Add scopes and authorities to the authorization code table

orcid-core/pom.xml

@@ -326,8 +326,18 @@
 		<dependency>
 		    <groupId>redis.clients</groupId>
 		    <artifactId>jedis</artifactId>
-		    <version>4.4.3</version>
+		    <version>3.7.1</version>
 		</dependency>
+
+
+        <!-- https://mvnrepository.com/artifact/org.json/json -->
+        <dependency>
+            <groupId>org.json</groupId>
+            <artifactId>json</artifactId>
+            <version>20240303</version>
+        </dependency>
+
+
     </dependencies>
     <build>
         <plugins>

orcid-core/src/main/java/org/orcid/core/utils/cache/redis/RedisClient.java

@@ -4,6 +4,10 @@
 import java.net.InetAddress;
 import java.net.SocketException;
 import java.net.UnknownHostException;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
 
 import javax.annotation.PostConstruct;
 import javax.annotation.Resource;
@@ -31,7 +35,7 @@ public class RedisClient {
     private final String redisPassword;
     private final int cacheExpiryInSecs;
     private final int clientTimeoutInMillis;
-    private JedisPool pool;
+    public JedisPool pool;
     private SetParams defaultSetParams;
 
     @Resource
@@ -67,7 +71,7 @@ public RedisClient(String redisHost, int redisPort, String password, int cacheEx
     @PostConstruct
     private void init() {
         try {
-            JedisClientConfig config = DefaultJedisClientConfig.builder().connectionTimeoutMillis(this.clientTimeoutInMillis).timeoutMillis(this.clientTimeoutInMillis)
+            JedisClientConfig config = DefaultJedisClientConfig.builder().connectionTimeoutMillis(this.clientTimeoutInMillis)
                     .socketTimeoutMillis(this.clientTimeoutInMillis).password(this.redisPassword).ssl(true).build();        
             pool = new JedisPool(new HostAndPort(this.redisHost, this.redisPort), config);            
             defaultSetParams = new SetParams().ex(this.cacheExpiryInSecs);  
@@ -141,4 +145,33 @@ public boolean remove(String key) {
         }
         return true;
     }
+
+    public static void main(String [] args) {
+        RedisClient client = new RedisClient("reg-qa-redis-001.reg-qa-redis.3zksuc.use2.cache.amazonaws.com", 6379, "aVerySimpleToken");
+        client.init();
+        System.out.println("Connected");
+        Jedis r = client.pool.getResource();
+
+        Set<String> keys = r.keys("spring:session:sessions:*");
+
+        for(String key : keys) {
+            System.out.println("----------------------------------------------");
+            System.out.println(key);
+            String keyType = r.type(key);
+            System.out.println(keyType);
+            if("hash".equals(keyType)) {
+                Map<String, String> myMap = r.hgetAll(key);
+                for(String tkey : myMap.keySet()) {
+                    System.out.println(tkey + ":     " + myMap.get(tkey));
+                }
+            }
+            if("string".equals(keyType)) {
+                System.out.println(key + ":     " + r.get("key"));
+            }
+            System.out.println("----------------------------------------------");
+        }
+
+
+
+    }
 }

orcid-persistence/src/main/resources/db-master.xml

@@ -403,4 +403,5 @@
   <include file="/db/updates/create_profile_email_domain_table.xml" />
   <include file="/db/updates/create_dw_notification.xml" />
   <include file="/db/updates/create_dw_profile_email_domain.xml" />
+  <include file="/db/updates/oauth2_authoriziation_code_detail_improvements.xml" />
 </databaseChangeLog>

orcid-persistence/src/main/resources/db/updates/oauth2_authoriziation_code_detail_improvements.xml

@@ -0,0 +1,71 @@
+<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                   xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-2.0.xsd">
+
+    <changeSet author="Angel Montenegro" id="ADD-SCOPES">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="scopes"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="scopes" type="VARCHAR(255)" />
+        </addColumn>
+    </changeSet>
+
+    <changeSet author="Angel Montenegro" id="ADD-AUTHORITIES">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="authorities"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="authorities" type="VARCHAR(255)" />
+        </addColumn>
+    </changeSet>
+
+    <changeSet author="Angel Montenegro" id="ADD-AUTHORIZATION-STATE-ATTRIBUTE">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="authorization_state_attribute"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="authorization_state_attribute" type="VARCHAR(500)" />
+        </addColumn>
+    </changeSet>
+
+    <changeSet author="Angel Montenegro" id="ADD-AUTHORIZATION-URI">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="authorization_request_uri"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="authorization_request_uri" type="VARCHAR(2500)" />
+        </addColumn>
+    </changeSet>
+
+    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUHT-CODE-REQ-ID">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="spring_authorization_code_request_id"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="spring_authorization_code_request_id" type="VARCHAR(255)" />
+        </addColumn>
+    </changeSet>
+
+    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUHT-CODE-EXPIRES-AT">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="authorization_code_expires_at"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="authorization_code_expires_at" type="TIMESTAMP WITH TIME ZONE" />
+        </addColumn>
+    </changeSet>
+
+</databaseChangeLog>

