ClientDetailsEntity.java

  1. /*******************************************************************************
  2.  * Copyright 2017 The MIT Internet Trust Consortium
  3.  *
  4.  * Portions copyright 2011-2013 The MITRE Corporation
  5.  *
  6.  * Licensed under the Apache License, Version 2.0 (the "License");
  7.  * you may not use this file except in compliance with the License.
  8.  * You may obtain a copy of the License at
  9.  *
  10.  *   http://www.apache.org/licenses/LICENSE-2.0
  11.  *
  12.  * Unless required by applicable law or agreed to in writing, software
  13.  * distributed under the License is distributed on an "AS IS" BASIS,
  14.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15.  * See the License for the specific language governing permissions and
  16.  * limitations under the License.
  17.  *******************************************************************************/
  18. /**
  19.  *
  20.  */
  21. package org.mitre.oauth2.model;

  23. import java.util.Date;
  24. import java.util.HashMap;
  25. import java.util.HashSet;
  26. import java.util.Map;
  27. import java.util.Set;

  29. import javax.persistence.Basic;
  30. import javax.persistence.CollectionTable;
  31. import javax.persistence.Column;
  32. import javax.persistence.Convert;
  33. import javax.persistence.ElementCollection;
  34. import javax.persistence.Entity;
  35. import javax.persistence.EnumType;
  36. import javax.persistence.Enumerated;
  37. import javax.persistence.FetchType;
  38. import javax.persistence.GeneratedValue;
  39. import javax.persistence.GenerationType;
  40. import javax.persistence.Id;
  41. import javax.persistence.JoinColumn;
  42. import javax.persistence.NamedQueries;
  43. import javax.persistence.NamedQuery;
  44. import javax.persistence.PrePersist;
  45. import javax.persistence.PreUpdate;
  46. import javax.persistence.Table;
  47. import javax.persistence.Temporal;
  48. import javax.persistence.TemporalType;
  49. import javax.persistence.Transient;

  51. import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter;
  52. import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter;
  53. import org.mitre.oauth2.model.convert.JWKSetStringConverter;
  54. import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter;
  55. import org.mitre.oauth2.model.convert.JWTStringConverter;
  56. import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter;
  57. import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
  58. import org.springframework.security.core.GrantedAuthority;
  59. import org.springframework.security.oauth2.provider.ClientDetails;

  61. import com.nimbusds.jose.EncryptionMethod;
  62. import com.nimbusds.jose.JWEAlgorithm;
  63. import com.nimbusds.jose.JWSAlgorithm;
  64. import com.nimbusds.jose.jwk.JWKSet;
  65. import com.nimbusds.jwt.JWT;

  67. /**
  68.  * @author jricher
  69.  *
  70.  */
  71. @Entity
  72. @Table(name = "client_details")
  73. @NamedQueries({
  74.     @NamedQuery(name = ClientDetailsEntity.QUERY_ALL, query = "SELECT c FROM ClientDetailsEntity c"),
  75.     @NamedQuery(name = ClientDetailsEntity.QUERY_BY_CLIENT_ID, query = "select c from ClientDetailsEntity c where c.clientId = :" + ClientDetailsEntity.PARAM_CLIENT_ID)
  76. })
  77. public class ClientDetailsEntity implements ClientDetails {

  79.     public static final String QUERY_BY_CLIENT_ID = "ClientDetailsEntity.getByClientId";
  80.     public static final String QUERY_ALL = "ClientDetailsEntity.findAll";

  82.     public static final String PARAM_CLIENT_ID = "clientId";

  84.     private static final int DEFAULT_ID_TOKEN_VALIDITY_SECONDS = 600;

  86.     private static final long serialVersionUID = -1617727085733786296L;

  88.     private Long id;

  90.     /** Fields from the OAuth2 Dynamic Registration Specification */
  91.     private String clientId = null; // client_id
  92.     private String clientSecret = null; // client_secret
  93.     private Set<String> redirectUris = new HashSet<>(); // redirect_uris
  94.     private String clientName; // client_name
  95.     private String clientUri; // client_uri
  96.     private String logoUri; // logo_uri
  97.     private Set<String> contacts; // contacts
  98.     private String tosUri; // tos_uri
  99.     private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; // token_endpoint_auth_method
  100.     private Set<String> scope = new HashSet<>(); // scope
  101.     private Set<String> grantTypes = new HashSet<>(); // grant_types
  102.     private Set<String> responseTypes = new HashSet<>(); // response_types
  103.     private String policyUri;
  104.     private String jwksUri; // URI pointer to keys
  105.     private JWKSet jwks; // public key stored by value
  106.     private String softwareId;
  107.     private String softwareVersion;

