diff --git a/application/src/main/data/upgrade/3.1.1/schema_update.sql b/application/src/main/data/upgrade/3.1.1/schema_update.sql index 6064ec8833..f0dfbe1ae3 100644 --- a/application/src/main/data/upgrade/3.1.1/schema_update.sql +++ b/application/src/main/data/upgrade/3.1.1/schema_update.sql @@ -20,7 +20,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, domain_name varchar(255), client_id varchar(255), client_secret varchar(255), @@ -57,7 +56,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, provider_id varchar(255), authorization_uri varchar(255), token_uri varchar(255), diff --git a/application/src/main/java/org/thingsboard/server/controller/BaseController.java b/application/src/main/java/org/thingsboard/server/controller/BaseController.java index 371b423105..577e6c9e83 100644 --- a/application/src/main/java/org/thingsboard/server/controller/BaseController.java +++ b/application/src/main/java/org/thingsboard/server/controller/BaseController.java @@ -27,19 +27,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.ExceptionHandler; -import org.thingsboard.server.common.data.Customer; -import org.thingsboard.server.common.data.Dashboard; -import org.thingsboard.server.common.data.DashboardInfo; -import org.thingsboard.server.common.data.DataConstants; -import org.thingsboard.server.common.data.Device; -import org.thingsboard.server.common.data.DeviceInfo; -import org.thingsboard.server.common.data.EntityType; -import org.thingsboard.server.common.data.EntityView; -import org.thingsboard.server.common.data.EntityViewInfo; -import org.thingsboard.server.common.data.HasName; -import org.thingsboard.server.common.data.HasTenantId; -import org.thingsboard.server.common.data.Tenant; -import org.thingsboard.server.common.data.User; +import org.thingsboard.server.common.data.*; import org.thingsboard.server.common.data.alarm.Alarm; import org.thingsboard.server.common.data.alarm.AlarmInfo; import org.thingsboard.server.common.data.asset.Asset; @@ -50,8 +38,6 @@ import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.id.*; import org.thingsboard.server.common.data.kv.AttributeKvEntry; import org.thingsboard.server.common.data.kv.DataType; -import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration; -import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate; import org.thingsboard.server.common.data.page.PageLink; import org.thingsboard.server.common.data.page.SortOrder; import org.thingsboard.server.common.data.page.TimePageLink; @@ -388,10 +374,7 @@ public abstract class BaseController { checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation); return; case OAUTH2_CLIENT_REGISTRATION: - checkOAuth2ClientRegistrationId(new OAuth2ClientRegistrationId(entityId.getId()), operation); - return; case OAUTH2_CLIENT_REGISTRATION_TEMPLATE: - checkOAuth2ClientRegistrationTemplateId(new OAuth2ClientRegistrationTemplateId(entityId.getId()), operation); return; default: throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType()); @@ -545,30 +528,6 @@ public abstract class BaseController { } } - OAuth2ClientRegistration checkOAuth2ClientRegistrationId(OAuth2ClientRegistrationId clientRegistrationId, Operation operation) throws ThingsboardException { - try { - validateId(clientRegistrationId, "Incorrect oAuth2ClientRegistrationId " + clientRegistrationId); - OAuth2ClientRegistration clientRegistration = oAuth2Service.findClientRegistration(clientRegistrationId.getId()); - checkNotNull(clientRegistration); - accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation, clientRegistrationId, clientRegistration); - return clientRegistration; - } catch (Exception e) { - throw handleException(e, false); - } - } - - OAuth2ClientRegistrationTemplate checkOAuth2ClientRegistrationTemplateId(OAuth2ClientRegistrationTemplateId clientRegistrationTemplateId, Operation operation) throws ThingsboardException { - try { - validateId(clientRegistrationTemplateId, "Incorrect oAuth2ClientRegistrationTemplateId " + clientRegistrationTemplateId); - OAuth2ClientRegistrationTemplate clientRegistrationTemplate = oAuth2ConfigTemplateService.findClientRegistrationTemplateById(clientRegistrationTemplateId); - checkNotNull(clientRegistrationTemplate); - accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, operation, clientRegistrationTemplateId, clientRegistrationTemplate); - return clientRegistrationTemplate; - } catch (Exception e) { - throw handleException(e, false); - } - } - ComponentDescriptor checkComponentDescriptorByClazz(String clazz) throws ThingsboardException { try { log.debug("[{}] Lookup component descriptor", clazz); diff --git a/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java b/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java index ed2c479e1f..1cb969e9e6 100644 --- a/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java +++ b/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java @@ -25,8 +25,6 @@ import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId; import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate; import org.thingsboard.server.queue.util.TbCoreComponent; -import org.thingsboard.server.service.security.permission.Operation; -import org.thingsboard.server.service.security.permission.Resource; import java.util.List; @@ -42,8 +40,6 @@ public class OAuth2ConfigTemplateController extends BaseController { @ResponseStatus(value = HttpStatus.OK) public OAuth2ClientRegistrationTemplate saveClientRegistrationTemplate(@RequestBody OAuth2ClientRegistrationTemplate clientRegistrationTemplate) throws ThingsboardException { try { - clientRegistrationTemplate.setTenantId(getCurrentUser().getTenantId()); - checkEntity(clientRegistrationTemplate.getId(), clientRegistrationTemplate, Resource.OAUTH2_CONFIGURATION_TEMPLATE); return oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate); } catch (Exception e) { throw handleException(e); @@ -57,10 +53,10 @@ public class OAuth2ConfigTemplateController extends BaseController { checkParameter(CLIENT_REGISTRATION_TEMPLATE_ID, strClientRegistrationTemplateId); try { OAuth2ClientRegistrationTemplateId clientRegistrationTemplateId = new OAuth2ClientRegistrationTemplateId(toUUID(strClientRegistrationTemplateId)); - OAuth2ClientRegistrationTemplate clientRegistrationTemplate = checkOAuth2ClientRegistrationTemplateId(clientRegistrationTemplateId, Operation.DELETE); oAuth2ConfigTemplateService.deleteClientRegistrationTemplateById(clientRegistrationTemplateId); - logEntityAction(clientRegistrationTemplateId, clientRegistrationTemplate, + logEntityAction(clientRegistrationTemplateId, + null, null, ActionType.DELETED, null, strClientRegistrationTemplateId); @@ -80,14 +76,9 @@ public class OAuth2ConfigTemplateController extends BaseController { @ResponseBody public List getClientRegistrationTemplates() throws ThingsboardException { try { - checkOAuth2ConfigTemplatePermissions(Operation.READ); return oAuth2ConfigTemplateService.findAllClientRegistrationTemplates(); } catch (Exception e) { throw handleException(e); } } - - private void checkOAuth2ConfigTemplatePermissions(Operation operation) throws ThingsboardException { - accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, operation); - } } diff --git a/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java b/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java index b4a8ead9db..3396c5537d 100644 --- a/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java +++ b/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java @@ -23,16 +23,12 @@ import org.thingsboard.server.common.data.EntityType; import org.thingsboard.server.common.data.audit.ActionType; import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId; -import org.thingsboard.server.common.data.id.TenantId; -import org.thingsboard.server.common.data.oauth2.