUtils;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.*;
import java.util.ArrayList;
@ -24,7 +22,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
public class OAuth2Utils {
public static final String ALLOW_OAUTH2_CONFIGURATION = "allowOAuth2Configuration";
@ -38,10 +35,10 @@ public class OAuth2Utils {
return client;
}
public static List<OAuth2ClientRegistration> toClientRegistrations(TenantId tenantId, List<OAuth2ClientsDomainParams> domainsParams) {
public static List<OAuth2ClientRegistration> toClientRegistrations(List<OAuth2ClientsDomainParams> domainsParams) {
return domainsParams.stream()
.flatMap(domainParams -> domainParams.getClientRegistrations().stream()
.map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(tenantId, domainParams.getDomainName(),
.map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(domainParams.getDomainName(),
domainParams.getRedirectUriTemplate(), clientRegistrationDto)
))
.collect(Collectors.toList());
@ -80,11 +77,10 @@ public class OAuth2Utils {
.build();
}
public static OAuth2ClientRegistration toClientRegistration(TenantId tenantId, String domainName, String redirectUriTemplate,
ClientRegistrationDto clientRegistrationDto) {
public static OAuth2ClientRegistration toClientRegistration(String domainName, String redirectUriTemplate,
ClientRegistrationDto clientRegistrationDto) {
OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
clientRegistration.setId(clientRegistrationDto.getId());
clientRegistration.setTenantId(tenantId);
clientRegistration.setCreatedTime(clientRegistrationDto.getCreatedTime());
clientRegistration.setDomainName(domainName);
clientRegistration.setRedirectUriTemplate(redirectUriTemplate);

16
dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java
View File

@ -26,7 +26,6 @@ import org.thingsboard.server.dao.sql.JpaAbstractDao;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
@ -55,12 +54,6 @@ public class JpaOAuth2ClientRegistrationDao extends JpaAbstractDao<OAuth2ClientR
return result;
}
@Override
public List<OAuth2ClientRegistration> findByTenantId(UUID tenantId) {
List<OAuth2ClientRegistrationEntity> entities = repository.findAllByTenantId(tenantId);
return entities.stream().map(DaoUtil::getData).collect(Collectors.toList());
}
@Override
public List<OAuth2ClientRegistration> findByDomainName(String domainName) {
List<OAuth2ClientRegistrationEntity> entities = repository.findAllByDomainName(domainName);
@ -68,12 +61,7 @@ public class JpaOAuth2ClientRegistrationDao extends JpaAbstractDao<OAuth2ClientR
}
@Override
public int removeByTenantIdAndDomainName(UUID tenantId, String domainName) {
return repository.deleteByTenantIdAndDomainName(tenantId, domainName);
}
@Override
public int removeByTenantId(UUID tenantId) {
return repository.deleteByTenantId(tenantId);
public int removeByDomainName(String domainName) {
return repository.deleteByDomainName(domainName);
}
}

6
dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/OAuth2ClientRegistrationRepository.java
View File

@ -22,11 +22,7 @@ import java.util.List;
import java.util.UUID;
public interface OAuth2ClientRegistrationRepository extends CrudRepository<OAuth2ClientRegistrationEntity, UUID> {
List<OAuth2ClientRegistrationEntity> findAllByTenantId(UUID tenantId);
List<OAuth2ClientRegistrationEntity> findAllByDomainName(String domainName);
int deleteByTenantIdAndDomainName(UUID tenantId, String domainName);
int deleteByTenantId(UUID tenantId);
int deleteByDomainName(String domainName);
}

1
dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java
View File

@ -105,7 +105,6 @@ public class TenantServiceImpl extends AbstractEntityService implements TenantSe
public void deleteTenant(TenantId tenantId) {
log.trace("Executing deleteTenant [{}]", tenantId);
Validator.validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
customerService.deleteCustomersByTenantId(tenantId);
widgetsBundleService.deleteWidgetsBundlesByTenantId(tenantId);
dashboardService.deleteDashboardsByTenantId(tenantId);

2
dao/src/main/resources/sql/schema-entities-hsql.sql
View File

@ -295,7 +295,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
domain_name varchar(255),
client_id varchar(255),
client_secret varchar(255),
@ -330,7 +329,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
provider_id varchar(255),
authorization_uri varchar(255),
token_uri varchar(255),

2
dao/src/main/resources/sql/schema-entities.sql
View File

@ -320,7 +320,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
domain_name varchar(255),
client_id varchar(255),
client_secret varchar(255),
@ -355,7 +354,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template (
id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY,
created_time bigint NOT NULL,
additional_info varchar,
tenant_id uuid,
provider_id varchar(255),
authorization_uri varchar(255),
token_uri varchar(255),

