Merge branch 'release/19.1.0'

CHANGELOG.md

@@ -2,6 +2,18 @@
 
 We follow the CalVer (https://calver.org/) versioning scheme: YY.MINOR.MICRO.
 
+19.1.0 (2019-08-19)
+===================
+
+Update CAS for OSF token-scope relationship model change.
+
+- Add M2M relationship between PAT and scope
+- Add scopeId and isPublic to the scope model
+- Remove scopes from the PAT model
+- Update OSF DAO and its implementation
+  - Query token-scope by token's PK
+  - Query scope by scope's PK Update PAT handler
+
 19.0.0 (2019-08-19)
 ===================
 

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/daos/OpenScienceFrameworkDao.java

@@ -22,6 +22,7 @@
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2Application;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2PersonalAccessToken;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2Scope;
+import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2TokenScope;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkGuid;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkInstitution;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkTimeBasedOneTimePassword;
@@ -77,7 +78,15 @@ public interface OpenScienceFrameworkDao {
     OpenScienceFrameworkApiOauth2Scope findOneScopeByName(final String name);
 
     /**
-     * Find one personal access token by token id.
+     * Find one scope by the scope's primary key id.
+     *
+     * @param scopePk the scope's primary key
+     * @return OpenScienceFrameworkApiOauth2Scope or null
+     */
+    OpenScienceFrameworkApiOauth2Scope findOneScopeByScopePk(final Integer scopePk);
+
+    /**
+     * Find one personal access token by token id (i.e the column token_id, not the primary key id).
      *
      * @param tokenId the token id
      * @return OpenScienceFrameworkApiOauth2PersonalAccessToken or null
@@ -92,10 +101,18 @@ public interface OpenScienceFrameworkDao {
     List<OpenScienceFrameworkApiOauth2Application> findOauthApplications();
 
     /**
-     * Find the GUID object asscociated with a User.
+     * Find the guid object associated with the user.
      *
      * @param user the user
      * @return the GUID object
      */
     OpenScienceFrameworkGuid findGuidByUser(final OpenScienceFrameworkUser user);
+
+    /**
+     * Fine all the token-scope relationships by the token's primary key.
+     *
+     * @param tokenPk the token's primary key
+     * @return OpenScienceFrameworkApiOauth2TokenScope List or null
+     */
+    List<OpenScienceFrameworkApiOauth2TokenScope> findAllTokenScopesByTokenPk(final Integer tokenPk);
 }

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/daos/OpenScienceFrameworkDaoImpl.java

@@ -22,6 +22,7 @@
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2Application;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2PersonalAccessToken;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2Scope;
+import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2TokenScope;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkEmail;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkGuid;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkInstitution;
@@ -167,6 +168,20 @@ public OpenScienceFrameworkApiOauth2Scope findOneScopeByName(final String name)
         }
     }
 
+    @Override
+    public OpenScienceFrameworkApiOauth2Scope findOneScopeByScopePk(final Integer scopePk) {
+        try {
+            final TypedQuery<OpenScienceFrameworkApiOauth2Scope> query = entityManager.createQuery(
+                    "select s from OpenScienceFrameworkApiOauth2Scope s where s.id = :id",
+                    OpenScienceFrameworkApiOauth2Scope.class
+            );
+            query.setParameter("id", scopePk);
+            return query.getSingleResult();
+        } catch (final PersistenceException e) {
+            return null;
+        }
+    }
+
     @Override
     public OpenScienceFrameworkApiOauth2PersonalAccessToken findOnePersonalAccessTokenByTokenId(final String tokenId) {
         try {
@@ -213,4 +228,18 @@ public OpenScienceFrameworkGuid findGuidByUser(final OpenScienceFrameworkUser us
             return null;
         }
     }
+
+    @Override
+    public List<OpenScienceFrameworkApiOauth2TokenScope> findAllTokenScopesByTokenPk(final Integer tokenPk) {
+        try {
+            final TypedQuery<OpenScienceFrameworkApiOauth2TokenScope> query = entityManager.createQuery(
+                    "select m from OpenScienceFrameworkApiOauth2TokenScope m where m.tokenPk = :tokenPk",
+                    OpenScienceFrameworkApiOauth2TokenScope.class
+            );
+            query.setParameter("tokenPk", tokenPk);
+            return query.getResultList();
+        } catch (final PersistenceException e) {
+            return null;
+        }
+    }
 }

