mirror of https://github.com/usbharu/Hideout.git
wip
This commit is contained in:
parent
f232183679
commit
d286c73277
|
@ -1,11 +1,13 @@
|
||||||
package dev.usbharu.hideout.application.config
|
package dev.usbharu.hideout.application.config
|
||||||
|
|
||||||
import com.fasterxml.jackson.annotation.JsonInclude
|
import com.fasterxml.jackson.annotation.JsonInclude
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper
|
||||||
import com.nimbusds.jose.jwk.JWKSet
|
import com.nimbusds.jose.jwk.JWKSet
|
||||||
import com.nimbusds.jose.jwk.RSAKey
|
import com.nimbusds.jose.jwk.RSAKey
|
||||||
import com.nimbusds.jose.jwk.source.ImmutableJWKSet
|
import com.nimbusds.jose.jwk.source.ImmutableJWKSet
|
||||||
import com.nimbusds.jose.jwk.source.JWKSource
|
import com.nimbusds.jose.jwk.source.JWKSource
|
||||||
import com.nimbusds.jose.proc.SecurityContext
|
import com.nimbusds.jose.proc.SecurityContext
|
||||||
|
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
|
||||||
import dev.usbharu.hideout.application.external.Transaction
|
import dev.usbharu.hideout.application.external.Transaction
|
||||||
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter
|
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter
|
||||||
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
|
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
|
||||||
|
@ -17,7 +19,9 @@ import dev.usbharu.hideout.util.RsaUtil
|
||||||
import dev.usbharu.httpsignature.sign.RsaSha256HttpSignatureSigner
|
import dev.usbharu.httpsignature.sign.RsaSha256HttpSignatureSigner
|
||||||
import dev.usbharu.httpsignature.verify.DefaultSignatureHeaderParser
|
import dev.usbharu.httpsignature.verify.DefaultSignatureHeaderParser
|
||||||
import dev.usbharu.httpsignature.verify.RsaSha256HttpSignatureVerifier
|
import dev.usbharu.httpsignature.verify.RsaSha256HttpSignatureVerifier
|
||||||
|
import jakarta.annotation.PostConstruct
|
||||||
import org.springframework.beans.factory.annotation.Autowired
|
import org.springframework.beans.factory.annotation.Autowired
|
||||||
|
import org.springframework.beans.factory.annotation.Qualifier
|
||||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
|
||||||
import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer
|
import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer
|
||||||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest
|
import org.springframework.boot.autoconfigure.security.servlet.PathRequest
|
||||||
|
@ -34,6 +38,7 @@ import org.springframework.security.authentication.AccountStatusUserDetailsCheck
|
||||||
import org.springframework.security.authentication.AuthenticationManager
|
import org.springframework.security.authentication.AuthenticationManager
|
||||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider
|
||||||
import org.springframework.security.config.Customizer
|
import org.springframework.security.config.Customizer
|
||||||
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
|
||||||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
|
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
||||||
|
@ -61,7 +66,8 @@ import java.security.interfaces.RSAPrivateKey
|
||||||
import java.security.interfaces.RSAPublicKey
|
import java.security.interfaces.RSAPublicKey
|
||||||
import java.util.*
|
import java.util.*
|
||||||
|
|
||||||
@EnableWebSecurity(debug = true)
|
|
||||||
|
@EnableWebSecurity(debug = false)
|
||||||
@Configuration
|
@Configuration
|
||||||
@Suppress("FunctionMaxLength", "TooManyFunctions")
|
@Suppress("FunctionMaxLength", "TooManyFunctions")
|
||||||
class SecurityConfig {
|
class SecurityConfig {
|
||||||
|
@ -77,12 +83,13 @@ class SecurityConfig {
|
||||||
@Order(1)
|
@Order(1)
|
||||||
fun httpSignatureFilterChain(
|
fun httpSignatureFilterChain(
|
||||||
http: HttpSecurity,
|
http: HttpSecurity,
|
||||||
|
httpSignatureFilter: HttpSignatureFilter,
