This commit is contained in:
usbharu 2023-11-21 15:38:56 +09:00
parent f232183679
commit d286c73277
7 changed files with 245 additions and 184 deletions

View File

@ -1,11 +1,13 @@
package dev.usbharu.hideout.application.config package dev.usbharu.hideout.application.config
import com.fasterxml.jackson.annotation.JsonInclude import com.fasterxml.jackson.annotation.JsonInclude
import com.fasterxml.jackson.databind.ObjectMapper
import com.nimbusds.jose.jwk.JWKSet import com.nimbusds.jose.jwk.JWKSet
import com.nimbusds.jose.jwk.RSAKey import com.nimbusds.jose.jwk.RSAKey
import com.nimbusds.jose.jwk.source.ImmutableJWKSet import com.nimbusds.jose.jwk.source.ImmutableJWKSet
import com.nimbusds.jose.jwk.source.JWKSource import com.nimbusds.jose.jwk.source.JWKSource
import com.nimbusds.jose.proc.SecurityContext import com.nimbusds.jose.proc.SecurityContext
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
import dev.usbharu.hideout.application.external.Transaction import dev.usbharu.hideout.application.external.Transaction
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
@ -17,7 +19,9 @@ import dev.usbharu.hideout.util.RsaUtil
import dev.usbharu.httpsignature.sign.RsaSha256HttpSignatureSigner import dev.usbharu.httpsignature.sign.RsaSha256HttpSignatureSigner
import dev.usbharu.httpsignature.verify.DefaultSignatureHeaderParser import dev.usbharu.httpsignature.verify.DefaultSignatureHeaderParser
import dev.usbharu.httpsignature.verify.RsaSha256HttpSignatureVerifier import dev.usbharu.httpsignature.verify.RsaSha256HttpSignatureVerifier
import jakarta.annotation.PostConstruct
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer
import org.springframework.boot.autoconfigure.security.servlet.PathRequest import org.springframework.boot.autoconfigure.security.servlet.PathRequest
@ -34,6 +38,7 @@ import org.springframework.security.authentication.AccountStatusUserDetailsCheck
import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.authentication.dao.DaoAuthenticationProvider import org.springframework.security.authentication.dao.DaoAuthenticationProvider
import org.springframework.security.config.Customizer import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
@ -61,7 +66,8 @@ import java.security.interfaces.RSAPrivateKey
import java.security.interfaces.RSAPublicKey import java.security.interfaces.RSAPublicKey
import java.util.* import java.util.*
@EnableWebSecurity(debug = true)
@EnableWebSecurity(debug = false)
@Configuration @Configuration
@Suppress("FunctionMaxLength", "TooManyFunctions") @Suppress("FunctionMaxLength", "TooManyFunctions")
class SecurityConfig { class SecurityConfig {
@ -77,12 +83,13 @@ class SecurityConfig {
@Order(1) @Order(1)
fun httpSignatureFilterChain( fun httpSignatureFilterChain(
http: HttpSecurity, http: HttpSecurity,
httpSignatureFilter: HttpSignatureFilter,
introspector: HandlerMappingIntrospector introspector: HandlerMappingIntrospector
): SecurityFilterChain { ): SecurityFilterChain {
val builder = MvcRequestMatcher.Builder(introspector) val builder = MvcRequestMatcher.Builder(introspector)
http http
.securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*") .securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*")
.addFilter(getHttpSignatureFilter(http.getSharedObject(AuthenticationManager::class.java))) .addFilter(httpSignatureFilter)
.addFilterBefore( .addFilterBefore(
ExceptionTranslationFilter(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)), ExceptionTranslationFilter(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)),
HttpSignatureFilter::class.java HttpSignatureFilter::class.java
@ -112,9 +119,15 @@ class SecurityConfig {
return http.build() return http.build()
} }
@Bean
fun getHttpSignatureFilter(authenticationManager: AuthenticationManager?): HttpSignatureFilter { fun getHttpSignatureFilter(
val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser()) authenticationManager: AuthenticationManager,
@Qualifier("activitypub") objectMapper: ObjectMapper,
apUserService: APUserService,
transaction: Transaction
): HttpSignatureFilter {
val httpSignatureFilter =
HttpSignatureFilter(DefaultSignatureHeaderParser(), objectMapper, apUserService, transaction)
httpSignatureFilter.setAuthenticationManager(authenticationManager) httpSignatureFilter.setAuthenticationManager(authenticationManager)
httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false) httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false)
val authenticationEntryPointFailureHandler = val authenticationEntryPointFailureHandler =
@ -125,13 +138,16 @@ class SecurityConfig {
} }
@Bean @Bean
@Order(2)
fun daoAuthenticationProvider(userDetailsServiceImpl: UserDetailsServiceImpl): DaoAuthenticationProvider { fun daoAuthenticationProvider(userDetailsServiceImpl: UserDetailsServiceImpl): DaoAuthenticationProvider {
val daoAuthenticationProvider = DaoAuthenticationProvider() val daoAuthenticationProvider = DaoAuthenticationProvider()
daoAuthenticationProvider.setUserDetailsService(userDetailsServiceImpl) daoAuthenticationProvider.setUserDetailsService(userDetailsServiceImpl)
return daoAuthenticationProvider return daoAuthenticationProvider
} }
@Bean @Bean
@Order(1)
fun httpSignatureAuthenticationProvider(transaction: Transaction): PreAuthenticatedAuthenticationProvider { fun httpSignatureAuthenticationProvider(transaction: Transaction): PreAuthenticatedAuthenticationProvider {
val provider = PreAuthenticatedAuthenticationProvider() val provider = PreAuthenticatedAuthenticationProvider()
provider.setPreAuthenticatedUserDetailsService( provider.setPreAuthenticatedUserDetailsService(
@ -280,3 +296,18 @@ data class JwkConfig(
val publicKey: String, val publicKey: String,
val privateKey: String val privateKey: String
) )
@Configuration
class PostSecurityConfig(
val auth: AuthenticationManagerBuilder,
val daoAuthenticationProvider: DaoAuthenticationProvider,
val httpSignatureAuthenticationProvider: PreAuthenticatedAuthenticationProvider
) {
@PostConstruct
fun config() {
auth.authenticationProvider(daoAuthenticationProvider)
auth.authenticationProvider(httpSignatureAuthenticationProvider)
}
}

