Skip to content

Commit

Permalink
Add Support JdbcPublicKeyCredentialUserEntityRepository
Browse files Browse the repository at this point in the history
  • Loading branch information
franticticktick committed Dec 13, 2024
1 parent 3c87692 commit 139a8a0
Show file tree
Hide file tree
Showing 6 changed files with 431 additions and 1 deletion.
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* Copyright 2002-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.springframework.security.web.aot.hint;

import org.springframework.aot.hint.RuntimeHints;
import org.springframework.aot.hint.RuntimeHintsRegistrar;
import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
import org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository;

/**
*
* A JDBC implementation of an {@link PublicKeyCredentialUserEntityRepository} that uses a
* {@link JdbcOperations} for {@link PublicKeyCredentialUserEntity} persistence.
*
* @author Max Batischev
* @since 6.5
*/
class PublicKeyCredentialUserEntityRuntimeHints implements RuntimeHintsRegistrar {

@Override
public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
hints.resources().registerPattern("org/springframework/security/user-entities-schema.sql");
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
/*
* Copyright 2002-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.springframework.security.web.webauthn.management;

import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Types;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Function;

import org.springframework.jdbc.core.ArgumentPreparedStatementSetter;
import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.jdbc.core.PreparedStatementSetter;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.SqlParameterValue;
import org.springframework.security.web.webauthn.api.Bytes;
import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity;
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
import org.springframework.util.Assert;

/**
* A JDBC implementation of an {@link PublicKeyCredentialUserEntityRepository} that uses a
* {@link JdbcOperations} for {@link PublicKeyCredentialUserEntity} persistence.
*
* <b>NOTE:</b> This {@code PublicKeyCredentialUserEntityRepository} depends on the table
* definition described in
* "classpath:org/springframework/security/user-entities-schema.sql" and therefore MUST be
* defined in the database schema.
*
* @author Max Batischev
* @since 6.5
* @see PublicKeyCredentialUserEntityRepository
* @see PublicKeyCredentialUserEntity
* @see JdbcOperations
* @see RowMapper
*/
public final class JdbcPublicKeyCredentialUserEntityRepository implements PublicKeyCredentialUserEntityRepository {

private RowMapper<PublicKeyCredentialUserEntity> userEntityRowMapper = new UserEntityRecordRowMapper();

private Function<PublicKeyCredentialUserEntity, List<SqlParameterValue>> userEntityParametersMapper = new UserEntityParametersMapper();

private final JdbcOperations jdbcOperations;

private static final String TABLE_NAME = "user_entities";

// @formatter:off
private static final String COLUMN_NAMES = "id, "
+ "name, "
+ "display_name ";
// @formatter:on

// @formatter:off
private static final String SAVE_USER_SQL = "INSERT INTO " + TABLE_NAME
+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?)";
// @formatter:on

private static final String ID_FILTER = "id = ? ";

private static final String USER_NAME_FILTER = "name = ? ";

// @formatter:off
private static final String FIND_USER_BY_ID_SQL = "SELECT " + COLUMN_NAMES
+ " FROM " + TABLE_NAME
+ " WHERE " + ID_FILTER;
// @formatter:on

// @formatter:off
private static final String FIND_USER_BY_NAME_SQL = "SELECT " + COLUMN_NAMES
+ " FROM " + TABLE_NAME
+ " WHERE " + USER_NAME_FILTER;
// @formatter:on

private static final String DELETE_USER_SQL = "DELETE FROM " + TABLE_NAME + " WHERE " + ID_FILTER;

/**
* Constructs a {@code JdbcPublicKeyCredentialUserEntityRepository} using the provided
* parameters.
* @param jdbcOperations the JDBC operations
*/
public JdbcPublicKeyCredentialUserEntityRepository(JdbcOperations jdbcOperations) {
Assert.notNull(jdbcOperations, "jdbcOperations cannot be null");
this.jdbcOperations = jdbcOperations;
}

@Override
public PublicKeyCredentialUserEntity findById(Bytes id) {
Assert.notNull(id, "id cannot be null");
SqlParameterValue[] parameters = new SqlParameterValue[] {
new SqlParameterValue(Types.VARCHAR, id.toBase64UrlString()) };
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters);
List<PublicKeyCredentialUserEntity> result = this.jdbcOperations.query(FIND_USER_BY_ID_SQL, pss,
this.userEntityRowMapper);
return !result.isEmpty() ? result.get(0) : null;
}