23
dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java
View File

@ -34,8 +34,6 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest {
@Autowired
protected OAuth2ConfigTemplateService oAuth2ConfigTemplateService;
private TenantId tenantId;
@Before
public void beforeRun() throws Exception {
Assert.assertTrue(oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().isEmpty());
@ -53,15 +51,15 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest {
@Test(expected = DataValidationException.class)
public void testSaveDuplicateProviderId() {
OAuth2ClientRegistrationTemplate first = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, "providerId");
OAuth2ClientRegistrationTemplate second = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, "providerId");
OAuth2ClientRegistrationTemplate first = validClientRegistrationTemplate("providerId");
OAuth2ClientRegistrationTemplate second = validClientRegistrationTemplate("providerId");
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(first);
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(second);
}
@Test
public void testCreateNewTemplate() {
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString());
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(UUID.randomUUID().toString());
OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate);
Assert.assertNotNull(savedClientRegistrationTemplate);
@ -73,7 +71,7 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest {
@Test
public void testFindTemplate() {
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString());
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(UUID.randomUUID().toString());
OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate);
OAuth2ClientRegistrationTemplate foundClientRegistrationTemplate = oAuth2ConfigTemplateService.findClientRegistrationTemplateById(savedClientRegistrationTemplate.getId());
@ -82,17 +80,17 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest {
@Test
public void testFindAll() {
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString()));
Assert.assertEquals(2, oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().size());
}
@Test
public void testDeleteTemplate() {
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()));
OAuth2ClientRegistrationTemplate saved = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString()));
oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString()));
OAuth2ClientRegistrationTemplate saved = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString()));
Assert.assertEquals(3, oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().size());
Assert.assertNotNull(oAuth2ConfigTemplateService.findClientRegistrationTemplateById(saved.getId()));
@ -103,10 +101,9 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest {
Assert.assertNull(oAuth2ConfigTemplateService.findClientRegistrationTemplateById(saved.getId()));
}
private OAuth2ClientRegistrationTemplate validClientRegistrationTemplate(TenantId tenantId, String providerId) {
private OAuth2ClientRegistrationTemplate validClientRegistrationTemplate(String providerId) {
OAuth2ClientRegistrationTemplate clientRegistrationTemplate = new OAuth2ClientRegistrationTemplate();
clientRegistrationTemplate.setProviderId(providerId);
clientRegistrationTemplate.setTenantId(tenantId);
clientRegistrationTemplate.setAdditionalInfo(mapper.createObjectNode().put(UUID.randomUUID().toString(), UUID.randomUUID().toString()));
clientRegistrationTemplate.setBasic(
OAuth2BasicMapperConfig.builder()

