jgrandja
commented
4 weeks ago @filipemb I'm not seeing any issue here. Take a look at JpaTests as it passes using all the JPA components.
Closed filipemb closed 3 weeks ago
jgrandja
commented
4 weeks ago @filipemb I'm not seeing any issue here. Take a look at JpaTests as it passes using all the JPA components.
filipemb
commented
4 weeks ago Hi @jgrandja,
Analyzing the test you are right:
Test JpaTests at method oidcLoginWhenJpaCoreServicesAutowiredThenUsed() uses
OAuth2Authorization authorization = findAuthorization(accessToken, OAuth2ParameterNames.ACCESS_TOKEN);
to interact with mapped Authorization.java,
and covers method findAuthorizationfrom JpaOAuth2AuthorizationService
this method will return an OAuth2Authorization after querying by token type using AuthorizationRepository.
The conversion from Authorization to OAuth2Authorization will only deal with the field oidcIdTokenClaims if the retrieved entity has an oidcIdTokenValue.
The test expects that the retrieved authorization has it as it asserts:
assertThat(authorization.getToken(idToken)).isNotNull();
A token with a non null oidcIdTokenValue will be of type "token_type": "id token".
Investigating further I found my issue, it was caused by SQL scripts from an old guide changed by @sjohnr long ago at this commit and not totally covered by Wiki Spring-Authorization-Server-1.1-Migration-Guide
So my suggestion is to fix this script: oauth2-authorization-schema.sql
to reflect the same from the How to JPA Guide and fix Wiki Spring-Authorization-Server-1.1-Migration-Guide
Tkx for your attention on this topic. Wish u the best. :muscle: From Brazil :beginner:
jgrandja
commented
3 weeks ago @filipemb
So my suggestion is to fix this script: oauth2-authorization-schema.sql
to reflect the same from the How to JPA Guide
The oauth2-authorization-schema.sql is specifically defined for JdbcOAuth2AuthorizationService. Whereas, the
JPA authorization schema is designed for JpaOAuth2AuthorizationService. These are 2 different implementations of OAuth2AuthorizationService, which have their own (and different) schema definitions.
I'm going to close this as I don't see any issues.
If you still think there is a bug please provide a minimal sample that reproduces the issue so I can look into it further.
Describe the bug If user follow guide: How-to: Implement core services with JPA will face an exception during authentication because Authorization.java has a map to oidcIdTokenClaims
that is not present at table dll script.
It misses:
To Reproduce 1) follow steps from guide: How-to: Implement core services with JPA 2) start authorization server and login in.
Expected behavior Login happens without failure after replacing: JdbcOAuth2AuthorizationService, JdbcRegisteredClientRepository and JdbcOAuth2AuthorizationConsentService by JpaOAuth2AuthorizationService, JpaRegisteredClientRepository and JpaOAuth2AuthorizationConsentService
Sample I'll fail reporting this (1 AM here in Brazil, sry guys! :wink: )
Reports that include a sample will take priority over reports that do not. At times, we may require a sample, so it is good to try and include a sample up front.