@Override
public PublicKeyCredentialUserEntity findByUsername(String username) {
Assert.hasText(username, "name cannot be null or empty");
SqlParameterValue[] parameters = new SqlParameterValue[] { new SqlParameterValue(Types.VARCHAR, username) };
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters);
List<PublicKeyCredentialUserEntity> result = this.jdbcOperations.query(FIND_USER_BY_NAME_SQL, pss,
this.userEntityRowMapper);
return !result.isEmpty() ? result.get(0) : null;
}

@Override
public void save(PublicKeyCredentialUserEntity userEntity) {
Assert.notNull(userEntity, "userEntity cannot be null");
List<SqlParameterValue> parameters = this.userEntityParametersMapper.apply(userEntity);
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray());
this.jdbcOperations.update(SAVE_USER_SQL, pss);
}

@Override
public void delete(Bytes id) {
Assert.notNull(id, "id cannot be null");
SqlParameterValue[] parameters = new SqlParameterValue[] {
new SqlParameterValue(Types.VARCHAR, id.toBase64UrlString()), };
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters);
this.jdbcOperations.update(DELETE_USER_SQL, pss);
}

private static class UserEntityParametersMapper
implements Function<PublicKeyCredentialUserEntity, List<SqlParameterValue>> {

@Override
public List<SqlParameterValue> apply(PublicKeyCredentialUserEntity userEntity) {
List<SqlParameterValue> parameters = new ArrayList<>();

parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getId().toBase64UrlString()));
parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getName()));
parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getDisplayName()));

return parameters;
}

}

private static class UserEntityRecordRowMapper implements RowMapper<PublicKeyCredentialUserEntity> {

@Override
public PublicKeyCredentialUserEntity mapRow(ResultSet rs, int rowNum) throws SQLException {
Bytes id = Bytes.fromBase64(new String(rs.getString("id").getBytes()));
String name = rs.getString("name");
String displayName = rs.getString("display_name");

return ImmutablePublicKeyCredentialUserEntity.builder().id(id).name(name).displayName(displayName).build();
}

}

}
3 changes: 2 additions & 1 deletion web/src/main/resources/META-INF/spring/aot.factories
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
org.springframework.aot.hint.RuntimeHintsRegistrar=\
org.springframework.security.web.aot.hint.WebMvcSecurityRuntimeHints,\
org.springframework.security.web.aot.hint.UserCredentialRuntimeHints
org.springframework.security.web.aot.hint.UserCredentialRuntimeHints,\
org.springframework.security.web.aot.hint.PublicKeyCredentialUserEntityRuntimeHints
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
create table user_entities
(
id varchar(1000) not null,
name varchar(100) not null,
display_name varchar(200)
);
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
/*
* Copyright 2002-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.springframework.security.web.aot.hint;

import java.util.stream.Stream;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;

import org.springframework.aot.hint.RuntimeHints;
import org.springframework.aot.hint.RuntimeHintsRegistrar;
import org.springframework.aot.hint.predicate.RuntimeHintsPredicates;
import org.springframework.core.io.support.SpringFactoriesLoader;
import org.springframework.util.ClassUtils;

import static org.assertj.core.api.Assertions.assertThat;

/**
* Tests for {@link PublicKeyCredentialUserEntityRuntimeHints}
*
* @author Max Batischev
*/
public class PublicKeyCredentialUserEntityRuntimeHintsTests {

private final RuntimeHints hints = new RuntimeHints();

@BeforeEach
void setup() {
SpringFactoriesLoader.forResourceLocation("META-INF/spring/aot.factories")
.load(RuntimeHintsRegistrar.class)
.forEach((registrar) -> registrar.registerHints(this.hints, ClassUtils.getDefaultClassLoader()));
}

@ParameterizedTest
@MethodSource("getUserEntitiesSqlFiles")
void userEntitiesSqlFilesHasHints(String schemaFile) {
assertThat(RuntimeHintsPredicates.resource().forResource(schemaFile)).accepts(this.hints);
}

private static Stream<String> getUserEntitiesSqlFiles() {
return Stream.of("org/springframework/security/user-entities-schema.sql");
}

}
Loading

0 comments on commit 139a8a0

Please sign in to comment.