View File

@ -1,7 +1,10 @@
package dev.usbharu.hideout.application.infrastructure.exposed package dev.usbharu.hideout.application.infrastructure.exposed
import dev.usbharu.hideout.application.external.Transaction import dev.usbharu.hideout.application.external.Transaction
import kotlinx.coroutines.runBlocking
import kotlinx.coroutines.slf4j.MDCContext import kotlinx.coroutines.slf4j.MDCContext
import org.jetbrains.exposed.sql.StdOutSqlLogger
import org.jetbrains.exposed.sql.addLogger
import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction
import org.springframework.stereotype.Service import org.springframework.stereotype.Service
import java.sql.Connection import java.sql.Connection
@ -9,13 +12,17 @@ import java.sql.Connection
@Service @Service
class ExposedTransaction : Transaction { class ExposedTransaction : Transaction {
override suspend fun <T> transaction(block: suspend () -> T): T { override suspend fun <T> transaction(block: suspend () -> T): T {
return newSuspendedTransaction(MDCContext(), transactionIsolation = Connection.TRANSACTION_SERIALIZABLE) { return org.jetbrains.exposed.sql.transactions.transaction(transactionIsolation = Connection.TRANSACTION_SERIALIZABLE) {
addLogger(StdOutSqlLogger)
runBlocking {
block() block()
} }
} }
}
override suspend fun <T> transaction(transactionLevel: Int, block: suspend () -> T): T { override suspend fun <T> transaction(transactionLevel: Int, block: suspend () -> T): T {
return newSuspendedTransaction(MDCContext(), transactionIsolation = transactionLevel) { return newSuspendedTransaction(MDCContext(), transactionIsolation = transactionLevel) {
addLogger(StdOutSqlLogger)
block() block()
} }
} }

