forked from spring-projects/spring-security
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Support JdbcPublicKeyCredentialUserEntityRepository
Closes spring-projectsgh-16224
- Loading branch information
1 parent
7b07ef5
commit fd267df
Showing
6 changed files
with
483 additions
and
1 deletion.
There are no files selected for viewing
40 changes: 40 additions & 0 deletions
40
.../org/springframework/security/web/aot/hint/PublicKeyCredentialUserEntityRuntimeHints.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
/* | ||
* Copyright 2002-2024 the original author or authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.springframework.security.web.aot.hint; | ||
|
||
import org.springframework.aot.hint.RuntimeHints; | ||
import org.springframework.aot.hint.RuntimeHintsRegistrar; | ||
import org.springframework.jdbc.core.JdbcOperations; | ||
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; | ||
import org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository; | ||
|
||
/** | ||
* | ||
* A JDBC implementation of an {@link PublicKeyCredentialUserEntityRepository} that uses a | ||
* {@link JdbcOperations} for {@link PublicKeyCredentialUserEntity} persistence. | ||
* | ||
* @author Max Batischev | ||
* @since 6.5 | ||
*/ | ||
class PublicKeyCredentialUserEntityRuntimeHints implements RuntimeHintsRegistrar { | ||
|
||
@Override | ||
public void registerHints(RuntimeHints hints, ClassLoader classLoader) { | ||
hints.resources().registerPattern("org/springframework/security/user-entities-schema.sql"); | ||
} | ||
|
||
} |
193 changes: 193 additions & 0 deletions
193
...amework/security/web/webauthn/management/JdbcPublicKeyCredentialUserEntityRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,193 @@ | ||
/* | ||
* Copyright 2002-2024 the original author or authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.springframework.security.web.webauthn.management; | ||
|
||
import java.sql.ResultSet; | ||
import java.sql.SQLException; | ||
import java.sql.Types; | ||
import java.util.ArrayList; | ||
import java.util.List; | ||
import java.util.function.Function; | ||
|
||
import org.springframework.dao.DuplicateKeyException; | ||
import org.springframework.jdbc.core.ArgumentPreparedStatementSetter; | ||
import org.springframework.jdbc.core.JdbcOperations; | ||
import org.springframework.jdbc.core.PreparedStatementSetter; | ||
import org.springframework.jdbc.core.RowMapper; | ||
import org.springframework.jdbc.core.SqlParameterValue; | ||
import org.springframework.security.web.webauthn.api.Bytes; | ||
import org.springframework.security.web.webauthn.api.ImmutablePublicKeyCredentialUserEntity; | ||
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity; | ||
import org.springframework.util.Assert; | ||
|
||
/** | ||
* A JDBC implementation of an {@link PublicKeyCredentialUserEntityRepository} that uses a | ||
* {@link JdbcOperations} for {@link PublicKeyCredentialUserEntity} persistence. | ||
* | ||
* <b>NOTE:</b> This {@code PublicKeyCredentialUserEntityRepository} depends on the table | ||
* definition described in | ||
* "classpath:org/springframework/security/user-entities-schema.sql" and therefore MUST be | ||
* defined in the database schema. | ||
* | ||
* @author Max Batischev | ||
* @since 6.5 | ||
* @see PublicKeyCredentialUserEntityRepository | ||
* @see PublicKeyCredentialUserEntity | ||
* @see JdbcOperations | ||
* @see RowMapper | ||
*/ | ||
public final class JdbcPublicKeyCredentialUserEntityRepository implements PublicKeyCredentialUserEntityRepository { | ||
|
||
private RowMapper<PublicKeyCredentialUserEntity> userEntityRowMapper = new UserEntityRecordRowMapper(); | ||
|
||
private Function<PublicKeyCredentialUserEntity, List<SqlParameterValue>> userEntityParametersMapper = new UserEntityParametersMapper(); | ||
|
||