|
||||||
introspector: HandlerMappingIntrospector
|
introspector: HandlerMappingIntrospector
|
||||||
): SecurityFilterChain {
|
): SecurityFilterChain {
|
||||||
val builder = MvcRequestMatcher.Builder(introspector)
|
val builder = MvcRequestMatcher.Builder(introspector)
|
||||||
http
|
http
|
||||||
.securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*")
|
.securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*")
|
||||||
.addFilter(getHttpSignatureFilter(http.getSharedObject(AuthenticationManager::class.java)))
|
.addFilter(httpSignatureFilter)
|
||||||
.addFilterBefore(
|
.addFilterBefore(
|
||||||
ExceptionTranslationFilter(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)),
|
ExceptionTranslationFilter(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)),
|
||||||
HttpSignatureFilter::class.java
|
HttpSignatureFilter::class.java
|
||||||
|
@ -112,9 +119,15 @@ class SecurityConfig {
|
||||||
return http.build()
|
return http.build()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
fun getHttpSignatureFilter(authenticationManager: AuthenticationManager?): HttpSignatureFilter {
|
fun getHttpSignatureFilter(
|
||||||
val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser())
|
authenticationManager: AuthenticationManager,
|
||||||
|
@Qualifier("activitypub") objectMapper: ObjectMapper,
|
||||||
|
apUserService: APUserService,
|
||||||
|
transaction: Transaction
|
||||||
|
): HttpSignatureFilter {
|
||||||
|
val httpSignatureFilter =
|
||||||
|
HttpSignatureFilter(DefaultSignatureHeaderParser(), objectMapper, apUserService, transaction)
|
||||||
httpSignatureFilter.setAuthenticationManager(authenticationManager)
|
httpSignatureFilter.setAuthenticationManager(authenticationManager)
|
||||||
httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false)
|
httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false)
|
||||||
val authenticationEntryPointFailureHandler =
|
val authenticationEntryPointFailureHandler =
|
||||||
|
@ -125,13 +138,16 @@ class SecurityConfig {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
@Order(2)
|
||||||
fun daoAuthenticationProvider(userDetailsServiceImpl: UserDetailsServiceImpl): DaoAuthenticationProvider {
|
fun daoAuthenticationProvider(userDetailsServiceImpl: UserDetailsServiceImpl): DaoAuthenticationProvider {
|
||||||
val daoAuthenticationProvider = DaoAuthenticationProvider()
|
val daoAuthenticationProvider = DaoAuthenticationProvider()
|
||||||
daoAuthenticationProvider.setUserDetailsService(userDetailsServiceImpl)
|
daoAuthenticationProvider.setUserDetailsService(userDetailsServiceImpl)
|
||||||
|
|
||||||
return daoAuthenticationProvider
|
return daoAuthenticationProvider
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
@Order(1)
|
||||||
fun httpSignatureAuthenticationProvider(transaction: Transaction): PreAuthenticatedAuthenticationProvider {
|
fun httpSignatureAuthenticationProvider(transaction: Transaction): PreAuthenticatedAuthenticationProvider {
|
||||||
val provider = PreAuthenticatedAuthenticationProvider()
|
val provider = PreAuthenticatedAuthenticationProvider()
|
||||||
provider.setPreAuthenticatedUserDetailsService(
|
provider.setPreAuthenticatedUserDetailsService(
|
||||||
|
@ -280,3 +296,18 @@ data class JwkConfig(
|
||||||
val publicKey: String,
|
val publicKey: String,
|
||||||
val privateKey: String
|
val privateKey: String
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
class PostSecurityConfig(
|
||||||
|
val auth: AuthenticationManagerBuilder,
|
||||||
|
val daoAuthenticationProvider: DaoAuthenticationProvider,
|
||||||
|
val httpSignatureAuthenticationProvider: PreAuthenticatedAuthenticationProvider
|
||||||
|
) {
|
||||||
|
|
||||||
|
@PostConstruct
|
||||||
|
fun config() {
|
||||||
|
auth.authenticationProvider(daoAuthenticationProvider)
|
||||||
|