orcid-web/pom.xml

@@ -123,6 +123,18 @@
                 </exclusion>
             </exclusions>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.session</groupId>
+            <artifactId>spring-session-core</artifactId>
+            <version>2.6.4</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.session</groupId>
+            <artifactId>spring-session-data-redis</artifactId>
+            <version>2.6.4</version>
+        </dependency>
+
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-agroal</artifactId>

orcid-web/src/main/java/org/orcid/frontend/spring/configuration/OrcidBeanClassLoaderAware.java

@@ -0,0 +1,35 @@
+package org.orcid.frontend.spring.configuration;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.beans.factory.BeanClassLoaderAware;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
+import org.springframework.data.redis.serializer.RedisSerializer;
+import org.springframework.security.jackson2.SecurityJackson2Modules;
+
+@Configuration
+public class OrcidBeanClassLoaderAware implements BeanClassLoaderAware {
+    private ClassLoader loader;
+
+    @Bean
+    public RedisSerializer<Object> springSessionDefaultRedisSerializer() {
+        return new GenericJackson2JsonRedisSerializer(objectMapper());
+    }
+
+    /**
+     * Customized {@link ObjectMapper} to add mix-in for class that doesn't have default
+     * constructors
+     * @return the {@link ObjectMapper} to use
+     */
+    private ObjectMapper objectMapper() {
+        ObjectMapper mapper = new ObjectMapper();
+        mapper.registerModules(SecurityJackson2Modules.getModules(this.loader));
+        return mapper;
+    }
+
+    @Override
+    public void setBeanClassLoader(ClassLoader classLoader) {
+        this.loader = classLoader;
+    }
+}

orcid-web/src/main/java/org/orcid/frontend/spring/configuration/SessionCacheConfig.java

@@ -0,0 +1,50 @@
+package org.orcid.frontend.spring.configuration;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
+import org.springframework.data.redis.connection.jedis.JedisClientConfiguration;
+import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
+import org.springframework.session.data.redis.config.ConfigureRedisAction;
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
+import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
+import redis.clients.jedis.DefaultJedisClientConfig;
+import redis.clients.jedis.JedisClientConfig;
+
+import java.time.Duration;
+
+@Configuration
+@EnableRedisHttpSession
+public class SessionCacheConfig extends AbstractHttpSessionApplicationInitializer {
+
+    @Value("${org.orcid.core.utils.cache.redis.host}")
+    private String host;
+    @Value("${org.orcid.core.utils.cache.redis.port}")
+    private int port;
+    @Value("${org.orcid.core.utils.cache.redis.password}")
+    private String password;
+    @Value("${org.orcid.core.utils.cache.redis.connection_timeout_millis:10000}")
+    private int connectionTimeoutMillis;
+
+
+    @Bean
+    public JedisConnectionFactory connectionFactory() {
+        Duration timeoutDuration = Duration.ofMillis(connectionTimeoutMillis);
+
+        RedisStandaloneConfiguration redisStandaloneConfiguration = new RedisStandaloneConfiguration();
+        redisStandaloneConfiguration.setHostName(host);
+        redisStandaloneConfiguration.setPort(port);
+        redisStandaloneConfiguration.setPassword(password);
+
+        JedisClientConfiguration.JedisClientConfigurationBuilder jedisClientConfigurationBuilder = JedisClientConfiguration.builder();
+        jedisClientConfigurationBuilder.useSsl().and().connectTimeout(timeoutDuration).build();
+
+        return new JedisConnectionFactory(redisStandaloneConfiguration, jedisClientConfigurationBuilder.build());
+    }
+
+    @Bean
+    public static ConfigureRedisAction configureRedisAction() {
+        return ConfigureRedisAction.NO_OP;
+    }
+}

orcid-web/src/main/java/org/orcid/frontend/spring/session/OrcidRedisSessionRepository.java

@@ -0,0 +1,12 @@
+package org.orcid.frontend.spring.session;
+
+import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.session.data.redis.RedisSessionRepository;
+
+public class OrcidRedisSessionRepository extends RedisSessionRepository {
+
+    public OrcidRedisSessionRepository(RedisOperations<String, Object> sessionRedisOperations) {
+        super(sessionRedisOperations);
+    }
+
+}