GitBucket
Newer
package com.heaerie.server.auth201.Auth201Server.service;
import com.heaerie.server.auth201.Auth201Server.dto.ClientRegistrationRequest;
import com.heaerie.server.auth201.Auth201Server.dto.ClientRegistrationResponse;
import com.heaerie.server.auth201.Auth201Server.entity.RegisteredClientEntity;
import com.heaerie.server.auth201.Auth201Server.repository.RegisteredClientRepository;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.UUID;
@Service
public class ClientRegistrationService {
private final RegisteredClientRepository clientRepository;
private final PasswordEncoder passwordEncoder;
public ClientRegistrationService(RegisteredClientRepository clientRepository,
PasswordEncoder passwordEncoder) {
this.clientRepository = clientRepository;
this.passwordEncoder = passwordEncoder;
}
@Transactional
public ClientRegistrationResponse registerClient(ClientRegistrationRequest request) {
// Validate request
if (request.getClientName() == null || request.getClientName().trim().isEmpty()) {
throw new IllegalArgumentException("Client name is required");
}
if (request.getRedirectUris() == null || request.getRedirectUris().isEmpty()) {
throw new IllegalArgumentException("At least one redirect URI is required");
}
// Generate unique client ID
String clientId;
do {
clientId = generateClientId(request.getClientName());
} while (clientRepository.existsByClientId(clientId));
// Generate client secret for confidential clients
String clientSecret = null;
String encodedSecret = null;
if ("confidential".equals(request.getClientType())) {
clientSecret = generateClientSecret();
encodedSecret = passwordEncoder.encode(clientSecret);
}
// Create entity
RegisteredClientEntity entity = new RegisteredClientEntity();
entity.setClientId(clientId);
entity.setClientSecret(encodedSecret);
entity.setClientName(request.getClientName());
entity.setClientType(request.getClientType());
entity.setDescription(request.getDescription());
entity.setRedirectUris(String.join(",", request.getRedirectUris()));
if (request.getLogoutRedirectUris() != null && !request.getLogoutRedirectUris().isEmpty()) {
entity.setLogoutRedirectUris(String.join(",", request.getLogoutRedirectUris()));
}
entity.setGrantTypes(String.join(",", request.getGrantTypes()));
entity.setScopes(String.join(",", request.getScopes()));
entity.setRequireConsent(request.isRequireConsent());
entity.setRequirePkce(request.isRequirePkce());
entity.setAccessTokenValidity(request.getAccessTokenValidity());
entity.setRefreshTokenValidity(request.getRefreshTokenValidity());
entity.setReuseRefreshTokens(request.isReuseRefreshTokens());
// Save to database
clientRepository.save(entity);
// Build response
ClientRegistrationResponse response = new ClientRegistrationResponse();
response.setClientId(clientId);
response.setClientSecret(clientSecret); // Return plain text secret (only shown once)
response.setClientType(request.getClientType());
response.setMessage("Client registered successfully");
return response;
}
private String generateClientId(String clientName) {
String sanitized = clientName.toLowerCase()
.replaceAll("[^a-z0-9-]", "-")
.replaceAll("-+", "-")
.replaceAll("^-|-$", "");
String shortUuid = UUID.randomUUID().toString().substring(0, 8);
return sanitized + "-" + shortUuid;
}
private String generateClientSecret() {
return UUID.randomUUID().toString().replace("-", "") +
UUID.randomUUID().toString().replace("-", "");
}
}