fix(jans-auth-server): added schema for ssa, corrected persistence, a…

…dded ttl #2543

docs: no docs
#2543

jans-auth-server/common/src/main/java/io/jans/as/common/model/ssa/Ssa.java

@@ -8,16 +8,12 @@
 
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import io.jans.orm.annotation.AttributeName;
-import io.jans.orm.annotation.DataEntry;
-import io.jans.orm.annotation.JsonObject;
-import io.jans.orm.annotation.ObjectClass;
+import io.jans.as.model.common.CreatorType;
+import io.jans.orm.annotation.*;
 import io.jans.orm.model.base.DeletableEntity;
 
 import java.io.Serializable;
 import java.util.Date;
-import java.util.List;
-import java.util.Map;
 
 @DataEntry(sortBy = {"creationDate"})
 @ObjectClass(value = "jansSsa")
@@ -30,102 +26,85 @@ public class Ssa extends DeletableEntity implements Serializable {
     @AttributeName(name = "inum", ignoreDuringUpdate = true)
     private String id;
 
-    @AttributeName(name = "orgId")
-    private Long orgId;
+    @AttributeName(name = "jansAttrs")
+    @JsonObject
+    private SsaAttributes attributes;
 
-    @AttributeName(name = "expiration")
-    private Date expiration;
+    @AttributeName(name = "o")
+    private String orgId;
 
     @AttributeName(name = "description")
     private String description;
 
-    @AttributeName(name = "softwareId")
-    private String softwareId;
-
-    @AttributeName(name = "softwareRoles")
-    private List<String> softwareRoles;
-
-    @AttributeName(name = "grantTypes")
-    private List<String> grantTypes;
-
-    @JsonObject
-    @AttributeName(name = "customAttributes")
-    private Map<String, String> customAttributes;
-
     @AttributeName(name = "creationDate")
     private Date creationDate = new Date();
 
-    @AttributeName(name = "clientDn")
-    private String clientDn;
+    @AttributeName(name = "creatorId")
+    private String creatorId;
 
-    @AttributeName(name = "oneTimeUse")
-    private Boolean oneTimeUse;
+    @AttributeName(name = "creatorTyp")
+    private CreatorType creatorType;
 
-    @AttributeName(name = "rotateSsa")
-    private Boolean rotateSsa;
+    @Expiration
+    private Integer ttl;
 
-    public String getId() {
-        return id;
+    public Integer getTtl() {
+        return ttl;
     }
 
-    public void setId(String id) {
-        this.id = id;
+    public void setTtl(Integer ttl) {
+        this.ttl = ttl;
     }
 
-    public Long getOrgId() {
-        return orgId;
+    public SsaAttributes getAttributes() {
+        if (attributes == null) {
+            attributes = new SsaAttributes();
+        }
+        return attributes;
     }
 
-    public void setOrgId(Long orgId) {
-        this.orgId = orgId;
-    }
-
-    public Date getExpiration() {
-        return expiration;
-    }
-
-    public void setExpiration(Date expiration) {
-        this.expiration = expiration;
+    public void setAttributes(SsaAttributes attributes) {
+        this.attributes = attributes;
     }
 
-    public String getDescription() {
-        return description;
+    public String getCreatorId() {
+        return creatorId;
     }
 
-    public void setDescription(String description) {
-        this.description = description;
+    public void setCreatorId(String creatorId) {
+        this.creatorId = creatorId;
     }
 
-    public String getSoftwareId() {
-        return softwareId;
+    public CreatorType getCreatorType() {
+        return creatorType;
     }
 
-    public void setSoftwareId(String softwareId) {
-        this.softwareId = softwareId;
+    public void setCreatorType(CreatorType creatorType) {
+        this.creatorType = creatorType;
     }
 
-    public List<String> getSoftwareRoles() {
-        return softwareRoles;
+    public String getId() {
+        return id;
     }
 
-    public void setSoftwareRoles(List<String> softwareRoles) {
-        this.softwareRoles = softwareRoles;
+    public void setId(String id) {
+        this.id = id;
     }
 
-    public List<String> getGrantTypes() {
-        return grantTypes;
+    public String getOrgId() {
+        return orgId;
     }
 
-    public void setGrantTypes(List<String> grantTypes) {
-        this.grantTypes = grantTypes;
+    public void setOrgId(String orgId) {
+        this.orgId = orgId;
     }
 
-    public Map<String, String> getCustomAttributes() {
-        return customAttributes;
+    public String getDescription() {
+        return description;
     }
 
-    public void setCustomAttributes(Map<String, String> customAttributes) {
-        this.customAttributes = customAttributes;
+    public void setDescription(String description) {
+        this.description = description;
     }
 
     public Date getCreationDate() {
@@ -136,45 +115,16 @@ public void setCreationDate(Date creationDate) {
         this.creationDate = creationDate;
     }
 