auth.authenticationProvider(httpSignatureAuthenticationProvider)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
package dev.usbharu.hideout.application.infrastructure.exposed
|
package dev.usbharu.hideout.application.infrastructure.exposed
|
||||||
|
|
||||||
import dev.usbharu.hideout.application.external.Transaction
|
import dev.usbharu.hideout.application.external.Transaction
|
||||||
|
import kotlinx.coroutines.runBlocking
|
||||||
import kotlinx.coroutines.slf4j.MDCContext
|
import kotlinx.coroutines.slf4j.MDCContext
|
||||||
|
import org.jetbrains.exposed.sql.StdOutSqlLogger
|
||||||
|
import org.jetbrains.exposed.sql.addLogger
|
||||||
import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction
|
import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction
|
||||||
import org.springframework.stereotype.Service
|
import org.springframework.stereotype.Service
|
||||||
import java.sql.Connection
|
import java.sql.Connection
|
||||||
|
@ -9,13 +12,17 @@ import java.sql.Connection
|
||||||
@Service
|
@Service
|
||||||
class ExposedTransaction : Transaction {
|
class ExposedTransaction : Transaction {
|
||||||
override suspend fun <T> transaction(block: suspend () -> T): T {
|
override suspend fun <T> transaction(block: suspend () -> T): T {
|
||||||
return newSuspendedTransaction(MDCContext(), transactionIsolation = Connection.TRANSACTION_SERIALIZABLE) {
|
return org.jetbrains.exposed.sql.transactions.transaction(transactionIsolation = Connection.TRANSACTION_SERIALIZABLE) {
|
||||||
|
addLogger(StdOutSqlLogger)
|
||||||
|
runBlocking {
|
||||||
block()
|
block()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
override suspend fun <T> transaction(transactionLevel: Int, block: suspend () -> T): T {
|
override suspend fun <T> transaction(transactionLevel: Int, block: suspend () -> T): T {
|
||||||
return newSuspendedTransaction(MDCContext(), transactionIsolation = transactionLevel) {
|
return newSuspendedTransaction(MDCContext(), transactionIsolation = transactionLevel) {
|
||||||
|
addLogger(StdOutSqlLogger)
|
||||||
block()
|
block()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +1,34 @@
|
||||||
package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature
|
package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper
|
||||||
|
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
|
||||||
|
import dev.usbharu.hideout.application.external.Transaction
|
||||||
import dev.usbharu.httpsignature.common.HttpHeaders
|
import dev.usbharu.httpsignature.common.HttpHeaders
|
||||||
import dev.usbharu.httpsignature.common.HttpMethod
|
import dev.usbharu.httpsignature.common.HttpMethod
|
||||||
import dev.usbharu.httpsignature.common.HttpRequest
|
import dev.usbharu.httpsignature.common.HttpRequest
|
||||||
import dev.usbharu.httpsignature.verify.SignatureHeaderParser
|
import dev.usbharu.httpsignature.verify.SignatureHeaderParser
|
||||||
import jakarta.servlet.http.HttpServletRequest
|
import jakarta.servlet.http.HttpServletRequest
|
||||||
|
import kotlinx.coroutines.runBlocking
|
||||||
|
import org.springframework.beans.factory.annotation.Qualifier
|
||||||
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
|
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
|
||||||
import java.net.URL
|
import java.net.URL
|
||||||
|
|
||||||
class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeaderParser) :
|
class HttpSignatureFilter(
|
||||||
|
private val httpSignatureHeaderParser: SignatureHeaderParser,
|
||||||
|
@Qualifier("activitypub") private val objectMapper: ObjectMapper,
|
||||||
|
private val apUserService: APUserService,
|
||||||
|
private val transaction: Transaction,
|
||||||
|
) :
|
||||||
AbstractPreAuthenticatedProcessingFilter() {
|
AbstractPreAuthenticatedProcessingFilter() {
|
||||||
override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any? {
|
|
||||||
val headersList = request?.headerNames?.toList().orEmpty()