*; -import org.thingsboard.server.common.data.security.Authority; +import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo; +import org.thingsboard.server.common.data.oauth2.OAuth2ClientsDomainParams; import org.thingsboard.server.queue.util.TbCoreComponent; -import org.thingsboard.server.service.security.permission.Operation; -import org.thingsboard.server.service.security.permission.Resource; import javax.servlet.http.HttpServletRequest; import java.util.List; -import java.util.stream.Collectors; @RestController @TbCoreComponent @@ -52,62 +48,39 @@ public class OAuth2Controller extends BaseController { } } - @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')") + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") @RequestMapping(value = "/oauth2/config", method = RequestMethod.GET, produces = "application/json") @ResponseBody public List getCurrentClientsParams() throws ThingsboardException { try { - Authority authority = getCurrentUser().getAuthority(); - checkOAuth2ConfigPermissions(Operation.READ); - if (Authority.SYS_ADMIN.equals(authority)) { - return oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID); - } else if (Authority.TENANT_ADMIN.equals(authority)) { - return oAuth2Service.findDomainsParamsByTenantId(getCurrentUser().getTenantId()); - } else { - throw new IllegalStateException("Authority " + authority + " cannot get client registrations."); - } + return oAuth2Service.findDomainsParams(); } catch (Exception e) { throw handleException(e); } } - @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')") + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") @RequestMapping(value = "/oauth2/config", method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.OK) public List saveClientParams(@RequestBody List domainsParams) throws ThingsboardException { try { - TenantId tenantId; - Authority authority = getCurrentUser().getAuthority(); - if (Authority.SYS_ADMIN.equals(authority)) { - tenantId = TenantId.SYS_TENANT_ID; - } else if (Authority.TENANT_ADMIN.equals(authority)) { - tenantId = getCurrentUser().getTenantId(); - } else { - throw new IllegalStateException("Authority " + authority + " cannot save client registrations."); - } - List clientRegistrationDtos = domainsParams.stream() - .flatMap(domainParams -> domainParams.getClientRegistrations().stream()) - .collect(Collectors.toList()); - for (ClientRegistrationDto clientRegistrationDto : clientRegistrationDtos) { - checkEntity(clientRegistrationDto.getId(), () -> tenantId, Resource.OAUTH2_CONFIGURATION); - } - return oAuth2Service.saveDomainsParams(tenantId, domainsParams); + return oAuth2Service.saveDomainsParams(domainsParams); } catch (Exception e) { throw handleException(e); } } - @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')") + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") @RequestMapping(value = "/oauth2/config/{clientRegistrationId}", method = RequestMethod.DELETE) @ResponseStatus(value = HttpStatus.OK) public void deleteClientRegistration(@PathVariable(CLIENT_REGISTRATION_ID) String strClientRegistrationId) throws ThingsboardException { checkParameter(CLIENT_REGISTRATION_ID, strClientRegistrationId); try { OAuth2ClientRegistrationId clientRegistrationId = new OAuth2ClientRegistrationId(toUUID(strClientRegistrationId)); - OAuth2ClientRegistration clientRegistration = checkOAuth2ClientRegistrationId(clientRegistrationId, Operation.DELETE); - oAuth2Service.deleteClientRegistrationById(getCurrentUser().getTenantId(), clientRegistrationId); + oAuth2Service.deleteClientRegistrationById(clientRegistrationId); - logEntityAction(clientRegistrationId, clientRegistration, + logEntityAction(clientRegistrationId, + null, null, ActionType.DELETED, null, strClientRegistrationId); @@ -123,13 +96,13 @@ public class OAuth2Controller extends BaseController { } - @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')") + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") @RequestMapping(value = "/oauth2/config/domain/{domain}", method = RequestMethod.DELETE) @ResponseStatus(value = HttpStatus.OK) public void deleteClientRegistrationForDomain(@PathVariable(DOMAIN) String domain) throws ThingsboardException { checkParameter(DOMAIN, domain); try { - oAuth2Service.deleteClientRegistrationsByDomain(getCurrentUser().getTenantId(), domain); + oAuth2Service.deleteClientRegistrationsByDomain(domain); logEntityAction(emptyId(EntityType.OAUTH2_CLIENT_REGISTRATION), null, null, @@ -144,19 +117,4 @@ public class OAuth2Controller extends BaseController { throw handleException(e); } } - - @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')") - @RequestMapping(value = "/oauth2/config/isAllowed", method = RequestMethod.GET) - @ResponseBody - public Boolean isOAuth2ConfigurationAllowed() throws ThingsboardException { - try { - return oAuth2Service.isOAuth2ClientRegistrationAllowed(getTenantId()); - } catch (Exception e) { - throw handleException(e); - } - } - - private void checkOAuth2ConfigPermissions(Operation operation) throws ThingsboardException { - accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation); - } } diff --git a/application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java b/application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java index 1b5827b6f7..8a7870a1c2 100644 --- a/application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java +++ b/application/src/main/java/org/thingsboard/server/service/install/InstallScripts.java @@ -224,7 +224,6 @@ public class InstallScripts { try { JsonNode oauth2ConfigTemplateJson = objectMapper.readTree(path.toFile()); OAuth2ClientRegistrationTemplate clientRegistrationTemplate = objectMapper.treeToValue(oauth2ConfigTemplateJson, OAuth2ClientRegistrationTemplate.class); - clientRegistrationTemplate.setTenantId(TenantId.SYS_TENANT_ID); oAuth2TemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate); } catch (Exception e) { log.error("Unable to load oauth2 config templates from json: [{}]", path.toString()); diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java index 61d288cdff..651e234f0a 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java +++ b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java @@ -17,7 +17,6 @@ package org.thingsboard.server.service.security.auth.oauth2; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.base.Strings; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -34,7 +33,6 @@ import org.thingsboard.server.common.data.id.IdBased; import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.page.PageData; import org.thingsboard.server.common.data.page.PageLink; -import org.thingsboard.server.common.data.page.TimePageLink; import org.thingsboard.server.common.data.security.Authority; import org.thingsboard.server.common.data.security.UserCredentials; import org.thingsboard.server.dao.customer.CustomerService; @@ -49,7 +47,6 @@ import org.thingsboard.server.service.security.model.UserPrincipal; import java.io.IOException; import java.util.List; import java.util.Optional; -import java.util.concurrent.ExecutionException; import java.util.concurrent.locks.Lock; import java.util.concurrent.locks.ReentrantLock; @@ -79,7 +76,7 @@ public abstract class AbstractOAuth2ClientMapper { private final Lock userCreationLock = new ReentrantLock(); - protected SecurityUser getOrCreateSecurityUserFromOAuth2User(TenantId parentTenantId, OAuth2User oauth2User, boolean allowUserCreation, boolean activateUser) { + protected SecurityUser getOrCreateSecurityUserFromOAuth2User(OAuth2User oauth2User, boolean allowUserCreation, boolean activateUser) { UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, oauth2User.getEmail()); User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, oauth2User.getEmail()); @@ -99,13 +96,8 @@ public abstract class AbstractOAuth2ClientMapper { } else { user.setAuthority(Authority.CUSTOMER_USER); } - TenantId