diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/JDBCSAMLSSOServiceProviderDAOImpl.java b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/JDBCSAMLSSOServiceProviderDAOImpl.java index f69f689c0e10..75fe04279900 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/JDBCSAMLSSOServiceProviderDAOImpl.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/JDBCSAMLSSOServiceProviderDAOImpl.java @@ -41,9 +41,15 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.util.List; +import java.sql.Timestamp; +import java.util.Calendar; +import java.util.Date; +import java.util.TimeZone; + import static org.wso2.carbon.identity.core.util.JdbcUtils.isH2DB; +import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML_SCHEMA_VERSION; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.ID; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.TENANT_ID; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.ISSUER; @@ -73,12 +79,18 @@ import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.IDP_ENTITY_ID_ALIAS; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.ISSUER_QUALIFIER; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES; +import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.VERSION; +import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.CREATED_AT; +import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.UPDATED_AT; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.PROPERTY_NAME; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.PROPERTY_VALUE; import static org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderConstants.SAML2TableColumns.SP_ID; +import static java.time.ZoneOffset.UTC; + public class JDBCSAMLSSOServiceProviderDAOImpl implements SAMLSSOServiceProviderDAO { + private static final Calendar CALENDAR = Calendar.getInstance(TimeZone.getTimeZone(UTC)); private static final Log log = LogFactory.getLog(JDBCSAMLSSOServiceProviderDAOImpl.class); private int tenantId; private static final String CERTIFICATE_PROPERTY_NAME = "CERTIFICATE"; @@ -379,7 +391,7 @@ private void addProperties(int serviceProviderId, SAMLSSOServiceProviderDO servi serviceProviderDO.addMultiValuedProperties(properties); } - private void setServiceProviderParameters(NamedPreparedStatement statement, + private void setUpdateServiceProviderParameters(NamedPreparedStatement statement, SAMLSSOServiceProviderDO serviceProviderDO) throws SQLException { statement.setInt(TENANT_ID, tenantId); @@ -412,6 +424,45 @@ private void setServiceProviderParameters(NamedPreparedStatement statement, statement.setString(ISSUER_QUALIFIER, serviceProviderDO.getIssuerQualifier()); statement.setString(SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES, serviceProviderDO.getSupportedAssertionQueryRequestTypes()); + statement.setTimeStamp(UPDATED_AT, new Timestamp(new Date().getTime()), CALENDAR); + } + + private void setServiceProviderParameters(NamedPreparedStatement statement, + SAMLSSOServiceProviderDO serviceProviderDO) throws SQLException { + Timestamp currentTime = new Timestamp(new Date().getTime()); + statement.setInt(TENANT_ID, tenantId); + statement.setString(ISSUER, serviceProviderDO.getIssuer()); + statement.setString(DEFAULT_ASSERTION_CONSUMER_URL, serviceProviderDO.getDefaultAssertionConsumerUrl()); + statement.setString(NAME_ID_FORMAT, serviceProviderDO.getNameIDFormat()); + statement.setString(CERT_ALIAS, serviceProviderDO.getCertAlias()); + statement.setBoolean(REQ_SIG_VALIDATION, serviceProviderDO.isDoValidateSignatureInRequests()); + statement.setBoolean(SIGN_RESPONSE, serviceProviderDO.isDoSignResponse()); + statement.setBoolean(SIGN_ASSERTIONS, serviceProviderDO.isDoSignAssertions()); + statement.setString(SIGNING_ALGO, serviceProviderDO.getSigningAlgorithmUri()); + statement.setString(DIGEST_ALGO, serviceProviderDO.getDigestAlgorithmUri()); + statement.setBoolean(ENCRYPT_ASSERTION, serviceProviderDO.isDoEnableEncryptedAssertion()); + statement.setString(ASSERTION_ENCRYPTION_ALGO, serviceProviderDO.getAssertionEncryptionAlgorithmUri()); + statement.setString(KEY_ENCRYPTION_ALGO, serviceProviderDO.getKeyEncryptionAlgorithmUri()); + statement.setBoolean(ATTR_PROFILE_ENABLED, serviceProviderDO.isEnableAttributesByDefault()); + statement.setString(ATTR_SERVICE_INDEX, serviceProviderDO.getAttributeConsumingServiceIndex()); + statement.setBoolean(SLO_PROFILE_ENABLED, serviceProviderDO.isDoSingleLogout()); + statement.setString(SLO_METHOD, serviceProviderDO.getSingleLogoutMethod()); + statement.setString(SLO_RESPONSE_URL, serviceProviderDO.getSloResponseURL()); + statement.setString(SLO_REQUEST_URL, serviceProviderDO.getSloRequestURL()); + statement.setBoolean(IDP_INIT_SSO_ENABLED, serviceProviderDO.isIdPInitSSOEnabled()); + statement.setBoolean(IDP_INIT_SLO_ENABLED, serviceProviderDO.isIdPInitSLOEnabled()); + statement.setBoolean(QUERY_REQUEST_PROFILE_ENABLED, serviceProviderDO.isAssertionQueryRequestProfileEnabled()); + statement.setBoolean(ECP_ENABLED, serviceProviderDO.isSamlECP()); + statement.setBoolean(ARTIFACT_BINDING_ENABLED, serviceProviderDO.isEnableSAML2ArtifactBinding()); + statement.setBoolean(ARTIFACT_RESOLVE_REQ_SIG_VALIDATION, + serviceProviderDO.isDoValidateSignatureInArtifactResolve()); + statement.setString(IDP_ENTITY_ID_ALIAS, serviceProviderDO.getIdpEntityIDAlias()); + statement.setString(ISSUER_QUALIFIER, serviceProviderDO.getIssuerQualifier()); + statement.setString(SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES, + serviceProviderDO.getSupportedAssertionQueryRequestTypes()); + statement.setString(VERSION, SAML_SCHEMA_VERSION); + statement.setTimeStamp(CREATED_AT, currentTime, CALENDAR); + statement.setTimeStamp(UPDATED_AT, currentTime, CALENDAR); } private