|
|
||||||
|
override fun getPreAuthenticatedPrincipal(request: HttpServletRequest): Any? {
|
||||||
|
|
||||||
|
|
||||||
|
val headersList = request.headerNames?.toList().orEmpty()
|
||||||
|
|
||||||
val headers =
|
val headers =
|
||||||
headersList.associateWith { header -> request?.getHeaders(header)?.toList().orEmpty() }
|
headersList.associateWith { header -> request.getHeaders(header)?.toList().orEmpty() }
|
||||||
|
|
||||||
val signature = try {
|
val signature = try {
|
||||||
httpSignatureHeaderParser.parse(HttpHeaders(headers))
|
httpSignatureHeaderParser.parse(HttpHeaders(headers))
|
||||||
|
@ -23,6 +37,12 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader
|
||||||
} catch (_: RuntimeException) {
|
} catch (_: RuntimeException) {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
runBlocking {
|
||||||
|
transaction.transaction {
|
||||||
|
|
||||||
|
apUserService.fetchPerson(signature.keyId)
|
||||||
|
}
|
||||||
|
}
|
||||||
return signature.keyId
|
return signature.keyId
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -36,6 +36,7 @@ class HttpSignatureUserDetailsService(
|
||||||
try {
|
try {
|
||||||
userQueryService.findByKeyId(keyId)
|
userQueryService.findByKeyId(keyId)
|
||||||
} catch (e: FailedToGetResourcesException) {
|
} catch (e: FailedToGetResourcesException) {
|
||||||
|
|
||||||
throw UsernameNotFoundException("User not found", e)
|
throw UsernameNotFoundException("User not found", e)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
hideout:
|
hideout:
|
||||||
url: "https://test-hideout.usbharu.dev"
|
url: "https://test-hideout.usbharu.dev"
|
||||||
use-mongodb: false
|
use-mongodb: true
|
||||||
security:
|
security:
|
||||||
jwt:
|
jwt:
|
||||||
generate: true
|
generate: true
|
||||||
|
@ -18,16 +18,18 @@ spring:
|
||||||
WRITE_DATES_AS_TIMESTAMPS: false
|
WRITE_DATES_AS_TIMESTAMPS: false
|
||||||
default-property-inclusion: always
|
default-property-inclusion: always
|
||||||
datasource:
|
datasource:
|
||||||
driver-class-name: org.h2.Driver
|
hikari:
|
||||||
url: "jdbc:h2:./test-dev4;MODE=POSTGRESQL"
|
transaction-isolation: "TRANSACTION_SERIALIZABLE"
|
||||||
username: ""
|
driver-class-name: org.postgresql.Driver
|
||||||
|
url: "jdbc:postgresql:hideout2"
|
||||||
|
username: "postgres"
|
||||||
password: ""
|
password: ""
|
||||||
# data:
|
data:
|
||||||
# mongodb:
|
mongodb:
|
||||||
# auto-index-creation: true
|
auto-index-creation: true
|
||||||
# host: localhost
|
host: localhost
|
||||||
# port: 27017
|
port: 27017
|
||||||
# database: hideout
|
database: hideout
|
||||||
# username: hideoutuser
|
# username: hideoutuser
|
||||||
# password: hideoutpass
|
# password: hideoutpass
|
||||||
servlet:
|
servlet:
|
||||||
|
|
|
@ -1,188 +1,188 @@
|
||||||
CREATE TABLE IF NOT EXISTS "INSTANCE"
|
create table if not exists instance
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
"NAME" VARCHAR(1000) NOT NULL,
|
"name" varchar(1000) not null,
|
||||||
DESCRIPTION VARCHAR(5000) NOT NULL,
|
description varchar(5000) not null,
|
||||||
URL VARCHAR(255) NOT NULL,
|
url varchar(255) not null,
|
||||||
ICON_URL VARCHAR(255) NOT NULL,
|
icon_url varchar(255) not null,
|
||||||
SHARED_INBOX VARCHAR(255) NULL,
|
shared_inbox varchar(255) null,
|
||||||
SOFTWARE VARCHAR(255) NOT NULL,
|
software varchar(255) not null,
|
||||||
VERSION VARCHAR(255) NOT NULL,
|
version varchar(255) not null,
|
||||||
IS_BLOCKED BOOLEAN NOT NULL,
|
is_blocked boolean not null,
|
||||||
IS_MUTED BOOLEAN NOT NULL,
|
is_muted boolean not null,
|
||||||
MODERATION_NOTE VARCHAR(10000) NOT NULL,
|
moderation_note varchar(10000) not null,
|
||||||
CREATED_AT TIMESTAMP NOT NULL
|
created_at timestamp not null
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS USERS
|
create table if not exists users
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
"NAME" VARCHAR(300) NOT NULL,