  109.     /** Fields from OIDC Client Registration Specification **/
  110.     private AppType applicationType; // application_type
  111.     private String sectorIdentifierUri; // sector_identifier_uri
  112.     private SubjectType subjectType; // subject_type

  114.     private JWSAlgorithm requestObjectSigningAlg = null; // request_object_signing_alg

  116.     private JWSAlgorithm userInfoSignedResponseAlg = null; // user_info_signed_response_alg
  117.     private JWEAlgorithm userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg
  118.     private EncryptionMethod userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc

  120.     private JWSAlgorithm idTokenSignedResponseAlg = null; // id_token_signed_response_alg
  121.     private JWEAlgorithm idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg
  122.     private EncryptionMethod idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc

  124.     private JWSAlgorithm tokenEndpointAuthSigningAlg = null; // token_endpoint_auth_signing_alg

  126.     private Integer defaultMaxAge; // default_max_age
  127.     private Boolean requireAuthTime; // require_auth_time
  128.     private Set<String> defaultACRvalues; // default_acr_values

  130.     private String initiateLoginUri; // initiate_login_uri
  131.     private Set<String> postLogoutRedirectUris; // post_logout_redirect_uris

  133.     private Set<String> requestUris; // request_uris

  135.     /** Fields to support the ClientDetails interface **/
  136.     private Set<GrantedAuthority> authorities = new HashSet<>();
  137.     private Integer accessTokenValiditySeconds = 0; // in seconds
  138.     private Integer refreshTokenValiditySeconds = 0; // in seconds
  139.     private Set<String> resourceIds = new HashSet<>();
  140.     private Map<String, Object> additionalInformation = new HashMap<>();

  142.     /** Our own fields **/
  143.     private String clientDescription = ""; // human-readable description
  144.     private boolean reuseRefreshToken = true; // do we let someone reuse a refresh token?
  145.     private boolean dynamicallyRegistered = false; // was this client dynamically registered?
  146.     private boolean allowIntrospection = false; // do we let this client call the introspection endpoint?
  147.     private Integer idTokenValiditySeconds; //timeout for id tokens
  148.     private Date createdAt; // time the client was created
  149.     private boolean clearAccessTokensOnRefresh = true; // do we clear access tokens on refresh?
  150.     private Integer deviceCodeValiditySeconds; // timeout for device codes

  152.     /** fields for UMA */
  153.     private Set<String> claimsRedirectUris;

  155.     /** Software statement **/
  156.     private JWT softwareStatement;

  158.     /** PKCE **/
  159.     private PKCEAlgorithm codeChallengeMethod;

  161.     public enum AuthMethod {
  162.         SECRET_POST("client_secret_post"),
  163.         SECRET_BASIC("client_secret_basic"),
  164.         SECRET_JWT("client_secret_jwt"),
  165.         PRIVATE_KEY("private_key_jwt"),
  166.         NONE("none");

  168.         private final String value;

  170.         // map to aid reverse lookup
  171.         private static final Map<String, AuthMethod> lookup = new HashMap<>();
  172.         static {
  173.             for (AuthMethod a : AuthMethod.values()) {
  174.                 lookup.put(a.getValue(), a);
  175.             }
  176.         }

  178.         AuthMethod(String value) {
  179.             this.value = value;
  180.         }

  182.         public String getValue() {
  183.             return value;
  184.         }

  186.         public static AuthMethod getByValue(String value) {
  187.             return lookup.get(value);
  188.         }
  189.     }

  191.     public enum AppType {
  192.         WEB("web"), NATIVE("native");

  194.         private final String value;

  196.         // map to aid reverse lookup
  197.         private static final Map<String, AppType> lookup = new HashMap<>();
  198.         static {
  199.             for (AppType a : AppType.values()) {
  200.                 lookup.put(a.getValue(), a);
  201.             }
  202.         }

  204.         AppType(String value) {
  205.             this.value = value;
  206.         }

  208.         public String getValue() {
  209.             return value;
  210.         }

  212.         public static AppType getByValue(String value) {
  213.             return lookup.get(value);
  214.         }
  215.     }

  217.     public enum SubjectType {
  218.         PAIRWISE("pairwise"), PUBLIC("public");

  220.         private final String value;