int processGetServiceProviderId(String issuer) throws DataAccessException { @@ -462,7 +513,7 @@ private void processUpdateServiceProvider(SAMLSSOServiceProviderDO serviceProvid namedJdbcTemplate.executeUpdate(SAMLSSOServiceProviderConstants.SQLQueries.UPDATE_SAML2_SSO_CONFIG, namedPreparedStatement -> { namedPreparedStatement.setInt(ID, serviceProviderId); - setServiceProviderParameters(namedPreparedStatement, serviceProviderDO); + setUpdateServiceProviderParameters(namedPreparedStatement, serviceProviderDO); }); } diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderConstants.java b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderConstants.java index 6d40e08bf15e..9d67004c7dc3 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderConstants.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderConstants.java @@ -21,6 +21,7 @@ public class SAMLSSOServiceProviderConstants { public static final String SAML_STORAGE_CONFIG = "DataStorageType.SAML"; + public static final String SAML_SCHEMA_VERSION = "1.0.0"; public enum MultiValuedPropertyKey { ASSERTION_CONSUMER_URLS("ASSERTION_CONSUMER_URLS"), @@ -80,6 +81,9 @@ private SAML2TableColumns() { public static final String ISSUER_QUALIFIER = "ISSUER_QUALIFIER"; public static final String SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES = "SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES"; public static final String TENANT_ID = "TENANT_ID"; + public static final String VERSION = "VERSION"; + public static final String CREATED_AT = "CREATED_AT"; + public static final String UPDATED_AT = "UPDATED_AT"; // IDN_SAML2_SP_PROPERTIES table public static final String PROPERTY_NAME = "PROPERTY_NAME"; @@ -102,7 +106,7 @@ private SQLQueries() { "SLO_PROFILE_ENABLED, SLO_METHOD, SLO_RESPONSE_URL, SLO_REQUEST_URL, IDP_INIT_SSO_ENABLED, " + "IDP_INIT_SLO_ENABLED, QUERY_REQUEST_PROFILE_ENABLED, ECP_ENABLED, ARTIFACT_BINDING_ENABLED, " + "ARTIFACT_RESOLVE_REQ_SIG_VALIDATION, IDP_ENTITY_ID_ALIAS, ISSUER_QUALIFIER, " + - "SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES, TENANT_ID) " + + "SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES, TENANT_ID, VERSION, CREATED_AT, UPDATED_AT) " + "VALUES (:ISSUER;, :DEFAULT_ASSERTION_CONSUMER_URL;, :NAME_ID_FORMAT;, :CERT_ALIAS;, " + ":REQ_SIG_VALIDATION;, :SIGN_RESPONSE;, :SIGN_ASSERTIONS;, :SIGNING_ALGO;, :DIGEST_ALGO;, " + ":ENCRYPT_ASSERTION;, :ASSERTION_ENCRYPTION_ALGO;, :KEY_ENCRYPTION_ALGO;, " + @@ -110,7 +114,7 @@ private SQLQueries() { ":SLO_RESPONSE_URL;, :SLO_REQUEST_URL;, :IDP_INIT_SSO_ENABLED;, :IDP_INIT_SLO_ENABLED;, " + ":QUERY_REQUEST_PROFILE_ENABLED;, :ECP_ENABLED;, :ARTIFACT_BINDING_ENABLED;, " + ":ARTIFACT_RESOLVE_REQ_SIG_VALIDATION;, :IDP_ENTITY_ID_ALIAS;, :ISSUER_QUALIFIER;, " + - ":SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES;, :TENANT_ID;)"; + ":SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES;, :TENANT_ID;, :VERSION;, :CREATED_AT;, :UPDATED_AT;)"; public static final String UPDATE_SAML2_SSO_CONFIG = "UPDATE IDN_SAML2_SERVICE_PROVIDER " + @@ -129,7 +133,8 @@ private SQLQueries() { "ECP_ENABLED = :ECP_ENABLED;, ARTIFACT_BINDING_ENABLED = :ARTIFACT_BINDING_ENABLED;, " + "ARTIFACT_RESOLVE_REQ_SIG_VALIDATION = :ARTIFACT_RESOLVE_REQ_SIG_VALIDATION;, " + "IDP_ENTITY_ID_ALIAS = :IDP_ENTITY_ID_ALIAS;, ISSUER_QUALIFIER = :ISSUER_QUALIFIER;, " + - "SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES = :SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES; " + + "SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES = :SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES;, " + + "UPDATED_AT = :UPDATED_AT;" + "WHERE ID = :ID; AND TENANT_ID = :TENANT_ID;"; public static final String DELETE_SAML2_SSO_CONFIG_BY_ISSUER = diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/dbscripts/h2.sql b/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/dbscripts/h2.sql index d4096e5bfec2..224c8e2144ae 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/dbscripts/h2.sql +++ b/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/dbscripts/h2.sql @@ -1,1220 +1,3 @@ -CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR (20), - PRIMARY KEY (PRODUCT_NAME) -); - -INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR (255), - CONSUMER_SECRET VARCHAR (2048), - USERNAME VARCHAR (255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR (255), - OAUTH_VERSION VARCHAR (128), - CALLBACK_URL VARCHAR (2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (TENANT_ID, CONSUMER_KEY), - PRIMARY KEY (ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR (512), - REQUEST_TOKEN_SECRET VARCHAR (512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR (2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR (128), - OAUTH_VERIFIER VARCHAR (512), - AUTHZ_USER VARCHAR (512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR (512), - ACCESS_TOKEN_SECRET VARCHAR (512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR (2048), - REFRESH_TOKEN VARCHAR (2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP DEFAULT 0, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR (32), - TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR (512), - REFRESH_TOKEN_HASH VARCHAR (512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - CONSENTED_TOKEN