|
"name" varchar(300) not null,
|
||||||
"DOMAIN" VARCHAR(1000) NOT NULL,
|
"domain" varchar(1000) not null,
|
||||||
SCREEN_NAME VARCHAR(300) NOT NULL,
|
screen_name varchar(300) not null,
|
||||||
DESCRIPTION VARCHAR(10000) NOT NULL,
|
description varchar(10000) not null,
|
||||||
PASSWORD VARCHAR(255) NULL,
|
password varchar(255) null,
|
||||||
INBOX VARCHAR(1000) NOT NULL,
|
inbox varchar(1000) not null,
|
||||||
OUTBOX VARCHAR(1000) NOT NULL,
|
outbox varchar(1000) not null,
|
||||||
URL VARCHAR(1000) NOT NULL,
|
url varchar(1000) not null,
|
||||||
PUBLIC_KEY VARCHAR(10000) NOT NULL,
|
public_key varchar(10000) not null,
|
||||||
PRIVATE_KEY VARCHAR(10000) NULL,
|
private_key varchar(10000) null,
|
||||||
CREATED_AT BIGINT NOT NULL,
|
created_at bigint not null,
|
||||||
KEY_ID VARCHAR(1000) NOT NULL,
|
key_id varchar(1000) not null,
|
||||||
"FOLLOWING" VARCHAR(1000) NULL,
|
"following" varchar(1000) null,
|
||||||
FOLLOWERS VARCHAR(1000) NULL,
|
followers varchar(1000) null,
|
||||||
"INSTANCE" BIGINT NULL,
|
"instance" bigint null,
|
||||||
CONSTRAINT FK_USERS_INSTANCE__ID FOREIGN KEY ("INSTANCE") REFERENCES "INSTANCE" (ID) ON DELETE RESTRICT ON UPDATE RESTRICT
|
constraint fk_users_instance__id foreign key ("instance") references instance (id) on delete restrict on update restrict
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS FOLLOW_REQUESTS
|
create table if not exists follow_requests
|
||||||
(
|
(
|
||||||
ID BIGSERIAL PRIMARY KEY,
|
id bigserial primary key,
|
||||||
USER_ID BIGINT NOT NULL,
|
user_id bigint not null,
|
||||||
FOLLOWER_ID BIGINT NOT NULL,
|
follower_id bigint not null,
|
||||||
CONSTRAINT FK_FOLLOW_REQUESTS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT,
|
constraint fk_follow_requests_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict,
|
||||||
CONSTRAINT FK_FOLLOW_REQUESTS_FOLLOWER_ID__ID FOREIGN KEY (FOLLOWER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT
|
constraint fk_follow_requests_follower_id__id foreign key (follower_id) references users (id) on delete restrict on update restrict
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS MEDIA
|
create table if not exists media
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
"NAME" VARCHAR(255) NOT NULL,
|
"name" varchar(255) not null,
|
||||||
URL VARCHAR(255) NOT NULL,
|
url varchar(255) not null,
|
||||||
REMOTE_URL VARCHAR(255) NULL,
|
remote_url varchar(255) null,
|
||||||
THUMBNAIL_URL VARCHAR(255) NULL,
|
thumbnail_url varchar(255) null,
|
||||||
"TYPE" INT NOT NULL,
|
"type" int not null,
|
||||||
BLURHASH VARCHAR(255) NULL,
|
blurhash varchar(255) null,
|
||||||
MIME_TYPE VARCHAR(255) NOT NULL,
|
mime_type varchar(255) not null,
|
||||||
DESCRIPTION VARCHAR(4000) NULL
|
description varchar(4000) null
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS META_INFO
|
create table if not exists meta_info
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
VERSION VARCHAR(1000) NOT NULL,
|
version varchar(1000) not null,
|
||||||
KID VARCHAR(1000) NOT NULL,
|
kid varchar(1000) not null,
|
||||||
JWT_PRIVATE_KEY VARCHAR(100000) NOT NULL,
|
jwt_private_key varchar(100000) not null,
|
||||||
JWT_PUBLIC_KEY VARCHAR(100000) NOT NULL
|
jwt_public_key varchar(100000) not null
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS POSTS
|
create table if not exists posts
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
USER_ID BIGINT NOT NULL,
|
user_id bigint not null,
|
||||||
OVERVIEW VARCHAR(100) NULL,
|
overview varchar(100) null,
|
||||||
TEXT VARCHAR(3000) NOT NULL,
|
text varchar(3000) not null,
|
||||||
CREATED_AT BIGINT NOT NULL,
|
created_at bigint not null,
|
||||||
VISIBILITY INT DEFAULT 0 NOT NULL,
|
visibility int default 0 not null,
|
||||||
URL VARCHAR(500) NOT NULL,
|
url varchar(500) not null,
|
||||||
REPOST_ID BIGINT NULL,
|
repost_id bigint null,
|