View File

@ -1,20 +1,34 @@
package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature
import com.fasterxml.jackson.databind.ObjectMapper
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
import dev.usbharu.hideout.application.external.Transaction
import dev.usbharu.httpsignature.common.HttpHeaders import dev.usbharu.httpsignature.common.HttpHeaders
import dev.usbharu.httpsignature.common.HttpMethod import dev.usbharu.httpsignature.common.HttpMethod
import dev.usbharu.httpsignature.common.HttpRequest import dev.usbharu.httpsignature.common.HttpRequest
import dev.usbharu.httpsignature.verify.SignatureHeaderParser import dev.usbharu.httpsignature.verify.SignatureHeaderParser
import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletRequest
import kotlinx.coroutines.runBlocking
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
import java.net.URL import java.net.URL
class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeaderParser) : class HttpSignatureFilter(
private val httpSignatureHeaderParser: SignatureHeaderParser,
@Qualifier("activitypub") private val objectMapper: ObjectMapper,
private val apUserService: APUserService,
private val transaction: Transaction,
) :
AbstractPreAuthenticatedProcessingFilter() { AbstractPreAuthenticatedProcessingFilter() {
override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any? {
val headersList = request?.headerNames?.toList().orEmpty()
override fun getPreAuthenticatedPrincipal(request: HttpServletRequest): Any? {
val headersList = request.headerNames?.toList().orEmpty()
val headers = val headers =
headersList.associateWith { header -> request?.getHeaders(header)?.toList().orEmpty() } headersList.associateWith { header -> request.getHeaders(header)?.toList().orEmpty() }
val signature = try { val signature = try {
httpSignatureHeaderParser.parse(HttpHeaders(headers)) httpSignatureHeaderParser.parse(HttpHeaders(headers))
@ -23,6 +37,12 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader
} catch (_: RuntimeException) { } catch (_: RuntimeException) {
return "" return ""
} }
runBlocking {
transaction.transaction {
apUserService.fetchPerson(signature.keyId)
}
}
return signature.keyId return signature.keyId
} }

View File

@ -36,6 +36,7 @@ class HttpSignatureUserDetailsService(
try { try {
userQueryService.findByKeyId(keyId) userQueryService.findByKeyId(keyId)
} catch (e: FailedToGetResourcesException) { } catch (e: FailedToGetResourcesException) {
throw UsernameNotFoundException("User not found", e) throw UsernameNotFoundException("User not found", e)
} }
} }

View File

@ -1,6 +1,6 @@
hideout: hideout:
url: "https://test-hideout.usbharu.dev" url: "https://test-hideout.usbharu.dev"
use-mongodb: false use-mongodb: true
security: security:
jwt: jwt:
generate: true generate: true
@ -18,16 +18,18 @@ spring:
WRITE_DATES_AS_TIMESTAMPS: false WRITE_DATES_AS_TIMESTAMPS: false
default-property-inclusion: always default-property-inclusion: always
datasource: datasource:
driver-class-name: org.h2.Driver hikari:
url: "jdbc:h2:./test-dev4;MODE=POSTGRESQL" transaction-isolation: "TRANSACTION_SERIALIZABLE"
username: "" driver-class-name: org.postgresql.Driver
url: "jdbc:postgresql:hideout2"
username: "postgres"
password: "" password: ""
# data: data:
# mongodb: mongodb:
# auto-index-creation: true auto-index-creation: true
# host: localhost host: localhost
# port: 27017 port: 27017
# database: hideout database: hideout
# username: hideoutuser # username: hideoutuser
# password: hideoutpass # password: hideoutpass
servlet: servlet:

View File

@ -1,188 +1,188 @@
CREATE TABLE IF NOT EXISTS "INSTANCE" create table if not exists instance
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
"NAME" VARCHAR(1000) NOT NULL, "name" varchar(1000) not null,
DESCRIPTION VARCHAR(5000) NOT NULL, description varchar(5000) not null,
URL VARCHAR(255) NOT NULL, url varchar(255) not null,
ICON_URL VARCHAR(255) NOT NULL, icon_url varchar(255) not null,
SHARED_INBOX VARCHAR(255) NULL, shared_inbox varchar(255) null,
SOFTWARE VARCHAR(255) NOT NULL, software varchar(255) not null,
VERSION VARCHAR(255) NOT NULL, version varchar(255) not null,
IS_BLOCKED BOOLEAN NOT NULL, is_blocked boolean not null,
IS_MUTED BOOLEAN NOT NULL, is_muted boolean not null,
MODERATION_NOTE VARCHAR(10000) NOT NULL, moderation_note varchar(10000) not null,
CREATED_AT TIMESTAMP NOT NULL created_at timestamp not null
); );
CREATE TABLE IF NOT EXISTS USERS create table if not exists users
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
"NAME" VARCHAR(300) NOT NULL, "name" varchar(300) not null,
"DOMAIN" VARCHAR(1000) NOT NULL, "domain" varchar(1000) not null,
SCREEN_NAME VARCHAR(300) NOT NULL, screen_name varchar(300) not null,
DESCRIPTION VARCHAR(10000) NOT NULL, description varchar(10000) not null,
PASSWORD VARCHAR(255) NULL, password varchar(255) null,
INBOX VARCHAR(1000) NOT NULL, inbox varchar(1000) not null,
OUTBOX VARCHAR(1000) NOT NULL, outbox varchar(1000) not null,
URL VARCHAR(1000) NOT NULL, url varchar(1000) not null,
PUBLIC_KEY VARCHAR(10000) NOT NULL, public_key varchar(10000) not null,
PRIVATE_KEY VARCHAR(10000) NULL, private_key varchar(10000) null,
CREATED_AT BIGINT NOT NULL, created_at bigint not null,
KEY_ID VARCHAR(1000) NOT NULL, key_id varchar(1000) not null,
"FOLLOWING" VARCHAR(1000) NULL, "following" varchar(1000) null,
FOLLOWERS VARCHAR(1000) NULL, followers varchar(1000) null,
"INSTANCE" BIGINT NULL, "instance" bigint null,
CONSTRAINT FK_USERS_INSTANCE__ID FOREIGN KEY ("INSTANCE") REFERENCES "INSTANCE" (ID) ON DELETE RESTRICT ON UPDATE RESTRICT constraint fk_users_instance__id foreign key ("instance") references instance (id) on delete restrict on update restrict
); );
CREATE TABLE IF NOT EXISTS FOLLOW_REQUESTS create table if not exists follow_requests
( (
ID BIGSERIAL PRIMARY KEY, id bigserial primary key,
USER_ID BIGINT NOT NULL, user_id bigint not null,
FOLLOWER_ID BIGINT NOT NULL, follower_id bigint not null,
CONSTRAINT FK_FOLLOW_REQUESTS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT, constraint fk_follow_requests_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict,
CONSTRAINT FK_FOLLOW_REQUESTS_FOLLOWER_ID__ID FOREIGN KEY (FOLLOWER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT constraint fk_follow_requests_follower_id__id foreign key (follower_id) references users (id) on delete restrict on update restrict
); );
CREATE TABLE IF NOT EXISTS MEDIA create table if not exists media
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
"NAME" VARCHAR(255) NOT NULL, "name" varchar(255) not null,
URL VARCHAR(255) NOT NULL, url varchar(255) not null,
REMOTE_URL VARCHAR(255) NULL, remote_url varchar(255) null,
THUMBNAIL_URL VARCHAR(255) NULL, thumbnail_url varchar(255) null,
"TYPE" INT NOT NULL, "type" int not null,
BLURHASH VARCHAR(255) NULL, blurhash varchar(255) null,
MIME_TYPE VARCHAR(255) NOT NULL, mime_type varchar(255) not null,
DESCRIPTION VARCHAR(4000) NULL description varchar(4000) null
); );
CREATE TABLE IF NOT EXISTS META_INFO create table if not exists meta_info
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
VERSION VARCHAR(1000) NOT NULL, version varchar(1000) not null,