  222.         // map to aid reverse lookup
  223.         private static final Map<String, SubjectType> lookup = new HashMap<>();
  224.         static {
  225.             for (SubjectType u : SubjectType.values()) {
  226.                 lookup.put(u.getValue(), u);
  227.             }
  228.         }

  230.         SubjectType(String value) {
  231.             this.value = value;
  232.         }

  234.         public String getValue() {
  235.             return value;
  236.         }

  238.         public static SubjectType getByValue(String value) {
  239.             return lookup.get(value);
  240.         }
  241.     }

  243.     /**
  244.      * Create a blank ClientDetailsEntity
  245.      */
  246.     public ClientDetailsEntity() {

  248.     }

  250.     @PrePersist
  251.     @PreUpdate
  252.     private void prePersist() {
  253.         // make sure that ID tokens always time out, default to 5 minutes
  254.         if (getIdTokenValiditySeconds() == null) {
  255.             setIdTokenValiditySeconds(DEFAULT_ID_TOKEN_VALIDITY_SECONDS);
  256.         }
  257.     }

  259.     /**
  260.      * @return the id
  261.      */
  262.     @Id
  263.     @GeneratedValue(strategy = GenerationType.IDENTITY)
  264.     @Column(name = "id")
  265.     public Long getId() {
  266.         return id;
  267.     }

  269.     /**
  270.      *
  271.      * @param id the id to set
  272.      */
  273.     public void setId(Long id) {
  274.         this.id = id;
  275.     }

  277.     /**
  278.      * @return the clientDescription
  279.      */
  280.     @Basic
  281.     @Column(name="client_description")
  282.     public String getClientDescription() {
  283.         return clientDescription;
  284.     }

  286.     /**
  287.      * @param clientDescription Human-readable long description of the client (optional)
  288.      */
  289.     public void setClientDescription(String clientDescription) {
  290.         this.clientDescription = clientDescription;
  291.     }

  293.     /**
  294.      * @return the allowRefresh
  295.      */
  296.     @Transient
  297.     public boolean isAllowRefresh() {
  298.         if (grantTypes != null) {
  299.             return getAuthorizedGrantTypes().contains("refresh_token");
  300.         } else {
  301.             return false; // if there are no grants, we can't be refreshing them, can we?
  302.         }
  303.     }

  305.     @Basic
  306.     @Column(name="reuse_refresh_tokens")
  307.     public boolean isReuseRefreshToken() {
  308.         return reuseRefreshToken;
  309.     }

  311.     public void setReuseRefreshToken(boolean reuseRefreshToken) {
  312.         this.reuseRefreshToken = reuseRefreshToken;
  313.     }

  315.     /**
  316.      * Number of seconds ID token is valid for. MUST be a positive integer, can not be null.
  317.      *
  318.      * @return the idTokenValiditySeconds
  319.      */
  320.     @Basic
  321.     @Column(name="id_token_validity_seconds")
  322.     public Integer getIdTokenValiditySeconds() {
  323.         return idTokenValiditySeconds;
  324.     }

  326.     /**
  327.      * @param idTokenValiditySeconds the idTokenValiditySeconds to set
  328.      */
  329.     public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) {
  330.         this.idTokenValiditySeconds = idTokenValiditySeconds;
  331.     }

  333.     /**
  334.      * @return the dynamicallyRegistered
  335.      */
  336.     @Basic
  337.     @Column(name="dynamically_registered")
  338.     public boolean isDynamicallyRegistered() {
  339.         return dynamicallyRegistered;
  340.     }

  342.     /**
  343.      * @param dynamicallyRegistered the dynamicallyRegistered to set
  344.      */
  345.     public void setDynamicallyRegistered(boolean dynamicallyRegistered) {
  346.         this.dynamicallyRegistered = dynamicallyRegistered;
  347.     }





  353.     /**
  354.      * @return the allowIntrospection
  355.      */
  356.     @Basic
  357.     @Column(name="allow_introspection")
  358.     public boolean isAllowIntrospection() {
  359.         return allowIntrospection;
  360.     }

  362.     /**
  363.      * @param allowIntrospection the allowIntrospection to set
  364.      */
  365.     public void setAllowIntrospection(boolean allowIntrospection) {
  366.         this.allowIntrospection = allowIntrospection;
  367.     }

  369.     /**
  370.      *
  371.      */
  372.     @Override
  373.     @Transient
  374.     public boolean isSecretRequired() {
  375.         if (getTokenEndpointAuthMethod() != null &&
  376.                 (getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC) ||
  377.                         getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST) ||
  378.                         getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT))) {
  379.             return true;
  380.         } else {
  381.             return false;
  382.         }