220
dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java
View File

@ -20,18 +20,14 @@ import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.thingsboard.server.common.data.Tenant;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.*;
import org.thingsboard.server.dao.attributes.AttributesService;
import org.thingsboard.server.dao.oauth2.OAuth2Service;
import org.thingsboard.server.dao.oauth2.OAuth2Utils;
import java.io.IOException;
import java.util.*;
import java.util.stream.Collectors;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION;
import static org.thingsboard.server.dao.oauth2.OAuth2Utils.toClientRegistrations;
public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@ -39,56 +35,26 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Autowired
protected OAuth2Service oAuth2Service;
@Autowired
protected AttributesService attributesService;
private TenantId tenantId;
@Before
public void beforeRun() throws Exception {
Tenant tenant = new Tenant();
tenant.setTitle("My tenant");
Tenant savedTenant = tenantService.saveTenant(tenant);
Assert.assertNotNull(savedTenant);
tenantId = savedTenant.getId();
public void beforeRun() {
Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty());
}
@After
public void after() throws Exception {
tenantService.deleteTenant(tenantId);
oAuth2Service.deleteClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID);
public void after() {
oAuth2Service.findAllClientRegistrations().forEach(clientRegistration -> {
oAuth2Service.deleteClientRegistrationById(clientRegistration.getId());
});
Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty());
}
@Test
public void testIsOAuth2Allowed_null() throws IOException {
updateTenantAllowOAuth2Setting(null);
Assert.assertFalse(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId));
}
@Test
public void testIsOAuth2Allowed_false() throws IOException {
updateTenantAllowOAuth2Setting(false);
Assert.assertFalse(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId));
}
@Test
public void testIsOAuth2Allowed_true() throws IOException {
updateTenantAllowOAuth2Setting(true);
Assert.assertTrue(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId));
}
@Test
public void testCreateNewSystemParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
List<OAuth2ClientsDomainParams> savedDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
public void testCreateNewParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration("domain-name");
List<OAuth2ClientsDomainParams> savedDomainsParams = oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
Assert.assertNotNull(savedDomainsParams);
List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, savedDomainsParams);
List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(savedDomainsParams);
Assert.assertEquals(1, savedClientRegistrations.size());
OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
@ -96,95 +62,40 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
clientRegistration.setId(savedClientRegistration.getId());
clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
Assert.assertEquals(clientRegistration, savedClientRegistration);
}
@Test
public void testFindSystemParamsByTenant() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
List<OAuth2ClientsDomainParams> foundDomainsParams = oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID);
Assert.assertEquals(1, foundDomainsParams.size());
Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, foundDomainsParams);
OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
Assert.assertNotNull(foundClientRegistration);
clientRegistration.setId(foundClientRegistration.getId());
clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
Assert.assertEquals(clientRegistration, foundClientRegistration);
oAuth2Service.deleteClientRegistrationsByDomain("domain-name");
}
@Test
public void testCreateNewTenantParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
List<OAuth2ClientsDomainParams> savedDomainsParams = oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
Assert.assertNotNull(savedDomainsParams);
public void testFindDomainParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration();
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
List<OAuth2ClientRegistration> savedClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, savedDomainsParams);
Assert.assertEquals(1, savedClientRegistrations.size());
OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0);
Assert.assertNotNull(savedClientRegistration);
Assert.assertNotNull(savedClientRegistration.getId());
clientRegistration.setId(savedClientRegistration.getId());
clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime());
Assert.assertEquals(clientRegistration, savedClientRegistration);
}
@Test
public void testFindTenantParams() {
OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId);
oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration)));
List<OAuth2ClientsDomainParams> foundDomainsParams = oAuth2Service.findDomainsParamsByTenantId(tenantId);
List<OAuth2ClientsDomainParams> foundDomainsParams = oAuth2Service.findDomainsParams();
Assert.assertEquals(1, foundDomainsParams.size());
Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size());
List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, foundDomainsParams);
List<OAuth2ClientRegistration> foundClientRegistrations = OAuth2Utils.toClientRegistrations(foundDomainsParams);
OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0);
Assert.assertNotNull(foundClientRegistration);
clientRegistration.setId(foundClientRegistration.getId());
clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime());
Assert.assertEquals(clientRegistration, foundClientRegistration);
}
@Test
public void testGetClientRegistrationWithTenant() {
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
List<OAuth2ClientsDomainParams> savedTenantDomainsParams = oAuth2Service.saveDomainsParams(tenantId,
OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration)));
List<OAuth2ClientsDomainParams> savedSysAdminDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID,
OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration)));
Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(savedTenantDomainsParams, oAuth2Service.findDomainsParamsByTenantId(tenantId));
Assert.assertEquals(savedSysAdminDomainsParams, oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID));
OAuth2ClientRegistration savedTenantClientRegistration = toClientRegistrations(tenantId, savedTenantDomainsParams).get(0);
Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId()));
OAuth2ClientRegistration savedSysAdminClientRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminDomainsParams).get(0);
Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId()));
}
@Test
public void testGetOAuth2Clients() {
String testDomainName = "test_domain";
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
OAuth2ClientRegistration first = validClientRegistration(testDomainName);
