[SCB-1365]add database implementations for OpenIDStore
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java
index 2840840..d8ed4ac 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/GithubTokenGranter.java
@@ -73,7 +73,7 @@
}
@Override
- public TokenResponse grant(String code, String state, String login) {
+ public OpenIDToken grant(String code, String state, String login) {
GithubAccessTokenResponse response = null;
try {
HttpHeaders headers = new HttpHeaders();
@@ -107,7 +107,7 @@
response);
openIDTokenStore.saveToken(openIDToken);
- return TokenResponse.fromOpenIDToken(openIDToken);
+ return openIDToken;
} catch (UsernameNotFoundException e) {
return null;
}
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java
index bb32d48..5740bc0 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/PasswordTokenGranter.java
@@ -48,7 +48,7 @@
private AbstractOpenIDTokenStore openIDTokenStore;
@Override
- public TokenResponse grant(Map<String, String> parameters) {
+ public OpenIDToken grant(Map<String, String> parameters) {
String username = parameters.get(AuthenticationServerConstants.PARAM_USERNAME);
String password = parameters.get(AuthenticationServerConstants.PARAM_PASSWORD);
@@ -61,7 +61,7 @@
if (passwordEncoder.matches(password, userDetails.getPassword())) {
OpenIDToken openIDToken = openIDTokenStore.createToken(userDetails);
openIDTokenStore.saveToken(openIDToken);
- return TokenResponse.fromOpenIDToken(openIDToken);
+ return openIDToken;
} else {
return null;
}
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java
index a18bd2d..9204dc3 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/RefreshTokenTokenGranter.java
@@ -55,7 +55,7 @@
}
@Override
- public TokenResponse grant(Map<String, String> parameters) {
+ public OpenIDToken grant(Map<String, String> parameters) {
String refreshTokenValue = parameters.get(AuthenticationServerConstants.PARAM_REFRESH_TOKEN);
if (StringUtils.isEmpty(refreshTokenValue)) {
@@ -65,10 +65,10 @@
Token refreshToken = openIDTokenStore.readTokenByRefreshTokenValue(refreshTokenValue);
if (refreshToken != null && !refreshToken.isExpired()) {
- UserDetails userDetails = userDetailsService.loadUserByUsername(refreshToken.username());
+ UserDetails userDetails = userDetailsService.loadUserByUsername(refreshToken.getUsername());
OpenIDToken openIDToken = openIDTokenStore.createToken(userDetails);
openIDTokenStore.saveToken(openIDToken);
- return TokenResponse.fromOpenIDToken(openIDToken);
+ return openIDToken;
}
return null;
}
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java
index 1ef4fc8..788d31b 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/ThirdPartyTokenGranter.java
@@ -20,6 +20,7 @@
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
public interface ThirdPartyTokenGranter extends TokenGranter {
@@ -29,7 +30,7 @@
}
@Override
- default TokenResponse grant(Map<String, String> parameters) {
+ default OpenIDToken grant(Map<String, String> parameters) {
String provider = parameters.get(AuthenticationServerConstants.PARAM_PROVIDER);
String code = parameters.get(AuthenticationServerConstants.PARAM_CODE);
String state = parameters.get(AuthenticationServerConstants.PARAM_STATE);
@@ -49,7 +50,7 @@
String name();
- TokenResponse grant(String code, String state, String login);
+ OpenIDToken grant(String code, String state, String login);
/**
* In authorization code mode, need to get authentication provider information first.
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java
index fb849c1..bd7f8d8 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenEndpoint.java
@@ -22,6 +22,7 @@
import javax.ws.rs.core.MediaType;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
import org.apache.servicecomb.provider.rest.common.RestSchema;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
@@ -36,12 +37,12 @@
@Override
@PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED)
- public TokenResponse getToken(@RequestBody Map<String, String> parameters) {
+ public OpenIDToken getToken(@RequestBody Map<String, String> parameters) {
String grantType = parameters.get(AuthenticationServerConstants.PARAM_GRANT_TYPE);
for (TokenGranter granter : granters) {
if (granter.enabled()) {
- TokenResponse token = granter.grant(grantType, parameters);
+ OpenIDToken token = granter.grant(grantType, parameters);
if (token != null) {
return token;
}
diff --git a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java
index e5f600b..701958c 100644
--- a/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java
+++ b/api/authentication-server/endpoint/src/main/java/org/apache/servicecomb/authentication/server/TokenGranter.java
@@ -19,6 +19,8 @@
import java.util.Map;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+
/**
* Token granter is used to grant access tokens.
