From 01a4fd4e27ae279f3828cad7f0c1eda7c0cb67a2 Mon Sep 17 00:00:00 2001 From: rmiccoli Date: Mon, 16 Oct 2023 18:05:49 +0200 Subject: [PATCH 1/4] Add name to foreign keys --- .../db/migration/h2/V96__add_foreign_keys.sql | 48 +++++++++---------- .../migration/mysql/V96__add_foreign_keys.sql | 48 +++++++++---------- 2 files changed, 48 insertions(+), 48 deletions(-) diff --git a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql index 81aa1006e..d05a177a4 100644 --- a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql @@ -3,50 +3,50 @@ DELETE from token_scope where owner_id not in (select id from access_token); ALTER TABLE token_scope ALTER COLUMN owner_id SET NOT NULL; ALTER TABLE token_scope ALTER COLUMN scope SET NOT NULL; -ALTER TABLE token_scope ADD FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE token_scope ADD CONSTRAINT FK_token_scope_owner_id FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; -- CLIENT_DETAILS related TABLES DELETE FROM client_request_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_request_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_request_uri ADD CONSTRAINT FK_client_request_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_post_logout_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_post_logout_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_post_logout_redirect_uri ADD CONSTRAINT FK_client_post_logout_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_default_acr_value WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_default_acr_value ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_default_acr_value ADD CONSTRAINT FK_client_default_acr_value_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_contact WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_contact ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_contact ADD CONSTRAINT FK_client_contact_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_redirect_uri ADD CONSTRAINT FK_client_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_claims_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_claims_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_claims_redirect_uri ADD CONSTRAINT FK_client_claims_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_scope WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_scope ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_scope ADD CONSTRAINT FK_client_scope_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; -- AUTHENTICATION HOLDER and related DELETE FROM authentication_holder_scope WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_scope ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_scope ADD CONSTRAINT FK_authentication_holder_scope_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_response_type WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_response_type ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_response_type ADD CONSTRAINT FK_authentication_holder_response_type_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_resource_id WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_resource_id ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_resource_id ADD CONSTRAINT FK_authentication_holder_resource_id_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_request_parameter WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_request_parameter ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_request_parameter ADD CONSTRAINT FK_authentication_holder_request_parameter_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_extension WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_extension ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_extension ADD CONSTRAINT FK_authentication_holder_extension_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_authority WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_authority ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_authority ADD CONSTRAINT FK_authentication_holder_authority_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE id NOT IN (SELECT auth_holder_id FROM access_token) @@ -54,9 +54,9 @@ AND id NOT IN (SELECT auth_holder_id FROM refresh_token) AND id NOT IN (SELECT auth_holder_id FROM authorization_code); DELETE FROM authentication_holder WHERE user_auth_id NOT IN (SELECT id FROM saved_user_auth); -ALTER TABLE authentication_holder ADD FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_user_auth_id FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE client_id NOT IN (SELECT client_id FROM client_details); -ALTER TABLE authentication_holder ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; -- ACCESS TOKEN TABLE and related @@ -64,26 +64,26 @@ DELETE FROM access_token_permissions WHERE access_token_id NOT IN (SELECT id FRO DELETE FROM access_token_permissions WHERE permission_id NOT IN (SELECT id FROM permission); ALTER TABLE access_token_permissions ADD PRIMARY KEY (access_token_id, permission_id); -ALTER TABLE access_token_permissions ADD FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; -ALTER TABLE access_token_permissions ADD FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_access_token_id FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_token); DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); -ALTER TABLE approved_site_scope ADD FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; +ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql index 9cc387506..386d20565 100644 --- a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql @@ -3,50 +3,50 @@ DELETE from token_scope where owner_id not in (select id from access_token); ALTER TABLE token_scope MODIFY COLUMN owner_id bigint(20) NOT NULL; ALTER TABLE token_scope MODIFY COLUMN scope varchar(2048) NOT NULL; -ALTER TABLE token_scope ADD FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE token_scope ADD CONSTRAINT FK_token_scope_owner_id FOREIGN KEY (owner_id) REFERENCES access_token (id) ON DELETE CASCADE; -- CLIENT_DETAILS related TABLES DELETE FROM client_request_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_request_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_request_uri ADD CONSTRAINT FK_client_request_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_post_logout_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_post_logout_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_post_logout_redirect_uri ADD CONSTRAINT FK_client_post_logout_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_default_acr_value WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_default_acr_value ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_default_acr_value ADD CONSTRAINT FK_client_default_acr_value_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_contact WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_contact ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_contact ADD CONSTRAINT FK_client_contact_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_redirect_uri ADD CONSTRAINT FK_client_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_claims_redirect_uri WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_claims_redirect_uri ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_claims_redirect_uri ADD CONSTRAINT FK_client_claims_redirect_uri_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; DELETE FROM client_scope WHERE owner_id NOT IN (SELECT id FROM client_details); -ALTER TABLE client_scope ADD FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE client_scope ADD CONSTRAINT FK_client_scope_owner_id FOREIGN KEY (owner_id) REFERENCES client_details (id) ON DELETE CASCADE; -- AUTHENTICATION HOLDER and related DELETE FROM authentication_holder_scope WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_scope ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_scope ADD CONSTRAINT FK_authentication_holder_scope_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_response_type WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_response_type ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_response_type ADD CONSTRAINT FK_authentication_holder_response_type_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_resource_id WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_resource_id ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_resource_id ADD CONSTRAINT FK_authentication_holder_resource_id_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_request_parameter WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_request_parameter ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_request_parameter ADD CONSTRAINT FK_authentication_holder_request_parameter_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_extension WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_extension ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_extension ADD CONSTRAINT FK_authentication_holder_extension_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder_authority WHERE owner_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE authentication_holder_authority ADD FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder_authority ADD CONSTRAINT FK_authentication_holder_authority_owner_id FOREIGN KEY (owner_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE id NOT IN (SELECT auth_holder_id FROM access_token) @@ -54,9 +54,9 @@ AND id NOT IN (SELECT auth_holder_id FROM refresh_token) AND id NOT IN (SELECT auth_holder_id FROM authorization_code); DELETE FROM authentication_holder WHERE user_auth_id NOT IN (SELECT id FROM saved_user_auth); -ALTER TABLE authentication_holder ADD FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_user_auth_id FOREIGN KEY (user_auth_id) REFERENCES saved_user_auth (id) ON DELETE CASCADE; DELETE FROM authentication_holder WHERE client_id NOT IN (SELECT client_id FROM client_details); -ALTER TABLE authentication_holder ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; +ALTER TABLE authentication_holder ADD CONSTRAINT FK_authentication_holder_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; -- ACCESS TOKEN TABLE and related @@ -64,26 +64,26 @@ DELETE FROM access_token_permissions WHERE access_token_id NOT IN (SELECT id FRO DELETE FROM access_token_permissions WHERE permission_id NOT IN (SELECT id FROM permission); ALTER TABLE access_token_permissions ADD PRIMARY KEY (access_token_id, permission_id); -ALTER TABLE access_token_permissions ADD FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; -ALTER TABLE access_token_permissions ADD FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_access_token_id FOREIGN KEY (access_token_id) REFERENCES access_token (id) ON DELETE CASCADE; +ALTER TABLE access_token_permissions ADD CONSTRAINT FK_access_token_permissions_permission_id