tenantId; - if (TenantId.SYS_TENANT_ID.equals(parentTenantId)) { - tenantId = oauth2User.getTenantId() != null ? - oauth2User.getTenantId() : getTenantId(oauth2User.getTenantName()); - } else { - tenantId = parentTenantId; - } + TenantId tenantId = oauth2User.getTenantId() != null ? + oauth2User.getTenantId() : getTenantId(oauth2User.getTenantName()); user.setTenantId(tenantId); CustomerId customerId = oauth2User.getCustomerId() != null ? oauth2User.getCustomerId() : getCustomerId(user.getTenantId(), oauth2User.getCustomerName()); diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java index 5bee8e866e..7412f2199c 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java +++ b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/BasicOAuth2ClientMapper.java @@ -20,7 +20,6 @@ import org.apache.commons.lang3.text.StrSubstitutor; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig; import org.thingsboard.server.dao.oauth2.OAuth2User; import org.thingsboard.server.service.security.model.SecurityUser; @@ -35,7 +34,7 @@ public class BasicOAuth2ClientMapper extends AbstractOAuth2ClientMapper implemen private static final String END_PLACEHOLDER_PREFIX = "}"; @Override - public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config) { + public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config) { OAuth2User oauth2User = new OAuth2User(); Map attributes = token.getPrincipal().getAttributes(); String email = getStringAttributeByKey(attributes, config.getBasic().getEmailAttributeKey()); @@ -59,7 +58,7 @@ public class BasicOAuth2ClientMapper extends AbstractOAuth2ClientMapper implemen oauth2User.setDefaultDashboardName(config.getBasic().getDefaultDashboardName()); } - return getOrCreateSecurityUserFromOAuth2User(parentTenantId, oauth2User, config.isAllowUserCreation(), config.isActivateUser()); + return getOrCreateSecurityUserFromOAuth2User(oauth2User, config.isAllowUserCreation(), config.isActivateUser()); } private String getTenantName(Map attributes, OAuth2MapperConfig config) { diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java index 21c60b943b..a85da830b0 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java +++ b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/CustomOAuth2ClientMapper.java @@ -23,7 +23,6 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authentic import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; import org.springframework.web.client.RestTemplate; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.OAuth2CustomMapperConfig; import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig; import org.thingsboard.server.dao.oauth2.OAuth2User; @@ -39,9 +38,9 @@ public class CustomOAuth2ClientMapper extends AbstractOAuth2ClientMapper impleme private RestTemplateBuilder restTemplateBuilder = new RestTemplateBuilder(); @Override - public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config) { + public SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config) { OAuth2User oauth2User = getOAuth2User(token, providerAccessToken, config.getCustom()); - return getOrCreateSecurityUserFromOAuth2User(parentTenantId, oauth2User, config.isAllowUserCreation(), config.isActivateUser()); + return getOrCreateSecurityUserFromOAuth2User(oauth2User, config.isAllowUserCreation(), config.isActivateUser()); } private synchronized OAuth2User getOAuth2User(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2CustomMapperConfig custom) { diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java index cdd0313f51..27b24043a5 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java +++ b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/OAuth2ClientMapper.java @@ -16,10 +16,9 @@ package org.thingsboard.server.service.security.auth.oauth2; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig; import org.thingsboard.server.service.security.model.SecurityUser; public interface OAuth2ClientMapper { - SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, TenantId parentTenantId, OAuth2MapperConfig config); + SecurityUser getOrCreateUserByClientPrincipal(OAuth2AuthenticationToken token, String providerAccessToken, OAuth2MapperConfig config); } diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java index 7c0097fbfb..ddd5de087d 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java +++ b/application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java @@ -74,7 +74,7 @@ public class Oauth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS token.getPrincipal().getName()); OAuth2ClientMapper mapper = oauth2ClientMapperProvider.getOAuth2ClientMapperByType(clientRegistration.getMapperConfig().getType()); SecurityUser securityUser = mapper.getOrCreateUserByClientPrincipal(token, oAuth2AuthorizedClient.getAccessToken().getTokenValue(), - clientRegistration.getTenantId(), clientRegistration.getMapperConfig()); + clientRegistration.getMapperConfig()); JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser); JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser); diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java index ba295a064d..871de30e6e 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java +++ b/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java @@ -19,14 +19,10 @@ import org.springframework.stereotype.Component; import org.thingsboard.server.common.data.HasTenantId; import org.thingsboard.server.common.data.User; import org.thingsboard.server.common.data.id.EntityId; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.id.UserId; import org.thingsboard.server.common.data.security.Authority; import org.thingsboard.server.service.security.model.SecurityUser; -import java.util.HashMap; -import java.util.Optional; - @Component(value="sysAdminPermissions") public class SysAdminPermissions extends AbstractPermissions { @@ -39,7 +35,7 @@ public class SysAdminPermissions extends AbstractPermissions { put(Resource.USER, userPermissionChecker); put(Resource.WIDGETS_BUNDLE, systemEntityPermissionChecker); put(Resource.WIDGET_TYPE, systemEntityPermissionChecker); - put(Resource.OAUTH2_CONFIGURATION, sysAdminOAuth2ConfigPermissionChecker); + put(Resource.OAUTH2_CONFIGURATION, PermissionChecker.allowAllPermissionChecker); put(Resource.OAUTH2_CONFIGURATION_TEMPLATE, PermissionChecker.allowAllPermissionChecker); } @@ -67,19 +63,4 @@ public class SysAdminPermissions extends AbstractPermissions { }; - private final PermissionChecker sysAdminOAuth2ConfigPermissionChecker = new PermissionChecker() { - @Override - public boolean hasPermission(SecurityUser user, Operation operation) { - return true; - } - - @Override - public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) { - if (entity.getTenantId() != null && !entity.getTenantId().isNullUid()) { - return false; - } - return true; - } - }; - } diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java index 0153affa23..c886bccdb8 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java +++ b/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java @@ -15,25 +15,17 @@ */ package org.thingsboard.server.service.security.permission; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.thingsboard.server.common.data.HasTenantId; import org.thingsboard.server.common.data.User; import org.thingsboard.server.common.data.id.EntityId; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.id.UserId; import org.thingsboard.server.common.data.security.Authority; -import org.thingsboard.server.dao.oauth2.OAuth2Service; import org.thingsboard.server.service.security.model.SecurityUser; -import java.util.HashMap; - @Component(value="tenantAdminPermissions") public class TenantAdminPermissions extends AbstractPermissions { - @Autowired - private OAuth2Service oAuth2Service; - public TenantAdminPermissions() { super(); put(Resource.ALARM, tenantEntityPermissionChecker); @@ -47,8 +39,6 @@ public class