VARCHAR(6), - AUTHORIZED_ORGANIZATION VARCHAR(36) DEFAULT 'NONE' NOT NULL, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (TOKEN_ID,TOKEN_BINDING_TYPE,TOKEN_BINDING_VALUE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY(ID) -); - - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR (2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR (2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR (255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR (512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - QUANTIFIER INTEGER NOT NULL DEFAULT 0, - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL, - EXPIRY_TIME TIMESTAMP NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - SUBJECT_IDENTIFIER VARCHAR(255), - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - CONSTRAINT USRCDE_QNTFR_CONSTRAINT UNIQUE (USER_CODE, QUANTIFIER), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID), - UNIQUE (NAME, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE), - PRIMARY KEY (ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - AUDIENCE_REF_ID INTEGER DEFAULT -1 NOT NULL, - UNIQUE(TENANT_ID, ROLE_NAME, ATTR_NAME, AUDIENCE_REF_ID), - PRIMARY KEY (ID) -); - - - -CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) -); - -CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) -); - -CREATE TABLE IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) -); - -CREATE TABLE IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) -); - -CREATE TABLE IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) -); - -CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) -); - -CREATE TABLE IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) -); - - -CREATE TABLE IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) -); - -CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - -CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID), - PRIMARY KEY (ID)); - -CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE)); - -CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - `VALUE` VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, `VALUE`) - ); - -CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID)); - -ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); -ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - -CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - `VALUE` VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - -ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID)); - -ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID)); - -ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - -ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID)); - -ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - -ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - -ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - -ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - -CREATE TABLE SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - -CREATE TABLE IF NOT EXISTS SP_TRUSTED_APPS ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER NOT NULL, - PLATFORM_TYPE VARCHAR(255) NOT NULL, - APP_IDENTIFIER VARCHAR(255) NOT NULL, - THUMBPRINTS VARCHAR(2048), - IS_FIDO_TRUSTED BOOLEAN DEFAULT FALSE, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - UNIQUE (SP_ID, PLATFORM_TYPE), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP DEFAULT 0, - EXPIRE_TIME TIMESTAMP DEFAULT 0, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - -CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR(1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR(1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) -); - -CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_GROUP ( - ID INTEGER AUTO_INCREMENT NOT NULL, - IDP_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - GROUP_NAME VARCHAR(255) NOT NULL, - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (IDP_ID, GROUP_NAME), - UNIQUE (UUID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - `VALUE` VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE VARCHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); - -CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); - -CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(200) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(2048) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(200) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE)); - -CREATE TABLE IF NOT EXISTS IDN_RECOVERY_FLOW_DATA ( - RECOVERY_FLOW_ID VARCHAR(255) NOT NULL, - CODE VARCHAR(255), - FAILED_ATTEMPTS INTEGER DEFAULT 0 NOT NULL, - RESEND_COUNT INTEGER DEFAULT 0 NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(RECOVERY_FLOW_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - RECOVERY_FLOW_ID VARCHAR(255), - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - FOREIGN KEY (RECOVERY_FLOW_ID) REFERENCES IDN_RECOVERY_FLOW_DATA(RECOVERY_FLOW_ID) ON DELETE CASCADE, - UNIQUE(CODE) -); - -CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) -); - -CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) -); - -CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) -); - -CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255), - TENANT_ID INTEGER NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID, TENANT_ID) -); - - -CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (TENANT_ID, CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(TENANT_ID, CONSUMER_KEY) ON DELETE CASCADE -); -CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0', - `VALUE` VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (TENANT_ID, CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(TENANT_ID, CONSUMER_KEY) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE, - PRIMARY KEY (ID) -); - -CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TENANT_ID INTEGER NOT NULL DEFAULT 0, - IDP_ID INTEGER NOT NULL DEFAULT 0, - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE, - PRIMARY KEY (ID), - UNIQUE (IDP_SESSION_ID, TENANT_ID, IDP_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) -); - -INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES -('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), -('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), -('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'), -('669b99ca-cdb0-44a6-8cae-babed3b585df', 'Publisher', 'A resource type to keep the event publisher configurations'), -('73f6d9ca-62f4-4566-bab9-2a930ae51ba8', 'BRANDING_PREFERENCES', 'A resource type to keep the tenant branding preferences'), -('8469a176-3e6c-438a-ba01-71e9077072fa', 'APPLICATION_BRANDING_PREFERENCES', 'A resource type to keep the application branding preferences'), -('899c69b2-8bf7-46b5-9666-f7f99f90d6cc', 'fido-config', 'A resource type to store FIDO authenticator related preferences'), -('7f24050f-3e3d-4a00-b10f-fd5450d6523e', 'input-validation-configurations', 'A resource type to store input validation related configurations'), -('f4e83b8a-d1c4-a0d6-03a7-d48e268c60c5', 'PK_JWT_CONFIGURATION', 'A resource type to keep the tenant private key jwt configuration.'), -('9ec61e9d-f0e6-4952-9a09-ab842aeb2db2', 'ATTRIBUTE_CONFIGURATION', 'A resource type to store attribute related configurations.'), -('132b0ee6-43e0-462d-8b4b-15b68109d71d', 'ORGANIZATION_CONFIGURATION', 'A resource type to keep the organization configurations.'), -('1fc809a0-dc0d-4cb2-82f3-58934d389236', 'CUSTOM_TEXT', 'A resource type to keep the tenant custom text preferences.'), -('c385a42a-5697-4604-b49a-62456621e926', 'DCR_CONFIGURATION', 'A resource type to keep the DCR configurations.'), -('3e5b1f91-72d8-4fbc-94d1-1b9a4f8c3b07', 'IMPERSONATION_CONFIGURATION', 'A resource type to keep the tenant impersonation preferences.'); - -CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - NAME VARCHAR(255) NOT NULL, - CREATED_TIME TIMESTAMP NOT NULL, - LAST_MODIFIED TIMESTAMP NOT NULL, - HAS_FILE BOOLEAN NOT NULL, - HAS_ATTRIBUTE BOOLEAN NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - UNIQUE (NAME, TENANT_ID, TYPE_ID), - PRIMARY KEY (ID) -); -ALTER TABLE IDN_CONFIG_RESOURCE -ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES IDN_CONFIG_TYPE (ID) -ON DELETE CASCADE ON UPDATE CASCADE; - -CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( - ID VARCHAR(255) NOT NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - ATTR_KEY VARCHAR(255) NOT NULL, - ATTR_VALUE VARCHAR(1023) NULL, - PRIMARY KEY (ID), - UNIQUE (RESOURCE_ID, ATTR_KEY) -); -ALTER TABLE IDN_CONFIG_ATTRIBUTE -ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES -IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - -CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( - ID VARCHAR(255) NOT NULL, - `VALUE` BLOB NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NULL, - PRIMARY KEY (ID) -); -ALTER TABLE IDN_CONFIG_FILE -ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES -IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - -CREATE TABLE IF NOT EXISTS IDN_REMOTE_FETCH_CONFIG ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - IS_ENABLED CHAR(1) NOT NULL, - REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, - ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, - CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, - REMOTE_FETCH_NAME VARCHAR(255), - REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, - ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) -); - -CREATE TABLE IF NOT EXISTS IDN_REMOTE_FETCH_REVISIONS ( - ID VARCHAR(255) NOT NULL, - CONFIG_ID VARCHAR(255) NOT NULL, - FILE_PATH VARCHAR(255) NOT NULL, - FILE_HASH VARCHAR(255), - DEPLOYED_DATE TIMESTAMP, - LAST_SYNC_TIME TIMESTAMP, - DEPLOYMENT_STATUS VARCHAR(255), - ITEM_NAME VARCHAR(255), - DEPLOY_ERR_LOG MEDIUMTEXT, - PRIMARY KEY (ID), - FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, - CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) -); - - -CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, - FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, - FUNCTIONALITY_LOCK_REASON VARCHAR(1023), - FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - PROPERTY_NAME VARCHAR(255), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) -); - -CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( - ID INT NOT NULL AUTO_INCREMENT, - TENANT_ID INT NOT NULL, - ORIGIN VARCHAR(2048) NOT NULL, - UUID CHAR(36) NOT NULL, - - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, ORIGIN), - UNIQUE (UUID) -); - -CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( - IDN_CORS_ORIGIN_ID INT NOT NULL, - SP_APP_ID INT NOT NULL, - - PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), - FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, - FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_USER_CONSENT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - APP_ID CHAR(36) NOT NULL, - TENANT_ID INTEGER NOT NULL DEFAULT -1, - CONSENT_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, - UNIQUE (USER_ID, APP_ID, TENANT_ID), - UNIQUE (CONSENT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_USER_CONSENTED_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSENT_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE VARCHAR(255) NOT NULL, - CONSENT BOOLEAN NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (CONSENT_ID) REFERENCES IDN_OAUTH2_USER_CONSENT(CONSENT_ID) ON DELETE CASCADE, - UNIQUE (CONSENT_ID, SCOPE) -); - -CREATE TABLE IF NOT EXISTS IDN_SECRET_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT SECRET_TYPE_NAME_CONSTRAINT UNIQUE (NAME) -); - -INSERT INTO IDN_SECRET_TYPE (ID, NAME, DESCRIPTION) VALUES -('1358bdbf-e0cc-4268-a42c-c3e0960e13f0', 'ADAPTIVE_AUTH_CALL_CHOREO', 'Secret type to uniquely identify secrets relevant to callChoreo adaptive auth function'), -('c508ca28-60c0-4493-a758-77e4173ffdb9', 'IDP_SECRET_PROPERTIES', 'Secret type to uniquely identify secrets relevant to identity providers'), -('433df096-62b7-4a36-b3eb-1bed9150ed35', 'IDVP_SECRET_PROPERTIES', 'Secret type to uniquely identify secrets relevant to identity verification providers'), -('29d0c37d-139a-4b1e-a343-7b8d26f0a2a9', 'ANDROID_ATTESTATION_CREDENTIALS', 'Secret type to uniquely identify secrets relevant to android client attestation credentials'), -('33f0a41b-569d-4ea5-a891-6c0e78a1c3b0', 'ACTION_API_ENDPOINT_AUTH_SECRETS', 'Secret type to uniquely identify secrets relevant to action endpoint authentication properties'); - -CREATE TABLE IF NOT EXISTS IDN_SECRET ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - SECRET_NAME VARCHAR(1023) NOT NULL, - SECRET_VALUE VARCHAR(8000) NOT NULL, - CREATED_TIME TIMESTAMP NOT NULL, - LAST_MODIFIED TIMESTAMP NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - KEY_ID VARCHAR(255) NULL, - PRIMARY KEY (ID), - FOREIGN KEY (TYPE_ID) REFERENCES IDN_SECRET_TYPE(ID) ON DELETE CASCADE, - UNIQUE (SECRET_NAME, TENANT_ID, TYPE_ID) -); - -CREATE TABLE IF NOT EXISTS SP_SHARED_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - MAIN_APP_ID CHAR(36) NOT NULL, - OWNER_ORG_ID CHAR(36) NOT NULL, - SHARED_APP_ID CHAR(36) NOT NULL, - SHARED_ORG_ID CHAR(36) NOT NULL, - SHARE_WITH_ALL_CHILDREN BOOLEAN DEFAULT FALSE, - PRIMARY KEY (ID), - FOREIGN KEY (MAIN_APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, - FOREIGN KEY (SHARED_APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE, - UNIQUE (MAIN_APP_ID, OWNER_ORG_ID, SHARED_ORG_ID), - UNIQUE (SHARED_APP_ID) -); - -CREATE TABLE IF NOT EXISTS IDVP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID CHAR(36) NOT NULL, - TENANT_ID INTEGER NOT NULL, - IDVP_TYPE VARCHAR(254), - NAME VARCHAR(254), - DESCRIPTION VARCHAR(1024), - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) -); - -CREATE TABLE IF NOT EXISTS IDVP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - IDVP_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - CLAIM VARCHAR(254), - LOCAL_CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDVP_ID, CLAIM, TENANT_ID), - FOREIGN KEY (IDVP_ID) REFERENCES IDVP(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDVP_CONFIG ( - ID INTEGER NOT NULL AUTO_INCREMENT, - IDVP_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(254) NOT NULL, - PROPERTY_VALUE VARCHAR(1024), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDVP_ID, PROPERTY_KEY, TENANT_ID), - FOREIGN KEY (IDVP_ID) REFERENCES IDVP(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDV_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID CHAR(36) NOT NULL, - USER_ID VARCHAR(254) NOT NULL, - CLAIM_URI VARCHAR(254), - IDVP_ID CHAR(36) NOT NULL, - TENANT_ID INTEGER NOT NULL, - IS_VERIFIED CHAR(1) NOT NULL DEFAULT '0', - METADATA BLOB, - PRIMARY KEY (ID), - UNIQUE (CLAIM_URI, TENANT_ID, USER_ID, IDVP_ID), - UNIQUE (UUID), - FOREIGN KEY (IDVP_ID) REFERENCES IDVP(UUID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH_PAR ( - REQ_URI_REF VARCHAR(255) PRIMARY KEY, - CLIENT_ID VARCHAR(255) NOT NULL, - SCHEDULED_EXPIRY BIGINT NOT NULL, - PARAMETERS MEDIUMTEXT -); - CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ID INTEGER NOT NULL AUTO_INCREMENT, ISSUER VARCHAR(255) NOT NULL, @@ -1245,6 +28,9 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT DATETIME NOT NULL, + UPDATED_AT DATETIME NOT NULL, PRIMARY KEY (ID) ); @@ -1257,405 +43,6 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SP_PROPERTIES ( FOREIGN KEY (SP_ID) REFERENCES IDN_SAML2_SERVICE_PROVIDER (ID) ON DELETE CASCADE ); -CREATE TABLE IF NOT EXISTS IDN_ORG_USER_INVITATION ( - ID INTEGER NOT NULL AUTO_INCREMENT, - INVITATION_ID VARCHAR(40) NOT NULL, - CONFIRMATION_CODE VARCHAR(40) NOT NULL, - USER_NAME VARCHAR(254) NOT NULL, - DOMAIN_NAME VARCHAR(254) NOT NULL, - EMAIL VARCHAR(254) NOT NULL, - USER_ORG_ID VARCHAR(254) NOT NULL, - INVITED_ORG_ID VARCHAR(254) NOT NULL, - USER_REDIRECT_URL VARCHAR(1024) NOT NULL, - STATUS VARCHAR(10) NOT NULL, - CREATED_AT TIMESTAMP NOT NULL, - EXPIRED_AT TIMESTAMP NOT NULL, - PRIMARY KEY (INVITATION_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_ORG_USER_INVITE_ASSIGNMENT( - ID INTEGER NOT NULL AUTO_INCREMENT, - INVITATION_ID VARCHAR(40) NOT NULL, - ASSIGNMENT_ID VARCHAR(255) NOT NULL, - ASSIGNMENT_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (INVITATION_ID, ASSIGNMENT_ID, ASSIGNMENT_TYPE), - FOREIGN KEY (INVITATION_ID) REFERENCES IDN_ORG_USER_INVITATION(INVITATION_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS API_RESOURCE ( - ID CHAR(36) NOT NULL PRIMARY KEY, - CURSOR_KEY INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - IDENTIFIER VARCHAR(255) NOT NULL, - TENANT_ID INT, - DESCRIPTION VARCHAR(255), - TYPE VARCHAR(255) NOT NULL, - REQUIRES_AUTHORIZATION BOOLEAN NOT NULL -); - -CREATE TABLE IF NOT EXISTS API_RESOURCE_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - API_ID CHAR(36) NOT NULL, - NAME VARCHAR(255) NOT NULL, - `VALUE` VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT API_RESOURCE_PROPERTY_CONSTRAINT UNIQUE (API_ID, NAME), - FOREIGN KEY (API_ID) REFERENCES API_RESOURCE(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS SCOPE ( - ID CHAR(36) NOT NULL PRIMARY KEY, - CURSOR_KEY INTEGER NOT NULL AUTO_INCREMENT, - API_ID CHAR(36) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - TENANT_ID INT, - DESCRIPTION VARCHAR(300), - FOREIGN KEY (API_ID) REFERENCES API_RESOURCE(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS APP_ROLE_ASSOCIATION ( - APP_ID CHAR(36) NOT NULL, - ROLE_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (APP_ID, ROLE_ID), - FOREIGN KEY (APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS ROLE_SCOPE ( - ROLE_ID VARCHAR(255) NOT NULL, - SCOPE_ID CHAR(36) NOT NULL, - PRIMARY KEY (ROLE_ID, SCOPE_ID), - FOREIGN KEY (SCOPE_ID) REFERENCES SCOPE(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS AUTHORIZED_API( - APP_ID CHAR(36) NOT NULL, - API_ID CHAR(36) NOT NULL, - POLICY_ID VARCHAR(255) NOT NULL, - CONSTRAINT PK_APP_API PRIMARY KEY (APP_ID, API_ID), - FOREIGN KEY (API_ID) REFERENCES API_RESOURCE(ID) ON DELETE CASCADE, - FOREIGN KEY (APP_ID) REFERENCES SP_APP(UUID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS AUTHORIZED_SCOPE( - APP_ID CHAR(36) NOT NULL, - API_ID CHAR(36) NOT NULL, - SCOPE_ID CHAR(36) NOT NULL, - CONSTRAINT PK_APP_API_SCOPE PRIMARY KEY (APP_ID, API_ID, SCOPE_ID), - FOREIGN KEY (API_ID) REFERENCES API_RESOURCE(ID), - FOREIGN KEY (SCOPE_ID) REFERENCES SCOPE(ID) ON DELETE CASCADE, - FOREIGN KEY (APP_ID) REFERENCES SP_APP(UUID), - FOREIGN KEY (APP_ID, API_ID) REFERENCES AUTHORIZED_API(APP_ID, API_ID) ON DELETE CASCADE, - CONSTRAINT AUTHORIZED_SCOPE_UNIQUE UNIQUE (APP_ID, SCOPE_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_NOTIFICATION_TYPE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TYPE_KEY VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - CHANNEL VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT NOTIFICATION_TYPE_KEY_CONSTRAINT UNIQUE (TYPE_KEY, CHANNEL, TENANT_ID), - CONSTRAINT NOTIFICATION_TYPE_NAME_CONSTRAINT UNIQUE (NAME, CHANNEL, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_NOTIFICATION_ORG_TEMPLATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TEMPLATE_KEY VARCHAR(50) NOT NULL, - LOCALE VARCHAR(50) NOT NULL, - SUBJECT VARCHAR(4000), - BODY MEDIUMTEXT, - FOOTER MEDIUMTEXT, - CONTENT_TYPE VARCHAR(50), - TYPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (TYPE_ID) REFERENCES IDN_NOTIFICATION_TYPE(ID) ON DELETE CASCADE, - CONSTRAINT ORG_NOTIFICATION_TEMPLATE_KEY_CONSTRAINT UNIQUE (TEMPLATE_KEY, TYPE_ID, TENANT_ID), - CONSTRAINT ORG_NOTIFICATION_TEMPLATE_LOCALE_CONSTRAINT UNIQUE (LOCALE, TYPE_ID, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_NOTIFICATION_APP_TEMPLATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TEMPLATE_KEY VARCHAR(50) NOT NULL, - LOCALE VARCHAR(50) NOT NULL, - SUBJECT VARCHAR(4000), - BODY MEDIUMTEXT, - FOOTER MEDIUMTEXT, - CONTENT_TYPE VARCHAR(50), - TYPE_ID INTEGER NOT NULL, - APP_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (TYPE_ID) REFERENCES IDN_NOTIFICATION_TYPE(ID) ON DELETE CASCADE, - CONSTRAINT APP_NOTIFICATION_TEMPLATE_KEY_CONSTRAINT UNIQUE (TEMPLATE_KEY, TYPE_ID, APP_ID, TENANT_ID), - CONSTRAINT APP_NOTIFICATION_TEMPLATE_LOCALE_CONSTRAINT UNIQUE (LOCALE, TYPE_ID, APP_ID, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_ACTION ( - UUID CHAR(36) NOT NULL, - TYPE VARCHAR(50) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(255), - STATUS VARCHAR(10) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (UUID) -); - -CREATE TABLE IF NOT EXISTS IDN_ACTION_ENDPOINT ( - ACTION_UUID CHAR(36) NOT NULL, - PROPERTY_NAME VARCHAR(100) NOT NULL, - PROPERTY_VALUE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ACTION_UUID, PROPERTY_NAME), - FOREIGN KEY (ACTION_UUID) REFERENCES IDN_ACTION(UUID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - APP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT TOKEN_CLAIMS_CONSTRAINT UNIQUE (APP_ID, CLAIM_URI), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_CONFIG ( - CONFIG_KEY VARCHAR(255) NOT NULL, - CONFIG_VALUE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (TENANT_ID, CONFIG_KEY) -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY ( - POLICY_ID VARCHAR(255) NOT NULL, - VERSION INTEGER NOT NULL, - IS_IN_PAP BOOLEAN NOT NULL DEFAULT TRUE, - IS_IN_PDP BOOLEAN NOT NULL DEFAULT FALSE, - POLICY CLOB NOT NULL, - IS_ACTIVE BOOLEAN NOT NULL DEFAULT FALSE, - POLICY_TYPE VARCHAR(255) NOT NULL, - POLICY_EDITOR VARCHAR(255), - POLICY_ORDER INTEGER NOT NULL, - LAST_MODIFIED_TIME TIMESTAMP NOT NULL, - LAST_MODIFIED_USER VARCHAR(255), - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (POLICY_ID, VERSION, TENANT_ID), - CONSTRAINT IDN_XACML_POLICY_KEY_CONSTRAINT UNIQUE (POLICY_ID, VERSION, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY_ATTRIBUTE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - ATTRIBUTE_ID VARCHAR(255) NOT NULL, - ATTRIBUTE_VALUE VARCHAR(255) NOT NULL, - DATA_TYPE VARCHAR(255) NOT