* @author Administrator
@@ -29,12 +31,12 @@
String grantType();
- default TokenResponse grant(String grantType, Map<String, String> parameters) {
+ default OpenIDToken grant(String grantType, Map<String, String> parameters) {
if (grantType().equals(grantType)) {
return grant(parameters);
}
return null;
}
- TokenResponse grant(Map<String, String> parameters);
+ OpenIDToken grant(Map<String, String> parameters);
}
diff --git a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java b/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java
index 8dbd197..140ef61 100644
--- a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java
+++ b/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenService.java
@@ -19,6 +19,8 @@
import java.util.Map;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+
public interface TokenService {
- TokenResponse getToken(Map<String, String> parameters);
+ OpenIDToken getToken(Map<String, String> parameters);
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java
index 1a09f58..341f8fd 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/InMemoryOpenIDTokenStore.java
@@ -41,11 +41,6 @@
}
@Override
- public OpenIDToken readTokenByIDTokenValue(String idTokenValue) {
- return TOKENS_BY_ID_TOKEN_VALUE.get(idTokenValue);
- }
-
- @Override
public void saveToken(OpenIDToken token) {
TOKENS.put(token.getValue(), token);
TOKENS_BY_REFRESH_TOKEN_VALUE.put(token.getRefreshToken().getValue(), token);
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java
index a4c6750..2ab1183 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTToken.java
@@ -17,8 +17,78 @@
package org.apache.servicecomb.authentication.token;
-import org.apache.servicecomb.authentication.jwt.JWTClaims;
+import java.util.Map;
-public interface JWTToken extends Token {
- public JWTClaims getClaims();
+import org.apache.servicecomb.authentication.jwt.JWTClaims;
+import org.apache.servicecomb.authentication.jwt.JsonParser;
+import org.springframework.security.jwt.Jwt;
+import org.springframework.security.jwt.JwtHelper;
+import org.springframework.security.jwt.crypto.sign.Signer;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+
+public class JWTToken implements Token {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 8234764050908891544L;
+
+ private JWTClaims claims;
+
+ private String value;
+
+ public JWTToken() {
+
+ }
+
+ public JWTToken(JWTClaims claims, Signer signer) {
+ this.claims = claims;
+ String content = JsonParser.unparse(claims);
+ Jwt jwtToken = JwtHelper.encode(content, signer);
+ this.value = jwtToken.getEncoded();
+ }
+
+ @Override
+ @JsonIgnore
+ public long getIssueAt() {
+ return this.claims.getIat();
+ }
+
+ @Override
+ @JsonIgnore
+ public long getExpiresIn() {
+ return this.claims.getExp();
+ }
+
+ @Override
+ @JsonIgnore
+ public long getNotBefore() {
+ return this.claims.getNbf();
+ }
+
+ @Override
+ public String getValue() {
+ return this.value;
+ }
+
+ @Override
+ public Map<String, Object> getAdditionalInformation() {
+ return this.claims.getAdditionalInformation();
+ }
+
+ @Override
+ @JsonIgnore
+ public String getUsername() {
+ return this.claims.getSub();
+ }
+
+ public JWTClaims getClaims() {
+ return this.claims;
+ }
+
+ @Override
+ public void addAdditionalInformation(String key, Object value) {
+ this.claims.addAdditionalInformation(key, value);
+ }
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java
deleted file mode 100644
index 1c8c133..0000000
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenImpl.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.token;
-
-import java.util.Map;
-
-import org.apache.servicecomb.authentication.jwt.JWTClaims;
-import org.apache.servicecomb.authentication.jwt.JsonParser;
-import org.springframework.security.jwt.Jwt;
-import org.springframework.security.jwt.JwtHelper;
-import org.springframework.security.jwt.crypto.sign.Signer;
-
-public class JWTTokenImpl implements JWTToken {
- private JWTClaims claims;
-
- private boolean valueCalculated = false;
-
- private String value;
