Polish JdbcOAuth2AuthorizationService

Issue gh-304

Author: jgrandja

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java

@@ -61,7 +61,6 @@
 
 /**
  * A JDBC implementation of an {@link OAuth2AuthorizationService} that uses a
- * <p>
  * {@link JdbcOperations} for {@link OAuth2Authorization} persistence.
  *
  * <p>
@@ -71,11 +70,11 @@
  * therefore MUST be defined in the database schema.
  *
  * @author Ovidiu Popa
+ * @since 0.1.2
  * @see OAuth2AuthorizationService
  * @see OAuth2Authorization
  * @see JdbcOperations
  * @see RowMapper
- * @since 0.1.2
  */
 public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationService {
 
@@ -110,8 +109,7 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic
 
 	private static final String PK_FILTER = "id = ?";
 	private static final String UNKNOWN_TOKEN_TYPE_FILTER = "state = ? OR authorization_code_value = ? OR " +
-			"access_token_value = ? OR " +
-			"refresh_token_value = ?";
+			"access_token_value = ? OR refresh_token_value = ?";
 
 	private static final String STATE_FILTER = "state = ?";
 	private static final String AUTHORIZATION_CODE_FILTER = "authorization_code_value = ?";
@@ -126,7 +124,7 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic
 
 	// @formatter:off
 	private static final String SAVE_AUTHORIZATION_SQL = "INSERT INTO " + TABLE_NAME
-			+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?)";
+			+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
 	// @formatter:on
 
 	// @formatter:off
@@ -180,7 +178,6 @@ public JdbcOAuth2AuthorizationService(JdbcOperations jdbcOperations,
 	@Override
 	public void save(OAuth2Authorization authorization) {
 		Assert.notNull(authorization, "authorization cannot be null");
-
 		OAuth2Authorization existingAuthorization = findById(authorization.getId());
 		if (existingAuthorization == null) {
 			insertAuthorization(authorization);
@@ -529,7 +526,6 @@ private <T extends AbstractOAuth2Token> List<SqlParameterValue> toSqlParameterLi
 				if (token.getToken().getIssuedAt() != null) {
 					tokenIssuedAt = Timestamp.from(token.getToken().getIssuedAt());
 				}
-
 				if (token.getToken().getExpiresAt() != null) {
 					tokenExpiresAt = Timestamp.from(token.getToken().getExpiresAt());
 				}
@@ -553,7 +549,6 @@ private String writeMap(Map<String, Object> data) {
 	}
 
 	private static final class LobCreatorArgumentPreparedStatementSetter extends ArgumentPreparedStatementSetter {
-
 		private final LobCreator lobCreator;
 
 		private LobCreatorArgumentPreparedStatementSetter(LobCreator lobCreator, Object[] args) {

oauth2-authorization-server/src/main/resources/org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql

@@ -4,24 +4,24 @@ CREATE TABLE oauth2_authorization (
     principal_name varchar(200) NOT NULL,
     authorization_grant_type varchar(100) NOT NULL,
     attributes varchar(4000) DEFAULT NULL,
-    state varchar(1000) DEFAULT NULL,
+    state varchar(500) DEFAULT NULL,
     authorization_code_value blob DEFAULT NULL,
     authorization_code_issued_at timestamp DEFAULT NULL,
     authorization_code_expires_at timestamp DEFAULT NULL,
-    authorization_code_metadata varchar(1000) DEFAULT NULL,
+    authorization_code_metadata varchar(2000) DEFAULT NULL,
     access_token_value blob DEFAULT NULL,
     access_token_issued_at timestamp DEFAULT NULL,
     access_token_expires_at timestamp DEFAULT NULL,
-    access_token_metadata varchar(1000) DEFAULT NULL,
+    access_token_metadata varchar(2000) DEFAULT NULL,
     access_token_type varchar(100) DEFAULT NULL,
     access_token_scopes varchar(1000) DEFAULT NULL,
     oidc_id_token_value blob DEFAULT NULL,
     oidc_id_token_issued_at timestamp DEFAULT NULL,
     oidc_id_token_expires_at timestamp DEFAULT NULL,
-    oidc_id_token_metadata varchar(1000) DEFAULT NULL,
+    oidc_id_token_metadata varchar(2000) DEFAULT NULL,
     refresh_token_value blob DEFAULT NULL,
     refresh_token_issued_at timestamp DEFAULT NULL,
     refresh_token_expires_at timestamp DEFAULT NULL,
-    refresh_token_metadata varchar(1000) DEFAULT NULL,
+    refresh_token_metadata varchar(2000) DEFAULT NULL,
     PRIMARY KEY (id)
 );

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java

@@ -29,7 +29,6 @@
 import java.util.function.Function;
 
 import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -210,7 +209,7 @@ public void saveLoadAuthorizationWhenCustomStrategiesSetThenCalled() throws Exce
 				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
 				.token(AUTHORIZATION_CODE)
 				.build();
-		ObjectMapper objectMapper = new ObjectMapper();
+
 		RowMapper<OAuth2Authorization> authorizationRowMapper = spy(
 				new JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper(
 						this.registeredClientRepository));
@@ -252,7 +251,7 @@ public void removeWhenAuthorizationProvidedThenRemoved() {
 				AUTHORIZATION_CODE.getTokenValue(), AUTHORIZATION_CODE_TOKEN_TYPE);
 		assertThat(authorization).isEqualTo(expectedAuthorization);
 
