working on SqliteUserService:
user creation and list works, upsert needs to be done Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -10,6 +10,6 @@ public interface SessionService {
|
||||
Session createSession(User user);
|
||||
SessionService dropSession(String sessionId);
|
||||
Session extend(Session session);
|
||||
Optional<Session> retrieve(String sessionId);
|
||||
Optional<Session> retrieve(String sessionId, UserService userService);
|
||||
SessionService setDuration(Duration duration);
|
||||
}
|
||||
|
||||
@@ -77,9 +77,9 @@ public class Application {
|
||||
new UserController(mailConfig, sessionService, userService, staticPages).bindPath(API_USER).on(server);
|
||||
var tokenControllerConfig = new TokenController.Configuration("https://lightoidc.srsoftware.de", 10); // TODO configure or derive from hostname
|
||||
new TokenController(authService, clientService, keyManager, userService, tokenControllerConfig).bindPath(API_TOKEN).on(server);
|
||||
new ClientController(authService, clientService, sessionService).bindPath(API_CLIENT).on(server);
|
||||
new ClientController(authService, clientService, sessionService, userService).bindPath(API_CLIENT).on(server);
|
||||
new KeyStoreController(keyStore).bindPath(JWKS).on(server);
|
||||
new EmailController(mailConfig, sessionService).bindPath(API_EMAIL).on(server);
|
||||
new EmailController(mailConfig, sessionService, userService).bindPath(API_EMAIL).on(server);
|
||||
server.setExecutor(Executors.newCachedThreadPool());
|
||||
server.start();
|
||||
}
|
||||
|
||||
@@ -23,8 +23,8 @@ public class ClientController extends Controller {
|
||||
private final AuthorizationService authorizations;
|
||||
private final ClientService clients;
|
||||
|
||||
public ClientController(AuthorizationService authorizationService, ClientService clientService, SessionService sessionService) {
|
||||
super(sessionService);
|
||||
public ClientController(AuthorizationService authorizationService, ClientService clientService, SessionService sessionService, UserService userService) {
|
||||
super(sessionService, userService);
|
||||
authorizations = authorizationService;
|
||||
clients = clientService;
|
||||
}
|
||||
|
||||
@@ -5,17 +5,20 @@ import com.sun.net.httpserver.HttpExchange;
|
||||
import de.srsoftware.http.PathHandler;
|
||||
import de.srsoftware.http.SessionToken;
|
||||
import de.srsoftware.oidc.api.SessionService;
|
||||
import de.srsoftware.oidc.api.UserService;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import java.util.Optional;
|
||||
|
||||
public abstract class Controller extends PathHandler {
|
||||
protected final SessionService sessions;
|
||||
private final UserService users;
|
||||
|
||||
Controller(SessionService sessionService) {
|
||||
Controller(SessionService sessionService, UserService userService) {
|
||||
sessions = sessionService;
|
||||
users = userService;
|
||||
}
|
||||
|
||||
protected Optional<Session> getSession(HttpExchange ex) {
|
||||
return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessions::retrieve);
|
||||
return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessionId -> sessions.retrieve(sessionId, users));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,14 +9,15 @@ import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
|
||||
import com.sun.net.httpserver.HttpExchange;
|
||||
import de.srsoftware.oidc.api.MailConfig;
|
||||
import de.srsoftware.oidc.api.SessionService;
|
||||
import de.srsoftware.oidc.api.UserService;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import java.io.IOException;
|
||||
|
||||
public class EmailController extends Controller {
|
||||
private final MailConfig mailConfig;
|
||||
|
||||
public EmailController(MailConfig mailConfig, SessionService sessionService) {
|
||||
super(sessionService);
|
||||
public EmailController(MailConfig mailConfig, SessionService sessionService, UserService userService) {
|
||||
super(sessionService, userService);
|
||||
this.mailConfig = mailConfig;
|
||||
}
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ public class UserController extends Controller {
|
||||
private final ResourceLoader resourceLoader;
|
||||
|
||||
public UserController(MailConfig mailConfig, SessionService sessionService, UserService userService, ResourceLoader resourceLoader) {
|
||||
super(sessionService);
|
||||
super(sessionService, userService);
|
||||
users = userService;
|
||||
this.mailConfig = mailConfig;
|
||||
this.resourceLoader = resourceLoader;
|
||||
@@ -40,7 +40,10 @@ public class UserController extends Controller {
|
||||
if (!user.hasPermission(MANAGE_USERS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
|
||||
var json = json(ex);
|
||||
var newID = uuid();
|
||||