private final JdbcOperations jdbcOperations; | ||
|
||
private static final String TABLE_NAME = "user_entities"; | ||
|
||
// @formatter:off | ||
private static final String COLUMN_NAMES = "id, " | ||
+ "name, " | ||
+ "display_name "; | ||
// @formatter:on | ||
|
||
// @formatter:off | ||
private static final String SAVE_USER_SQL = "INSERT INTO " + TABLE_NAME | ||
+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?)"; | ||
// @formatter:on | ||
|
||
private static final String ID_FILTER = "id = ? "; | ||
|
||
private static final String USER_NAME_FILTER = "name = ? "; | ||
|
||
// @formatter:off | ||
private static final String FIND_USER_BY_ID_SQL = "SELECT " + COLUMN_NAMES | ||
+ " FROM " + TABLE_NAME | ||
+ " WHERE " + ID_FILTER; | ||
// @formatter:on | ||
|
||
// @formatter:off | ||
private static final String FIND_USER_BY_NAME_SQL = "SELECT " + COLUMN_NAMES | ||
+ " FROM " + TABLE_NAME | ||
+ " WHERE " + USER_NAME_FILTER; | ||
// @formatter:on | ||
|
||
private static final String DELETE_USER_SQL = "DELETE FROM " + TABLE_NAME + " WHERE " + ID_FILTER; | ||
|
||
// @formatter:off | ||
private static final String UPDATE_USER_SQL = "UPDATE " + TABLE_NAME | ||
+ " SET name = ?, display_name = ? " | ||
+ " WHERE " + ID_FILTER; | ||
// @formatter:on | ||
|
||
/** | ||
* Constructs a {@code JdbcPublicKeyCredentialUserEntityRepository} using the provided | ||
* parameters. | ||
* @param jdbcOperations the JDBC operations | ||
*/ | ||
public JdbcPublicKeyCredentialUserEntityRepository(JdbcOperations jdbcOperations) { | ||
Assert.notNull(jdbcOperations, "jdbcOperations cannot be null"); | ||
this.jdbcOperations = jdbcOperations; | ||
} | ||
|
||
@Override | ||
public PublicKeyCredentialUserEntity findById(Bytes id) { | ||
Assert.notNull(id, "id cannot be null"); | ||
List<PublicKeyCredentialUserEntity> result = this.jdbcOperations.query(FIND_USER_BY_ID_SQL, | ||
this.userEntityRowMapper, id.toBase64UrlString()); | ||
return !result.isEmpty() ? result.get(0) : null; | ||
} | ||
|
||
@Override | ||
public PublicKeyCredentialUserEntity findByUsername(String username) { | ||
Assert.hasText(username, "name cannot be null or empty"); | ||
List<PublicKeyCredentialUserEntity> result = this.jdbcOperations.query(FIND_USER_BY_NAME_SQL, | ||
this.userEntityRowMapper, username); | ||
return !result.isEmpty() ? result.get(0) : null; | ||
} | ||
|
||
@Override | ||
public void save(PublicKeyCredentialUserEntity userEntity) { | ||
Assert.notNull(userEntity, "userEntity cannot be null"); | ||
boolean existsUserEntity = null != this.findById(userEntity.getId()); | ||
if (existsUserEntity) { | ||
updateUserEntity(userEntity); | ||
} | ||
else { | ||
try { | ||
insertUserEntity(userEntity); | ||
} | ||
catch (DuplicateKeyException ex) { | ||
updateUserEntity(userEntity); | ||
} | ||
} | ||
} | ||
|
||
private void insertUserEntity(PublicKeyCredentialUserEntity userEntity) { | ||
List<SqlParameterValue> parameters = this.userEntityParametersMapper.apply(userEntity); | ||
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray()); | ||
this.jdbcOperations.update(SAVE_USER_SQL, pss); | ||
} | ||
|
||
private void updateUserEntity(PublicKeyCredentialUserEntity userEntity) { | ||
List<SqlParameterValue> parameters = this.userEntityParametersMapper.apply(userEntity); | ||
SqlParameterValue userEntityId = parameters.remove(0); | ||
parameters.add(userEntityId); | ||
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray()); | ||
this.jdbcOperations.update(UPDATE_USER_SQL, pss); | ||
} | ||
|
||
@Override | ||
public void delete(Bytes id) { | ||
Assert.notNull(id, "id cannot be null"); | ||
SqlParameterValue[] parameters = new SqlParameterValue[] { | ||
new SqlParameterValue(Types.VARCHAR, id.toBase64UrlString()), }; | ||
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters); | ||