OAuth2ClientRegistration second = validClientRegistration(testDomainName);
oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration)));
oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration)));
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(first)));
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(second)));
List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName);
Set<String> actualLabels = new HashSet<>(Arrays.asList(tenantClientRegistration.getLoginButtonLabel(),
sysAdminClientRegistration.getLoginButtonLabel()));
Set<String> actualLabels = new HashSet<>(Arrays.asList(first.getLoginButtonLabel(),
second.getLoginButtonLabel()));
Set<String> foundLabels = oAuth2Clients.stream().map(OAuth2ClientInfo::getName).collect(Collectors.toSet());
Assert.assertEquals(actualLabels, foundLabels);
@ -193,88 +104,61 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
@Test
public void testGetEmptyOAuth2Clients() {
String testDomainName = "test_domain";
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName);
oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration)));
oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration)));
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(testDomainName);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(testDomainName);
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration)));
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration)));
List<OAuth2ClientInfo> oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain");
Assert.assertTrue(oAuth2Clients.isEmpty());
}
@Test
public void testDeleteOAuth2ClientRegistration() {
OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId);
OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID);
OAuth2ClientRegistration first = validClientRegistration();
OAuth2ClientRegistration second = validClientRegistration();
List<OAuth2ClientsDomainParams> savedTenantDomainsParams = oAuth2Service.saveDomainsParams(tenantId,
OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration)));
List<OAuth2ClientsDomainParams> savedSysAdminDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID,
OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration)));
List<OAuth2ClientsDomainParams> savedFirstDomainsParams = oAuth2Service.saveDomainsParams(
OAuth2Utils.toDomainsParams(Collections.singletonList(first)));
List<OAuth2ClientsDomainParams> savedSecondDomainsParams = oAuth2Service.saveDomainsParams(
OAuth2Utils.toDomainsParams(Collections.singletonList(second)));
OAuth2ClientRegistration savedTenantRegistration = toClientRegistrations(tenantId, savedTenantDomainsParams).get(0);
OAuth2ClientRegistration savedSysAdminRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminDomainsParams).get(0);
OAuth2ClientRegistration savedFirstRegistration = toClientRegistrations(savedFirstDomainsParams).get(0);
OAuth2ClientRegistration savedSecondRegistration = toClientRegistrations(savedSecondDomainsParams).get(0);
oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId());
oAuth2Service.deleteClientRegistrationById(savedFirstRegistration.getId());
List<OAuth2ClientRegistration> foundRegistrations = oAuth2Service.findAllClientRegistrations();
Assert.assertEquals(1, foundRegistrations.size());
Assert.assertEquals(savedSysAdminRegistration, foundRegistrations.get(0));
Assert.assertEquals(savedSecondRegistration, foundRegistrations.get(0));
}
@Test
public void testDeleteTenantOAuth2ClientRegistrations() {
oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Arrays.asList(
validClientRegistration(tenantId, "domain"),
validClientRegistration(tenantId, "domain"),
validClientRegistration(tenantId, "domain")
public void testDeleteDomainOAuth2ClientRegistrations() {
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Arrays.asList(
validClientRegistration("domain1"),
validClientRegistration("domain1"),
validClientRegistration("domain2")
)));
Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(1, oAuth2Service.findDomainsParamsByTenantId(tenantId).size());
oAuth2Service.deleteClientRegistrationsByTenantId(tenantId);
Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(0, oAuth2Service.findDomainsParamsByTenantId(tenantId).size());
}
@Test
public void testDeleteTenantDomainOAuth2ClientRegistrations() {
oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Arrays.asList(
validClientRegistration(tenantId, "domain1"),
validClientRegistration(tenantId, "domain1"),
validClientRegistration(tenantId, "domain2")
)));
oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Arrays.asList(
validClientRegistration(TenantId.SYS_TENANT_ID, "domain2")
oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Arrays.asList(
validClientRegistration("domain2")
)));
Assert.assertEquals(4, oAuth2Service.findAllClientRegistrations().size());
List<OAuth2ClientsDomainParams> tenantDomainsParams = oAuth2Service.findDomainsParamsByTenantId(tenantId);
List<OAuth2ClientRegistration> tenantClientRegistrations = toClientRegistrations(tenantId, tenantDomainsParams);
Assert.assertEquals(2, tenantDomainsParams.size());
Assert.assertEquals(3, tenantClientRegistrations.size());
List<OAuth2ClientsDomainParams> domainsParams = oAuth2Service.findDomainsParams();
List<OAuth2ClientRegistration> clientRegistrations = toClientRegistrations(domainsParams);
Assert.assertEquals(2, domainsParams.size());
Assert.assertEquals(4, clientRegistrations.size());
oAuth2Service.deleteClientRegistrationsByDomain(tenantId, "domain1");
oAuth2Service.deleteClientRegistrationsByDomain("domain1");
Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size());
Assert.assertEquals(1, oAuth2Service.findDomainsParamsByTenantId(tenantId).size());
Assert.assertEquals(1, toClientRegistrations(tenantId, oAuth2Service.findDomainsParamsByTenantId(tenantId)).size());
}
private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException {
Tenant tenant = tenantService.findTenantById(tenantId);
if (allowOAuth2 == null) {
tenant.setAdditionalInfo(mapper.readTree("{}"));
} else {
String additionalInfo = "{\"" + ALLOW_OAUTH2_CONFIGURATION + "\":" + allowOAuth2 + "}";
tenant.setAdditionalInfo(mapper.readTree(additionalInfo));
tenantService.saveTenant(tenant);
}
Assert.assertEquals(1, oAuth2Service.findDomainsParams().size());
Assert.assertEquals(2, toClientRegistrations(oAuth2Service.findDomainsParams()).size());
}
private OAuth2ClientRegistration validClientRegistration(TenantId tenantId) {
return validClientRegistration(tenantId, "domainName");
private OAuth2ClientRegistration validClientRegistration() {
return validClientRegistration("domainName");
}
private OAuth2ClientRegistration validClientRegistration(TenantId tenantId, String domainName) {
private OAuth2ClientRegistration validClientRegistration(String domainName) {
OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration();
clientRegistration.setTenantId(tenantId);
clientRegistration.setDomainName(domainName);
clientRegistration.setMapperConfig(
OAuth2MapperConfig.builder()

Write Preview
Loading…
Cancel
Save