-
- private Signer signer;
-
- public JWTTokenImpl(JWTClaims claims, Signer signer) {
- this.claims = claims;
- this.signer = signer;
- }
-
- @Override
- public long getIssueAt() {
- return this.claims.getIat();
- }
-
- @Override
- public long getExpiresIn() {
- return this.claims.getExp();
- }
-
- @Override
- public long getNotBefore() {
- return this.claims.getNbf();
- }
-
- @Override
- public String getValue() {
- if (!this.valueCalculated) {
- String content = JsonParser.unparse(claims);
- Jwt jwtToken = JwtHelper.encode(content, signer);
- this.value = jwtToken.getEncoded();
- }
- return this.value;
- }
-
- @Override
- public Map<String, Object> getAdditionalInformation() {
- return this.claims.getAdditionalInformation();
- }
-
- @Override
- public String username() {
- return this.claims.getSub();
- }
-
- public JWTClaims getClaims() {
- return this.claims;
- }
-
- @Override
- public void addAdditionalInformation(String key, Object value) {
- this.claims.addAdditionalInformation(key, value);
- }
-}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java
index 5b74496..59dd6c7 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/JWTTokenStoreImpl.java
@@ -52,7 +52,7 @@
claims.setNbf(config.notBefore);
// Maybe some other properties in future
- return new JWTTokenImpl(claims, signer);
+ return new JWTToken(claims, signer);
}
public JWTToken createTokenByValue(String value) {
@@ -64,6 +64,6 @@
} catch (Exception e) {
return null;
}
- return new JWTTokenImpl(claims, signer);
+ return new JWTToken(claims, signer);
}
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java
index d82b663..c6fc36f 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDToken.java
@@ -20,7 +20,14 @@
import java.util.Map;
import java.util.Set;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
public class OpenIDToken implements Token {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 6252768307298115467L;
+
private String tokenType;
private SessionToken accessToken;
@@ -72,41 +79,49 @@
}
@Override
- public String username() {
- return accessToken.username();
+ @JsonIgnore
+ public String getUsername() {
+ return accessToken.getUsername();
}
@Override
+ @JsonIgnore
public boolean isExpired() {
return accessToken.isExpired();
}
@Override
+ @JsonIgnore
public long getIssueAt() {
return accessToken.getIssueAt();
}
@Override
+ @JsonIgnore
public long getExpiresIn() {
return accessToken.getExpiresIn();
}
@Override
+ @JsonIgnore
public long getNotBefore() {
return accessToken.getNotBefore();
}
@Override
+ @JsonIgnore
public String getValue() {
return accessToken.getValue();
}
@Override
+ @JsonIgnore
public Map<String, Object> getAdditionalInformation() {
return accessToken.getAdditionalInformation();
}
@Override
+ @JsonIgnore
public void addAdditionalInformation(String key, Object value) {
accessToken.addAdditionalInformation(key, value);
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java
index cd65ead..4fdf6a2 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/OpenIDTokenStore.java
@@ -23,8 +23,6 @@
OpenIDToken readTokenByRefreshTokenValue(String refreshTokenValue);
- OpenIDToken readTokenByIDTokenValue(String idTokenValue);
-
JWTToken createIDTokenByValue(String jwtTokenValue);
void saveToken(OpenIDToken token);
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java
index c39cec4..7050843 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionToken.java
@@ -17,5 +17,73 @@
package org.apache.servicecomb.authentication.token;
-public interface SessionToken extends Token {
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+public class SessionToken implements Token {
+ private static final long serialVersionUID = -7783398248936167939L;
+
+ private String value;
+
+ private long issueAt;
+
+ private long expiresIn;
+
+ private long notBefore;
+
+ private String username;
+
+ private Map<String, Object> additionalInformation;
+
+ public SessionToken() {
+
+ }
+
+ public SessionToken(String username) {
+ this.value = UUID.randomUUID().toString();
