fix: revoke (#226)

* fix: revoke * fix: pr comment * fix: interface * fix: update * fix: oauth stats queries * fix: revoke and cleanup * fix: stats
supertokens · Sep 25, 2024 · eed2827 · eed2827
1 parent 19b7a43
commit eed2827
Show file tree

Hide file tree

Showing 4 changed files with 328 additions and 26 deletions.
diff --git a/src/main/java/io/supertokens/storage/postgresql/Start.java b/src/main/java/io/supertokens/storage/postgresql/Start.java
@@ -54,7 +54,6 @@
 import io.supertokens.pluginInterface.multitenancy.exceptions.DuplicateThirdPartyIdException;
 import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
 import io.supertokens.pluginInterface.multitenancy.sqlStorage.MultitenancySQLStorage;
-import io.supertokens.pluginInterface.oauth.exceptions.OAuth2ClientAlreadyExistsForAppException;
 import io.supertokens.pluginInterface.oauth.sqlStorage.OAuthSQLStorage;
 import io.supertokens.pluginInterface.passwordless.PasswordlessCode;
 import io.supertokens.pluginInterface.passwordless.PasswordlessDevice;
@@ -123,7 +122,6 @@ public class Start
     private ResourceDistributor resourceDistributor = new ResourceDistributor();
     private String processId;
     private HikariLoggingAppender appender;
-    private static final String APP_ID_KEY_NAME = "app_id";
     private static final String ACCESS_TOKEN_SIGNING_KEY_NAME = "access_token_signing_key";
     private static final String REFRESH_TOKEN_KEY_NAME = "refresh_token_key";
     public static boolean isTesting = false;
@@ -3083,7 +3081,7 @@ public int countUsersThatHaveMoreThanOneLoginMethodOrTOTPEnabledAndActiveSince(A
     }
 
     @Override
-    public boolean doesClientIdExistForThisApp(AppIdentifier appIdentifier, String clientId)
+    public boolean doesClientIdExistForApp(AppIdentifier appIdentifier, String clientId)
             throws StorageQueryException {
         try {
             return OAuthQueries.isClientIdForAppId(this, clientId, appIdentifier);
@@ -3093,20 +3091,11 @@ public boolean doesClientIdExistForThisApp(AppIdentifier appIdentifier, String c
     }
 
     @Override
-    public void addClientForApp(AppIdentifier appIdentifier, String clientId)
-            throws StorageQueryException, OAuth2ClientAlreadyExistsForAppException {
+    public void addOrUpdateClientForApp(AppIdentifier appIdentifier, String clientId, boolean isClientCredentialsOnly)
+            throws StorageQueryException {
         try {
-            OAuthQueries.insertClientIdForAppId(this, clientId, appIdentifier);
+            OAuthQueries.insertClientIdForAppId(this, appIdentifier, clientId, isClientCredentialsOnly);
         } catch (SQLException e) {
-
-            if (e instanceof PSQLException) {
-                PostgreSQLConfig config = Config.getConfig(this);
-                ServerErrorMessage serverMessage = ((PSQLException) e).getServerErrorMessage();
-
-                if (isPrimaryKeyError(serverMessage, config.getOAuthClientTable())) {
-                    throw new OAuth2ClientAlreadyExistsForAppException();
-                }
-            }
             throw new StorageQueryException(e);
         }
     }
@@ -3130,6 +3119,82 @@ public List<String> listClientsForApp(AppIdentifier appIdentifier) throws Storag
         }
     }
 
+    @Override
+    public void revoke(AppIdentifier appIdentifier, String targetType, String targetValue, long exp)
+            throws StorageQueryException {
+        try {
+            OAuthQueries.revoke(this, appIdentifier, targetType, targetValue, exp);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public boolean isRevoked(AppIdentifier appIdentifier, String[] targetTypes, String[] targetValues, long issuedAt)
+            throws StorageQueryException {
+        try {
+            return OAuthQueries.isRevoked(this, appIdentifier, targetTypes, targetValues, issuedAt);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public void addM2MToken(AppIdentifier appIdentifier, String clientId, long iat, long exp)
+            throws StorageQueryException {
+        try {
+            OAuthQueries.addM2MToken(this, appIdentifier, clientId, iat, exp);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public void cleanUpExpiredAndRevokedTokens(AppIdentifier appIdentifier) throws StorageQueryException {
+        try {
+            OAuthQueries.cleanUpExpiredAndRevokedTokens(this, appIdentifier);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public int countTotalNumberOfM2MTokensAlive(AppIdentifier appIdentifier) throws StorageQueryException {
+        try {
+            return OAuthQueries.countTotalNumberOfM2MTokensAlive(this, appIdentifier);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public int countTotalNumberOfM2MTokensCreatedSince(AppIdentifier appIdentifier, long since)
+            throws StorageQueryException {
+        try {
+            return OAuthQueries.countTotalNumberOfM2MTokensCreatedSince(this, appIdentifier, since);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public int countTotalNumberOfClientCredentialsOnlyClientsForApp(AppIdentifier appIdentifier)
+            throws StorageQueryException {
+        try {
+            return OAuthQueries.countTotalNumberOfClientsForApp(this, appIdentifier, true);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public int countTotalNumberOfClientsForApp(AppIdentifier appIdentifier) throws StorageQueryException {
+        try {
+            return OAuthQueries.countTotalNumberOfClientsForApp(this, appIdentifier, false);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
 
