diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java index 094375f65..f51dab525 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java @@ -18,7 +18,7 @@ import static java.lang.String.format; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.greaterThan; +import static org.hamcrest.Matchers.greaterThanOrEqualTo; import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.MatcherAssert.assertThat; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; @@ -89,7 +89,7 @@ public void approveGroupRequestAsAdmin() throws Exception { // @formatter:on GroupRequestDto result = mapper.readValue(response, GroupRequestDto.class); - assertThat(result.getLastUpdateTime(), greaterThan(result.getCreationTime())); + assertThat(result.getLastUpdateTime(), greaterThanOrEqualTo(result.getCreationTime())); int mailCount = notificationService.countPendingNotifications(); assertThat(mailCount, equalTo(1)); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java index e1e1be042..78fd83feb 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java @@ -16,11 +16,11 @@ package it.infn.mw.iam.test.api.requests; import static java.lang.String.format; +import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.greaterThan; +import static org.hamcrest.Matchers.greaterThanOrEqualTo; import static org.hamcrest.Matchers.hasSize; -import static org.hamcrest.MatcherAssert.assertThat; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -95,7 +95,7 @@ public void rejectGroupRequestAsAdmin() throws Exception { .getContentAsString(); // @formatter:on GroupRequestDto result = mapper.readValue(response, GroupRequestDto.class); - assertThat(result.getLastUpdateTime(), greaterThan(result.getCreationTime())); + assertThat(result.getLastUpdateTime(), greaterThanOrEqualTo(result.getCreationTime())); int mailCount = notificationService.countPendingNotifications(); assertThat(mailCount, equalTo(1)); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java index 13752e9aa..e7f624966 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java @@ -127,7 +127,7 @@ public void testClientRegistrationAccessTokenWorks() throws Exception { mvc .perform(get(registrationUri).contentType(APPLICATION_JSON) .header("Authorization", "Bearer " + rat)) - .andExpect(status().isNotFound()); + .andExpect(status().isUnauthorized()); } @Test diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java index 94c82d439..fd5248eda 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java @@ -15,6 +15,8 @@ */ package it.infn.mw.iam.test.repository; +import static org.assertj.core.api.Assertions.assertThat; +import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.hasSize; @@ -22,10 +24,14 @@ import java.util.Date; import org.apache.commons.lang.time.DateUtils; +import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; +import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.impl.DefaultOAuth2ProviderTokenService; import org.springframework.beans.factory.annotation.Autowired; @@ -59,12 +65,21 @@ public class IamTokenRepositoryTests { @Autowired private IamOAuthRefreshTokenRepository refreshTokenRepo; + @Autowired + private AuthenticationHolderRepository authenticationHolderRepo; + @Autowired private ClientDetailsEntityService clientDetailsService; @Autowired private DefaultOAuth2ProviderTokenService tokenService; + @Before + public void setup() { + accessTokenRepo.deleteAll(); + refreshTokenRepo.deleteAll(); + } + private OAuth2Authentication oauth2Authentication(ClientDetailsEntity client, String username) { String[] scopes = {}; @@ -164,4 +179,36 @@ public void testRepositoryDoesntRelyOnDbTime() { assertThat(refreshTokenRepo.findValidRefreshTokensForUser(TEST_347_USER, now), hasSize(1)); } + @Test + public void testTokenNoCascadeDeletion() { + OAuth2AccessTokenEntity at = buildAccessToken(loadTestClient(), TEST_347_USER); + OAuth2RefreshTokenEntity rt = at.getRefreshToken(); + AuthenticationHolderEntity ah = at.getAuthenticationHolder(); + accessTokenRepo.delete(at); + assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(false)); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); + refreshTokenRepo.delete(rt); + assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(true)); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); + authenticationHolderRepo.remove(ah); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(false)); + } + + @Test + public void testTokenCascadeDeletion() { + OAuth2AccessTokenEntity at = buildAccessToken(loadTestClient(), TEST_347_USER); + accessTokenRepo.save(at); + OAuth2RefreshTokenEntity rt = at.getRefreshToken(); + refreshTokenRepo.save(rt); + AuthenticationHolderEntity ah = at.getAuthenticationHolder(); + authenticationHolderRepo.save(ah); + assertThat(accessTokenRepo.findAll()).hasSize(1); + assertThat(refreshTokenRepo.findAll()).hasSize(1); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); + authenticationHolderRepo.remove(ah); + assertThat(accessTokenRepo.findAll()).isEmpty(); + assertThat(refreshTokenRepo.findAll()).isEmpty(); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(false)); + } + } diff --git a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql index 81aa1006e..9eceda90d 100644 --- a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql @@ -3,50 +3,50 @@ DELETE from token_scope where owner_id not in (select id from access_token); ALTER TABLE token_scope ALTER COLUMN owner_id SET NOT NULL; ALTER TABLE token_scope ALTER COLUMN scope SET NOT NULL; -ALTER TABLE token_scope ADD FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE token_scope ADD CONSTRAINT FK_token_scope_owner_id FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; -- CLIENT_DETAILS related TABLES DELETE FROM client_request_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_request_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_request_uri ADD CONSTRAINT FK_client_request_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_post_logout_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_post_logout_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_post_logout_redirect_uri ADD CONSTRAINT FK_client_post_logout_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_default_acr_value WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_default_acr_value ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_default_acr_value ADD CONSTRAINT FK_client_default_acr_value_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_contact WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_contact ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_contact ADD CONSTRAINT FK_client_contact_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_redirect_uri ADD CONSTRAINT FK_client_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_claims_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_claims_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_claims_redirect_uri ADD CONSTRAINT FK_client_claims_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_scope WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_scope ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_scope ADD CONSTRAINT FK_client_scope_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; -- AUTHENTICATION HOLDER and related DELETE FROM authentication_holder_scope WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_scope ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_scope ADD CONSTRAINT FK_authentication_holder_scope_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_response_type WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_response_type ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_response_type ADD CONSTRAINT FK_authentication_holder_response_type_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_resource_id WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_resource_id ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_resource_id