+ this.issueAt = System.currentTimeMillis();
+ this.username = username;
+ TokenDynamicProperties config = TokenDynamicPropertiesManager.getTokenConfiguration(username);
+ this.expiresIn = config.expiresIn;
+ this.notBefore = config.notBefore;
+ }
+
+ @Override
+ public long getIssueAt() {
+ return this.issueAt;
+ }
+
+ @Override
+ public long getExpiresIn() {
+ return this.expiresIn;
+ }
+
+ @Override
+ public long getNotBefore() {
+ return this.notBefore;
+ }
+
+ @Override
+ public String getValue() {
+ return this.value;
+ }
+
+ @Override
+ public Map<String, Object> getAdditionalInformation() {
+ return additionalInformation;
+ }
+
+ @Override
+ public String getUsername() {
+ return this.username;
+ }
+
+ @Override
+ public void addAdditionalInformation(String key, Object value) {
+ if (additionalInformation == null) {
+ additionalInformation = new HashMap<>();
+ }
+ additionalInformation.put(key, value);
+ }
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java
deleted file mode 100644
index d409ee9..0000000
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenImpl.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.token;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-public class SessionTokenImpl implements SessionToken {
- private String value;
-
- private long issueAt;
-
- private String username;
-
- private TokenDynamicProperties config;
-
- private Map<String, Object> additionalInformation;
-
- public SessionTokenImpl(String username) {
- this.value = UUID.randomUUID().toString();
- this.issueAt = System.currentTimeMillis();
- this.username = username;
- this.config = TokenDynamicPropertiesManager.getTokenConfiguration(username);
- }
-
- @Override
- public long getIssueAt() {
- return this.issueAt;
- }
-
- @Override
- public long getExpiresIn() {
- return this.config.expiresIn;
- }
-
- @Override
- public long getNotBefore() {
- return this.config.notBefore;
- }
-
- @Override
- public String getValue() {
- return this.value;
- }
-
- @Override
- public Map<String, Object> getAdditionalInformation() {
- return additionalInformation;
- }
-
- @Override
- public String username() {
- return this.username;
- }
-
- @Override
- public void addAdditionalInformation(String key, Object value) {
- if (additionalInformation == null) {
- additionalInformation = new HashMap<>();
- }
- additionalInformation.put(key, value);
- }
-}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java
index 59b23aa..631f3d7 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/SessionTokenStore.java
@@ -23,7 +23,7 @@
@Override
public SessionToken createToken(UserDetails userDetails) {
- return new SessionTokenImpl(userDetails.getUsername());
+ return new SessionToken(userDetails.getUsername());
}
}
diff --git a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java
index ca51f89..55b1423 100644
--- a/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java
+++ b/api/common/service/src/main/java/org/apache/servicecomb/authentication/token/Token.java
@@ -17,11 +17,15 @@
package org.apache.servicecomb.authentication.token;
+import java.io.Serializable;
import java.util.Map;
-public interface Token {
- String username();
+import com.fasterxml.jackson.annotation.JsonIgnore;
+public interface Token extends Serializable {
+ String getUsername();
+
+ @JsonIgnore
default boolean isExpired() {
return (System.currentTimeMillis() < getNotBefore()) ||
(System.currentTimeMillis() - getIssueAt() > getExpiresIn() * 1000);
@@ -36,6 +40,6 @@
String getValue();
Map<String, Object> getAdditionalInformation();
-
+
void addAdditionalInformation(String key, Object value);
}
diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java
index 50c29d3..18ad3af 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/AuthenticationServerTokenEndpoint.java
@@ -20,12 +20,12 @@
import java.util.Map;
import java.util.concurrent.CompletableFuture;
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
public interface AuthenticationServerTokenEndpoint {
@PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