this.jdbcOperations.update(DELETE_USER_SQL, pss); | ||
} | ||
|
||
private static class UserEntityParametersMapper | ||
implements Function<PublicKeyCredentialUserEntity, List<SqlParameterValue>> { | ||
|
||
@Override | ||
public List<SqlParameterValue> apply(PublicKeyCredentialUserEntity userEntity) { | ||
List<SqlParameterValue> parameters = new ArrayList<>(); | ||
|
||
parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getId().toBase64UrlString())); | ||
parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getName())); | ||
parameters.add(new SqlParameterValue(Types.VARCHAR, userEntity.getDisplayName())); | ||
|
||
return parameters; | ||
} | ||
|
||
} | ||
|
||
private static class UserEntityRecordRowMapper implements RowMapper<PublicKeyCredentialUserEntity> { | ||
|
||
@Override | ||
public PublicKeyCredentialUserEntity mapRow(ResultSet rs, int rowNum) throws SQLException { | ||
Bytes id = Bytes.fromBase64(new String(rs.getString("id").getBytes())); | ||
String name = rs.getString("name"); | ||
String displayName = rs.getString("display_name"); | ||
|
||
return ImmutablePublicKeyCredentialUserEntity.builder().id(id).name(name).displayName(displayName).build(); | ||
} | ||
|
||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
org.springframework.aot.hint.RuntimeHintsRegistrar=\ | ||
org.springframework.security.web.aot.hint.WebMvcSecurityRuntimeHints,\ | ||
org.springframework.security.web.aot.hint.UserCredentialRuntimeHints | ||
org.springframework.security.web.aot.hint.UserCredentialRuntimeHints,\ | ||
org.springframework.security.web.aot.hint.PublicKeyCredentialUserEntityRuntimeHints |
7 changes: 7 additions & 0 deletions
7
web/src/main/resources/org/springframework/security/user-entities-schema.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
create table user_entities | ||
( | ||
id varchar(1000) not null, | ||
name varchar(100) not null, | ||
display_name varchar(200), | ||
primary key (id) | ||
); |
59 changes: 59 additions & 0 deletions
59
...springframework/security/web/aot/hint/PublicKeyCredentialUserEntityRuntimeHintsTests.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
/* | ||
* Copyright 2002-2024 the original author or authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.springframework.security.web.aot.hint; | ||
|
||
import java.util.stream.Stream; | ||
|
||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.params.ParameterizedTest; | ||
import org.junit.jupiter.params.provider.MethodSource; | ||
|
||
import org.springframework.aot.hint.RuntimeHints; | ||
import org.springframework.aot.hint.RuntimeHintsRegistrar; | ||
import org.springframework.aot.hint.predicate.RuntimeHintsPredicates; | ||
import org.springframework.core.io.support.SpringFactoriesLoader; | ||
import org.springframework.util.ClassUtils; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
/** | ||
* Tests for {@link PublicKeyCredentialUserEntityRuntimeHints} | ||
* | ||
* @author Max Batischev | ||
*/ | ||
public class PublicKeyCredentialUserEntityRuntimeHintsTests { | ||
|
||
private final RuntimeHints hints = new RuntimeHints(); | ||
|
||
@BeforeEach | ||
void setup() { | ||
SpringFactoriesLoader.forResourceLocation("META-INF/spring/aot.factories") | ||
.load(RuntimeHintsRegistrar.class) | ||
.forEach((registrar) -> registrar.registerHints(this.hints, ClassUtils.getDefaultClassLoader())); | ||
} | ||
|
||
@ParameterizedTest | ||
@MethodSource("getUserEntitiesSqlFiles") | ||
void userEntitiesSqlFilesHasHints(String schemaFile) { | ||
assertThat(RuntimeHintsPredicates.resource().forResource(schemaFile)).accepts(this.hints); | ||
} | ||
|
||
private static Stream<String> getUserEntitiesSqlFiles() { | ||
return Stream.of("org/springframework/security/user-entities-schema.sql"); | ||
} | ||
|
||
} |
Oops, something went wrong.