  384.     }

  386.     /**
  387.      * If the scope list is not null or empty, then this client has been scoped.
  388.      */
  389.     @Override
  390.     @Transient
  391.     public boolean isScoped() {
  392.         return getScope() != null && !getScope().isEmpty();
  393.     }

  395.     /**
  396.      * @return the clientId
  397.      */
  398.     @Basic
  399.     @Override
  400.     @Column(name="client_id")
  401.     public String getClientId() {
  402.         return clientId;
  403.     }

  405.     /**
  406.      * @param clientId The OAuth2 client_id, must be unique to this client
  407.      */
  408.     public void setClientId(String clientId) {
  409.         this.clientId = clientId;
  410.     }

  412.     /**
  413.      * @return the clientSecret
  414.      */
  415.     @Basic
  416.     @Override
  417.     @Column(name="client_secret")
  418.     public String getClientSecret() {
  419.         return clientSecret;
  420.     }

  422.     /**
  423.      * @param clientSecret the OAuth2 client_secret (optional)
  424.      */
  425.     public void setClientSecret(String clientSecret) {
  426.         this.clientSecret = clientSecret;
  427.     }

  429.     /**
  430.      * @return the scope
  431.      */
  432.     @ElementCollection(fetch = FetchType.EAGER)
  433.     @CollectionTable(
  434.             name="client_scope",
  435.             joinColumns=@JoinColumn(name="owner_id")
  436.             )
  437.     @Override
  438.     @Column(name="scope")
  439.     public Set<String> getScope() {
  440.         return scope;
  441.     }

  443.     /**
  444.      * @param scope the set of scopes allowed to be issued to this client
  445.      */
  446.     public void setScope(Set<String> scope) {
  447.         this.scope = scope;
  448.     }

  450.     /**
  451.      * @return the authorizedGrantTypes
  452.      */
  453.     @ElementCollection(fetch = FetchType.EAGER)
  454.     @CollectionTable(
  455.             name="client_grant_type",
  456.             joinColumns=@JoinColumn(name="owner_id")
  457.             )
  458.     @Column(name="grant_type")
  459.     public Set<String> getGrantTypes() {
  460.         return grantTypes;
  461.     }

  463.     /**
  464.      * @param authorizedGrantTypes the OAuth2 grant types that this client is allowed to use
  465.      */
  466.     public void setGrantTypes(Set<String> grantTypes) {
  467.         this.grantTypes = grantTypes;
  468.     }

  470.     /**
  471.      * passthrough for SECOAUTH api
  472.      */
  473.     @Override
  474.     @Transient
  475.     public Set<String> getAuthorizedGrantTypes() {
  476.         return getGrantTypes();
  477.     }

  479.     /**
  480.      * @return the authorities
  481.      */
  482.     @ElementCollection(fetch = FetchType.EAGER)
  483.     @CollectionTable(
  484.             name="client_authority",
  485.             joinColumns=@JoinColumn(name="owner_id")
  486.             )
  487.     @Override
  488.     @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
  489.     @Column(name="authority")
  490.     public Set<GrantedAuthority> getAuthorities() {
  491.         return authorities;
  492.     }

  494.     /**
  495.      * @param authorities the Spring Security authorities this client is given
  496.      */
  497.     public void setAuthorities(Set<GrantedAuthority> authorities) {
  498.         this.authorities = authorities;
  499.     }

  501.     @Override
  502.     @Basic
  503.     @Column(name="access_token_validity_seconds")
  504.     public Integer getAccessTokenValiditySeconds() {
  505.         return accessTokenValiditySeconds;
  506.     }

  508.     /**
  509.      * @param accessTokenTimeout the accessTokenTimeout to set
  510.      */
  511.     public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
  512.         this.accessTokenValiditySeconds = accessTokenValiditySeconds;
  513.     }

  515.     @Override
  516.     @Basic
  517.     @Column(name="refresh_token_validity_seconds")
  518.     public Integer getRefreshTokenValiditySeconds() {
  519.         return refreshTokenValiditySeconds;
  520.     }

  522.     /**
  523.      * @param refreshTokenTimeout Lifetime of refresh tokens, in seconds (optional - leave null for no timeout)
  524.      */
  525.     public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
  526.         this.refreshTokenValiditySeconds = refreshTokenValiditySeconds;
  527.     }