NULL, - CATEGORY VARCHAR(255) NOT NULL, - POLICY_ID VARCHAR(255) NOT NULL, - VERSION INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (POLICY_ID, VERSION, TENANT_ID) REFERENCES IDN_XACML_POLICY (POLICY_ID, VERSION, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY_EDITOR_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - DATA VARCHAR(500), - DATA_ORDER INTEGER NOT NULL, - POLICY_ID VARCHAR(255) NOT NULL, - VERSION INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (POLICY_ID, VERSION, TENANT_ID) REFERENCES IDN_XACML_POLICY (POLICY_ID, VERSION, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY_REFERENCE ( - REFERENCE VARCHAR(255) NOT NULL, - POLICY_ID VARCHAR(255) NOT NULL, - VERSION INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (REFERENCE, POLICY_ID, VERSION, TENANT_ID), - FOREIGN KEY (POLICY_ID, VERSION, TENANT_ID) REFERENCES IDN_XACML_POLICY (POLICY_ID, VERSION, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY_SET_REFERENCE ( - SET_REFERENCE VARCHAR(255) NOT NULL, - POLICY_ID VARCHAR(255) NOT NULL, - VERSION INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (SET_REFERENCE, POLICY_ID, VERSION, TENANT_ID), - FOREIGN KEY (POLICY_ID, VERSION, TENANT_ID) REFERENCES IDN_XACML_POLICY (POLICY_ID, VERSION, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_SUBSCRIBER ( - SUBSCRIBER_ID VARCHAR(255) NOT NULL, - ENTITLEMENT_MODULE_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID, TENANT_ID), - CONSTRAINT IDN_XACML_SUBSCRIBER_KEY_CONSTRAINT UNIQUE (SUBSCRIBER_ID, TENANT_ID) -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_SUBSCRIBER_PROPERTY ( - PROPERTY_ID VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2000) NOT NULL, - IS_REQUIRED BOOLEAN NOT NULL DEFAULT FALSE, - DISPLAY_ORDER INTEGER NOT NULL, - IS_SECRET BOOLEAN NOT NULL DEFAULT FALSE, - PROPERTY_MODULE VARCHAR(255), - SUBSCRIBER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (PROPERTY_ID, SUBSCRIBER_ID, TENANT_ID), - FOREIGN KEY (SUBSCRIBER_ID, TENANT_ID) REFERENCES IDN_XACML_SUBSCRIBER (SUBSCRIBER_ID, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_SUBSCRIBER_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TYPE VARCHAR(255) NOT NULL, - IS_SUCCESS BOOLEAN NOT NULL DEFAULT FALSE, - USERNAME VARCHAR(255) NOT NULL, - TARGET VARCHAR(255) NOT NULL, - TARGET_ACTION VARCHAR(255) NOT NULL, - LOGGED_AT TIMESTAMP NOT NULL, - MESSAGE VARCHAR(255) NULL, - SUBSCRIBER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SUBSCRIBER_ID, TENANT_ID) REFERENCES IDN_XACML_SUBSCRIBER (SUBSCRIBER_ID, TENANT_ID) ON DELETE CASCADE -); - -CREATE TABLE IF NOT EXISTS IDN_XACML_POLICY_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TYPE VARCHAR(255) NOT NULL, - IS_SUCCESS BOOLEAN NOT NULL DEFAULT FALSE, - USERNAME VARCHAR(255) NOT NULL, - TARGET VARCHAR(255) NOT NULL, - TARGET_ACTION VARCHAR(255) NOT NULL, - LOGGED_AT TIMESTAMP NOT NULL, - MESSAGE VARCHAR(255) NULL, - POLICY_ID VARCHAR(255) NOT NULL, - POLICY_VERSION INTEGER NOT NULL DEFAULT -1, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID) -); - --- --------------------------- INDEX CREATION ----------------------------- --- IDN_OAUTH2_ACCESS_TOKEN -- -CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); -CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); -CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); -CREATE INDEX IDX_AT_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); -CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); -CREATE INDEX IDX_AT_RT ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN); -CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE); - --- IDN_OAUTH2_AUTHORIZATION_CODE -- -CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); -CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); -CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); -CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); -CREATE INDEX IDX_AC_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(AUTHORIZATION_CODE, CONSUMER_KEY_ID); -CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - --- IDN_SCIM_GROUP -- -CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); -CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME); - --- IDN_AUTH_SESSION_STORE -- -CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); -CREATE INDEX IDX_IDN_AUTH_SSTR_ST_OP_ID_TM ON IDN_AUTH_SESSION_STORE (OPERATION, SESSION_TYPE, SESSION_ID, TIME_CREATED); -CREATE INDEX IDX_IDN_AUTH_SSTR_ET_ID ON IDN_AUTH_SESSION_STORE (EXPIRY_TIME, SESSION_ID); - --- IDN_AUTH_TEMP_SESSION_STORE -- -CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - --- IDN_OIDC_SCOPE_CLAIM_MAPPING -- -CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - --- IDN_OAUTH2_SCOPE -- -CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - --- IDN_OAUTH2_SCOPE_BINDING -- -CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - --- IDN_OIDC_REQ_OBJECT_REFERENCE -- -CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - --- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- -CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - --- SP_TEMPLATE -- -CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - --- IDN_AUTH_USER -- -CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); -CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - --- IDN_AUTH_USER_SESSION_MAPPING -- -CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); -CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - --- IDN_AUTH_SESSION_APP_INFO -- -CREATE