User.of(json, uuid()).ifPresent(u -> users.updatePassword(u, json.getString(PASSWORD)));
|
||||
User.of(json, uuid()).ifPresent(newUser -> {
|
||||
users.save(newUser);
|
||||
users.updatePassword(newUser, json.getString(PASSWORD));
|
||||
});
|
||||
return sendContent(ex, newID);
|
||||
}
|
||||
|
||||
|
||||
@@ -247,13 +247,13 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<Session> retrieve(String sessionId) {
|
||||
public Optional<Session> retrieve(String sessionId, UserService userService) {
|
||||
try {
|
||||
var session = sessions().getJSONObject(sessionId);
|
||||
var userId = session.getString(USER);
|
||||
var expiration = Instant.ofEpochSecond(session.getLong(EXPIRATION));
|
||||
if (expiration.isAfter(Instant.now())) {
|
||||
return load(userId).map(user -> new Session(user, expiration, sessionId));
|
||||
return userService.load(userId).map(user -> new Session(user, expiration, sessionId));
|
||||
}
|
||||
dropSession(sessionId);
|
||||
} catch (Exception ignored) {
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
package de.srsoftware.oidc.datastore.sqlite;
|
||||
|
||||
import de.srsoftware.oidc.api.SessionService;
|
||||
import de.srsoftware.oidc.api.UserService;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import java.sql.Connection;
|
||||
@@ -28,7 +29,7 @@ public class SqliteSessionService implements SessionService {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<Session> retrieve(String sessionId) {
|
||||
public Optional<Session> retrieve(String sessionId, UserService users) {
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
|
||||
@@ -23,9 +23,9 @@ public class SqliteUserService extends SqliteStore implements UserService {
|
||||
private static final String CREATE_USER_PERMISSION_TABLE = "CREATE TABLE IF NOT EXISTS user_permissions(uuid VARCHAR(255), permission VARCHAR(50), PRIMARY KEY(uuid,permission));";
|
||||
private static final String COUNT_USERS = "SELECT count(*) FROM users";
|
||||
private static final String LOAD_USER = "SELECT * FROM users WHERE uuid = ?";
|
||||
private static final String LOAD_PERMISSIONS = "SELECT permission FROM user_permissions WHERE uuid = ?";
|
||||
private static final String FIND_USER = "SELECT * FROM users WHERE uuid = ? OR username LIKE ? OR realname LIKE ? ORDER BY COALESCE(uuid, ?), username";
|
||||
private static final String LIST_USERS = "SELECT * FROM users";
|
||||
private static final String LIST_USER_PERMISSIONS = "SELECT * FROM user_permissions WHERE uuid = ?";
|
||||
private static final String SELECT_USERSTORE_VERSION = "SELECT * FROM metainfo WHERE key = 'user_store_version'";
|
||||
private static final String SET_USERSTORE_VERSION = "UPDATE metainfo SET value = ? WHERE key = 'user_store_version'";
|
||||
private static final String INSERT_USER = "INSERT INTO users (uuid,password,email,session_duration,username,realname) VALUES (?,?,?,?,?,?)";
|
||||
@@ -143,24 +143,11 @@ public class SqliteUserService extends SqliteStore implements UserService {
|
||||
var rs = conn.prepareStatement(LIST_USERS).executeQuery();
|
||||
while (rs.next()) result.add(userFrom(rs));
|
||||
rs.close();
|
||||
for (User user : result) listPermissions(user.uuid()).forEach(user::add);
|
||||
for (User user : result) addPermissions(user);
|
||||
return result;
|
||||
} catch (SQLException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
return List.of();
|
||||
}
|
||||
|
||||
private List<Permission> listPermissions(String uuid) throws SQLException {
|
||||
var perms = new ArrayList<Permission>();
|
||||
var stmt = conn.prepareStatement(LIST_USER_PERMISSIONS);
|
||||
stmt.setString(1, uuid);
|
||||
var rs = stmt.executeQuery();
|
||||
while (rs.next()) {
|
||||
var perm = rs.getString("permission");
|
||||
perms.add(Permission.valueOf(perm));
|
||||
}
|
||||
rs.close();
|
||||
return perms;
|
||||
}
|
||||
|
||||
private User userFrom(ResultSet rs) throws SQLException {
|
||||
@@ -199,7 +186,24 @@ public class SqliteUserService extends SqliteStore implements UserService {
|
||||
stmt.setString(1, id);
|
||||
var rs = stmt.executeQuery();
|
||||
if (rs.next()) user = userFrom(rs);
|
||||
return nullable(user);
|
||||
rs.close();
|
||||
return nullable(user).map(this::addPermissions);
|
||||
} catch (SQLException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
private User addPermissions(User user) {
|
||||
try {
|
||||
var stmt = conn.prepareStatement(LOAD_PERMISSIONS);
|
||||
stmt.setString(1, user.uuid());
|
||||
var rs = stmt.executeQuery();
|
||||
while (rs.next()) try {
|
||||
user.add(Permission.valueOf(rs.getString("permission")));
|
||||
} catch (IllegalArgumentException ignored) {
|
||||
}
|
||||
rs.close();
|
||||
return user;
|
||||
} catch (SQLException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user