  529.     /**
  530.      * @return the registeredRedirectUri
  531.      */
  532.     @ElementCollection(fetch = FetchType.EAGER)
  533.     @CollectionTable(
  534.             name="client_redirect_uri",
  535.             joinColumns=@JoinColumn(name="owner_id")
  536.             )
  537.     @Column(name="redirect_uri")
  538.     public Set<String> getRedirectUris() {
  539.         return redirectUris;
  540.     }

  542.     /**
  543.      * @param registeredRedirectUri the registeredRedirectUri to set
  544.      */
  545.     public void setRedirectUris(Set<String> redirectUris) {
  546.         this.redirectUris = redirectUris;
  547.     }

  549.     /**
  550.      * Pass-through method to fulfill the ClientDetails interface with a bad name
  551.      */
  552.     @Override
  553.     @Transient
  554.     public Set<String> getRegisteredRedirectUri() {
  555.         return getRedirectUris();
  556.     }

  558.     /**
  559.      * @return the resourceIds
  560.      */
  561.     @Override
  562.     @ElementCollection(fetch = FetchType.EAGER)
  563.     @CollectionTable(
  564.             name="client_resource",
  565.             joinColumns=@JoinColumn(name="owner_id")
  566.             )
  567.     @Column(name="resource_id")
  568.     public Set<String> getResourceIds() {
  569.         return resourceIds;
  570.     }

  572.     /**
  573.      * @param resourceIds the resourceIds to set
  574.      */
  575.     public void setResourceIds(Set<String> resourceIds) {
  576.         this.resourceIds = resourceIds;
  577.     }


  580.     /**
  581.      * This library does not make use of this field, so it is not
  582.      * stored using our persistence layer.
  583.      *
  584.      * However, it's somehow required by SECOUATH.
  585.      *
  586.      * @return an empty map
  587.      */
  588.     @Override
  589.     @Transient
  590.     public Map<String, Object> getAdditionalInformation() {
  591.         return this.additionalInformation;
  592.     }




  597.     @Enumerated(EnumType.STRING)
  598.     @Column(name="application_type")
  599.     public AppType getApplicationType() {
  600.         return applicationType;
  601.     }

  603.     public void setApplicationType(AppType applicationType) {
  604.         this.applicationType = applicationType;
  605.     }

  607.     @Basic
  608.     @Column(name="client_name")
  609.     public String getClientName() {
  610.         return clientName;
  611.     }

  613.     public void setClientName(String clientName) {
  614.         this.clientName = clientName;
  615.     }

  617.     @Enumerated(EnumType.STRING)
  618.     @Column(name="token_endpoint_auth_method")
  619.     public AuthMethod getTokenEndpointAuthMethod() {
  620.         return tokenEndpointAuthMethod;
  621.     }

  623.     public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) {
  624.         this.tokenEndpointAuthMethod = tokenEndpointAuthMethod;
  625.     }

  627.     @Enumerated(EnumType.STRING)
  628.     @Column(name="subject_type")
  629.     public SubjectType getSubjectType() {
  630.         return subjectType;
  631.     }

  633.     public void setSubjectType(SubjectType subjectType) {
  634.         this.subjectType = subjectType;
  635.     }

  637.     @ElementCollection(fetch = FetchType.EAGER)
  638.     @CollectionTable(
  639.             name="client_contact",
  640.             joinColumns=@JoinColumn(name="owner_id")
  641.             )
  642.     @Column(name="contact")
  643.     public Set<String> getContacts() {
  644.         return contacts;
  645.     }

  647.     public void setContacts(Set<String> contacts) {
  648.         this.contacts = contacts;
  649.     }

  651.     @Basic
  652.     @Column(name="logo_uri")
  653.     public String getLogoUri() {
  654.         return logoUri;
  655.     }

  657.     public void setLogoUri(String logoUri) {
  658.         this.logoUri = logoUri;
  659.     }

  661.     @Basic
  662.     @Column(name="policy_uri")
  663.     public String getPolicyUri() {
  664.         return policyUri;
  665.     }

  667.     public void setPolicyUri(String policyUri) {
  668.         this.policyUri = policyUri;
  669.     }

  671.     /**
  672.      * @return the clientUrl
  673.      */
  674.     @Basic
  675.     @Column(name="client_uri")
  676.     public String getClientUri() {
  677.         return clientUri;
  678.     }

  680.     /**
  681.      * @param clientUrl the clientUrl to set
  682.      */
  683.     public void setClientUri(String clientUri) {
  684.         this.clientUri = clientUri;
  685.     }