-    public String getClientDn() {
-        return clientDn;
-    }
-
-    public void setClientDn(String clientDn) {
-        this.clientDn = clientDn;
-    }
-
-    public Boolean getOneTimeUse() {
-        return oneTimeUse;
-    }
-
-    public void setOneTimeUse(Boolean oneTimeUse) {
-        this.oneTimeUse = oneTimeUse;
-    }
-
-    public Boolean getRotateSsa() {
-        return rotateSsa;
-    }
-
-    public void setRotateSsa(Boolean rotateSsa) {
-        this.rotateSsa = rotateSsa;
-    }
-
     @Override
     public String toString() {
         return "Ssa{" +
                 "id='" + id + '\'' +
-                ", orgId=" + orgId +
-                ", expiration=" + expiration +
+                ", attributes=" + attributes +
+                ", orgId='" + orgId + '\'' +
                 ", description='" + description + '\'' +
-                ", softwareId='" + softwareId + '\'' +
-                ", softwareRoles=" + softwareRoles +
-                ", grantTypes=" + grantTypes +
-                ", customAttributes=" + customAttributes +
                 ", creationDate=" + creationDate +
-                ", clientDn='" + clientDn + '\'' +
-                ", oneTimeUse=" + oneTimeUse +
-                ", rotateSsa=" + rotateSsa +
-                '}';
+                ", creatorId='" + creatorId + '\'' +
+                ", creatorType=" + creatorType +
+                "} " + super.toString();
     }
 }

jans-auth-server/common/src/main/java/io/jans/as/common/model/ssa/SsaAttributes.java

@@ -0,0 +1,99 @@
+package io.jans.as.common.model.ssa;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author Yuriy Z
+ */
+public class SsaAttributes {
+
+    @JsonProperty("oneTimeUse")
+    private Boolean oneTimeUse;
+
+    @JsonProperty("rotateSsa")
+    private Boolean rotateSsa;
+
+    @JsonProperty("clientDn")
+    private String clientDn;
+
+    @JsonProperty("customAttributes")
+    private Map<String, String> customAttributes;
+
+    @JsonProperty("softwareId")
+    private String softwareId;
+
+    @JsonProperty("softwareRoles")
+    private List<String> softwareRoles;
+
+    @JsonProperty("grantTypes")
+    private List<String> grantTypes;
+
+    public List<String> getSoftwareRoles() {
+        return softwareRoles;
+    }
+
+    public void setSoftwareRoles(List<String> softwareRoles) {
+        this.softwareRoles = softwareRoles;
+    }
+
+    public List<String> getGrantTypes() {
+        return grantTypes;
+    }
+
+    public void setGrantTypes(List<String> grantTypes) {
+        this.grantTypes = grantTypes;
+    }
+
+    public String getSoftwareId() {
+        return softwareId;
+    }
+
+    public void setSoftwareId(String softwareId) {
+        this.softwareId = softwareId;
+    }
+
+    public Boolean getOneTimeUse() {
+        return oneTimeUse;
+    }
+
+    public void setOneTimeUse(Boolean oneTimeUse) {
+        this.oneTimeUse = oneTimeUse;
+    }
+
+    public Boolean getRotateSsa() {
+        return rotateSsa;
+    }
+
+    public void setRotateSsa(Boolean rotateSsa) {
+        this.rotateSsa = rotateSsa;
+    }
+
+    public String getClientDn() {
+        return clientDn;
+    }
+
+    public void setClientDn(String clientDn) {
+        this.clientDn = clientDn;
+    }
+
+    public Map<String, String> getCustomAttributes() {
+        return customAttributes;
+    }
+
+    public void setCustomAttributes(Map<String, String> customAttributes) {
+        this.customAttributes = customAttributes;
+    }
+
+    @Override
+    public String toString() {
+        return "SsaAttributes{" +
+                "oneTimeUse=" + oneTimeUse +
+                ", rotateSsa=" + rotateSsa +
+                ", clientDn='" + clientDn + '\'' +
+                ", customAttributes=" + customAttributes +
+                '}';
+    }
+}

jans-auth-server/server/src/main/java/io/jans/as/server/ssa/ws/rs/SsaJsonService.java

@@ -29,13 +29,13 @@ public JSONObject getJSONObject(Ssa ssa) throws JSONException {
         JsonApplier.getInstance().apply(ssa, responseJsonObject);
 
         Util.addToJSONObjectIfNotNull(responseJsonObject, ORG_ID.toString(), ssa.getOrgId());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, EXPIRATION.toString(), ssa.getExpiration());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, EXPIRATION.toString(), ssa.getExpirationDate());
         Util.addToJSONObjectIfNotNull(responseJsonObject, DESCRIPTION.toString(), ssa.getDescription());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_ID.toString(), ssa.getSoftwareId());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_ROLES.toString(), ssa.getSoftwareRoles());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, GRANT_TYPES.toString(), ssa.getGrantTypes());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, ONE_TIME_USE.toString(), ssa.getOneTimeUse());
-        Util.addToJSONObjectIfNotNull(responseJsonObject, ROTATE_SSA.toString(), ssa.getRotateSsa());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_ID.toString(), ssa.getAttributes().getSoftwareId());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_ROLES.toString(), ssa.getAttributes().getSoftwareRoles());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, GRANT_TYPES.toString(), ssa.getAttributes().getGrantTypes());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, ONE_TIME_USE.toString(), ssa.getAttributes().getOneTimeUse());
+        Util.addToJSONObjectIfNotNull(responseJsonObject, ROTATE_SSA.toString(), ssa.getAttributes().getRotateSsa());
         return responseJsonObject;
     }
 

jans-auth-server/server/src/main/java/io/jans/as/server/ssa/ws/rs/SsaService.java