TenantAdminPermissions extends AbstractPermissions { put(Resource.USER, userPermissionChecker); put(Resource.WIDGETS_BUNDLE, widgetsPermissionChecker); put(Resource.WIDGET_TYPE, widgetsPermissionChecker); - put(Resource.OAUTH2_CONFIGURATION, tenantOAuth2ConfigPermissionChecker); - put(Resource.OAUTH2_CONFIGURATION_TEMPLATE, tenantOAuth2ConfigTemplatePermissionChecker); } public static final PermissionChecker tenantEntityPermissionChecker = new PermissionChecker() { @@ -108,31 +98,4 @@ public class TenantAdminPermissions extends AbstractPermissions { } }; - - private final PermissionChecker tenantOAuth2ConfigPermissionChecker = new PermissionChecker() { - @Override - public boolean hasPermission(SecurityUser user, Operation operation) { - return oAuth2Service.isOAuth2ClientRegistrationAllowed(user.getTenantId()); - } - - @Override - public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) { - if (!user.getTenantId().equals(entity.getTenantId())) { - return false; - } - return hasPermission(user, operation); - } - }; - - private static final PermissionChecker tenantOAuth2ConfigTemplatePermissionChecker = new PermissionChecker() { - @Override - public boolean hasPermission(SecurityUser user, Operation operation) { - return operation == Operation.READ; - } - - @Override - public boolean hasPermission(SecurityUser user, Operation operation, EntityId entityId, HasTenantId entity) { - return operation == Operation.READ; - } - }; } diff --git a/common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java b/common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java index 2f7156756a..0f4cd1d0be 100644 --- a/common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java +++ b/common/dao-api/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Service.java @@ -27,19 +27,15 @@ import java.util.UUID; public interface OAuth2Service { List getOAuth2Clients(String domainName); - List saveDomainsParams(TenantId tenantId, List domainsParams); + List saveDomainsParams(List domainsParams); - List findDomainsParamsByTenantId(TenantId tenantId); + List findDomainsParams(); OAuth2ClientRegistration findClientRegistration(UUID id); List findAllClientRegistrations(); - void deleteClientRegistrationsByTenantId(TenantId tenantId); + void deleteClientRegistrationById(OAuth2ClientRegistrationId id); - void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id); - - void deleteClientRegistrationsByDomain(TenantId tenantId, String domain); - - boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId); + void deleteClientRegistrationsByDomain(String domain); } diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java b/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java index 64cfb59511..9b1fc12dd5 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistration.java @@ -32,9 +32,8 @@ import java.util.List; @Data @ToString(exclude = {"clientSecret"}) @NoArgsConstructor -public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo implements HasTenantId, HasName { +public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo implements HasName { - private TenantId tenantId; private String domainName; private String redirectUriTemplate; private OAuth2MapperConfig mapperConfig; @@ -52,7 +51,6 @@ public class OAuth2ClientRegistration extends SearchTextBasedWithAdditionalInfo< public OAuth2ClientRegistration(OAuth2ClientRegistration clientRegistration) { super(clientRegistration); - this.tenantId = clientRegistration.tenantId; this.domainName = clientRegistration.domainName; this.redirectUriTemplate = clientRegistration.redirectUriTemplate; this.mapperConfig = clientRegistration.mapperConfig; diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java b/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java index e08b83fc37..5c2f70874a 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2ClientRegistrationTemplate.java @@ -31,9 +31,8 @@ import java.util.List; @Data @ToString @NoArgsConstructor -public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditionalInfo implements HasTenantId, HasName { +public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditionalInfo implements HasName { - private TenantId tenantId; private String providerId; private OAuth2BasicMapperConfig basic; private String authorizationUri; @@ -50,7 +49,6 @@ public class OAuth2ClientRegistrationTemplate extends SearchTextBasedWithAdditio public OAuth2ClientRegistrationTemplate(OAuth2ClientRegistrationTemplate clientRegistrationTemplate) { super(clientRegistrationTemplate); - this.tenantId = clientRegistrationTemplate.tenantId; this.providerId = clientRegistrationTemplate.providerId; this.basic = clientRegistrationTemplate.basic; this.authorizationUri = clientRegistrationTemplate.authorizationUri; diff --git a/dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java b/dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java index 4f2513f2ce..72e8abe4e6 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java +++ b/dao/src/main/java/org/thingsboard/server/dao/model/sql/OAuth2ClientRegistrationEntity.java @@ -38,9 +38,6 @@ import java.util.UUID; @Table(name = ModelConstants.OAUTH2_CLIENT_REGISTRATION_COLUMN_FAMILY_NAME) public class OAuth2ClientRegistrationEntity extends BaseSqlEntity { - @Column(name = ModelConstants.OAUTH2_TENANT_ID_PROPERTY, columnDefinition = "uuid") - private UUID tenantId; - @Column(name = ModelConstants.OAUTH2_DOMAIN_NAME_PROPERTY) private String domainName; @Column(name = ModelConstants.OAUTH2_CLIENT_ID_PROPERTY) @@ -112,9 +109,6 @@ public class OAuth2ClientRegistrationEntity extends BaseSqlEntity { - @Column(name = ModelConstants.OAUTH2_TENANT_ID_PROPERTY, columnDefinition = "uuid") - private UUID tenantId; - @Column(name = ModelConstants.OAUTH2_TEMPLATE_PROVIDER_ID_PROPERTY) private String providerId; @Column(name = ModelConstants.OAUTH2_AUTHORIZATION_URI_PROPERTY) @@ -95,9 +92,6 @@ public class OAuth2ClientRegistrationTemplateEntity extends BaseSqlEntity { List findAll(); - List findByTenantId(UUID tenantId); - List findByDomainName(String domainName); - int removeByTenantIdAndDomainName(UUID tenantId, String domainName); - - int removeByTenantId(UUID tenantId); + int removeByDomainName(String domainName); } diff --git a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java index 4436be34b6..4eaeb914c9 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java +++ b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ConfigTemplateServiceImpl.java @@ -44,10 +44,10 @@ public class OAuth2ConfigTemplateServiceImpl extends AbstractEntityService imple @Override public OAuth2ClientRegistrationTemplate saveClientRegistrationTemplate(OAuth2ClientRegistrationTemplate clientRegistrationTemplate) { log.trace("Executing saveClientRegistrationTemplate [{}]", clientRegistrationTemplate); - clientRegistrationTemplateValidator.validate(clientRegistrationTemplate, OAuth2ClientRegistrationTemplate::getTenantId); + clientRegistrationTemplateValidator.validate(clientRegistrationTemplate, o -> TenantId.SYS_TENANT_ID); OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate; try { - savedClientRegistrationTemplate = clientRegistrationTemplateDao.save(clientRegistrationTemplate.getTenantId(), clientRegistrationTemplate); + savedClientRegistrationTemplate = clientRegistrationTemplateDao.save(TenantId.SYS_TENANT_ID, clientRegistrationTemplate); } catch (Exception t) { ConstraintViolationException e = extractConstraintViolationException(t).orElse(null); if (e != null && e.getConstraintName() != null && e.getConstraintName().equalsIgnoreCase("oauth2_template_provider_id_unq_key")) { @@ -98,10 +98,6 @@ public class OAuth2ConfigTemplateServiceImpl extends AbstractEntityService imple if (clientRegistrationTemplate.getBasic() == null) { throw new DataValidationException("Basic mapper config should be specified!"); } - if (clientRegistrationTemplate.getTenantId() == null - || !TenantId.SYS_TENANT_ID.equals(clientRegistrationTemplate.getTenantId())) { - throw new DataValidationException("Client registration template should be assigned to system admin!"); - } } }; } diff --git a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java index 788c1293da..26bad5566b 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java +++ b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ServiceImpl.java @@ -15,30 +15,22 @@ */ package org.thingsboard.server.dao.oauth2; -import com.fasterxml.jackson.databind.JsonNode; import lombok.extern.slf4j.Slf4j; -import org.hibernate.exception.ConstraintViolationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; -import org.thingsboard.server.common.data.Tenant; -import org.thingsboard.server.common.data.exception.ThingsboardErrorCode; -import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationId; import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.