INDEX IDX_AUTH_SAI_UN_AID_SID ON IDN_AUTH_SESSION_APP_INFO (APP_ID, SUBJECT, SESSION_ID); - --- IDN_OAUTH_CONSUMER_APPS -- -CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - --- IDX_SPI_APP -- -CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - --- IDN_OIDC_PROPERTY -- -CREATE INDEX IDX_IOP_CK ON IDN_OIDC_PROPERTY(TENANT_ID, CONSUMER_KEY); - --- IDN_FIDO2_PROPERTY -- -CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - --- IDN_ASSOCIATED_ID -- -CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - --- IDN_OAUTH2_TOKEN_BINDING -- -CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); -CREATE INDEX IDX_TK_VALUE_TYPE ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_VALUE, TOKEN_BINDING_TYPE); - --- IDN_FED_AUTH_SESSION_MAPPING -- -CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - --- IDN_REMOTE_FETCH_REVISIONS -- -CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); - --- IDN_CORS_ASSOCIATION -- -CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); - --- IDN_CORS_ASSOCIATION -- -CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); - --- IDN_SECRET -- -CREATE INDEX IDN_SECRET_TYPE_ID ON IDN_SECRET (TYPE_ID); - --- IDN_CLAIM -- -CREATE INDEX IDX_CLAIM_TI_CU ON IDN_CLAIM (TENANT_ID, CLAIM_URI); - --- IDP_AUTHENTICATOR_PROPERTY -- -CREATE INDEX IDX_AUTH_PROP_AUTH_ID ON IDP_AUTHENTICATOR_PROPERTY (AUTHENTICATOR_ID); - --- IDN_CONFIG_FILE -- -CREATE INDEX IDX_CON_FILE_RES_ID ON IDN_CONFIG_FILE (RESOURCE_ID); - --- SCOPE -- -CREATE INDEX API_ID_NAME_INDEX ON SCOPE (API_ID, NAME); - --- ACTIONS -- -CREATE INDEX IDX_IDN_ACTION_TY_TI ON IDN_ACTION (TYPE, TENANT_ID); -CREATE INDEX IDX_IDN_ACTION_ENDPOINT_AU_TI ON IDN_ACTION_ENDPOINT (ACTION_UUID, TENANT_ID); --- XACML -- -CREATE INDEX IDX_POLICY_ATTRIBUTE ON IDN_XACML_POLICY_ATTRIBUTE (POLICY_ID, VERSION, TENANT_ID); -CREATE INDEX IDX_POLICY_EDITOR_DATA_FK ON IDN_XACML_POLICY_EDITOR_DATA (POLICY_ID, VERSION, TENANT_ID); -CREATE INDEX IDX_POLICY_REF ON IDN_XACML_POLICY_REFERENCE (POLICY_ID, VERSION, TENANT_ID); -CREATE INDEX IDX_POLICY_SET_REF ON IDN_XACML_POLICY_SET_REFERENCE (POLICY_ID, VERSION, TENANT_ID); -CREATE INDEX IDX_SUBSCRIBER_PROPERTY ON IDN_XACML_SUBSCRIBER_PROPERTY (SUBSCRIBER_ID, TENANT_ID); -CREATE INDEX IDX_XACML_SUBSCRIBER_STATUS ON IDN_XACML_SUBSCRIBER_STATUS (SUBSCRIBER_ID, TENANT_ID); -CREATE INDEX IDX_XACML_POLICY_STATUS ON IDN_XACML_POLICY_STATUS (POLICY_ID, POLICY_VERSION, TENANT_ID); - --SAML-- CREATE INDEX IDX_SAML2_SP_ISSUER ON IDN_SAML2_SERVICE_PROVIDER (ISSUER, TENANT_ID); CREATE INDEX IDX_SAML2_SP_TENANT_ID ON IDN_SAML2_SERVICE_PROVIDER (TENANT_ID); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql index bdadae86c31c..c6743bb97bea 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql @@ -1866,6 +1866,9 @@ CREATE TABLE IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT TIMESTAMP NOT NULL, + UPDATED_AT TIMESTAMP NOT NULL, PRIMARY KEY (ID) ) / diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/h2.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/h2.sql index bec95ca07272..f1deb2ed35f9 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/h2.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/h2.sql @@ -1250,6 +1250,9 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT DATETIME NOT NULL, + UPDATED_AT DATETIME NOT NULL, PRIMARY KEY (ID) ); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql index 17c2dc2cb715..8b0977d4c591 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql @@ -1386,6 +1386,9 @@ CREATE TABLE IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT DATETIME NOT NULL, + UPDATED_AT DATETIME NOT NULL, PRIMARY KEY (ID) ); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql index d38b03395834..4e9e391a43c2 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql @@ -1412,6 +1412,9 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT DATETIME NOT NULL, + UPDATED_AT DATETIME NOT NULL, PRIMARY KEY (ID) ) ENGINE NDB; diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql index f47d9dba0ac5..f808633d7de0 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql @@ -1277,6 +1277,9 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT TIMESTAMP NOT NULL, + UPDATED_AT TIMESTAMP NOT NULL, PRIMARY KEY (ID) ) DEFAULT CHARACTER SET latin1 ENGINE INNODB; diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql index e7ec8b10665f..0379ef5547af 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql @@ -2046,6 +2046,9 @@ CREATE TABLE IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR2(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR2(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT TIMESTAMP NOT NULL, + UPDATED_AT TIMESTAMP NOT NULL, PRIMARY KEY (ID) ) / diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql index dfe9b7ed4bfa..bfc0770cee94 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql @@ -1879,6 +1879,9 @@ CREATE TABLE IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT TIMESTAMP NOT NULL, + UPDATED_AT TIMESTAMP NOT NULL, PRIMARY KEY (ID) ) / diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql index c77e48cf25fc..7b51ab2cf7c6 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql @@ -1488,6 +1488,9 @@ CREATE TABLE IF NOT EXISTS IDN_SAML2_SERVICE_PROVIDER ( ISSUER_QUALIFIER VARCHAR(255), SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES VARCHAR(255), TENANT_ID INTEGER, + VERSION VARCHAR(15) NOT NULL, + CREATED_AT TIMESTAMP NOT NULL, + UPDATED_AT TIMESTAMP NOT NULL, PRIMARY KEY (ID) );