working on SqliteUserService:

user creation and list works, upsert needs to be done

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/SessionService.java

@@ -10,6 +10,6 @@ public interface SessionService {
 	Session	  createSession(User user);
 	SessionService	  dropSession(String sessionId);
 	Session	  extend(Session session);
-	Optional<Session> retrieve(String sessionId);
+	Optional<Session> retrieve(String sessionId, UserService userService);
 	SessionService	  setDuration(Duration duration);
 }

de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java

@@ -77,9 +77,9 @@ public class Application {
 		new UserController(mailConfig, sessionService, userService, staticPages).bindPath(API_USER).on(server);
 		var tokenControllerConfig = new TokenController.Configuration("https://lightoidc.srsoftware.de", 10);  // TODO configure or derive from hostname
 		new TokenController(authService, clientService, keyManager, userService, tokenControllerConfig).bindPath(API_TOKEN).on(server);
-		new ClientController(authService, clientService, sessionService).bindPath(API_CLIENT).on(server);
+		new ClientController(authService, clientService, sessionService, userService).bindPath(API_CLIENT).on(server);
 		new KeyStoreController(keyStore).bindPath(JWKS).on(server);
-		new EmailController(mailConfig, sessionService).bindPath(API_EMAIL).on(server);
+		new EmailController(mailConfig, sessionService, userService).bindPath(API_EMAIL).on(server);
 		server.setExecutor(Executors.newCachedThreadPool());
 		server.start();
 	}

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java

@@ -23,8 +23,8 @@ public class ClientController extends Controller {
 	private final AuthorizationService authorizations;
 	private final ClientService	   clients;
 
-	public ClientController(AuthorizationService authorizationService, ClientService clientService, SessionService sessionService) {
-		super(sessionService);
+	public ClientController(AuthorizationService authorizationService, ClientService clientService, SessionService sessionService, UserService userService) {
+		super(sessionService, userService);
 		authorizations = authorizationService;
 		clients        = clientService;
 	}

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Controller.java

@@ -5,17 +5,20 @@ import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.http.PathHandler;
 import de.srsoftware.http.SessionToken;
 import de.srsoftware.oidc.api.SessionService;
+import de.srsoftware.oidc.api.UserService;
 import de.srsoftware.oidc.api.data.Session;
 import java.util.Optional;
 
 public abstract class Controller extends PathHandler {
 	protected final SessionService sessions;
+	private final UserService      users;
 
-	Controller(SessionService sessionService) {
+	Controller(SessionService sessionService, UserService userService) {
 		sessions = sessionService;
+		users    = userService;
 	}
 
 	protected Optional<Session> getSession(HttpExchange ex) {
-		return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessions::retrieve);
+		return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessionId -> sessions.retrieve(sessionId, users));
 	}
 }

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/EmailController.java

@@ -9,14 +9,15 @@ import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
 import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.oidc.api.MailConfig;
 import de.srsoftware.oidc.api.SessionService;
+import de.srsoftware.oidc.api.UserService;
 import de.srsoftware.oidc.api.data.Session;
 import java.io.IOException;
 
 public class EmailController extends Controller {
 	private final MailConfig mailConfig;
 
-	public EmailController(MailConfig mailConfig, SessionService sessionService) {
-		super(sessionService);
+	public EmailController(MailConfig mailConfig, SessionService sessionService, UserService userService) {
+		super(sessionService, userService);
 		this.mailConfig = mailConfig;
 	}
 

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java

@@ -30,7 +30,7 @@ public class UserController extends Controller {
 	private final ResourceLoader resourceLoader;
 
 	public UserController(MailConfig mailConfig, SessionService sessionService, UserService userService, ResourceLoader resourceLoader) {
-		super(sessionService);
+		super(sessionService, userService);
 		users	    = userService;
 		this.mailConfig	    = mailConfig;
 		this.resourceLoader = resourceLoader;
@@ -40,7 +40,10 @@ public class UserController extends Controller {
 		if (!user.hasPermission(MANAGE_USERS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		var json  = json(ex);
 		var newID = uuid();
-		User.of(json, uuid()).ifPresent(u -> users.updatePassword(u, json.getString(PASSWORD)));
+		User.of(json, uuid()).ifPresent(newUser -> {
+			users.save(newUser);
+			users.updatePassword(newUser, json.getString(PASSWORD));
+		});
 		return sendContent(ex, newID);
 	}
 

de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java

@@ -247,13 +247,13 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe
 	}
 
 	@Override
-	public Optional<Session> retrieve(String sessionId) {
+	public Optional<Session> retrieve(String sessionId, UserService userService) {
 		try {
 			var session    = sessions().getJSONObject(sessionId);
 			var userId     = session.getString(USER);
 			var expiration = Instant.ofEpochSecond(session.getLong(EXPIRATION));
 			if (expiration.isAfter(Instant.now())) {
-				return load(userId).map(user -> new Session(user, expiration, sessionId));
+				return userService.load(userId).map(user -> new Session(user, expiration, sessionId));
 			}
 			dropSession(sessionId);
 		} catch (Exception ignored) {

de.srsoftware.oidc.datastore.sqlite/src/main/java/de/srsoftware/oidc/datastore/sqlite/SqliteSessionService.java