KID VARCHAR(1000) NOT NULL, kid varchar(1000) not null,
JWT_PRIVATE_KEY VARCHAR(100000) NOT NULL, jwt_private_key varchar(100000) not null,
JWT_PUBLIC_KEY VARCHAR(100000) NOT NULL jwt_public_key varchar(100000) not null
); );
CREATE TABLE IF NOT EXISTS POSTS create table if not exists posts
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
USER_ID BIGINT NOT NULL, user_id bigint not null,
OVERVIEW VARCHAR(100) NULL, overview varchar(100) null,
TEXT VARCHAR(3000) NOT NULL, text varchar(3000) not null,
CREATED_AT BIGINT NOT NULL, created_at bigint not null,
VISIBILITY INT DEFAULT 0 NOT NULL, visibility int default 0 not null,
URL VARCHAR(500) NOT NULL, url varchar(500) not null,
REPOST_ID BIGINT NULL, repost_id bigint null,
REPLY_ID BIGINT NULL, reply_id bigint null,
"SENSITIVE" BOOLEAN DEFAULT FALSE NOT NULL, "sensitive" boolean default false not null,
AP_ID VARCHAR(100) NOT NULL ap_id varchar(100) not null
); );
ALTER TABLE POSTS alter table posts
ADD CONSTRAINT FK_POSTS_USERID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT; add constraint fk_posts_userid__id foreign key (user_id) references users (id) on delete restrict on update restrict;
ALTER TABLE POSTS alter table posts
ADD CONSTRAINT FK_POSTS_REPOSTID__ID FOREIGN KEY (REPOST_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT; add constraint fk_posts_repostid__id foreign key (repost_id) references posts (id) on delete restrict on update restrict;
ALTER TABLE POSTS alter table posts
ADD CONSTRAINT FK_POSTS_REPLYID__ID FOREIGN KEY (REPLY_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT; add constraint fk_posts_replyid__id foreign key (reply_id) references posts (id) on delete restrict on update restrict;
CREATE TABLE IF NOT EXISTS POSTS_MEDIA create table if not exists posts_media
( (
POST_ID BIGINT, post_id bigint,
MEDIA_ID BIGINT, media_id bigint,
CONSTRAINT pk_PostsMedia PRIMARY KEY (POST_ID, MEDIA_ID) constraint pk_postsmedia primary key (post_id, media_id)
); );
ALTER TABLE POSTS_MEDIA alter table posts_media
ADD CONSTRAINT FK_POSTS_MEDIA_POST_ID__ID FOREIGN KEY (POST_ID) REFERENCES POSTS (ID) ON DELETE CASCADE ON UPDATE CASCADE; add constraint fk_posts_media_post_id__id foreign key (post_id) references posts (id) on delete cascade on update cascade;
ALTER TABLE POSTS_MEDIA alter table posts_media
ADD CONSTRAINT FK_POSTS_MEDIA_MEDIA_ID__ID FOREIGN KEY (MEDIA_ID) REFERENCES MEDIA (ID) ON DELETE CASCADE ON UPDATE CASCADE; add constraint fk_posts_media_media_id__id foreign key (media_id) references media (id) on delete cascade on update cascade;
CREATE TABLE IF NOT EXISTS REACTIONS create table if not exists reactions
( (
ID BIGSERIAL PRIMARY KEY, id bigserial primary key,
EMOJI_ID BIGINT NOT NULL, emoji_id bigint not null,
POST_ID BIGINT NOT NULL, post_id bigint not null,
USER_ID BIGINT NOT NULL user_id bigint not null
); );
ALTER TABLE REACTIONS alter table reactions
ADD CONSTRAINT FK_REACTIONS_POST_ID__ID FOREIGN KEY (POST_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT; add constraint fk_reactions_post_id__id foreign key (post_id) references posts (id) on delete restrict on update restrict;
ALTER TABLE REACTIONS alter table reactions
ADD CONSTRAINT FK_REACTIONS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT; add constraint fk_reactions_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict;
CREATE TABLE IF NOT EXISTS TIMELINES create table if not exists timelines
( (
ID BIGINT PRIMARY KEY, id bigint primary key,
USER_ID BIGINT NOT NULL, user_id bigint not null,
TIMELINE_ID BIGINT NOT NULL, timeline_id bigint not null,
POST_ID BIGINT NOT NULL, post_id bigint not null,
POST_USER_ID BIGINT NOT NULL, post_user_id bigint not null,
