use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class OrcidSSOManagerImpl method updateUserCredentials.
@Override
@Transactional
public ClientDetailsEntity updateUserCredentials(String orcid, String name, String description, String website, Set<String> redirectUris) {
ProfileEntity profileEntity = profileEntityCacheManager.retrieve(orcid);
if (profileEntity == null) {
throw new IllegalArgumentException("ORCID does not exist for " + orcid + " cannot continue");
} else {
ClientDetailsEntity existingPublicClient = clientDetailsManager.getPublicClient(orcid);
if (existingPublicClient != null) {
// Set the decrypted secret
existingPublicClient.setDecryptedClientSecret(encryptionManager.decryptForInternalUse(existingPublicClient.getClientSecretForJpa()));
// Update the name
existingPublicClient.setClientName(name);
// Update the description
existingPublicClient.setClientDescription(description);
// Update the website if needed
existingPublicClient.setClientWebsite(website);
// Get the existing redirect uris
SortedSet<ClientRedirectUriEntity> clientRedirectUriEntities = existingPublicClient.getClientRegisteredRedirectUris();
// Create a set with the redirect uris that are not SSO and the
// ones that wasnt modified
Set<ClientRedirectUriEntity> redirectUrisToAdd = new HashSet<ClientRedirectUriEntity>();
for (ClientRedirectUriEntity existingEntity : clientRedirectUriEntities) {
// Add to the set all non SSO redirect uris
if (!SSO_REDIRECT_URI_TYPE.equals(existingEntity.getRedirectUriType())) {
redirectUrisToAdd.add(existingEntity);
} else {
// set of redirect uris, leave it
if (redirectUris.contains(existingEntity.getRedirectUri())) {
redirectUrisToAdd.add(existingEntity);
}
}
}
Map<String, ClientRedirectUriEntity> existingClientRedirectUriEntitiesMap = ClientRedirectUriEntity.mapByUri(redirectUrisToAdd);
// add them
for (String redirectUri : redirectUris) {
if (!existingClientRedirectUriEntitiesMap.containsKey(redirectUri)) {
// Add the new key
ClientRedirectUriEntity newRedirectUri = populateClientRedirectUriEntity(redirectUri, existingPublicClient);
redirectUrisToAdd.add(newRedirectUri);
}
}
// Clear the set for orphan removal
clientRedirectUriEntities.clear();
// Fill the collection with the redirect uris that should be
// kept
clientRedirectUriEntities.addAll(redirectUrisToAdd);
existingPublicClient = clientDetailsManager.merge(existingPublicClient);
if (existingPublicClient.getClientSecrets() != null) {
for (ClientSecretEntity updatedClientSecret : existingPublicClient.getClientSecrets()) {
updatedClientSecret.setDecryptedClientSecret(encryptionManager.decryptForInternalUse(updatedClientSecret.getClientSecret()));
}
}
return existingPublicClient;
}
}
return null;
}
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class DeveloperToolsControllerTest method testResetClientSecret.
@Test
public void testResetClientSecret() throws Exception {
SSOCredentials ssoCredentials = new SSOCredentials();
ssoCredentials.setClientName(Text.valueOf("Client Name"));
ssoCredentials.setClientDescription(Text.valueOf("This is a test"));
ssoCredentials.setClientWebsite(Text.valueOf("http://client.com"));
Set<RedirectUri> redirectUris = new HashSet<RedirectUri>();
RedirectUri rUri = new RedirectUri();
rUri.setType(Text.valueOf("default"));
rUri.setValue(Text.valueOf("http://test.com"));
redirectUris.add(rUri);
ssoCredentials.setRedirectUris(redirectUris);
SSOCredentials result = developerToolsController.generateSSOCredentialsJson(ssoCredentials);
assertNotNull(result);
assertNotNull(result.getErrors());
assertEquals(result.getErrors().size(), 0);
Text clientSecret = result.getClientSecret();
assertTrue(developerToolsController.resetClientSecret(result.getClientOrcid().getValue()));
ClientDetailsEntity clientDetails = clientDetailsDao.findByClientId(result.getClientOrcid().getValue(), System.currentTimeMillis());
assertEquals(result.getClientName().getValue(), clientDetails.getClientName());
assertEquals(result.getClientDescription().getValue(), clientDetails.getClientDescription());
assertEquals(result.getClientOrcid().getValue(), clientDetails.getClientId());
assertEquals(result.getClientWebsite().getValue(), clientDetails.getClientWebsite());
Set<ClientSecretEntity> clientSecrets = clientDetails.getClientSecrets();
assertNotNull(clientSecrets);
assertEquals(2, clientSecrets.size());
for (ClientSecretEntity clientSecretEntity : clientSecrets) {
String secret = encryptionManager.decryptForInternalUse(clientSecretEntity.getClientSecret());
if (!clientSecretEntity.isPrimary())
assertEquals(clientSecret.getValue(), secret);
else
assertFalse(clientSecret.getValue().equals(secret));
}
}
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class CreateNewClientSecrets method createNewClientSecret.
private void createNewClientSecret(ClientDetailsEntity clientDetails) {
String clientSecret = UUID.randomUUID().toString();
clientDetails.getClientSecrets().add(new ClientSecretEntity(encryptionManager.encryptForInternalUse(clientSecret), clientDetails));
clientDetails.setLastModified(now);
clientDetailsManager.merge(clientDetails);
String output = String.format("%s\t%s\t%s\n", clientDetails.getId(), clientDetails.getClientName(), clientSecret);
output(output);
}
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class ClientDetailsManagerImpl method cleanOldClientKeys.
/**
* Removes all non primary client secret keys
*
* @param clientId
*/
@Override
@Transactional
public void cleanOldClientKeys() {
LOGGER.info("Starting cron to delete non primary client keys");
Date currentDate = new Date();
List<ClientDetailsEntity> allClientDetails = this.getAll();
if (allClientDetails != null && allClientDetails != null) {
for (ClientDetailsEntity clientDetails : allClientDetails) {
String clientId = clientDetails.getClientId();
LOGGER.info("Deleting non primary keys for client: {}", clientId);
Set<ClientSecretEntity> clientSecrets = clientDetails.getClientSecrets();
boolean anyRemoved = false;
for (ClientSecretEntity clientSecret : clientSecrets) {
if (!clientSecret.isPrimary()) {
Date dateRevoked = clientSecret.getLastModified();
Date timeToDeleteMe = DateUtils.addHours(dateRevoked, 24);
// If the key have been revoked more than 24 hours ago
if (timeToDeleteMe.before(currentDate)) {
LOGGER.info("Deleting key for client {}", clientId);
boolean removed = clientSecretDao.removeClientSecret(clientId, clientSecret.getClientSecret());
if (removed) {
anyRemoved = true;
}
}
}
}
// Update the last modified on the client record
if (anyRemoved) {
this.updateLastModified(clientId);
}
}
}
LOGGER.info("Cron done");
}
Aggregations