*; import org.thingsboard.server.dao.entity.AbstractEntityService; import org.thingsboard.server.dao.exception.DataValidationException; -import org.thingsboard.server.dao.service.DataValidator; import org.thingsboard.server.dao.tenant.TenantService; import javax.transaction.Transactional; import java.util.*; -import java.util.function.BiConsumer; import java.util.function.Consumer; import java.util.stream.Collectors; -import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION; import static org.thingsboard.server.dao.service.Validator.validateId; import static org.thingsboard.server.dao.service.Validator.validateString; @@ -49,9 +41,6 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se public static final String INCORRECT_CLIENT_REGISTRATION_ID = "Incorrect clientRegistrationId "; public static final String INCORRECT_DOMAIN_NAME = "Incorrect domainName "; - @Autowired - private TenantService tenantService; - @Autowired private OAuth2ClientRegistrationDao clientRegistrationDao; @@ -66,21 +55,20 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se @Override @Transactional - public List saveDomainsParams(TenantId tenantId, List domainsParams) { - log.trace("Executing saveDomainsParams [{}] [{}]", tenantId, domainsParams); - clientParamsValidator.accept(tenantId, domainsParams); - List inputClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, domainsParams); + public List saveDomainsParams(List domainsParams) { + log.trace("Executing saveDomainsParams [{}]", domainsParams); + clientParamsValidator.accept(domainsParams); + List inputClientRegistrations = OAuth2Utils.toClientRegistrations(domainsParams); List savedClientRegistrations = inputClientRegistrations.stream() - .map(clientRegistration -> clientRegistrationDao.save(clientRegistration.getTenantId(), clientRegistration)) + .map(clientRegistration -> clientRegistrationDao.save(TenantId.SYS_TENANT_ID, clientRegistration)) .collect(Collectors.toList()); return OAuth2Utils.toDomainsParams(savedClientRegistrations); } @Override - public List findDomainsParamsByTenantId(TenantId tenantId) { - log.trace("Executing findDomainsParamsByTenantId [{}]", tenantId); - validateId(tenantId, INCORRECT_TENANT_ID + tenantId); - return OAuth2Utils.toDomainsParams(clientRegistrationDao.findByTenantId(tenantId.getId())); + public List findDomainsParams() { + log.trace("Executing findDomainsParams"); + return OAuth2Utils.toDomainsParams(clientRegistrationDao.findAll()); } @Override @@ -97,45 +85,21 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se } @Override - @Transactional - public void deleteClientRegistrationsByTenantId(TenantId tenantId) { - log.trace("Executing deleteClientRegistrationsByTenantId [{}]", tenantId); - validateId(tenantId, INCORRECT_TENANT_ID + tenantId); - clientRegistrationDao.removeByTenantId(tenantId.getId()); - } - - @Override - public void deleteClientRegistrationById(TenantId tenantId, OAuth2ClientRegistrationId id) { - log.trace("Executing deleteClientRegistrationById [{}], [{}]", tenantId, id); - validateId(tenantId, INCORRECT_TENANT_ID + tenantId); + public void deleteClientRegistrationById(OAuth2ClientRegistrationId id) { + log.trace("Executing deleteClientRegistrationById [{}]", id); validateId(id, INCORRECT_CLIENT_REGISTRATION_ID + id); - clientRegistrationDao.removeById(tenantId, id.getId()); + clientRegistrationDao.removeById(TenantId.SYS_TENANT_ID, id.getId()); } @Override @Transactional - public void deleteClientRegistrationsByDomain(TenantId tenantId, String domain) { - log.trace("Executing deleteClientRegistrationsByDomain [{}], [{}]", tenantId, domain); - validateId(tenantId, INCORRECT_TENANT_ID + tenantId); + public void deleteClientRegistrationsByDomain(String domain) { + log.trace("Executing deleteClientRegistrationsByDomain [{}]", domain); validateString(domain, INCORRECT_DOMAIN_NAME + domain); - clientRegistrationDao.removeByTenantIdAndDomainName(tenantId.getId(), domain); + clientRegistrationDao.removeByDomainName(domain); } - @Override - public boolean isOAuth2ClientRegistrationAllowed(TenantId tenantId) { - log.trace("Executing isOAuth2ClientRegistrationAllowed [{}]", tenantId); - validateId(tenantId, INCORRECT_TENANT_ID + tenantId); - Tenant tenant = tenantService.findTenantById(tenantId); - if (tenant == null) return false; - JsonNode allowOAuth2ConfigurationJsonNode = tenant.getAdditionalInfo() != null ? tenant.getAdditionalInfo().get(ALLOW_OAUTH2_CONFIGURATION) : null; - if (allowOAuth2ConfigurationJsonNode == null) { - return false; - } else { - return allowOAuth2ConfigurationJsonNode.asBoolean(); - } - } - - private final BiConsumer> clientParamsValidator = (tenantId, domainsParams) -> { + private final Consumer> clientParamsValidator = domainsParams -> { if (domainsParams == null || domainsParams.isEmpty()) { throw new DataValidationException("Domain params should be specified!"); } @@ -211,13 +175,5 @@ public class OAuth2ServiceImpl extends AbstractEntityService implements OAuth2Se } } } - if (tenantId == null) { - throw new DataValidationException("Client registration should be assigned to tenant!"); - } else if (!TenantId.SYS_TENANT_ID.equals(tenantId)) { - Tenant tenant = tenantService.findTenantById(tenantId); - if (tenant == null) { - throw new DataValidationException("Client registration is referencing to non-existent tenant!"); - } - } }; } diff --git a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java index ec2bc59ff7..7af0b80ba5 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java +++ b/dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2Utils.java @@ -15,8 +15,6 @@ */ package org.thingsboard.server.dao.oauth2; -import org.springframework.util.StringUtils; -import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.