FOREIGN KEY (permission_id) REFERENCES permission (id) ON DELETE CASCADE; DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_token); DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); -ALTER TABLE approved_site_scope ADD FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; +ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; From f1e833d5b7834cec21f76a70269c2d5b81318813 Mon Sep 17 00:00:00 2001 From: Enrico Vianello Date: Mon, 23 Oct 2023 12:47:41 +0200 Subject: [PATCH 2/4] Broken test on delete cascade --- .../requests/GroupRequestsApproveTests.java | 4 +-- .../requests/GroupRequestsRejectTests.java | 6 ++-- .../ClientRegistrationTests.java | 2 +- .../repository/IamTokenRepositoryTests.java | 33 +++++++++++++++++++ .../db/migration/h2/V96__add_foreign_keys.sql | 18 +++++++--- .../migration/mysql/V96__add_foreign_keys.sql | 18 +++++++--- 6 files changed, 65 insertions(+), 16 deletions(-) diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java index 094375f65..f51dab525 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsApproveTests.java @@ -18,7 +18,7 @@ import static java.lang.String.format; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.greaterThan; +import static org.hamcrest.Matchers.greaterThanOrEqualTo; import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.MatcherAssert.assertThat; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; @@ -89,7 +89,7 @@ public void approveGroupRequestAsAdmin() throws Exception { // @formatter:on GroupRequestDto result = mapper.readValue(response, GroupRequestDto.class); - assertThat(result.getLastUpdateTime(), greaterThan(result.getCreationTime())); + assertThat(result.getLastUpdateTime(), greaterThanOrEqualTo(result.getCreationTime())); int mailCount = notificationService.countPendingNotifications(); assertThat(mailCount, equalTo(1)); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java index e1e1be042..78fd83feb 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/api/requests/GroupRequestsRejectTests.java @@ -16,11 +16,11 @@ package it.infn.mw.iam.test.api.requests; import static java.lang.String.format; +import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.greaterThan; +import static org.hamcrest.Matchers.greaterThanOrEqualTo; import static org.hamcrest.Matchers.hasSize; -import static org.hamcrest.MatcherAssert.assertThat; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -95,7 +95,7 @@ public void rejectGroupRequestAsAdmin() throws Exception { .getContentAsString(); // @formatter:on GroupRequestDto result = mapper.readValue(response, GroupRequestDto.class); - assertThat(result.getLastUpdateTime(), greaterThan(result.getCreationTime())); + assertThat(result.getLastUpdateTime(), greaterThanOrEqualTo(result.getCreationTime())); int mailCount = notificationService.countPendingNotifications(); assertThat(mailCount, equalTo(1)); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java index 13752e9aa..e7f624966 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/oauth/client_registration/ClientRegistrationTests.java @@ -127,7 +127,7 @@ public void testClientRegistrationAccessTokenWorks() throws Exception { mvc .perform(get(registrationUri).contentType(APPLICATION_JSON) .header("Authorization", "Bearer " + rat)) - .andExpect(status().isNotFound()); + .andExpect(status().isUnauthorized()); } @Test diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java index 94c82d439..f3c3c7a04 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java @@ -15,6 +15,7 @@ */ package it.infn.mw.iam.test.repository; +import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.hasSize; @@ -24,8 +25,11 @@ import org.apache.commons.lang.time.DateUtils; import org.junit.Test; import org.junit.runner.RunWith; +import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; +import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.impl.DefaultOAuth2ProviderTokenService; import org.springframework.beans.factory.annotation.Autowired; @@ -59,6 +63,9 @@ public class IamTokenRepositoryTests { @Autowired private IamOAuthRefreshTokenRepository refreshTokenRepo; + @Autowired + private AuthenticationHolderRepository authenticationHolderRepo; + @Autowired private ClientDetailsEntityService clientDetailsService; @@ -164,4 +171,30 @@ public void testRepositoryDoesntRelyOnDbTime() { assertThat(refreshTokenRepo.findValidRefreshTokensForUser(TEST_347_USER, now), hasSize(1)); } + @Test + public void testTokenNoCascadeDeletion() { + OAuth2AccessTokenEntity at = buildAccessToken(loadTestClient(), TEST_347_USER); + OAuth2RefreshTokenEntity rt = at.getRefreshToken(); + AuthenticationHolderEntity ah = at.getAuthenticationHolder(); + accessTokenRepo.delete(at); + assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(false)); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); + refreshTokenRepo.delete(rt); + assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(true)); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); + authenticationHolderRepo.remove(ah); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(false)); + } + + @Test + public void testTokenCascadeDeletion() { + OAuth2AccessTokenEntity at = buildAccessToken(loadTestClient(), TEST_347_USER); + OAuth2RefreshTokenEntity rt = at.getRefreshToken(); + AuthenticationHolderEntity ah = at.getAuthenticationHolder(); + authenticationHolderRepo.remove(ah); + assertThat(accessTokenRepo.findById(at.getId()).isEmpty(), is(true)); + assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(true)); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(false)); + } + } diff --git a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql index d05a177a4..9eceda90d 100644 --- a/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/h2/V96__add_foreign_keys.sql @@ -71,19 +71,27 @@ DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_t DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; + +DELETE FROM refresh_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; + +-- AUTHORIZATION CODE + +DELETE FROM authorization_code WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE authorization_code ADD CONSTRAINT FK_authorization_code_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql index 386d20565..7604a7fe2 100644 --- a/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql +++ b/iam-persistence/src/main/resources/db/migration/mysql/V96__add_foreign_keys.sql @@ -71,19 +71,27 @@ DELETE FROM access_token WHERE refresh_token_id NOT IN (SELECT id FROM refresh_t DELETE FROM access_token WHERE client_id NOT IN (SELECT id FROM client_details); DELETE FROM access_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; -ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE SET NULL; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_refresh_token_id FOREIGN KEY (refresh_token_id) REFERENCES refresh_token (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; +ALTER TABLE access_token ADD CONSTRAINT FK_access_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- REFRESH TOKEN DELETE FROM refresh_token WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE SET NULL; +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_client_id FOREIGN KEY (client_id) REFERENCES client_details (id) ON DELETE CASCADE; + +DELETE FROM refresh_token WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE refresh_token ADD CONSTRAINT FK_refresh_token_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; + +-- AUTHORIZATION CODE + +DELETE FROM authorization_code WHERE auth_holder_id NOT IN (SELECT id FROM authentication_holder); +ALTER TABLE authorization_code ADD CONSTRAINT FK_authorization_code_auth_holder_id FOREIGN KEY (auth_holder_id) REFERENCES authentication_holder (id) ON DELETE CASCADE; -- APPROVED SITE DELETE FROM approved_site WHERE client_id NOT IN (SELECT id FROM client_details); -ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE SET NULL; +ALTER TABLE approved_site ADD CONSTRAINT FK_approved_site_client_id FOREIGN KEY (client_id) REFERENCES client_details (client_id) ON UPDATE CASCADE ON DELETE CASCADE; DELETE FROM approved_site_scope WHERE owner_id NOT IN (SELECT id FROM approved_site); ALTER TABLE approved_site_scope ADD CONSTRAINT FK_approved_site_scope_owner_id FOREIGN KEY (owner_id) REFERENCES approved_site (id) ON DELETE CASCADE; From 0c76dc573371fa3ce35664a009d7bfc555e8c944 Mon Sep 17 00:00:00 2001 From: rmiccoli Date: Tue, 24 Oct 2023 12:16:14 +0200 Subject: [PATCH 3/4] Fix test --- .../iam/test/repository/IamTokenRepositoryTests.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java index f3c3c7a04..77f27d9a5 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java @@ -15,6 +15,7 @@ */ package it.infn.mw.iam.test.repository; +import static org.assertj.core.api.Assertions.assertThat; import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.hasSize; @@ -189,11 +190,17 @@ public void testTokenNoCascadeDeletion() { @Test public void testTokenCascadeDeletion() { OAuth2AccessTokenEntity at = buildAccessToken(loadTestClient(), TEST_347_USER); + accessTokenRepo.save(at); OAuth2RefreshTokenEntity rt = at.getRefreshToken(); + refreshTokenRepo.save(rt); AuthenticationHolderEntity ah = at.getAuthenticationHolder(); + authenticationHolderRepo.save(ah); + assertThat(accessTokenRepo.findAll()).hasSize(1); + assertThat(refreshTokenRepo.findAll()).hasSize(1); + assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(true)); authenticationHolderRepo.remove(ah); - assertThat(accessTokenRepo.findById(at.getId()).isEmpty(), is(true)); - assertThat(refreshTokenRepo.findById(rt.getId()).isEmpty(), is(true)); + assertThat(accessTokenRepo.findAll()).isEmpty(); + assertThat(refreshTokenRepo.findAll()).isEmpty(); assertThat(authenticationHolderRepo.getById(ah.getId()) != null, is(false)); } From fb62b7fa41a6023320dbb07b002d1876978b9c4b Mon Sep 17 00:00:00 2001 From: rmiccoli Date: Tue, 24 Oct 2023 13:07:32 +0200 Subject: [PATCH 4/4] Clear ATs and RTs from repo before running tests --- .../mw/iam/test/repository/IamTokenRepositoryTests.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java index 77f27d9a5..fd5248eda 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/repository/IamTokenRepositoryTests.java @@ -24,6 +24,7 @@ import java.util.Date; import org.apache.commons.lang.time.DateUtils; +import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.oauth2.model.AuthenticationHolderEntity; @@ -73,6 +74,12 @@ public class IamTokenRepositoryTests { @Autowired private DefaultOAuth2ProviderTokenService tokenService; + @Before + public void setup() { + accessTokenRepo.deleteAll(); + refreshTokenRepo.deleteAll(); + } + private OAuth2Authentication oauth2Authentication(ClientDetailsEntity client, String username) { String[] scopes = {};