Updating JPACodeDataProvider to remove pending codes when removing clients
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/275d14db Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/275d14db Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/275d14db Branch: refs/heads/master-jaxrs-2.1 Commit: 275d14dbfae3608fcc261e6023a99cf78dc43862 Parents: 90e94a5 Author: Sergey Beryozkin <[email protected]> Authored: Fri Apr 22 12:38:36 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Fri Apr 22 12:38:36 2016 +0100 ---------------------------------------------------------------------- .../oauth2/grants/code/JPACodeDataProvider.java | 12 +++++++ .../grants/code/JPACodeDataProviderTest.java | 24 ++++++++++++++ .../provider/JPAOAuthDataProviderTest.java | 33 +++++++++++++++++++- .../src/test/resources/META-INF/persistence.xml | 1 + 4 files changed, 69 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/275d14db/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProvider.java index 5766cd4..9893b2e 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProvider.java @@ -59,6 +59,18 @@ public class JPACodeDataProvider extends JPAOAuthDataProvider implements Authori } @Override + protected void doRemoveClient(Client c) { + removeClientCodeGrants(c); + super.doRemoveClient(c); + } + + protected void removeClientCodeGrants(Client c) { + for (ServerAuthorizationCodeGrant grant : getCodeGrants(c, null)) { + removeCodeGrant(grant.getCode()); + } + } + + @Override public ServerAuthorizationCodeGrant removeCodeGrant(String code) throws OAuthServiceException { ServerAuthorizationCodeGrant grant = getEntityManager().find(ServerAuthorizationCodeGrant.class, code); if (grant != null) { http://git-wip-us.apache.org/repos/asf/cxf/blob/275d14db/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java index 3878fff..cbbea51 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java @@ -83,6 +83,30 @@ public class JPACodeDataProviderTest extends Assert { ServerAuthorizationCodeGrant grant2 = provider.removeCodeGrant(grant.getCode()); assertEquals(grant.getCode(), grant2.getCode()); + + grants = provider.getCodeGrants(c, null); + assertNotNull(grants); + assertEquals(0, grants.size()); + } + + @Test + public void testAddGetDeleteCodeGrants2() { + Client c = addClient("111", "bob"); + + AuthorizationCodeRegistration atr = new AuthorizationCodeRegistration(); + atr.setClient(c); + atr.setApprovedScope(Collections.singletonList("a")); + atr.setSubject(c.getResourceOwnerSubject()); + + provider.createCodeGrant(atr); + + List<ServerAuthorizationCodeGrant> grants = provider.getCodeGrants(c, c.getResourceOwnerSubject()); + assertNotNull(grants); + assertEquals(1, grants.size()); + provider.removeClient(c.getClientId()); + grants = provider.getCodeGrants(c, c.getResourceOwnerSubject()); + assertNotNull(grants); + assertEquals(0, grants.size()); } private Client addClient(String clientId, String userLogin) { http://git-wip-us.apache.org/repos/asf/cxf/blob/275d14db/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java index 8b23e22..ed2e0a6 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java @@ -106,7 +106,12 @@ public class JPAOAuthDataProviderTest extends Assert { List<Client> allClients = provider.getClients(null); assertNotNull(allClients); assertEquals(3, allClients.size()); - + provider.removeClient(c.getClientId()); + provider.removeClient(c2.getClientId()); + provider.removeClient(c3.getClientId()); + allClients = provider.getClients(null); + assertNotNull(allClients); + assertEquals(0, allClients.size()); } @Test @@ -132,6 +137,11 @@ public class JPAOAuthDataProviderTest extends Assert { assertEquals(1, tokens.size()); assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); + tokens = provider.getAccessTokens(c, null); + assertNotNull(tokens); + assertEquals(1, tokens.size()); + assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); + tokens = provider.getAccessTokens(null, c.getResourceOwnerSubject()); assertNotNull(tokens); assertEquals(1, tokens.size()); @@ -147,6 +157,27 @@ public class JPAOAuthDataProviderTest extends Assert { } @Test + public void testAddGetDeleteAccessToken2() { + Client c = addClient("102", "bob"); + + AccessTokenRegistration atr = new AccessTokenRegistration(); + atr.setClient(c); + atr.setApprovedScope(Collections.singletonList("a")); + atr.setSubject(c.getResourceOwnerSubject()); + + provider.createAccessToken(atr); + List<ServerAccessToken> tokens = provider.getAccessTokens(c, null); + assertNotNull(tokens); + assertEquals(1, tokens.size()); + + provider.removeClient(c.getClientId()); + + tokens = provider.getAccessTokens(c, null); + assertNotNull(tokens); + assertEquals(0, tokens.size()); + } + + @Test public void testAddGetDeleteRefreshToken() { Client c = addClient("101", "bob"); http://git-wip-us.apache.org/repos/asf/cxf/blob/275d14db/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml index 814650c..25c7f76 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml +++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml @@ -2,6 +2,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"; version="2.0"> + <persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL"> <provider>org.hibernate.ejb.HibernatePersistence</provider> <class>org.apache.cxf.rs.security.oauth2.common.Client</class>