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/handlers/OpenScienceFrameworkPersonalAccessTokenHandler.java

@@ -21,23 +21,30 @@
 
 import io.cos.cas.adaptors.postgres.daos.OpenScienceFrameworkDaoImpl;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2PersonalAccessToken;
+import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2Scope;
+import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkApiOauth2TokenScope;
 import io.cos.cas.adaptors.postgres.models.OpenScienceFrameworkGuid;
+
 import org.jasig.cas.support.oauth.personal.PersonalAccessToken;
 import org.jasig.cas.support.oauth.personal.handler.support.AbstractPersonalAccessTokenHandler;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
 import org.springframework.beans.factory.InitializingBean;
 
 import javax.validation.constraints.NotNull;
-import java.util.Arrays;
+
 import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
 
 /**
- * The Open Science FrameWork API OAuth2 Personal Access Token Handler.
+ * The OSF API OAuth2 Personal Access Token Handler.
  *
  * @author Michael Haselton
  * @author Longze Chen
- * @since 4.1.0
+ * @since 4.1.5
  */
 public class OpenScienceFrameworkPersonalAccessTokenHandler extends AbstractPersonalAccessTokenHandler
         implements InitializingBean {
@@ -58,25 +65,37 @@ public void setOpenScienceFrameworkDao(final OpenScienceFrameworkDaoImpl openSci
     }
 
     @Override
-    public void afterPropertiesSet() throws Exception {
-    }
+    public void afterPropertiesSet() throws Exception {}
 
     @Override
     public PersonalAccessToken getToken(final String tokenId) {
+
+        // Find the token by token id
         final OpenScienceFrameworkApiOauth2PersonalAccessToken token
-            = openScienceFrameworkDao.findOnePersonalAccessTokenByTokenId(tokenId);
+                = openScienceFrameworkDao.findOnePersonalAccessTokenByTokenId(tokenId);
         if (token == null || !token.isActive()) {
             return null;
         }
-        final String scopes = token.getScopes() == null ? "" : token.getScopes();
+
+        // Find the scopes associated with this token
+        final List<OpenScienceFrameworkApiOauth2TokenScope> tokenScopeList
+                = openScienceFrameworkDao.findAllTokenScopesByTokenPk(token.getId());
+        final Set<String> scopeSet = new HashSet<>();
+        for (final OpenScienceFrameworkApiOauth2TokenScope tokenScope : tokenScopeList) {
+            final OpenScienceFrameworkApiOauth2Scope scope
+                    = openScienceFrameworkDao.findOneScopeByScopePk(tokenScope.getScopePk());
+            if (scope != null) {
+                scopeSet.add(scope.getName());
+            }
+        }
+
+        // Find the owner of the token
         final OpenScienceFrameworkGuid guid = openScienceFrameworkDao.findGuidByUser(token.getOwner());
         if (guid == null) {
             return null;
         }
-        return new PersonalAccessToken(
-            token.getTokenId(),
-            guid.getGuid(),
-            new HashSet<>(Arrays.asList(scopes.split(" ")))
-        );
+
+        // Return a PAT of the CAS model, which is created based on the token, scope and owner of the OSF model.
+        return new PersonalAccessToken(token.getTokenId(), guid.getGuid(), scopeSet);
     }
 }

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/models/OpenScienceFrameworkApiOauth2PersonalAccessToken.java

@@ -31,7 +31,7 @@
  *
  * @author Michael Haselton
  * @author Longze Chen
- * @since 4.1.0
+ * @since 4.1.5
  */
 @Entity
 @Table(name = "osf_apioauth2personaltoken")
@@ -47,9 +47,6 @@ public class OpenScienceFrameworkApiOauth2PersonalAccessToken {
     @Column(name = "name", nullable = false)
     private String name;
 