-		this.authorizationService.remove(expectedAuthorization);
+		this.authorizationService.remove(authorization);
 		authorization = this.authorizationService.findByToken(
 				AUTHORIZATION_CODE.getTokenValue(), AUTHORIZATION_CODE_TOKEN_TYPE);
 		assertThat(authorization).isNull();
@@ -463,8 +462,7 @@ private static final class CustomJdbcOAuth2AuthorizationService extends JdbcOAut
 
 		private static final String PK_FILTER = "id = ?";
 		private static final String UNKNOWN_TOKEN_TYPE_FILTER = "state = ? OR authorizationCodeValue = ? OR " +
-				"accessTokenValue = ? OR " +
-				"refreshTokenValue = ?";
+				"accessTokenValue = ? OR refreshTokenValue = ?";
 
 		// @formatter:off
 		private static final String LOAD_AUTHORIZATION_SQL = "SELECT " + COLUMN_NAMES
@@ -474,12 +472,12 @@ private static final class CustomJdbcOAuth2AuthorizationService extends JdbcOAut
 
 		// @formatter:off
 		private static final String SAVE_AUTHORIZATION_SQL = "INSERT INTO " + TABLE_NAME
-				+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?)";
+				+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
 		// @formatter:on
 
 		private static final String REMOVE_AUTHORIZATION_SQL = "DELETE FROM " + TABLE_NAME + " WHERE " + PK_FILTER;
 
-		CustomJdbcOAuth2AuthorizationService(JdbcOperations jdbcOperations,
+		private CustomJdbcOAuth2AuthorizationService(JdbcOperations jdbcOperations,
 				RegisteredClientRepository registeredClientRepository) {
 			super(jdbcOperations, registeredClientRepository);
 			setAuthorizationRowMapper(new CustomOAuth2AuthorizationRowMapper(registeredClientRepository));
@@ -520,7 +518,7 @@ private OAuth2Authorization findBy(String filter, Object... args) {
 
 		private static final class CustomOAuth2AuthorizationRowMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper {
 
-			CustomOAuth2AuthorizationRowMapper(RegisteredClientRepository registeredClientRepository) {
+			private CustomOAuth2AuthorizationRowMapper(RegisteredClientRepository registeredClientRepository) {
 				super(registeredClientRepository);
 			}
 
@@ -682,7 +680,6 @@ private <T extends AbstractOAuth2Token> List<SqlParameterValue> toSqlParameterLi
 					if (token.getToken().getIssuedAt() != null) {
 						tokenIssuedAt = Timestamp.from(token.getToken().getIssuedAt());
 					}
-
 					if (token.getToken().getExpiresAt() != null) {
 						tokenExpiresAt = Timestamp.from(token.getToken().getExpiresAt());
 					}

oauth2-authorization-server/src/test/resources/org/springframework/security/oauth2/server/authorization/custom-oauth2-authorization-schema.sql

@@ -4,24 +4,24 @@ CREATE TABLE oauth2Authorization (
     principalName varchar(200) NOT NULL,
     authorizationGrantType varchar(100) NOT NULL,
     attributes varchar(4000) DEFAULT NULL,
-    state varchar(1000) DEFAULT NULL,
+    state varchar(500) DEFAULT NULL,
     authorizationCodeValue varchar(1000) DEFAULT NULL,
     authorizationCodeIssuedAt timestamp DEFAULT NULL,
     authorizationCodeExpiresAt timestamp DEFAULT NULL,
-    authorizationCodeMetadata varchar(1000) DEFAULT NULL,
+    authorizationCodeMetadata varchar(2000) DEFAULT NULL,
     accessTokenValue varchar(1000) DEFAULT NULL,
     accessTokenIssuedAt timestamp DEFAULT NULL,
     accessTokenExpiresAt timestamp DEFAULT NULL,
-    accessTokenMetadata varchar(1000) DEFAULT NULL,
+    accessTokenMetadata varchar(2000) DEFAULT NULL,
     accessTokenType varchar(100) DEFAULT NULL,
     accessTokenScopes varchar(1000) DEFAULT NULL,
     oidcIdTokenValue varchar(1000) DEFAULT NULL,
     oidcIdTokenIssuedAt timestamp DEFAULT NULL,
     oidcIdTokenExpiresAt timestamp DEFAULT NULL,
-    oidcIdTokenMetadata varchar(1000) DEFAULT NULL,
+    oidcIdTokenMetadata varchar(2000) DEFAULT NULL,
     refreshTokenValue varchar(1000) DEFAULT NULL,
     refreshTokenIssuedAt timestamp DEFAULT NULL,
     refreshTokenExpiresAt timestamp DEFAULT NULL,
-    refreshTokenMetadata varchar(1000) DEFAULT NULL,
+    refreshTokenMetadata varchar(2000) DEFAULT NULL,
     PRIMARY KEY (id)
 );