From 481c1cb03feae7dab1d07bd1b930836a6141f384 Mon Sep 17 00:00:00 2001 From: Sachin Rana Date: Thu, 16 Jan 2025 12:57:46 +0530 Subject: [PATCH 1/2] added unique constraint to modulus in public key Signed-off-by: Sachin Rana --- .../io/mosip/esignet/entity/ClientDetail.java | 2 +- .../ddl/esignet-client_detail.sql | 7 +- .../sql/1.5.0_to_1.5.1_rollback.sql | 49 +++++++++++++ .../sql/1.5.0_to_1.5.1_upgrade.sql | 71 +++++++++++++++++++ docker-compose/init.sql | 7 +- .../src/main/resources/bootstrap.properties | 5 +- 6 files changed, 133 insertions(+), 8 deletions(-) create mode 100644 db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_rollback.sql create mode 100644 db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_upgrade.sql diff --git a/client-management-service-impl/src/main/java/io/mosip/esignet/entity/ClientDetail.java b/client-management-service-impl/src/main/java/io/mosip/esignet/entity/ClientDetail.java index 0b1f6840a..c9dd8a6cd 100644 --- a/client-management-service-impl/src/main/java/io/mosip/esignet/entity/ClientDetail.java +++ b/client-management-service-impl/src/main/java/io/mosip/esignet/entity/ClientDetail.java @@ -45,7 +45,7 @@ public class ClientDetail { private String redirectUris; @NotBlank(message = INVALID_PUBLIC_KEY) - @Column(name = "public_key", columnDefinition = "TEXT") + @Column(name = "public_key", columnDefinition = "jsonb") private String publicKey; @NotBlank(message = INVALID_CLAIM) diff --git a/db_scripts/mosip_esignet/ddl/esignet-client_detail.sql b/db_scripts/mosip_esignet/ddl/esignet-client_detail.sql index b9fd5a3ef..d2c67de1d 100644 --- a/db_scripts/mosip_esignet/ddl/esignet-client_detail.sql +++ b/db_scripts/mosip_esignet/ddl/esignet-client_detail.sql @@ -23,16 +23,17 @@ CREATE TABLE client_detail( redirect_uris character varying NOT NULL, claims character varying NOT NULL, acr_values character varying NOT NULL, - public_key character varying NOT NULL, + public_key jsonb NOT NULL, grant_types character varying NOT NULL, auth_methods character varying NOT NULL, status character varying(20) NOT NULL, cr_dtimes timestamp NOT NULL, upd_dtimes timestamp, - CONSTRAINT pk_clntdtl_id PRIMARY KEY (id), - CONSTRAINT uk_clntdtl_key UNIQUE (public_key) + CONSTRAINT pk_clntdtl_id PRIMARY KEY (id) ); +CREATE UNIQUE INDEX unique_n_value ON client_detail ((public_key->>'n')); + COMMENT ON TABLE client_detail IS 'Contains key alias and metadata of all the keys used in MOSIP system.'; COMMENT ON COLUMN client_detail.id IS 'Client ID: Unique id assigned to registered OIDC client.'; diff --git a/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_rollback.sql b/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_rollback.sql new file mode 100644 index 000000000..0506996eb --- /dev/null +++ b/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_rollback.sql @@ -0,0 +1,49 @@ +\c mosip_esignet + +CREATE OR REPLACE FUNCTION is_column_jsonb( + p_table_name text, + p_column_name text, + p_schema_name text DEFAULT current_schema() +) RETURNS boolean AS $$ +DECLARE + v_column_type text; +BEGIN + -- Get the column data type + SELECT data_type INTO v_column_type + FROM information_schema.columns + WHERE table_schema = p_schema_name + AND table_name = p_table_name + AND column_name = p_column_name; + + -- Handle case when column doesn't exist + IF v_column_type IS NULL THEN + RAISE EXCEPTION 'Column %.% does not exist', p_table_name, p_column_name; + END IF; + + -- Return true if jsonb, false otherwise + RETURN v_column_type = 'jsonb'; + +EXCEPTION + WHEN undefined_table THEN + RAISE EXCEPTION 'Table %.% does not exist', p_schema_name, p_table_name; + WHEN OTHERS THEN + RAISE EXCEPTION 'Error checking column type: %', SQLERRM; +END; +$$ LANGUAGE plpgsql; + +DO $$ +BEGIN +IF is_column_jsonb('client_detail', 'public_key') THEN + IF EXISTS ( + SELECT 1 FROM information_schema.tables + WHERE table_name='client_detail_migr_bkp' + ) THEN + DROP TABLE client_detail; + CREATE TABLE client_detail (LIKE client_detail_migr_bkp including ALL); + INSERT INTO client_detail SELECT * FROM client_detail_migr_bkp; + DROP TABLE client_detail_migr_bkp; + ELSE + RAISE EXCEPTION 'Error: Backup doesn''t exist'; + END IF; +END IF; +END $$ \ No newline at end of file diff --git a/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_upgrade.sql b/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_upgrade.sql new file mode 100644 index 000000000..d8a106ee2 --- /dev/null +++ b/db_upgrade_script/mosip_esignet/sql/1.5.0_to_1.5.1_upgrade.sql @@ -0,0 +1,71 @@ +\c mosip_esignet + +CREATE OR REPLACE FUNCTION is_column_jsonb( + p_table_name text, + p_column_name text, + p_schema_name text DEFAULT current_schema() +) RETURNS boolean AS $$ +DECLARE + v_column_type text; +BEGIN + -- Get the column data type + SELECT data_type INTO v_column_type + FROM information_schema.columns + WHERE table_schema = p_schema_name + AND table_name = p_table_name + AND column_name = p_column_name; + + -- Handle case when column doesn't exist + IF v_column_type IS NULL THEN + RAISE EXCEPTION 'Column %.% does not exist', p_table_name, p_column_name; + END IF; + + -- Return true if jsonb, false otherwise + RETURN v_column_type = 'jsonb'; + +EXCEPTION + WHEN undefined_table THEN + RAISE EXCEPTION 'Table %.% does not exist', p_schema_name, p_table_name; + WHEN OTHERS THEN + RAISE EXCEPTION 'Error checking column type: %', SQLERRM; +END; +$$ LANGUAGE plpgsql; + + +DO $$ +BEGIN +IF NOT is_column_jsonb('client_detail', 'public_key') THEN + + -- create backup + DROP TABLE IF EXISTS client_detail_migr_bkp; + CREATE TABLE client_detail_migr_bkp (LIKE client_detail including ALL); + INSERT into client_detail_migr_bkp SELECT * from client_detail; + ---- + + ALTER TABLE client_detail ADD COLUMN public_key_new jsonb; + UPDATE client_detail SET public_key_new = public_key::jsonb; + ALTER TABLE client_detail DROP COLUMN public_key; + ALTER TABLE client_detail RENAME COLUMN public_key_new TO public_key; + + -- inactivating clients with same modulus in public key + WITH duplicates AS ( + SELECT public_key->>'n' as modulus + FROM client_detail + WHERE public_key->>'n' IS NOT NULL + GROUP BY public_key->>'n' + HAVING COUNT(*) > 1 + ) + UPDATE client_detail SET status='INACTIVE', public_key='{}'::jsonb where id IN ( + SELECT + client_detail.id + FROM client_detail + JOIN duplicates ON client_detail.public_key->>'n' = duplicates.modulus); + ---- + + ALTER TABLE client_detail ALTER COLUMN public_key SET NOT NULL; + CREATE UNIQUE INDEX unique_n_value ON client_detail ((public_key->>'n')); + RAISE NOTICE 'Upgrade Successful'; +ELSE + RAISE NOTICE 'Database already uptodate'; +END IF; +END $$ \ No newline at end of file diff --git a/docker-compose/init.sql b/docker-compose/init.sql index 5e4bf5802..717b513b4 100644 --- a/docker-compose/init.sql +++ b/docker-compose/init.sql @@ -33,16 +33,17 @@ CREATE TABLE esignet.client_detail( redirect_uris character varying NOT NULL, claims character varying NOT NULL, acr_values character varying NOT NULL, - public_key character varying NOT NULL, + public_key jsonb NOT NULL, grant_types character varying NOT NULL, auth_methods character varying NOT NULL, status character varying(20) NOT NULL, cr_dtimes timestamp NOT NULL, upd_dtimes timestamp, - CONSTRAINT pk_clntdtl_id PRIMARY KEY (id), - CONSTRAINT uk_clntdtl_key UNIQUE (public_key) + CONSTRAINT pk_clntdtl_id PRIMARY KEY (id) ); +CREATE UNIQUE INDEX unique_n_value ON esignet.client_detail ((public_key->>'n')); + create table esignet.consent_detail ( id UUID NOT NULL, client_id VARCHAR NOT NULL, diff --git a/esignet-service/src/main/resources/bootstrap.properties b/esignet-service/src/main/resources/bootstrap.properties index eeb3a3cc4..c1a54d654 100644 --- a/esignet-service/src/main/resources/bootstrap.properties +++ b/esignet-service/src/main/resources/bootstrap.properties @@ -45,4 +45,7 @@ logging.level.io.mosip.esignet=INFO management.endpoint.metrics.enabled=true management.endpoints.web.exposure.include=* management.endpoint.prometheus.enabled=true -management.metrics.export.prometheus.enabled=true \ No newline at end of file +management.metrics.export.prometheus.enabled=true + +# to accept string as valid type for jsonb column +spring.datasource.hikari.data-source-properties=stringtype=unspecified \ No newline at end of file From 165c2268f93ef4e6690644b9051865d0dbf15b8a Mon Sep 17 00:00:00 2001 From: Zeeshan Mehboob <82993262+zesu22@users.noreply.github.com> Date: Thu, 16 Jan 2025 18:16:28 +0530 Subject: [PATCH 2/2] [ES-1991] [ES-2031] merge changes to release-1.5.1-temp (#1111) * [ES-1991] added css for removing extra eye icon in edge browser (#1054) * [ADDED] css for removing extra eye icon in edge browser Signed-off-by: Zeeshan Mehboob * Revert [ADDED] css for removing extra eye icon in edge browser Signed-off-by: Zeeshan Mehboob * [ADDED] css for extra eye removal from password field in edge Signed-off-by: Zeeshan Mehboob --------- Signed-off-by: Zeeshan Mehboob * [ES-2031] added no_ekyc_provider error (#1088) Signed-off-by: Zeeshan Mehboob --------- Signed-off-by: Zeeshan Mehboob --- oidc-ui/src/App.css | 5 +++++ oidc-ui/src/constants/clientConstants.js | 9 +++++++++ oidc-ui/src/pages/Consent.js | 8 +------- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/oidc-ui/src/App.css b/oidc-ui/src/App.css index 90ec57057..d341434f3 100644 --- a/oidc-ui/src/App.css +++ b/oidc-ui/src/App.css @@ -574,6 +574,11 @@ input[type="number"] { padding-top: 10px; } +input[type='password']::-ms-reveal, +input[type='password']::-ms-clear { + display: none; +} + @media screen and (max-width: 375px) { .pincode-input-text { width: 2em !important; diff --git a/oidc-ui/src/constants/clientConstants.js b/oidc-ui/src/constants/clientConstants.js index 68ea76fd6..39939c936 100644 --- a/oidc-ui/src/constants/clientConstants.js +++ b/oidc-ui/src/constants/clientConstants.js @@ -105,6 +105,14 @@ const modalityIconPath = { KBI: "images/sign_in_with_kba.png" }; +const errorCodeObj = { + dismiss: "consent_rejected", + invalid_transaction: "invalid_transaction", + incompatible_browser: "incompatible_browser", + ekyc_failed: "ekyc_failed", + no_ekyc_provider: "no_ekyc_provider" +}; + export { deviceType, challengeTypes, @@ -115,4 +123,5 @@ export { challengeFormats, walletConfigKeys, modalityIconPath, + errorCodeObj }; diff --git a/oidc-ui/src/pages/Consent.js b/oidc-ui/src/pages/Consent.js index c91e5bdd8..48f5e6104 100644 --- a/oidc-ui/src/pages/Consent.js +++ b/oidc-ui/src/pages/Consent.js @@ -7,6 +7,7 @@ import openIDConnectService from "../services/openIDConnectService"; import DefaultError from "../components/DefaultError"; import sha256 from "crypto-js/sha256"; import Base64 from "crypto-js/enc-base64"; +import { errorCodeObj } from "../constants/clientConstants"; export default function ConsentPage() { const [searchParams, setSearchParams] = useSearchParams(); @@ -44,13 +45,6 @@ export default function ConsentPage() { return hashB64; }; - const errorCodeObj = { - dismiss: "consent_rejected", - invalid_transaction: "invalid_transaction", - incompatible_browser: "incompatible_browser", - ekyc_failed: "ekyc_failed" - }; - const handleRedirection = (redirect_uri, errorCode) => { urlInfoParams.set("error", errorCode);