CREATED_AT BIGINT NOT NULL, created_at bigint not null,
REPLY_ID BIGINT NULL, reply_id bigint null,
REPOST_ID BIGINT NULL, repost_id bigint null,
VISIBILITY INT NOT NULL, visibility int not null,
"SENSITIVE" BOOLEAN NOT NULL, "sensitive" boolean not null,
IS_LOCAL BOOLEAN NOT NULL, is_local boolean not null,
IS_PURE_REPOST BOOLEAN NOT NULL, is_pure_repost boolean not null,
MEDIA_IDS VARCHAR(255) NOT NULL media_ids varchar(255) not null
); );
CREATE TABLE IF NOT EXISTS USERS_FOLLOWERS create table if not exists users_followers
( (
ID BIGSERIAL PRIMARY KEY, id bigserial primary key,
USER_ID BIGINT NOT NULL, user_id bigint not null,
FOLLOWER_ID BIGINT NOT NULL, follower_id bigint not null,
CONSTRAINT FK_USERS_FOLLOWERS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT, constraint fk_users_followers_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict,
CONSTRAINT FK_USERS_FOLLOWERS_FOLLOWER_ID__ID FOREIGN KEY (FOLLOWER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT constraint fk_users_followers_follower_id__id foreign key (follower_id) references users (id) on delete restrict on update restrict
); );
CREATE TABLE IF NOT EXISTS APPLICATION_AUTHORIZATION create table if not exists application_authorization
( (
ID VARCHAR(255) PRIMARY KEY, id varchar(255) primary key,
REGISTERED_CLIENT_ID VARCHAR(255) NOT NULL, registered_client_id varchar(255) not null,
PRINCIPAL_NAME VARCHAR(255) NOT NULL, principal_name varchar(255) not null,
AUTHORIZATION_GRANT_TYPE VARCHAR(255) NOT NULL, authorization_grant_type varchar(255) not null,
AUTHORIZED_SCOPES VARCHAR(1000) DEFAULT NULL NULL, authorized_scopes varchar(1000) default null null,
"ATTRIBUTES" VARCHAR(4000) DEFAULT NULL NULL, "attributes" varchar(4000) default null null,
"STATE" VARCHAR(500) DEFAULT NULL NULL, "state" varchar(500) default null null,
AUTHORIZATION_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL, authorization_code_value varchar(4000) default null null,
AUTHORIZATION_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, authorization_code_issued_at timestamp default null null,
AUTHORIZATION_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, authorization_code_expires_at timestamp default null null,
AUTHORIZATION_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL, authorization_code_metadata varchar(2000) default null null,
ACCESS_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL, access_token_value varchar(4000) default null null,
ACCESS_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, access_token_issued_at timestamp default null null,
ACCESS_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, access_token_expires_at timestamp default null null,
ACCESS_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL, access_token_metadata varchar(2000) default null null,
ACCESS_TOKEN_TYPE VARCHAR(255) DEFAULT NULL NULL, access_token_type varchar(255) default null null,
ACCESS_TOKEN_SCOPES VARCHAR(1000) DEFAULT NULL NULL, access_token_scopes varchar(1000) default null null,
REFRESH_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL, refresh_token_value varchar(4000) default null null,
REFRESH_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, refresh_token_issued_at timestamp default null null,
REFRESH_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, refresh_token_expires_at timestamp default null null,
REFRESH_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL, refresh_token_metadata varchar(2000) default null null,
OIDC_ID_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL, oidc_id_token_value varchar(4000) default null null,
