Adding attributes to the auth code table and more

ORCID · Oct 15, 2024 · 9618351 · 9618351
1 parent 50456ef
commit 9618351
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 49 deletions.
diff --git a/orcid-core/src/main/java/org/orcid/core/common/util/AuthenticationUtils.java b/orcid-core/src/main/java/org/orcid/core/common/util/AuthenticationUtils.java
@@ -0,0 +1,26 @@
+package org.orcid.core.common.util;
+
+import org.apache.commons.lang3.StringUtils;
+import org.orcid.core.oauth.OrcidProfileUserDetails;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+public class AuthenticationUtils {
+
+    public static String retrieveEffectiveOrcid() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication.getDetails() != null) {
+            if(OrcidProfileUserDetails.class.isAssignableFrom(authentication.getDetails().getClass())) {
+                return ((OrcidProfileUserDetails) authentication.getDetails()).getOrcid();
+            } else {
+                // From the authorization server we will get the effective user from authentication.getName()
+                String orcid = authentication.getName();
+                if(StringUtils.isNotBlank(orcid)) {
+                    return orcid;
+                }
+            }
+        }
+        return null;
+    }
+
+}
diff --git a/orcid-core/src/main/java/org/orcid/core/manager/impl/SourceManagerImpl.java b/orcid-core/src/main/java/org/orcid/core/manager/impl/SourceManagerImpl.java
@@ -4,6 +4,7 @@
 
 import javax.annotation.Resource;
 
+import org.orcid.core.common.util.AuthenticationUtils;
 import org.orcid.core.manager.ClientDetailsManager;
 import org.orcid.core.manager.SourceManager;
 import org.orcid.core.manager.SourceNameCacheManager;
@@ -50,7 +51,7 @@ public String retrieveSourceOrcid() {
             return authorizationRequest.getClientId();
         }
         // Normal web user
-        return retrieveEffectiveOrcid(authentication);
+        return AuthenticationUtils.retrieveEffectiveOrcid();
     }
 
     @Override
@@ -73,7 +74,7 @@ public SourceEntity retrieveSourceEntity() {
 
             return sourceEntity;
         }
-        String userOrcid = retrieveEffectiveOrcid(authentication);
+        String userOrcid = AuthenticationUtils.retrieveEffectiveOrcid();
         if(userOrcid == null){
             // Must be system role
             return null;
@@ -86,25 +87,14 @@ public SourceEntity retrieveSourceEntity() {
         return sourceEntity;
     }
 
-    private String retrieveEffectiveOrcid(Authentication authentication) {
-        if (authentication.getDetails() != null && OrcidProfileUserDetails.class.isAssignableFrom(authentication.getDetails().getClass())) {
-            return ((OrcidProfileUserDetails) authentication.getDetails()).getOrcid();
-        }
-        return null;
-    }
-
-    private String retrieveEffectiveOrcid() {
-        return retrieveEffectiveOrcid(SecurityContextHolder.getContext().getAuthentication());
-    }
-
     @Override
     public boolean isInDelegationMode() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         String realUserOrcid = getRealUserIfInDelegationMode(authentication);
         if (realUserOrcid == null) {
             return false;
         }
-        return !retrieveEffectiveOrcid().equals(realUserOrcid);
+        return !AuthenticationUtils.retrieveEffectiveOrcid().equals(realUserOrcid);
     }
 
     @Override
@@ -124,7 +114,7 @@ public String retrieveRealUserOrcid() {
             return realUserIfInDelegationMode;
         }
         // Normal web user
-        return retrieveEffectiveOrcid(authentication);
+        return AuthenticationUtils.retrieveEffectiveOrcid();
     }
 
     private String getRealUserIfInDelegationMode(Authentication authentication) {

diff --git a/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/SourceManagerImpl.java b/orcid-core/src/main/java/org/orcid/core/manager/v3/impl/SourceManagerImpl.java
@@ -5,6 +5,7 @@
 import javax.annotation.Resource;
 
 import org.apache.commons.lang3.StringUtils;
+import org.orcid.core.common.util.AuthenticationUtils;
 import org.orcid.core.manager.ClientDetailsManager;
 import org.orcid.core.manager.SourceNameCacheManager;
 import org.orcid.core.manager.v3.SourceManager;
@@ -68,7 +69,7 @@ public String retrieveActiveSourceId() {
             return authorizationRequest.getClientId();
         }
         // Normal web user
-        return retrieveEffectiveOrcid(authentication);
+        return AuthenticationUtils.retrieveEffectiveOrcid();
     }
 
     /** This should be used by managers that need active Source information, including OBO.
@@ -106,7 +107,7 @@ public Source retrieveActiveSource() {
             }
             return source;
         }
-        String userOrcid = retrieveEffectiveOrcid(authentication);
+        String userOrcid = AuthenticationUtils.retrieveEffectiveOrcid();
         if(userOrcid == null){
             // Must be system role
             return null;
@@ -137,7 +138,7 @@ public SourceEntity retrieveActiveSourceEntity() {
             sourceEntity.setSourceClient(new ClientDetailsEntity(clientId, clientDetails.getClientName()));            
             return sourceEntity;
         }
-        String userOrcid = retrieveEffectiveOrcid(authentication);
+        String userOrcid = AuthenticationUtils.retrieveEffectiveOrcid();
         if(userOrcid == null){
             // Must be system role
             return null;
@@ -150,25 +151,14 @@ public SourceEntity retrieveActiveSourceEntity() {
         return sourceEntity;
     }
 