||||||
REPLY_ID BIGINT NULL,
|
reply_id bigint null,
|
||||||
"SENSITIVE" BOOLEAN DEFAULT FALSE NOT NULL,
|
"sensitive" boolean default false not null,
|
||||||
AP_ID VARCHAR(100) NOT NULL
|
ap_id varchar(100) not null
|
||||||
);
|
);
|
||||||
ALTER TABLE POSTS
|
alter table posts
|
||||||
ADD CONSTRAINT FK_POSTS_USERID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT;
|
add constraint fk_posts_userid__id foreign key (user_id) references users (id) on delete restrict on update restrict;
|
||||||
ALTER TABLE POSTS
|
alter table posts
|
||||||
ADD CONSTRAINT FK_POSTS_REPOSTID__ID FOREIGN KEY (REPOST_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT;
|
add constraint fk_posts_repostid__id foreign key (repost_id) references posts (id) on delete restrict on update restrict;
|
||||||
ALTER TABLE POSTS
|
alter table posts
|
||||||
ADD CONSTRAINT FK_POSTS_REPLYID__ID FOREIGN KEY (REPLY_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT;
|
add constraint fk_posts_replyid__id foreign key (reply_id) references posts (id) on delete restrict on update restrict;
|
||||||
CREATE TABLE IF NOT EXISTS POSTS_MEDIA
|
create table if not exists posts_media
|
||||||
(
|
(
|
||||||
POST_ID BIGINT,
|
post_id bigint,
|
||||||
MEDIA_ID BIGINT,
|
media_id bigint,
|
||||||
CONSTRAINT pk_PostsMedia PRIMARY KEY (POST_ID, MEDIA_ID)
|
constraint pk_postsmedia primary key (post_id, media_id)
|
||||||
);
|
);
|
||||||
ALTER TABLE POSTS_MEDIA
|
alter table posts_media
|
||||||
ADD CONSTRAINT FK_POSTS_MEDIA_POST_ID__ID FOREIGN KEY (POST_ID) REFERENCES POSTS (ID) ON DELETE CASCADE ON UPDATE CASCADE;
|
add constraint fk_posts_media_post_id__id foreign key (post_id) references posts (id) on delete cascade on update cascade;
|
||||||
ALTER TABLE POSTS_MEDIA
|
alter table posts_media
|
||||||
ADD CONSTRAINT FK_POSTS_MEDIA_MEDIA_ID__ID FOREIGN KEY (MEDIA_ID) REFERENCES MEDIA (ID) ON DELETE CASCADE ON UPDATE CASCADE;
|
add constraint fk_posts_media_media_id__id foreign key (media_id) references media (id) on delete cascade on update cascade;
|
||||||
CREATE TABLE IF NOT EXISTS REACTIONS
|
create table if not exists reactions
|
||||||
(
|
(
|
||||||
ID BIGSERIAL PRIMARY KEY,
|
id bigserial primary key,
|
||||||
EMOJI_ID BIGINT NOT NULL,
|
emoji_id bigint not null,
|
||||||
POST_ID BIGINT NOT NULL,
|
post_id bigint not null,
|
||||||
USER_ID BIGINT NOT NULL
|
user_id bigint not null
|
||||||
);
|
);
|
||||||
ALTER TABLE REACTIONS
|
alter table reactions
|
||||||
ADD CONSTRAINT FK_REACTIONS_POST_ID__ID FOREIGN KEY (POST_ID) REFERENCES POSTS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT;
|
add constraint fk_reactions_post_id__id foreign key (post_id) references posts (id) on delete restrict on update restrict;
|
||||||
ALTER TABLE REACTIONS
|
alter table reactions
|
||||||
ADD CONSTRAINT FK_REACTIONS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT;
|
add constraint fk_reactions_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict;
|
||||||
CREATE TABLE IF NOT EXISTS TIMELINES
|
create table if not exists timelines
|
||||||
(
|
(
|
||||||
ID BIGINT PRIMARY KEY,
|
id bigint primary key,
|
||||||
USER_ID BIGINT NOT NULL,
|
user_id bigint not null,
|
||||||
TIMELINE_ID BIGINT NOT NULL,
|
timeline_id bigint not null,
|
||||||
POST_ID BIGINT NOT NULL,
|
post_id bigint not null,
|
||||||
POST_USER_ID BIGINT NOT NULL,
|
post_user_id bigint not null,
|
||||||
CREATED_AT BIGINT NOT NULL,
|
created_at bigint not null,
|
||||||
REPLY_ID BIGINT NULL,
|
reply_id bigint null,
|
||||||
REPOST_ID BIGINT NULL,
|
repost_id bigint null,
|
||||||
VISIBILITY INT NOT NULL,
|
visibility int not null,
|
||||||
"SENSITIVE" BOOLEAN NOT NULL,
|
"sensitive" boolean not null,
|
||||||
IS_LOCAL BOOLEAN NOT NULL,
|
is_local boolean not null,
|
||||||
IS_PURE_REPOST BOOLEAN NOT NULL,
|
is_pure_repost boolean not null,
|
||||||
MEDIA_IDS VARCHAR(255) NOT NULL
|
media_ids varchar(255) not null
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS USERS_FOLLOWERS
|
create table if not exists users_followers
|
||||||
(
|
(
|
||||||
ID BIGSERIAL PRIMARY KEY,
|
id bigserial primary key,
|
||||||
USER_ID BIGINT NOT NULL,
|
user_id bigint not null,
|
||||||
FOLLOWER_ID BIGINT NOT NULL,
|
follower_id bigint not null,
|
||||||
CONSTRAINT FK_USERS_FOLLOWERS_USER_ID__ID FOREIGN KEY (USER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT,
|
constraint fk_users_followers_user_id__id foreign key (user_id) references users (id) on delete restrict on update restrict,
|
||||||
CONSTRAINT FK_USERS_FOLLOWERS_FOLLOWER_ID__ID FOREIGN KEY (FOLLOWER_ID) REFERENCES USERS (ID) ON DELETE RESTRICT ON UPDATE RESTRICT
|
constraint fk_users_followers_follower_id__id foreign key (follower_id) references users (id) on delete restrict on update restrict
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS APPLICATION_AUTHORIZATION
|
create table if not exists application_authorization
|
||||||
(
|
(
|
||||||
ID VARCHAR(255) PRIMARY KEY,
|
id varchar(255) primary key,
|
||||||
REGISTERED_CLIENT_ID VARCHAR(255) NOT NULL,
|
registered_client_id varchar(255) not null,
|
||||||
PRINCIPAL_NAME VARCHAR(255) NOT NULL,
|
principal_name varchar(255) not null,
|
||||||
AUTHORIZATION_GRANT_TYPE VARCHAR(255) NOT NULL,
|
authorization_grant_type varchar(255) not null,
|
||||||
AUTHORIZED_SCOPES VARCHAR(1000) DEFAULT NULL NULL,
|
authorized_scopes varchar(1000) default null null,
|
||||||
"ATTRIBUTES" VARCHAR(4000) DEFAULT NULL NULL,
|
"attributes" varchar(4000) default null null,
|
||||||
"STATE" VARCHAR(500) DEFAULT NULL NULL,
|
"state" varchar(500) default null null,
|
||||||
AUTHORIZATION_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
authorization_code_value varchar(4000) default null null,
|
||||||
AUTHORIZATION_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
authorization_code_issued_at timestamp default null null,
|
||||||
AUTHORIZATION_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
authorization_code_expires_at timestamp default null null,
|
||||||
AUTHORIZATION_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL,
|
authorization_code_metadata varchar(2000) default null null,
|
||||||
ACCESS_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
access_token_value varchar(4000) default null null,
|
||||||
ACCESS_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
access_token_issued_at timestamp default null null,
|
||||||
ACCESS_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
access_token_expires_at timestamp default null null,
|
||||||
ACCESS_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL,
|
access_token_metadata varchar(2000) default null null,
|
||||||
ACCESS_TOKEN_TYPE VARCHAR(255) DEFAULT NULL NULL,
|
access_token_type varchar(255) default null null,
|
||||||
ACCESS_TOKEN_SCOPES VARCHAR(1000) DEFAULT NULL NULL,
|
access_token_scopes varchar(1000) default null null,
|
||||||
REFRESH_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
refresh_token_value varchar(4000) default null null,
|
||||||
REFRESH_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
refresh_token_issued_at timestamp default null null,
|
||||||
REFRESH_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
refresh_token_expires_at timestamp default null null,
|
||||||
REFRESH_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL,
|
refresh_token_metadata varchar(2000) default null null,
|
||||||
OIDC_ID_TOKEN_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
oidc_id_token_value varchar(4000) default null null,
|
||||||
OIDC_ID_TOKEN_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
oidc_id_token_issued_at timestamp default null null,
|
||||||
OIDC_ID_TOKEN_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
oidc_id_token_expires_at timestamp default null null,
|
||||||
OIDC_ID_TOKEN_METADATA VARCHAR(2000) DEFAULT NULL NULL,
|
oidc_id_token_metadata varchar(2000) default null null,
|
||||||
OIDC_ID_TOKEN_CLAIMS VARCHAR(2000) DEFAULT NULL NULL,
|
oidc_id_token_claims varchar(2000) default null null,
|
||||||
USER_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
user_code_value varchar(4000) default null null,
|
||||||
USER_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
user_code_issued_at timestamp default null null,
|
||||||
USER_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
user_code_expires_at timestamp default null null,
|
||||||
USER_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL,
|
user_code_metadata varchar(2000) default null null,
|
||||||
DEVICE_CODE_VALUE VARCHAR(4000) DEFAULT NULL NULL,
|
device_code_value varchar(4000) default null null,
|
||||||
DEVICE_CODE_ISSUED_AT TIMESTAMP DEFAULT NULL NULL,
|
device_code_issued_at timestamp default null null,
|
||||||
DEVICE_CODE_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
device_code_expires_at timestamp default null null,
|
||||||
DEVICE_CODE_METADATA VARCHAR(2000) DEFAULT NULL NULL
|
device_code_metadata varchar(2000) default null null
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS OAUTH2_AUTHORIZATION_CONSENT
|
create table if not exists oauth2_authorization_consent
|
||||||
(
|
(
|
||||||
REGISTERED_CLIENT_ID VARCHAR(100),
|
registered_client_id varchar(100),
|
||||||
PRINCIPAL_NAME VARCHAR(200),
|
principal_name varchar(200),
|
||||||
AUTHORITIES VARCHAR(1000) NOT NULL,
|
authorities varchar(1000) not null,
|
||||||
CONSTRAINT pk_oauth2_authorization_consent PRIMARY KEY (REGISTERED_CLIENT_ID, PRINCIPAL_NAME)
|
constraint pk_oauth2_authorization_consent primary key (registered_client_id, principal_name)
|
||||||
);
|
);
|
||||||
CREATE TABLE IF NOT EXISTS REGISTERED_CLIENT
|
create table if not exists registered_client
|
||||||
(
|
(
|
||||||
ID VARCHAR(100) PRIMARY KEY,
|
id varchar(100) primary key,
|
||||||
CLIENT_ID VARCHAR(100) NOT NULL,
|
client_id varchar(100) not null,
|
||||||
CLIENT_ID_ISSUED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
|
client_id_issued_at timestamp default current_timestamp not null,
|
||||||
CLIENT_SECRET VARCHAR(200) DEFAULT NULL NULL,
|
client_secret varchar(200) default null null,
|
||||||
CLIENT_SECRET_EXPIRES_AT TIMESTAMP DEFAULT NULL NULL,
|
client_secret_expires_at timestamp default null null,
|
||||||
CLIENT_NAME VARCHAR(200) NOT NULL,
|
client_name varchar(200) not null,
|
||||||
CLIENT_AUTHENTICATION_METHODS VARCHAR(1000) NOT NULL,
|
client_authentication_methods varchar(1000) not null,
|
||||||
AUTHORIZATION_GRANT_TYPES VARCHAR(1000) NOT NULL,
|
authorization_grant_types varchar(1000) not null,
|
||||||
REDIRECT_URIS VARCHAR(1000) DEFAULT NULL NULL,
|
redirect_uris varchar(1000) default null null,
|
||||||
POST_LOGOUT_REDIRECT_URIS VARCHAR(1000) DEFAULT NULL NULL,
|
post_logout_redirect_uris varchar(1000) default null null,
|
||||||
SCOPES VARCHAR(1000) NOT NULL,
|
scopes varchar(1000) not null,
|
||||||
CLIENT_SETTINGS VARCHAR(2000) NOT NULL,
|
client_settings varchar(2000) not null,
|
||||||
TOKEN_SETTINGS VARCHAR(2000) NOT NULL
|
token_settings varchar(2000) not null
|
||||||
)
|
)
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
<pattern>%d{YYYY-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{x-request-id}] %logger{36} - %msg%n</pattern>
|
<pattern>%d{YYYY-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{x-request-id}] %logger{36} - %msg%n</pattern>
|
||||||
</encoder>
|
</encoder>
|
||||||
</appender>
|
</appender>
|
||||||
<root level="TRACE">
|
<root level="DEBUG">
|
||||||
<appender-ref ref="STDOUT"/>
|
<appender-ref ref="STDOUT"/>
|
||||||
</root>
|
</root>
|
||||||
<logger name="org.eclipse.jetty" level="INFO"/>
|
<logger name="org.eclipse.jetty" level="INFO"/>
|
||||||
|
|
Loading…
Reference in New Issue