  687.     /**
  688.      * @return the tosUrl
  689.      */
  690.     @Basic
  691.     @Column(name="tos_uri")
  692.     public String getTosUri() {
  693.         return tosUri;
  694.     }

  696.     /**
  697.      * @param tosUrl the tosUrl to set
  698.      */
  699.     public void setTosUri(String tosUri) {
  700.         this.tosUri = tosUri;
  701.     }

  703.     @Basic
  704.     @Column(name="jwks_uri")
  705.     public String getJwksUri() {
  706.         return jwksUri;
  707.     }

  709.     public void setJwksUri(String jwksUri) {
  710.         this.jwksUri = jwksUri;
  711.     }

  713.     /**
  714.      * @return the jwks
  715.      */
  716.     @Basic
  717.     @Column(name="jwks")
  718.     @Convert(converter = JWKSetStringConverter.class)
  719.     public JWKSet getJwks() {
  720.         return jwks;
  721.     }

  723.     /**
  724.      * @param jwks the jwks to set
  725.      */
  726.     public void setJwks(JWKSet jwks) {
  727.         this.jwks = jwks;
  728.     }

  730.     @Basic
  731.     @Column(name="sector_identifier_uri")
  732.     public String getSectorIdentifierUri() {
  733.         return sectorIdentifierUri;
  734.     }

  736.     public void setSectorIdentifierUri(String sectorIdentifierUri) {
  737.         this.sectorIdentifierUri = sectorIdentifierUri;
  738.     }

  740.     @Basic
  741.     @Column(name = "request_object_signing_alg")
  742.     @Convert(converter = JWSAlgorithmStringConverter.class)
  743.     public JWSAlgorithm getRequestObjectSigningAlg() {
  744.         return requestObjectSigningAlg;
  745.     }

  747.     public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) {
  748.         this.requestObjectSigningAlg = requestObjectSigningAlg;
  749.     }

  751.     @Basic
  752.     @Column(name = "user_info_signed_response_alg")
  753.     @Convert(converter = JWSAlgorithmStringConverter.class)
  754.     public JWSAlgorithm getUserInfoSignedResponseAlg() {
  755.         return userInfoSignedResponseAlg;
  756.     }

  758.     public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) {
  759.         this.userInfoSignedResponseAlg = userInfoSignedResponseAlg;
  760.     }

  762.     @Basic
  763.     @Column(name = "user_info_encrypted_response_alg")
  764.     @Convert(converter = JWEAlgorithmStringConverter.class)
  765.     public JWEAlgorithm getUserInfoEncryptedResponseAlg() {
  766.         return userInfoEncryptedResponseAlg;
  767.     }

  769.     public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) {
  770.         this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg;
  771.     }

  773.     @Basic
  774.     @Column(name = "user_info_encrypted_response_enc")
  775.     @Convert(converter = JWEEncryptionMethodStringConverter.class)
  776.     public EncryptionMethod getUserInfoEncryptedResponseEnc() {
  777.         return userInfoEncryptedResponseEnc;
  778.     }

  780.     public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) {
  781.         this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc;
  782.     }

  784.     @Basic
  785.     @Column(name="id_token_signed_response_alg")
  786.     @Convert(converter = JWSAlgorithmStringConverter.class)
  787.     public JWSAlgorithm getIdTokenSignedResponseAlg() {
  788.         return idTokenSignedResponseAlg;
  789.     }

  791.     public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) {
  792.         this.idTokenSignedResponseAlg = idTokenSignedResponseAlg;
  793.     }

  795.     @Basic
  796.     @Column(name = "id_token_encrypted_response_alg")
  797.     @Convert(converter = JWEAlgorithmStringConverter.class)
  798.     public JWEAlgorithm getIdTokenEncryptedResponseAlg() {
  799.         return idTokenEncryptedResponseAlg;
  800.     }

  802.     public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) {
  803.         this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg;
  804.     }

  806.     @Basic
  807.     @Column(name = "id_token_encrypted_response_enc")
  808.     @Convert(converter = JWEEncryptionMethodStringConverter.class)
  809.     public EncryptionMethod getIdTokenEncryptedResponseEnc() {
  810.         return idTokenEncryptedResponseEnc;
  811.     }

  813.     public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) {
  814.         this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc;
  815.     }

  817.     @Basic
  818.     @Column(name="token_endpoint_auth_signing_alg")
  819.     @Convert(converter = JWSAlgorithmStringConverter.class)
  820.     public JWSAlgorithm getTokenEndpointAuthSigningAlg() {
  821.         return tokenEndpointAuthSigningAlg;
  822.     }