*; import java.util.ArrayList; @@ -24,7 +22,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; -import java.util.stream.Stream; public class OAuth2Utils { public static final String ALLOW_OAUTH2_CONFIGURATION = "allowOAuth2Configuration"; @@ -38,10 +35,10 @@ public class OAuth2Utils { return client; } - public static List toClientRegistrations(TenantId tenantId, List domainsParams) { + public static List toClientRegistrations(List domainsParams) { return domainsParams.stream() .flatMap(domainParams -> domainParams.getClientRegistrations().stream() - .map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(tenantId, domainParams.getDomainName(), + .map(clientRegistrationDto -> OAuth2Utils.toClientRegistration(domainParams.getDomainName(), domainParams.getRedirectUriTemplate(), clientRegistrationDto) )) .collect(Collectors.toList()); @@ -80,11 +77,10 @@ public class OAuth2Utils { .build(); } - public static OAuth2ClientRegistration toClientRegistration(TenantId tenantId, String domainName, String redirectUriTemplate, - ClientRegistrationDto clientRegistrationDto) { + public static OAuth2ClientRegistration toClientRegistration(String domainName, String redirectUriTemplate, + ClientRegistrationDto clientRegistrationDto) { OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration(); clientRegistration.setId(clientRegistrationDto.getId()); - clientRegistration.setTenantId(tenantId); clientRegistration.setCreatedTime(clientRegistrationDto.getCreatedTime()); clientRegistration.setDomainName(domainName); clientRegistration.setRedirectUriTemplate(redirectUriTemplate); diff --git a/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java b/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java index d5e17ac635..c9ba51b813 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java +++ b/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/JpaOAuth2ClientRegistrationDao.java @@ -26,7 +26,6 @@ import org.thingsboard.server.dao.sql.JpaAbstractDao; import java.util.ArrayList; import java.util.List; -import java.util.Optional; import java.util.UUID; import java.util.stream.Collectors; @@ -55,12 +54,6 @@ public class JpaOAuth2ClientRegistrationDao extends JpaAbstractDao findByTenantId(UUID tenantId) { - List entities = repository.findAllByTenantId(tenantId); - return entities.stream().map(DaoUtil::getData).collect(Collectors.toList()); - } - @Override public List findByDomainName(String domainName) { List entities = repository.findAllByDomainName(domainName); @@ -68,12 +61,7 @@ public class JpaOAuth2ClientRegistrationDao extends JpaAbstractDao { - List findAllByTenantId(UUID tenantId); - List findAllByDomainName(String domainName); - int deleteByTenantIdAndDomainName(UUID tenantId, String domainName); - - int deleteByTenantId(UUID tenantId); + int deleteByDomainName(String domainName); } diff --git a/dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java b/dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java index df0dfb666a..234781e90c 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java +++ b/dao/src/main/java/org/thingsboard/server/dao/tenant/TenantServiceImpl.java @@ -105,7 +105,6 @@ public class TenantServiceImpl extends AbstractEntityService implements TenantSe public void deleteTenant(TenantId tenantId) { log.trace("Executing deleteTenant [{}]", tenantId); Validator.validateId(tenantId, INCORRECT_TENANT_ID + tenantId); - oAuth2Service.deleteClientRegistrationsByTenantId(tenantId); customerService.deleteCustomersByTenantId(tenantId); widgetsBundleService.deleteWidgetsBundlesByTenantId(tenantId); dashboardService.deleteDashboardsByTenantId(tenantId); diff --git a/dao/src/main/resources/sql/schema-entities-hsql.sql b/dao/src/main/resources/sql/schema-entities-hsql.sql index 0b7f1c848b..ca92bfcf4f 100644 --- a/dao/src/main/resources/sql/schema-entities-hsql.sql +++ b/dao/src/main/resources/sql/schema-entities-hsql.sql @@ -295,7 +295,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, domain_name varchar(255), client_id varchar(255), client_secret varchar(255), @@ -330,7 +329,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, provider_id varchar(255), authorization_uri varchar(255), token_uri varchar(255), diff --git a/dao/src/main/resources/sql/schema-entities.sql b/dao/src/main/resources/sql/schema-entities.sql index a8f014ab22..d441e0cfd0 100644 --- a/dao/src/main/resources/sql/schema-entities.sql +++ b/dao/src/main/resources/sql/schema-entities.sql @@ -320,7 +320,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, domain_name varchar(255), client_id varchar(255), client_secret varchar(255), @@ -355,7 +354,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template ( id uuid NOT NULL CONSTRAINT oauth2_client_registration_template_pkey PRIMARY KEY, created_time bigint NOT NULL, additional_info varchar, - tenant_id uuid, provider_id varchar(255), authorization_uri varchar(255), token_uri varchar(255), diff --git a/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java b/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java index f2bf502fab..3d828d1ac5 100644 --- a/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java +++ b/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ConfigTemplateServiceTest.java @@ -34,8 +34,6 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest { @Autowired protected OAuth2ConfigTemplateService oAuth2ConfigTemplateService; - private TenantId tenantId; - @Before public void beforeRun() throws Exception { Assert.assertTrue(oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().isEmpty()); @@ -53,15 +51,15 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest { @Test(expected = DataValidationException.class) public void testSaveDuplicateProviderId() { - OAuth2ClientRegistrationTemplate first = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, "providerId"); - OAuth2ClientRegistrationTemplate second = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, "providerId"); + OAuth2ClientRegistrationTemplate first = validClientRegistrationTemplate("providerId"); + OAuth2ClientRegistrationTemplate second = validClientRegistrationTemplate("providerId"); oAuth2ConfigTemplateService.saveClientRegistrationTemplate(first); oAuth2ConfigTemplateService.saveClientRegistrationTemplate(second); } @Test public void testCreateNewTemplate() { - OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()); + OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(UUID.randomUUID().toString()); OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate); Assert.assertNotNull(savedClientRegistrationTemplate); @@ -73,7 +71,7 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest { @Test public void testFindTemplate() { - OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString()); + OAuth2ClientRegistrationTemplate clientRegistrationTemplate = validClientRegistrationTemplate(UUID.randomUUID().toString()); OAuth2ClientRegistrationTemplate savedClientRegistrationTemplate = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate); OAuth2ClientRegistrationTemplate foundClientRegistrationTemplate = oAuth2ConfigTemplateService.findClientRegistrationTemplateById(savedClientRegistrationTemplate.getId()); @@ -82,17 +80,17 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest { @Test public void testFindAll() { - oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString())); - oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString())); + oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString())); + oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString())); Assert.assertEquals(2, oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().size()); } @Test public void testDeleteTemplate() { - oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString())); - oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString())); - OAuth2ClientRegistrationTemplate saved = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(TenantId.SYS_TENANT_ID, UUID.randomUUID().toString())); + oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString())); + oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString())); + OAuth2ClientRegistrationTemplate saved = oAuth2ConfigTemplateService.saveClientRegistrationTemplate(validClientRegistrationTemplate(UUID.randomUUID().toString())); Assert.assertEquals(3, oAuth2ConfigTemplateService.findAllClientRegistrationTemplates().size()); Assert.assertNotNull(oAuth2ConfigTemplateService.findClientRegistrationTemplateById(saved.getId())); @@ -103,10 +101,9 @@ public class BaseOAuth2ConfigTemplateServiceTest extends AbstractServiceTest { Assert.assertNull(oAuth2ConfigTemplateService.findClientRegistrationTemplateById(saved.getId())); } - private OAuth2ClientRegistrationTemplate validClientRegistrationTemplate(TenantId tenantId, String providerId) { + private OAuth2ClientRegistrationTemplate validClientRegistrationTemplate(String providerId) { OAuth2ClientRegistrationTemplate clientRegistrationTemplate = new OAuth2ClientRegistrationTemplate(); clientRegistrationTemplate.setProviderId(providerId); - clientRegistrationTemplate.setTenantId(tenantId); clientRegistrationTemplate.setAdditionalInfo(mapper.createObjectNode().put(UUID.randomUUID().toString(), UUID.randomUUID().toString())); clientRegistrationTemplate.setBasic( OAuth2BasicMapperConfig.builder() diff --git a/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java b/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java index 2231bc6dfe..4ff0716266 100644 --- a/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java +++ b/dao/src/test/java/org/thingsboard/server/dao/service/BaseOAuth2ServiceTest.java @@ -20,18 +20,14 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import org.thingsboard.server.common.data.Tenant; import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.oauth2.