- public CompletableFuture<TokenResponse> getToken(@RequestBody Map<String, String> parameters);
+ public CompletableFuture<OpenIDToken> getToken(@RequestBody Map<String, String> parameters);
}
diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java
deleted file mode 100644
index 97dd3c4..0000000
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/DumyEdgeTokenResponseProcessor.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.edge;
-
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
-public class DumyEdgeTokenResponseProcessor implements EdgeTokenResponseProcessor {
- public DumyEdgeTokenResponseProcessor() {
- }
-
- @Override
- public void process(TokenResponse tokenResponse) {
- }
-
-}
diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java
index 4142c4f..bcb48a8 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeConfiguration.java
@@ -17,16 +17,9 @@
package org.apache.servicecomb.authentication.edge;
-import org.apache.servicecomb.authentication.util.CommonConstants;
-import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
@Configuration
public class EdgeConfiguration {
- @Bean(name = {CommonConstants.BEAN_AUTH_EDGE_TOKEN_RESPONSE_PROCESSOR})
- @Order(CommonConstants.BEAN_DEFAULT_ORDER)
- public EdgeTokenResponseProcessor edgeTokenResponseProcessor() {
- return new DumyEdgeTokenResponseProcessor();
- }
+
}
diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java
deleted file mode 100644
index 09ea7b3..0000000
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/EdgeTokenResponseProcessor.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.servicecomb.authentication.edge;
-
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
-public interface EdgeTokenResponseProcessor {
- void process(TokenResponse tokenResponse);
-}
diff --git a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java
index 578f71a..ffafe1a 100644
--- a/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java
+++ b/api/edge-service/endpoint/src/main/java/org/apache/servicecomb/authentication/edge/TokenEndpoint.java
@@ -20,12 +20,9 @@
import java.util.Map;
import java.util.concurrent.CompletableFuture;
-import org.apache.servicecomb.authentication.server.TokenResponse;
-import org.apache.servicecomb.authentication.util.CommonConstants;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
import org.apache.servicecomb.provider.pojo.RpcReference;
import org.apache.servicecomb.provider.rest.common.RestSchema;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -37,21 +34,16 @@
@RpcReference(microserviceName = "authentication-server", schemaId = "TokenEndpoint")
private AuthenticationServerTokenEndpoint authenticationSererTokenEndpoint;
- @Autowired
- @Qualifier(CommonConstants.BEAN_AUTH_EDGE_TOKEN_RESPONSE_PROCESSOR)
- private EdgeTokenResponseProcessor edgeTokenResponseProcessor;
-
@Override
@PostMapping(path = "/", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
public CompletableFuture<TokenResponse> getToken(@RequestBody Map<String, String> parameters) {
CompletableFuture<TokenResponse> result = new CompletableFuture<>();
- CompletableFuture<TokenResponse> response =
+ CompletableFuture<OpenIDToken> response =
authenticationSererTokenEndpoint.getToken(parameters);
response.whenComplete((tokenResonse, ex) -> {
if (!response.isCompletedExceptionally()) {
- result.complete(tokenResonse);
- edgeTokenResponseProcessor.process(tokenResonse);
+ result.complete(TokenResponse.fromOpenIDToken(tokenResonse));
} else {
result.completeExceptionally(ex);
}
diff --git a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java
similarity index 97%
rename from api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java
rename to api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java
index 32e7fb5..9fc7b67 100644
--- a/api/authentication-server/service/src/main/java/org/apache/servicecomb/authentication/server/TokenResponse.java
+++ b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenResponse.java
@@ -15,7 +15,7 @@
* limitations under the License.