-    @Column(name = "scopes", nullable = false)
-    private String scopes;
-
     @Column(name = "is_active", nullable = false)
     private Boolean isActive;
 
@@ -72,10 +69,6 @@ public String getName() {
         return name;
     }
 
-    public String getScopes() {
-        return scopes;
-    }
-
     public Boolean isActive() {
         return isActive;
     }

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/models/OpenScienceFrameworkApiOauth2Scope.java

@@ -29,7 +29,7 @@
  *
  * @author Michael Haselton
  * @author Longze Chen
- * @since 4.1.0
+ * @since 4.1.5
  */
 @Entity
 @Table(name = "osf_apioauth2scope")
@@ -39,6 +39,9 @@ public class OpenScienceFrameworkApiOauth2Scope {
     @Column(name = "id", nullable = false)
     private Integer id;
 
+    @Column(name = "_id", nullable = false)
+    private String scopeId;
+
     @Column(name = "name", nullable = false)
     private String name;
 
@@ -48,6 +51,9 @@ public class OpenScienceFrameworkApiOauth2Scope {
     @Column(name = "is_active", nullable = false)
     private Boolean isActive;
 
+    @Column(name = "is_public", nullable = false)
+    private Boolean isPublic;
+
     /** Default Constructor. */
     public OpenScienceFrameworkApiOauth2Scope() {}
 
@@ -56,6 +62,10 @@ public Integer getId() {
         return id;
     }
 
+    public String getScopeId() {
+        return scopeId;
+    }
+
     public String getName() {
         return name;
     }
@@ -68,6 +78,10 @@ public Boolean isActive() {
         return isActive;
     }
 
+    public Boolean isPublic() {
+        return isPublic;
+    }
+
     @Override
     public String toString() {
         return String.format("OpenScienceFrameworkScope [id=%s, name=%s]", id, name);

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/models/OpenScienceFrameworkApiOauth2TokenScope.java

@@ -0,0 +1,69 @@
+/*
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work
+ * for additional information regarding copyright ownership.
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License.  You may obtain a
+ * copy of the License at the following location:
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.cos.cas.adaptors.postgres.models;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+/**
+ * The M2M Relationship between OSF API OAuth2 "Personal Access Token" and "Scope".
+ *
+ * @author Longze Chen
+ * @since 4.1.5
+ */
+@Entity
+@Table(name = "osf_apioauth2personaltoken_scopes")
+public class OpenScienceFrameworkApiOauth2TokenScope {
+
+    /** The Primary Key. */
+    @Id
+    @Column(name = "id", nullable = false)
+    private Integer id;
+
+    /** The Primary Key of the Personal Access Token Object. */
+    @Column(name = "apioauth2personaltoken_id", nullable = false)
+    private Integer tokenPk;
+
+    /** The Primary Key of the Scope Object. */
+    @Column(name = "apioauth2scope_id", nullable = false)
+    private Integer scopePk;
+
+    /** The Default Constructor. */
+    public OpenScienceFrameworkApiOauth2TokenScope() {}
+
+    public Integer getId() {
+        return id;
+    }
+
+    public Integer getTokenPk() {
+        return tokenPk;
+    }
+
+    public Integer getScopePk() {
+        return scopePk;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("OpenScienceFrameworkApiOauth2TokenScope [tokenPk=%s, scopePk=%d, ]", tokenPk, scopePk);
+    }
+}

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/models/OpenScienceFrameworkDjangoContentTypeId.java

@@ -1,3 +1,22 @@
+/*
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work
+ * for additional information regarding copyright ownership.
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License.  You may obtain a
+ * copy of the License at the following location:
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
 package io.cos.cas.adaptors.postgres.models;
 
 import javax.persistence.Column;

cas-server-support-osf/src/main/java/io/cos/cas/adaptors/postgres/models/OpenScienceFrameworkEmail.java

@@ -1,3 +1,22 @@
+/*
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work
+ * for additional information regarding copyright ownership.
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License.  You may obtain a
+ * copy of the License at the following location:
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
 package io.cos.cas.adaptors.postgres.models;
 
 import javax.persistence.Column;