@@ -2,6 +2,7 @@
 package de.srsoftware.oidc.datastore.sqlite;
 
 import de.srsoftware.oidc.api.SessionService;
+import de.srsoftware.oidc.api.UserService;
 import de.srsoftware.oidc.api.data.Session;
 import de.srsoftware.oidc.api.data.User;
 import java.sql.Connection;
@@ -28,7 +29,7 @@ public class SqliteSessionService implements SessionService {
 	}
 
 	@Override
-	public Optional<Session> retrieve(String sessionId) {
+	public Optional<Session> retrieve(String sessionId, UserService users) {
 		return Optional.empty();
 	}
 

de.srsoftware.oidc.datastore.sqlite/src/main/java/de/srsoftware/oidc/datastore/sqlite/SqliteUserService.java

@@ -23,9 +23,9 @@ public class SqliteUserService extends SqliteStore implements UserService {
 	private static final String CREATE_USER_PERMISSION_TABLE = "CREATE TABLE IF NOT EXISTS user_permissions(uuid VARCHAR(255), permission VARCHAR(50), PRIMARY KEY(uuid,permission));";
 	private static final String COUNT_USERS	         = "SELECT count(*) FROM users";
 	private static final String LOAD_USER	         = "SELECT * FROM users WHERE uuid = ?";
+	private static final String LOAD_PERMISSIONS	         = "SELECT permission FROM user_permissions WHERE uuid = ?";
 	private static final String FIND_USER	         = "SELECT * FROM users WHERE uuid = ? OR username LIKE ? OR realname LIKE ? ORDER BY COALESCE(uuid, ?), username";
 	private static final String LIST_USERS	         = "SELECT * FROM users";
-	private static final String LIST_USER_PERMISSIONS        = "SELECT * FROM user_permissions WHERE uuid = ?";
 	private static final String SELECT_USERSTORE_VERSION     = "SELECT * FROM metainfo WHERE key = 'user_store_version'";
 	private static final String SET_USERSTORE_VERSION        = "UPDATE metainfo SET value = ? WHERE key = 'user_store_version'";
 	private static final String INSERT_USER	         = "INSERT INTO users (uuid,password,email,session_duration,username,realname) VALUES (?,?,?,?,?,?)";
@@ -143,24 +143,11 @@ public class SqliteUserService extends SqliteStore implements UserService {
 			var        rs	  = conn.prepareStatement(LIST_USERS).executeQuery();
 			while (rs.next()) result.add(userFrom(rs));
 			rs.close();
-			for (User user : result) listPermissions(user.uuid()).forEach(user::add);
+			for (User user : result) addPermissions(user);
+			return result;
 		} catch (SQLException e) {
 			throw new RuntimeException(e);
 		}
-		return List.of();
-	}
-
-	private List<Permission> listPermissions(String uuid) throws SQLException {
-		var perms = new ArrayList<Permission>();
-		var stmt  = conn.prepareStatement(LIST_USER_PERMISSIONS);
-		stmt.setString(1, uuid);
-		var rs = stmt.executeQuery();
-		while (rs.next()) {
-			var perm = rs.getString("permission");
-			perms.add(Permission.valueOf(perm));
-		}
-		rs.close();
-		return perms;
 	}
 
 	private User userFrom(ResultSet rs) throws SQLException {
@@ -199,7 +186,24 @@ public class SqliteUserService extends SqliteStore implements UserService {
 			stmt.setString(1, id);
 			var rs = stmt.executeQuery();
 			if (rs.next()) user = userFrom(rs);
-			return nullable(user);
+			rs.close();
+			return nullable(user).map(this::addPermissions);
+		} catch (SQLException e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	private User addPermissions(User user) {
+		try {
+			var stmt = conn.prepareStatement(LOAD_PERMISSIONS);
+			stmt.setString(1, user.uuid());
+			var rs = stmt.executeQuery();
+			while (rs.next()) try {
+					user.add(Permission.valueOf(rs.getString("permission")));
+				} catch (IllegalArgumentException ignored) {
+				}
+			rs.close();
+			return user;
 		} catch (SQLException e) {
 			throw new RuntimeException(e);
 		}