*/
-package org.apache.servicecomb.authentication.server;
+package org.apache.servicecomb.authentication.edge;
import java.util.Map;
import java.util.Set;
diff --git a/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java
index 5e12a45..e279986 100644
--- a/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java
+++ b/api/edge-service/service/src/main/java/org/apache/servicecomb/authentication/edge/TokenService.java
@@ -20,8 +20,6 @@
import java.util.Map;
import java.util.concurrent.CompletableFuture;
-import org.apache.servicecomb.authentication.server.TokenResponse;
-
public interface TokenService {
CompletableFuture<TokenResponse> getToken(Map<String, String> parameters);
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
index 0e4b462..854c940 100644
--- a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
@@ -17,8 +17,6 @@
package org.apache.servicecomb.authentication;
-import org.apache.servicecomb.authentication.token.AbstractOpenIDTokenStore;
-import org.apache.servicecomb.authentication.token.InMemoryOpenIDTokenStore;
import org.apache.servicecomb.authentication.util.CommonConstants;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -40,10 +38,4 @@
// If using MacSigner, need to protect the shared key by properly encryption.
return new MacSigner("Please change this key.");
}
-
- @Bean(name = CommonConstants.BEAN_AUTH_OPEN_ID_TOKEN_STORE)
- public AbstractOpenIDTokenStore openIDTokenStore() {
- // NOTICE: Use in memory store for testing. Need to implement JDBC or Redis SessionIDTokenStore in product.
- return new InMemoryOpenIDTokenStore();
- }
}
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java
new file mode 100644
index 0000000..0163612
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCOpenIDTokenStore.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication;
+
+import org.apache.servicecomb.authentication.jwt.JsonParser;
+import org.apache.servicecomb.authentication.token.AbstractOpenIDTokenStore;
+import org.apache.servicecomb.authentication.token.OpenIDToken;
+import org.apache.servicecomb.authentication.user.TokenMapper;
+import org.apache.servicecomb.authentication.util.CommonConstants;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component(CommonConstants.BEAN_AUTH_OPEN_ID_TOKEN_STORE)
+public class JDBCOpenIDTokenStore extends AbstractOpenIDTokenStore {
+ @Autowired
+ private TokenMapper tokenMapper;
+
+ @Override
+ public OpenIDToken readTokenByValue(String value) {
+ String tokenInfo = tokenMapper.getTokenInfoByAccessTokenId(value);
+ if (tokenInfo != null) {
+ return JsonParser.parse(tokenInfo, OpenIDToken.class);
+ }
+ return null;
+ }
+
+ @Override
+ public OpenIDToken readTokenByRefreshTokenValue(String refreshTokenValue) {
+ String tokenInfo = tokenMapper.getTokenInfoByRefreshTokenId(refreshTokenValue);
+ if (tokenInfo != null) {
+ return JsonParser.parse(tokenInfo, OpenIDToken.class);
+ }
+ return null;
+ }
+
+ @Override
+ public void saveToken(OpenIDToken token) {
+ tokenMapper.insertNewToken(token.getValue(),
+ token.getRefreshToken().getValue(),
+ JsonParser.unparse(token));
+ }
+
+}
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java
new file mode 100644
index 0000000..7ef3f22
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/TokenMapper.java
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication.user;
+
+import org.apache.ibatis.annotations.Param;
+
+public interface TokenMapper {
+ public void insertNewToken(@Param("accessTokenId") String accessTokenId,
+ @Param("refreshTokenId") String refreshTokenId,
+ @Param("tokenInfo") String tokenInfo);
+
+ public String getTokenInfoByAccessTokenId(@Param("accessTokenId") String accessTokenId);
+
+ public String getTokenInfoByRefreshTokenId(@Param("refreshTokenId") String refreshTokenId);
+
+ public String getTokenInfoByIdTokenId(@Param("idTokenId") String idTokenId);
+}
diff --git a/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
index dac1cdf..08ebeb0 100644
--- a/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
+++ b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
@@ -38,5 +38,9 @@
value="org.apache.servicecomb.authentication.user.UserMapper" />
<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
-
+ <bean id="tokenMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
+ <property name="mapperInterface"
+ value="org.apache.servicecomb.authentication.user.TokenMapper" />
+ <property name="sqlSessionFactory" ref="sqlSessionFactory" />
+ </bean>
</beans>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml b/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml
new file mode 100644
index 0000000..8d702f9
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/config/TokenMapper.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more
+ ~ contributor license agreements. See the NOTICE file distributed with ~
+ this work for additional information regarding copyright ownership. ~ The
+ ASF licenses this file to You under the Apache License, Version 2.0 ~ (the
+ "License"); you may not use this file except in compliance with ~ the License.
+ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~ ~ Unless required by applicable law or agreed to in writing, software ~
+ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the
+ License for the specific language governing permissions and ~ limitations
+ under the License. -->
+
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="org.apache.servicecomb.authentication.user.TokenMapper">
+ <insert id="insertNewToken">
+ insert into
+ T_TOKENS(ACCESS_TOKEN_VALUE,REFRESH_TOKEN_VALUE,TOKEN)
+ values(#{accessTokenId},#{refreshTokenId},#{tokenInfo})
+ </insert>
+
+ <select id="getTokenInfoByAccessTokenId" parameterType="java.lang.String"
+ resultType="java.lang.String">
+ select TOKEN
+ from T_TOKENS where ACCESS_TOKEN_VALUE =
+ #{accessTokenId}
+ </select>
+
+ <select id="getTokenInfoByRefreshTokenId" parameterType="java.lang.String"
+ resultType="java.lang.String">
+ select TOKEN
+ from T_TOKENS where REFRESH_TOKEN_VALUE =
+ #{refreshTokenId}
+ </select>
+</mapper>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
index 2bd7b68..9290b3f 100644
--- a/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
+++ b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
@@ -15,7 +15,8 @@
PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
- <mappers>
- <mapper resource="config/UserMapper.xml"/>
- </mappers>
+ <mappers>
+ <mapper resource="config/UserMapper.xml" />
+ <mapper resource="config/TokenMapper.xml" />
+ </mappers>
</configuration>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/sql/user.sql b/samples/AuthenticationServer/src/main/resources/sql/user.sql
index 223826d..b5dbfc7 100644
--- a/samples/AuthenticationServer/src/main/resources/sql/user.sql
+++ b/samples/AuthenticationServer/src/main/resources/sql/user.sql
@@ -73,7 +73,6 @@
`ID` INTEGER(8) NOT NULL AUTO_INCREMENT,
`ACCESS_TOKEN_VALUE` VARCHAR(256) NOT NULL,
`REFRESH_TOKEN_VALUE` VARCHAR(256) NOT NULL,
- `ID_TOKEN_VALUE` VARCHAR(256) NOT NULL,
`TOKEN` TEXT NOT NULL,
PRIMARY KEY (`ID`)
);
diff --git a/samples/Client/pom.xml b/samples/Client/pom.xml
index 5bbe9d8..b6b3220 100644
--- a/samples/Client/pom.xml
+++ b/samples/Client/pom.xml
@@ -33,7 +33,7 @@
<dependencies>
<dependency>
<groupId>org.apache.servicecomb.authentication</groupId>
- <artifactId>authentication-server-api-service</artifactId>
+ <artifactId>authentication-edge-api-service</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
<dependency>
@@ -64,7 +64,7 @@
<dependencies>
<dependency>
<groupId>org.apache.servicecomb.authentication</groupId>
- <artifactId>authentication-server-api-service</artifactId>
+ <artifactId>authentication-edge-api-service</artifactId>
</dependency>
<dependency>
<groupId>org.apache.servicecomb</groupId>
diff --git a/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java b/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java
index 2b8fd5a..7acb34d 100644
--- a/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java
+++ b/samples/Client/src/main/java/org/apache/servicecomb/authentication/AuthenticationTestCase.java
@@ -17,7 +17,7 @@
package org.apache.servicecomb.authentication;
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.edge.TokenResponse;
import org.apache.servicecomb.authentication.util.CommonConstants;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
diff --git a/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java b/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java
index 00a557e..766aba0 100644
--- a/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java
+++ b/samples/Client/src/main/java/org/apache/servicecomb/authentication/TokenExpireTestCase.java
@@ -17,7 +17,7 @@
package org.apache.servicecomb.authentication;
-import org.apache.servicecomb.authentication.server.TokenResponse;
+import org.apache.servicecomb.authentication.edge.TokenResponse;
import org.apache.servicecomb.authentication.util.CommonConstants;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