-    private String retrieveEffectiveOrcid(Authentication authentication) {
-        if (authentication.getDetails() != null && OrcidProfileUserDetails.class.isAssignableFrom(authentication.getDetails().getClass())) {
-            return ((OrcidProfileUserDetails) authentication.getDetails()).getOrcid();
-        }
-        return null;
-    }
-
-    private String retrieveEffectiveOrcid() {
-        return retrieveEffectiveOrcid(SecurityContextHolder.getContext().getAuthentication());
-    }
-
     @Override
     public boolean isInDelegationMode() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         String realUserOrcid = getRealUserIfInDelegationMode(authentication);
         if (realUserOrcid == null) {
             return false;
         }
-        return !retrieveEffectiveOrcid().equals(realUserOrcid);
+        return !AuthenticationUtils.retrieveEffectiveOrcid().equals(realUserOrcid);
     }
 
     @Override
@@ -188,7 +178,7 @@ public String retrieveRealUserOrcid() {
             return realUserIfInDelegationMode;
         }
         // Normal web user
-        return retrieveEffectiveOrcid(authentication);
+        return AuthenticationUtils.retrieveEffectiveOrcid();
     }
 
     private String getRealUserIfInDelegationMode(Authentication authentication) {

diff --git a/...sistence/src/main/resources/db/updates/oauth2_authoriziation_code_detail_improvements.xml b/...sistence/src/main/resources/db/updates/oauth2_authoriziation_code_detail_improvements.xml
@@ -46,7 +46,7 @@
         </addColumn>
     </changeSet>
 
-    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUHT-CODE-REQ-ID">
+    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUTH-CODE-REQ-ID">
         <preConditions onFail="MARK_RAN">
             <not>
                 <columnExists tableName="oauth2_authoriziation_code_detail" columnName="spring_authorization_code_request_id"/>
@@ -57,7 +57,7 @@
         </addColumn>
     </changeSet>
 
-    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUHT-CODE-EXPIRES-AT">
+    <changeSet author="Angel Montenegro" id="ADD-SPRING-AUTH-CODE-EXPIRES-AT">
         <preConditions onFail="MARK_RAN">
             <not>
                 <columnExists tableName="oauth2_authoriziation_code_detail" columnName="authorization_code_expires_at"/>
@@ -68,4 +68,15 @@
         </addColumn>
     </changeSet>
 
+    <changeSet author="Angel Montenegro" id="ADD-ATTRIBUTES">
+        <preConditions onFail="MARK_RAN">
+            <not>
+                <columnExists tableName="oauth2_authoriziation_code_detail" columnName="attributes"/>
+            </not>
+        </preConditions>
+        <addColumn tableName="oauth2_authoriziation_code_detail">
+            <column name="attributes" type="VARCHAR(4000)" />
+        </addColumn>
+    </changeSet>
+
 </databaseChangeLog>
diff --git a/orcid-web/src/main/java/org/orcid/frontend/spring/configuration/SessionCacheConfig.java b/orcid-web/src/main/java/org/orcid/frontend/spring/configuration/SessionCacheConfig.java
@@ -1,23 +1,35 @@
 package org.orcid.frontend.spring.configuration;
 
+import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
 import org.springframework.data.redis.connection.jedis.JedisClientConfiguration;
 import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
+import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+import org.springframework.session.FlushMode;
+import org.springframework.session.SaveMode;
+import org.springframework.session.data.redis.RedisSessionRepository;
 import org.springframework.session.data.redis.config.ConfigureRedisAction;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
-import redis.clients.jedis.DefaultJedisClientConfig;
-import redis.clients.jedis.JedisClientConfig;
 
 import java.time.Duration;
 
 @Configuration
 @EnableRedisHttpSession
 public class SessionCacheConfig extends AbstractHttpSessionApplicationInitializer {
 
+    @Value("${org.orcid.core.utils.cache.redis.pool.idle.max:30}")
+    private int poolIdleMax;
+    @Value("${org.orcid.core.utils.cache.redis.pool.max:300}")
+    private int poolMax;
+    @Value("${org.orcid.core.utils.cache.redis.pool.wait.millis:2000}")
+    private int poolWaitMillis;
+
     @Value("${org.orcid.core.utils.cache.redis.host}")
     private String host;
     @Value("${org.orcid.core.utils.cache.redis.port}")
@@ -27,7 +39,6 @@ public class SessionCacheConfig extends AbstractHttpSessionApplicationInitialize
     @Value("${org.orcid.core.utils.cache.redis.connection_timeout_millis:10000}")
     private int connectionTimeoutMillis;
 
-
     @Bean
     public JedisConnectionFactory connectionFactory() {
         Duration timeoutDuration = Duration.ofMillis(connectionTimeoutMillis);
@@ -37,8 +48,13 @@ public JedisConnectionFactory connectionFactory() {
         redisStandaloneConfiguration.setPort(port);
         redisStandaloneConfiguration.setPassword(password);
 
+        GenericObjectPoolConfig poolConfig = new GenericObjectPoolConfig();
+        poolConfig.setMaxIdle(this.poolIdleMax);
+        poolConfig.setMaxTotal(this.poolMax);
+        poolConfig.setMaxWaitMillis(this.poolWaitMillis);
+
         JedisClientConfiguration.JedisClientConfigurationBuilder jedisClientConfigurationBuilder = JedisClientConfiguration.builder();
-        jedisClientConfigurationBuilder.useSsl().and().connectTimeout(timeoutDuration).build();
+        jedisClientConfigurationBuilder.useSsl().and().connectTimeout(timeoutDuration).usePooling().poolConfig(poolConfig).build();
 
         return new JedisConnectionFactory(redisStandaloneConfiguration, jedisClientConfigurationBuilder.build());
     }

diff --git a/orcid-web/src/main/java/org/orcid/frontend/spring/session/OrcidRedisSessionRepository.java b/orcid-web/src/main/java/org/orcid/frontend/spring/session/OrcidRedisSessionRepository.java