  824.     public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) {
  825.         this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlg;
  826.     }

  828.     @Basic
  829.     @Column(name="default_max_age")
  830.     public Integer getDefaultMaxAge() {
  831.         return defaultMaxAge;
  832.     }

  834.     public void setDefaultMaxAge(Integer defaultMaxAge) {
  835.         this.defaultMaxAge = defaultMaxAge;
  836.     }

  838.     @Basic
  839.     @Column(name="require_auth_time")
  840.     public Boolean getRequireAuthTime() {
  841.         return requireAuthTime;
  842.     }

  844.     public void setRequireAuthTime(Boolean requireAuthTime) {
  845.         this.requireAuthTime = requireAuthTime;
  846.     }

  848.     /**
  849.      * @return the responseTypes
  850.      */
  851.     @ElementCollection(fetch = FetchType.EAGER)
  852.     @CollectionTable(
  853.             name="client_response_type",
  854.             joinColumns=@JoinColumn(name="owner_id")
  855.             )
  856.     @Column(name="response_type")
  857.     public Set<String> getResponseTypes() {
  858.         return responseTypes;
  859.     }

  861.     /**
  862.      * @param responseTypes the responseTypes to set
  863.      */
  864.     public void setResponseTypes(Set<String> responseTypes) {
  865.         this.responseTypes = responseTypes;
  866.     }

  868.     /**
  869.      * @return the defaultACRvalues
  870.      */
  871.     @ElementCollection(fetch = FetchType.EAGER)
  872.     @CollectionTable(
  873.             name="client_default_acr_value",
  874.             joinColumns=@JoinColumn(name="owner_id")
  875.             )
  876.     @Column(name="default_acr_value")
  877.     public Set<String> getDefaultACRvalues() {
  878.         return defaultACRvalues;
  879.     }

  881.     /**
  882.      * @param defaultACRvalues the defaultACRvalues to set
  883.      */
  884.     public void setDefaultACRvalues(Set<String> defaultACRvalues) {
  885.         this.defaultACRvalues = defaultACRvalues;
  886.     }

  888.     /**
  889.      * @return the initiateLoginUri
  890.      */
  891.     @Basic
  892.     @Column(name="initiate_login_uri")
  893.     public String getInitiateLoginUri() {
  894.         return initiateLoginUri;
  895.     }

  897.     /**
  898.      * @param initiateLoginUri the initiateLoginUri to set
  899.      */
  900.     public void setInitiateLoginUri(String initiateLoginUri) {
  901.         this.initiateLoginUri = initiateLoginUri;
  902.     }

  904.     /**
  905.      * @return the postLogoutRedirectUri
  906.      */
  907.     @ElementCollection(fetch = FetchType.EAGER)
  908.     @CollectionTable(
  909.             name="client_post_logout_redirect_uri",
  910.             joinColumns=@JoinColumn(name="owner_id")
  911.             )
  912.     @Column(name="post_logout_redirect_uri")
  913.     public Set<String> getPostLogoutRedirectUris() {
  914.         return postLogoutRedirectUris;
  915.     }

  917.     /**
  918.      * @param postLogoutRedirectUri the postLogoutRedirectUri to set
  919.      */
  920.     public void setPostLogoutRedirectUris(Set<String> postLogoutRedirectUri) {
  921.         this.postLogoutRedirectUris = postLogoutRedirectUri;
  922.     }

  924.     /**
  925.      * @return the requestUris
  926.      */
  927.     @ElementCollection(fetch = FetchType.EAGER)
  928.     @CollectionTable(
  929.             name="client_request_uri",
  930.             joinColumns=@JoinColumn(name="owner_id")
  931.             )
  932.     @Column(name="request_uri")
  933.     public Set<String> getRequestUris() {
  934.         return requestUris;
  935.     }

  937.     /**
  938.      * @param requestUris the requestUris to set
  939.      */
  940.     public void setRequestUris(Set<String> requestUris) {
  941.         this.requestUris = requestUris;
  942.     }

  944.     /**
  945.      * @return the createdAt
  946.      */
  947.     @Temporal(TemporalType.TIMESTAMP)
  948.     @Column(name="created_at")
  949.     public Date getCreatedAt() {
  950.         return createdAt;
  951.     }

  953.     /**
  954.      * @param createdAt the createdAt to set
  955.      */
  956.     public void setCreatedAt(Date createdAt) {
  957.         this.createdAt = createdAt;
  958.     }