@@ -47,11 +47,11 @@ public Jwt generateJwt(Ssa ssa, ExecutionContext executionContext, WebKeysConfig
             Jwt jwt = jwtSigner.newJwt();
             jwt.getClaims().setJwtId(ssa.getId());
             jwt.getClaims().setIssuedAt(ssa.getCreationDate());
-            jwt.getClaims().setExpirationTime(ssa.getExpiration());
-            jwt.getClaims().setClaim("software_id", ssa.getSoftwareId());
+            jwt.getClaims().setExpirationTime(ssa.getExpirationDate());
+            jwt.getClaims().setClaim("software_id", ssa.getAttributes().getSoftwareId());
             jwt.getClaims().setClaim("org_id", ssa.getOrgId());
-            jwt.getClaims().setClaim("software_roles", ssa.getSoftwareRoles());
-            jwt.getClaims().setClaim("grant_types", ssa.getGrantTypes());
+            jwt.getClaims().setClaim("software_roles", ssa.getAttributes().getSoftwareRoles());
+            jwt.getClaims().setClaim("grant_types", ssa.getAttributes().getGrantTypes());
 
             Jwt jwr = jwtSigner.sign();
             if (executionContext.getPostProcessor() != null) {

jans-auth-server/server/src/main/java/io/jans/as/server/ssa/ws/rs/action/SsaCreateAction.java

@@ -11,6 +11,7 @@
 import io.jans.as.common.model.ssa.Ssa;
 import io.jans.as.common.service.AttributeService;
 import io.jans.as.common.service.common.InumService;
+import io.jans.as.model.common.CreatorType;
 import io.jans.as.model.common.FeatureFlagType;
 import io.jans.as.model.config.Constants;
 import io.jans.as.model.config.StaticConfiguration;
@@ -97,20 +98,28 @@ public Response create(String requestParams, HttpServletRequest httpRequest, Sec
             Client client = ssaRestWebServiceValidator.validateClient();
             ssaRestWebServiceValidator.checkScopesPolicy(client, SsaScopeType.SSA_ADMIN.getValue());
 
+            final Date creationDate = new Date();
+            final Date expirationDate = getExpiration(ssaRequest);
+
             final Ssa ssa = new Ssa();
             ssa.setDn("inum=" + inum + "," + ssaBaseDN);
             ssa.setId(inum);
             ssa.setDeletable(true);
-            ssa.setOrgId(ssaRequest.getOrgId());
-            ssa.setExpiration(getExpiration(ssaRequest));
+            ssa.setOrgId(ssaRequest.getOrgId() != null ? ssaRequest.getOrgId().toString() : null); // should orgId be long or string? e.g. guid as orgId sounds common
+            ssa.setExpirationDate(expirationDate);
+            ssa.setTtl(ServerUtil.calculateTtl(creationDate, expirationDate));
             ssa.setDescription(ssaRequest.getDescription());
-            ssa.setSoftwareId(ssaRequest.getSoftwareId());
-            ssa.setSoftwareRoles(ssaRequest.getSoftwareRoles());
-            ssa.setGrantTypes(ssaRequest.getGrantTypes());
-            ssa.setCustomAttributes(getCustomAttributes(jsonRequest));
-            ssa.setClientDn(client.getDn());
-            ssa.setOneTimeUse(ssaRequest.getOneTimeUse());
-            ssa.setRotateSsa(ssaRequest.getRotateSsa());
+            ssa.getAttributes().setSoftwareId(ssaRequest.getSoftwareId());
+            ssa.getAttributes().setSoftwareRoles(ssaRequest.getSoftwareRoles());
+            ssa.getAttributes().setGrantTypes(ssaRequest.getGrantTypes());
+            ssa.getAttributes().setCustomAttributes(getCustomAttributes(jsonRequest));
+            ssa.getAttributes().setClientDn(client.getDn());
+            ssa.getAttributes().setOneTimeUse(ssaRequest.getOneTimeUse());
+            ssa.getAttributes().setRotateSsa(ssaRequest.getRotateSsa());
+            ssa.setCreatorType(CreatorType.CLIENT);
+            ssa.setCreatorId(client.getClientId());
+
+            ssa.setCreationDate(creationDate);
             ssaService.persist(ssa);
             log.info("Ssa created: {}", ssa);