*; -import org.thingsboard.server.dao.attributes.AttributesService; import org.thingsboard.server.dao.oauth2.OAuth2Service; import org.thingsboard.server.dao.oauth2.OAuth2Utils; -import java.io.IOException; import java.util.*; import java.util.stream.Collectors; -import static org.thingsboard.server.dao.oauth2.OAuth2Utils.ALLOW_OAUTH2_CONFIGURATION; import static org.thingsboard.server.dao.oauth2.OAuth2Utils.toClientRegistrations; public class BaseOAuth2ServiceTest extends AbstractServiceTest { @@ -39,56 +35,26 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest { @Autowired protected OAuth2Service oAuth2Service; - @Autowired - protected AttributesService attributesService; - - private TenantId tenantId; - @Before - public void beforeRun() throws Exception { - Tenant tenant = new Tenant(); - tenant.setTitle("My tenant"); - Tenant savedTenant = tenantService.saveTenant(tenant); - Assert.assertNotNull(savedTenant); - tenantId = savedTenant.getId(); - + public void beforeRun() { Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty()); } @After - public void after() throws Exception { - tenantService.deleteTenant(tenantId); - oAuth2Service.deleteClientRegistrationsByTenantId(TenantId.SYS_TENANT_ID); - + public void after() { + oAuth2Service.findAllClientRegistrations().forEach(clientRegistration -> { + oAuth2Service.deleteClientRegistrationById(clientRegistration.getId()); + }); Assert.assertTrue(oAuth2Service.findAllClientRegistrations().isEmpty()); } @Test - public void testIsOAuth2Allowed_null() throws IOException { - updateTenantAllowOAuth2Setting(null); - Assert.assertFalse(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId)); - } - - @Test - public void testIsOAuth2Allowed_false() throws IOException { - updateTenantAllowOAuth2Setting(false); - Assert.assertFalse(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId)); - } - - @Test - public void testIsOAuth2Allowed_true() throws IOException { - updateTenantAllowOAuth2Setting(true); - Assert.assertTrue(oAuth2Service.isOAuth2ClientRegistrationAllowed(tenantId)); - } - - - @Test - public void testCreateNewSystemParams() { - OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); - List savedDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); + public void testCreateNewParams() { + OAuth2ClientRegistration clientRegistration = validClientRegistration("domain-name"); + List savedDomainsParams = oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); Assert.assertNotNull(savedDomainsParams); - List savedClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, savedDomainsParams); + List savedClientRegistrations = OAuth2Utils.toClientRegistrations(savedDomainsParams); Assert.assertEquals(1, savedClientRegistrations.size()); OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0); @@ -96,95 +62,40 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest { clientRegistration.setId(savedClientRegistration.getId()); clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime()); Assert.assertEquals(clientRegistration, savedClientRegistration); - } - - @Test - public void testFindSystemParamsByTenant() { - OAuth2ClientRegistration clientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); - oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); - - List foundDomainsParams = oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID); - Assert.assertEquals(1, foundDomainsParams.size()); - Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size()); - List foundClientRegistrations = OAuth2Utils.toClientRegistrations(TenantId.SYS_TENANT_ID, foundDomainsParams); - OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0); - Assert.assertNotNull(foundClientRegistration); - clientRegistration.setId(foundClientRegistration.getId()); - clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime()); - Assert.assertEquals(clientRegistration, foundClientRegistration); + oAuth2Service.deleteClientRegistrationsByDomain("domain-name"); } @Test - public void testCreateNewTenantParams() { - OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId); - List savedDomainsParams = oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); - Assert.assertNotNull(savedDomainsParams); + public void testFindDomainParams() { + OAuth2ClientRegistration clientRegistration = validClientRegistration(); + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); - List savedClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, savedDomainsParams); - Assert.assertEquals(1, savedClientRegistrations.size()); - - OAuth2ClientRegistration savedClientRegistration = savedClientRegistrations.get(0); - - Assert.assertNotNull(savedClientRegistration); - Assert.assertNotNull(savedClientRegistration.getId()); - clientRegistration.setId(savedClientRegistration.getId()); - clientRegistration.setCreatedTime(savedClientRegistration.getCreatedTime()); - Assert.assertEquals(clientRegistration, savedClientRegistration); - } - - @Test - public void testFindTenantParams() { - OAuth2ClientRegistration clientRegistration = validClientRegistration(tenantId); - oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(clientRegistration))); - - List foundDomainsParams = oAuth2Service.findDomainsParamsByTenantId(tenantId); + List foundDomainsParams = oAuth2Service.findDomainsParams(); Assert.assertEquals(1, foundDomainsParams.size()); Assert.assertEquals(1, oAuth2Service.findAllClientRegistrations().size()); - List foundClientRegistrations = OAuth2Utils.toClientRegistrations(tenantId, foundDomainsParams); + List foundClientRegistrations = OAuth2Utils.toClientRegistrations(foundDomainsParams); OAuth2ClientRegistration foundClientRegistration = foundClientRegistrations.get(0); - Assert.assertNotNull(foundClientRegistration); clientRegistration.setId(foundClientRegistration.getId()); clientRegistration.setCreatedTime(foundClientRegistration.getCreatedTime()); Assert.assertEquals(clientRegistration, foundClientRegistration); } - @Test - public void testGetClientRegistrationWithTenant() { - OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId); - OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); - - List savedTenantDomainsParams = oAuth2Service.saveDomainsParams(tenantId, - OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration))); - List savedSysAdminDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, - OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration))); - - Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size()); - - Assert.assertEquals(savedTenantDomainsParams, oAuth2Service.findDomainsParamsByTenantId(tenantId)); - Assert.assertEquals(savedSysAdminDomainsParams, oAuth2Service.findDomainsParamsByTenantId(TenantId.SYS_TENANT_ID)); - - OAuth2ClientRegistration savedTenantClientRegistration = toClientRegistrations(tenantId, savedTenantDomainsParams).get(0); - Assert.assertEquals(savedTenantClientRegistration, oAuth2Service.findClientRegistration(savedTenantClientRegistration.getUuidId())); - OAuth2ClientRegistration savedSysAdminClientRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminDomainsParams).get(0); - Assert.assertEquals(savedSysAdminClientRegistration, oAuth2Service.findClientRegistration(savedSysAdminClientRegistration.getUuidId())); - } - @Test public void testGetOAuth2Clients() { String testDomainName = "test_domain"; - OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName); - OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName); + OAuth2ClientRegistration first = validClientRegistration(testDomainName); + OAuth2ClientRegistration second = validClientRegistration(testDomainName); - oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration))); - oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration))); + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(first))); + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(second))); List oAuth2Clients = oAuth2Service.getOAuth2Clients(testDomainName); - Set actualLabels = new HashSet<>(Arrays.asList(tenantClientRegistration.getLoginButtonLabel(), - sysAdminClientRegistration.getLoginButtonLabel())); + Set actualLabels = new HashSet<>(Arrays.asList(first.getLoginButtonLabel(), + second.getLoginButtonLabel())); Set foundLabels = oAuth2Clients.stream().map(OAuth2ClientInfo::getName).collect(Collectors.toSet()); Assert.assertEquals(actualLabels, foundLabels); @@ -193,88 +104,61 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest { @Test public void testGetEmptyOAuth2Clients() { String testDomainName = "test_domain"; - OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId, testDomainName); - OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID, testDomainName); - oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration))); - oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration))); + OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(testDomainName); + OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(testDomainName); + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration))); + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration))); List oAuth2Clients = oAuth2Service.getOAuth2Clients("random-domain"); Assert.assertTrue(oAuth2Clients.isEmpty()); } @Test public void testDeleteOAuth2ClientRegistration() { - OAuth2ClientRegistration tenantClientRegistration = validClientRegistration(tenantId); - OAuth2ClientRegistration sysAdminClientRegistration = validClientRegistration(TenantId.SYS_TENANT_ID); + OAuth2ClientRegistration first = validClientRegistration(); + OAuth2ClientRegistration second = validClientRegistration(); - List savedTenantDomainsParams = oAuth2Service.saveDomainsParams(tenantId, - OAuth2Utils.toDomainsParams(Collections.singletonList(tenantClientRegistration))); - List savedSysAdminDomainsParams = oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, - OAuth2Utils.toDomainsParams(Collections.singletonList(sysAdminClientRegistration))); + List savedFirstDomainsParams = oAuth2Service.saveDomainsParams( + OAuth2Utils.toDomainsParams(Collections.singletonList(first))); + List savedSecondDomainsParams = oAuth2Service.saveDomainsParams( + OAuth2Utils.toDomainsParams(Collections.singletonList(second))); - OAuth2ClientRegistration savedTenantRegistration = toClientRegistrations(tenantId, savedTenantDomainsParams).get(0); - OAuth2ClientRegistration savedSysAdminRegistration = toClientRegistrations(TenantId.SYS_TENANT_ID, savedSysAdminDomainsParams).get(0); + OAuth2ClientRegistration savedFirstRegistration = toClientRegistrations(savedFirstDomainsParams).get(0); + OAuth2ClientRegistration savedSecondRegistration = toClientRegistrations(savedSecondDomainsParams).get(0); - oAuth2Service.deleteClientRegistrationById(tenantId, savedTenantRegistration.getId()); + oAuth2Service.deleteClientRegistrationById(savedFirstRegistration.getId()); List foundRegistrations = oAuth2Service.findAllClientRegistrations(); Assert.assertEquals(1, foundRegistrations.size()); - Assert.assertEquals(savedSysAdminRegistration, foundRegistrations.get(0)); + Assert.assertEquals(savedSecondRegistration, foundRegistrations.get(0)); } @Test - public void testDeleteTenantOAuth2ClientRegistrations() { - oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Arrays.asList( - validClientRegistration(tenantId, "domain"), - validClientRegistration(tenantId, "domain"), - validClientRegistration(tenantId, "domain") + public void testDeleteDomainOAuth2ClientRegistrations() { + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Arrays.asList( + validClientRegistration("domain1"), + validClientRegistration("domain1"), + validClientRegistration("domain2") ))); - Assert.assertEquals(3, oAuth2Service.findAllClientRegistrations().size()); - Assert.assertEquals(1, oAuth2Service.findDomainsParamsByTenantId(tenantId).size()); - - oAuth2Service.deleteClientRegistrationsByTenantId(tenantId); - Assert.assertEquals(0, oAuth2Service.findAllClientRegistrations().size()); - Assert.assertEquals(0, oAuth2Service.findDomainsParamsByTenantId(tenantId).size()); - } - - @Test - public void testDeleteTenantDomainOAuth2ClientRegistrations() { - oAuth2Service.saveDomainsParams(tenantId, OAuth2Utils.toDomainsParams(Arrays.asList( - validClientRegistration(tenantId, "domain1"), - validClientRegistration(tenantId, "domain1"), - validClientRegistration(tenantId, "domain2") - ))); - oAuth2Service.saveDomainsParams(TenantId.SYS_TENANT_ID, OAuth2Utils.toDomainsParams(Arrays.asList( - validClientRegistration(TenantId.SYS_TENANT_ID, "domain2") + oAuth2Service.saveDomainsParams(OAuth2Utils.toDomainsParams(Arrays.asList( + validClientRegistration("domain2") ))); Assert.assertEquals(4, oAuth2Service.findAllClientRegistrations().size()); - List tenantDomainsParams = oAuth2Service.findDomainsParamsByTenantId(tenantId); - List tenantClientRegistrations = toClientRegistrations(tenantId, tenantDomainsParams); - Assert.assertEquals(2, tenantDomainsParams.size()); - Assert.assertEquals(3, tenantClientRegistrations.size()); + List domainsParams = oAuth2Service.findDomainsParams(); + List clientRegistrations = toClientRegistrations(domainsParams); + Assert.assertEquals(2, domainsParams.size()); + Assert.assertEquals(4, clientRegistrations.size()); - oAuth2Service.deleteClientRegistrationsByDomain(tenantId, "domain1"); + oAuth2Service.deleteClientRegistrationsByDomain("domain1"); Assert.assertEquals(2, oAuth2Service.findAllClientRegistrations().size()); - Assert.assertEquals(1, oAuth2Service.findDomainsParamsByTenantId(tenantId).size()); - Assert.assertEquals(1, toClientRegistrations(tenantId, oAuth2Service.findDomainsParamsByTenantId(tenantId)).size()); - } - - private void updateTenantAllowOAuth2Setting(Boolean allowOAuth2) throws IOException { - Tenant tenant = tenantService.findTenantById(tenantId); - if (allowOAuth2 == null) { - tenant.setAdditionalInfo(mapper.readTree("{}")); - } else { - String additionalInfo = "{\"" + ALLOW_OAUTH2_CONFIGURATION + "\":" + allowOAuth2 + "}"; - tenant.setAdditionalInfo(mapper.readTree(additionalInfo)); - tenantService.saveTenant(tenant); - } + Assert.assertEquals(1, oAuth2Service.findDomainsParams().size()); + Assert.assertEquals(2, toClientRegistrations(oAuth2Service.findDomainsParams()).size()); } - private OAuth2ClientRegistration validClientRegistration(TenantId tenantId) { - return validClientRegistration(tenantId, "domainName"); + private OAuth2ClientRegistration validClientRegistration() { + return validClientRegistration("domainName"); } - private OAuth2ClientRegistration validClientRegistration(TenantId tenantId, String domainName) { + private OAuth2ClientRegistration validClientRegistration(String domainName) { OAuth2ClientRegistration clientRegistration = new OAuth2ClientRegistration(); - clientRegistration.setTenantId(tenantId); clientRegistration.setDomainName(domainName); clientRegistration.setMapperConfig( OAuth2MapperConfig.builder()