  960.     /**
  961.      * Our framework doesn't use this construct, we use WhitelistedSites and ApprovedSites instead.
  962.      */
  963.     @Override
  964.     public boolean isAutoApprove(String scope) {
  965.         return false;
  966.     }

  968.     /**
  969.      * @return the clearAccessTokensOnRefresh
  970.      */
  971.     @Basic
  972.     @Column(name = "clear_access_tokens_on_refresh")
  973.     public boolean isClearAccessTokensOnRefresh() {
  974.         return clearAccessTokensOnRefresh;
  975.     }

  977.     /**
  978.      * @param clearAccessTokensOnRefresh the clearAccessTokensOnRefresh to set
  979.      */
  980.     public void setClearAccessTokensOnRefresh(boolean clearAccessTokensOnRefresh) {
  981.         this.clearAccessTokensOnRefresh = clearAccessTokensOnRefresh;
  982.     }

  984.     /**
  985.      * @return the claimsRedirectUris
  986.      */
  987.     @ElementCollection(fetch = FetchType.EAGER)
  988.     @CollectionTable(
  989.             name="client_claims_redirect_uri",
  990.             joinColumns=@JoinColumn(name="owner_id")
  991.             )
  992.     @Column(name="redirect_uri")
  993.     public Set<String> getClaimsRedirectUris() {
  994.         return claimsRedirectUris;
  995.     }

  997.     /**
  998.      * @param claimsRedirectUris the claimsRedirectUris to set
  999.      */
  1000.     public void setClaimsRedirectUris(Set<String> claimsRedirectUris) {
  1001.         this.claimsRedirectUris = claimsRedirectUris;
  1002.     }

  1004.     /**
  1005.      * @return the softwareStatement
  1006.      */
  1007.     @Basic
  1008.     @Column(name = "software_statement")
  1009.     @Convert(converter = JWTStringConverter.class)
  1010.     public JWT getSoftwareStatement() {
  1011.         return softwareStatement;
  1012.     }

  1014.     /**
  1015.      * @param softwareStatement the softwareStatement to set
  1016.      */
  1017.     public void setSoftwareStatement(JWT softwareStatement) {
  1018.         this.softwareStatement = softwareStatement;
  1019.     }

  1021.     /**
  1022.      * @return the codeChallengeMethod
  1023.      */
  1024.     @Basic
  1025.     @Column(name = "code_challenge_method")
  1026.     @Convert(converter = PKCEAlgorithmStringConverter.class)
  1027.     public PKCEAlgorithm getCodeChallengeMethod() {
  1028.         return codeChallengeMethod;
  1029.     }

  1031.     /**
  1032.      * @param codeChallengeMethod the codeChallengeMethod to set
  1033.      */
  1034.     public void setCodeChallengeMethod(PKCEAlgorithm codeChallengeMethod) {
  1035.         this.codeChallengeMethod = codeChallengeMethod;
  1036.     }

  1038.     /**
  1039.      * @return the deviceCodeValiditySeconds
  1040.      */
  1041.     @Basic
  1042.     @Column(name="device_code_validity_seconds")
  1043.     public Integer getDeviceCodeValiditySeconds() {
  1044.         return deviceCodeValiditySeconds;
  1045.     }

  1047.     /**
  1048.      * @param deviceCodeValiditySeconds the deviceCodeValiditySeconds to set
  1049.      */
  1050.     public void setDeviceCodeValiditySeconds(Integer deviceCodeValiditySeconds) {
  1051.         this.deviceCodeValiditySeconds = deviceCodeValiditySeconds;
  1052.     }

  1054.     /**
  1055.      * @return the softwareId
  1056.      */
  1057.     @Basic
  1058.     @Column(name="software_id")
  1059.     public String getSoftwareId() {
  1060.         return softwareId;
  1061.     }

  1063.     /**
  1064.      * @param softwareId the softwareId to set
  1065.      */
  1066.     public void setSoftwareId(String softwareId) {
  1067.         this.softwareId = softwareId;
  1068.     }

  1070.     /**
  1071.      * @return the softwareVersion
  1072.      */
  1073.     @Basic
  1074.     @Column(name="software_version")
  1075.     public String getSoftwareVersion() {
  1076.         return softwareVersion;
  1077.     }

  1079.     /**
  1080.      * @param softwareVersion the softwareVersion to set
  1081.      */
  1082.     public void setSoftwareVersion(String softwareVersion) {
  1083.         this.softwareVersion = softwareVersion;
  1084.     }

  1086. }
Created with JaCoCo 0.7.9.201702052155