     @TestOnly
     public int getDbActivityCount(String dbname) throws SQLException, StorageQueryException {

diff --git a/src/main/java/io/supertokens/storage/postgresql/config/PostgreSQLConfig.java b/src/main/java/io/supertokens/storage/postgresql/config/PostgreSQLConfig.java
@@ -439,10 +439,18 @@ public String getDashboardSessionsTable() {
         return addSchemaAndPrefixToTableName("dashboard_user_sessions");
     }
 
-    public String getOAuthClientTable() {
+    public String getOAuthClientsTable() {
         return addSchemaAndPrefixToTableName("oauth_clients");
     }
 
+    public String getOAuthRevokeTable() {
+        return addSchemaAndPrefixToTableName("oauth_revoke");
+    }
+
+    public String getOAuthM2MTokensTable() {
+        return addSchemaAndPrefixToTableName("oauth_m2m_tokens");
+    }
+
     public String getTotpUsersTable() {
         return addSchemaAndPrefixToTableName("totp_users");
     }

diff --git a/src/main/java/io/supertokens/storage/postgresql/queries/GeneralQueries.java b/src/main/java/io/supertokens/storage/postgresql/queries/GeneralQueries.java
@@ -552,11 +552,29 @@ public static void createTablesIfNotExists(Start start, Connection con) throws S
                     update(con, TOTPQueries.getQueryToCreateTenantIdIndexForUsedCodesTable(start), NO_OP_SETTER);
                 }
 
-                if (!doesTableExists(start, con, Config.getConfig(start).getOAuthClientTable())) {
+                if (!doesTableExists(start, con, Config.getConfig(start).getOAuthClientsTable())) {
                     getInstance(start).addState(CREATING_NEW_TABLE, null);
                     update(start, OAuthQueries.getQueryToCreateOAuthClientTable(start), NO_OP_SETTER);
                 }
 
+                if (!doesTableExists(start, con, Config.getConfig(start).getOAuthRevokeTable())) {
+                    getInstance(start).addState(CREATING_NEW_TABLE, null);
+                    update(start, OAuthQueries.getQueryToCreateOAuthRevokeTable(start), NO_OP_SETTER);
+
+                    // index
+                    update(con, OAuthQueries.getQueryToCreateOAuthRevokeTimestampIndex(start), NO_OP_SETTER);
+                    update(con, OAuthQueries.getQueryToCreateOAuthRevokeExpIndex(start), NO_OP_SETTER);
+                }
+
+                if (!doesTableExists(start, con, Config.getConfig(start).getOAuthM2MTokensTable())) {
+                    getInstance(start).addState(CREATING_NEW_TABLE, null);
+                    update(start, OAuthQueries.getQueryToCreateOAuthM2MTokensTable(start), NO_OP_SETTER);
+
+                    // index
+                    update(con, OAuthQueries.getQueryToCreateOAuthM2MTokenIatIndex(start), NO_OP_SETTER);
+                    update(con, OAuthQueries.getQueryToCreateOAuthM2MTokenExpIndex(start), NO_OP_SETTER);
+                }
+
             } catch (Exception e) {
                 if (e.getMessage().contains("schema") && e.getMessage().contains("does not exist")
                         && numberOfRetries < 1) {
@@ -627,7 +645,9 @@ public static void deleteAllTables(Start start) throws SQLException, StorageQuer
                     + getConfig(start).getUserRolesTable() + ","
                     + getConfig(start).getDashboardUsersTable() + ","
                     + getConfig(start).getDashboardSessionsTable() + ","
-                    + getConfig(start).getOAuthClientTable() + ","
+                    + getConfig(start).getOAuthClientsTable() + ","
+                    + getConfig(start).getOAuthRevokeTable() + ","
+                    + getConfig(start).getOAuthM2MTokensTable() + ","
                     + getConfig(start).getTotpUsedCodesTable() + ","
                     + getConfig(start).getTotpUserDevicesTable() + ","
                     + getConfig(start).getTotpUsersTable();