OIDC_ID_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, oidc_id_token_issued_at timestamp default null null,
OIDC_ID_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, oidc_id_token_expires_at timestamp default null null,
OIDC_ID_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL, oidc_id_token_metadata varchar(2000) default null null,
OIDC_ID_TOKEN_CLAIMS VARCHAR(2000) DEFAULT NULL NULL, oidc_id_token_claims varchar(2000) default null null,
USER_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL, user_code_value varchar(4000) default null null,
USER_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, user_code_issued_at timestamp default null null,
USER_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, user_code_expires_at timestamp default null null,
USER_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL, user_code_metadata varchar(2000) default null null,
DEVICE_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL, device_code_value varchar(4000) default null null,
DEVICE_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL, device_code_issued_at timestamp default null null,
DEVICE_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, device_code_expires_at timestamp default null null,
DEVICE_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL device_code_metadata varchar(2000) default null null
); );
CREATE TABLE IF NOT EXISTS OAUTH2_AUTHORIZATION_CONSENT create table if not exists oauth2_authorization_consent
( (
REGISTERED_CLIENT_ID VARCHAR(100), registered_client_id varchar(100),
PRINCIPAL_NAME VARCHAR(200), principal_name varchar(200),
AUTHORITIES VARCHAR(1000) NOT NULL, authorities varchar(1000) not null,
CONSTRAINT pk_oauth2_authorization_consent PRIMARY KEY (REGISTERED_CLIENT_ID, PRINCIPAL_NAME) constraint pk_oauth2_authorization_consent primary key (registered_client_id, principal_name)
); );
CREATE TABLE IF NOT EXISTS REGISTERED_CLIENT create table if not exists registered_client
( (
ID VARCHAR(100) PRIMARY KEY, id varchar(100) primary key,
CLIENT_ID VARCHAR(100) NOT NULL, client_id varchar(100) not null,
CLIENT_ID_ISSUED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, client_id_issued_at timestamp default current_timestamp not null,
CLIENT_SECRET VARCHAR(200) DEFAULT NULL NULL, client_secret varchar(200) default null null,
CLIENT_SECRET_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL, client_secret_expires_at timestamp default null null,
CLIENT_NAME VARCHAR(200) NOT NULL, client_name varchar(200) not null,
CLIENT_AUTHENTICATION_METHODS VARCHAR(1000) NOT NULL, client_authentication_methods varchar(1000) not null,
AUTHORIZATION_GRANT_TYPES VARCHAR(1000) NOT NULL, authorization_grant_types varchar(1000) not null,
REDIRECT_URIS VARCHAR(1000) DEFAULT NULL NULL, redirect_uris varchar(1000) default null null,
POST_LOGOUT_REDIRECT_URIS VARCHAR(1000) DEFAULT NULL NULL, post_logout_redirect_uris varchar(1000) default null null,
SCOPES VARCHAR(1000) NOT NULL, scopes varchar(1000) not null,
CLIENT_SETTINGS VARCHAR(2000) NOT NULL, client_settings varchar(2000) not null,
TOKEN_SETTINGS VARCHAR(2000) NOT NULL token_settings varchar(2000) not null
) )

View File

@ -4,7 +4,7 @@
<pattern>%d{YYYY-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{x-request-id}] %logger{36} - %msg%n</pattern> <pattern>%d{YYYY-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{x-request-id}] %logger{36} - %msg%n</pattern>
</encoder> </encoder>
</appender> </appender>
<root level="TRACE"> <root level="DEBUG">
<appender-ref ref="STDOUT"/> <appender-ref ref="STDOUT"/>
</root> </root>
<logger name="org.eclipse.jetty" level="INFO"/> <logger name="org.eclipse.jetty" level="INFO"/>