ADD CONSTRAINT FK_authentication_holder_resource_id_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_request_parameter WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_request_parameter ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_request_parameter ADD CONSTRAINT FK_authentication_holder_request_parameter_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_extension WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_extension ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_extension ADD CONSTRAINT FK_authentication_holder_extension_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_authority WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_authority ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_authority ADD CONSTRAINT FK_authentication_holder_authority_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE id NOT IN (SELECT auth_holder_id FROM access_token) @@ -54,9 +54,9 @@ AND id NOT IN (SELECT auth_holder_id FROM refresh_token) AND id NOT IN (SELECT auth_holder_id FROM authorization_code); DELETE FROM authentication_holder WHERE user_auth_id NOT IN (SELECT id FROM saved_user_auth); -ALTER TABLE authentication_holder ADD FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_user_auth_id FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE client_id NOT IN (SELECT client_id FROM client_details); -ALTER TABLE authentication_holder ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; -- ACCESS TOKEN TABLE and related @@ -64,26 +64,34 @@ DELETE FROM access_token_permissions WHERE access_token_id NOT IN (SELECT id FRO DELETE FROM access_token_permissions WHERE permission_id NOT IN (SELECT id FROM permission); ALTER TABLE access_token_permissions ADD PRIMARY KEY (access_token_id, permission_id); -ALTER TABLE access_token_permissions ADD FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; -ALTER TABLE access_token_permissions ADD FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_access_token_id FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_token); DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; + +DELETE FROM refresh_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; + +-- AUTHORIZATION CODE + +DELETE FROM authorization_code WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE authorization_code ADD CONSTRAINT FK_authorization_code_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); -ALTER TABLE approved_site_scope ADD FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; +ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql index 9cc387506..7604a7fe2 100644 --- a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql @@ -3,50 +3,50 @@ DELETE from token_scope where owner_id not in (select id from access_token); ALTER TABLE token_scope MODIFY COLUMN owner_id bigint(20) NOT NULL; ALTER TABLE token_scope MODIFY COLUMN scope varchar(2048) NOT NULL; -ALTER TABLE token_scope ADD FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE token_scope ADD CONSTRAINT FK_token_scope_owner_id FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; -- CLIENT_DETAILS related TABLES DELETE FROM client_request_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_request_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_request_uri ADD CONSTRAINT FK_client_request_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_post_logout_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_post_logout_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_post_logout_redirect_uri ADD CONSTRAINT FK_client_post_logout_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_default_acr_value WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_default_acr_value ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_default_acr_value ADD CONSTRAINT FK_client_default_acr_value_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_contact WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_contact ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_contact ADD CONSTRAINT FK_client_contact_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_redirect_uri ADD CONSTRAINT FK_client_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_claims_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_claims_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_claims_redirect_uri ADD CONSTRAINT FK_client_claims_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_scope WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_scope ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_scope ADD CONSTRAINT FK_client_scope_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; -- AUTHENTICATION HOLDER and related DELETE FROM authentication_holder_scope WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_scope ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_scope ADD CONSTRAINT FK_authentication_holder_scope_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_response_type WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_response_type ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_response_type ADD CONSTRAINT FK_authentication_holder_response_type_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_resource_id WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_resource_id ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_resource_id ADD CONSTRAINT FK_authentication_holder_resource_id_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_request_parameter WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_request_parameter ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_request_parameter ADD CONSTRAINT FK_authentication_holder_request_parameter_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_extension WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_extension ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_extension ADD CONSTRAINT FK_authentication_holder_extension_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_authority WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_authority ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_authority ADD CONSTRAINT FK_authentication_holder_authority_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE id NOT IN (SELECT auth_holder_id FROM access_token) @@ -54,9 +54,9 @@ AND id NOT IN (SELECT auth_holder_id FROM refresh_token) AND id NOT IN (SELECT auth_holder_id FROM authorization_code); DELETE FROM authentication_holder WHERE user_auth_id NOT IN (SELECT id FROM saved_user_auth); -ALTER TABLE authentication_holder ADD FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_user_auth_id FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE client_id NOT IN (SELECT client_id FROM client_details); -ALTER TABLE authentication_holder ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; -- ACCESS TOKEN TABLE and related @@ -64,26 +64,34 @@ DELETE FROM access_token_permissions WHERE access_token_id NOT IN (SELECT id FRO DELETE FROM access_token_permissions WHERE permission_id NOT IN (SELECT id FROM permission); ALTER TABLE access_token_permissions ADD PRIMARY KEY (access_token_id, permission_id); -ALTER TABLE access_token_permissions ADD FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; -ALTER TABLE access_token_permissions ADD FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_access_token_id FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_token); DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; + +DELETE FROM refresh_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; + +-- AUTHORIZATION CODE + +DELETE FROM authorization_code WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE authorization_code ADD CONSTRAINT FK_authorization_code_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); -ALTER TABLE approved_site_scope ADD FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; +ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE;