Skip to content

Commit

Permalink
Merge pull request #232 from supertokens/fix/oauth/jti-listing
Browse files Browse the repository at this point in the history
fix: jti listing
  • Loading branch information
porcellus authored Oct 28, 2024
2 parents 847f24d + 939ab34 commit 664e82a
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
4 changes: 2 additions & 2 deletions src/main/java/io/supertokens/storage/postgresql/Start.java
Original file line number Diff line number Diff line change
Expand Up @@ -3287,11 +3287,11 @@ public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryExce
@Override
public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId,
String externalRefreshToken, String internalRefreshToken,
String sessionHandle, List<String> jtis, long exp)
String sessionHandle, String jti, long exp)
throws StorageQueryException, OAuthClientNotFoundException {
try {
OAuthQueries.createOrUpdateOAuthSession(this, appIdentifier, gid, clientId, externalRefreshToken,
internalRefreshToken, sessionHandle, jtis, exp);
internalRefreshToken, sessionHandle, jti, exp);
} catch (SQLException e) {
ServerErrorMessage errorMessage = ((PSQLException) e).getServerErrorMessage();
PostgreSQLConfig config = Config.getConfig(this);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -163,29 +163,29 @@ public static OAuthClient getOAuthClientById(Start start, String clientId, AppId

public static void createOrUpdateOAuthSession(Start start, AppIdentifier appIdentifier, @NotNull String gid, @NotNull String clientId,
String externalRefreshToken, String internalRefreshToken, String sessionHandle,
List<String> jtis, long exp)
String jti, long exp)
throws SQLException, StorageQueryException {
String sessionTable = Config.getConfig(start).getOAuthSessionsTable();
String QUERY = "INSERT INTO " + sessionTable +
" (gid, client_id, app_id, external_refresh_token, internal_refresh_token, session_handle, jti, exp) VALUES (?, ?, ?, ?, ?, ?, ?, ?) " +
"ON CONFLICT (gid) DO UPDATE SET external_refresh_token = ?, internal_refresh_token = ?, " +
"session_handle = ? , jti = CONCAT("+sessionTable+".jti, ',' , ?), exp = ?";
"session_handle = ? , jti = CONCAT("+sessionTable+".jti, ?), exp = ?";
update(start, QUERY, pst -> {
String jtiDbValue = jtis == null ? null : String.join(",", jtis);
String jtiToInsert = jti + ",";

pst.setString(1, gid);
pst.setString(2, clientId);
pst.setString(3, appIdentifier.getAppId());
pst.setString(4, externalRefreshToken);
pst.setString(5, internalRefreshToken);
pst.setString(6, sessionHandle);
pst.setString(7, jtiDbValue);
pst.setString(7, jtiToInsert); //the starting list element also has to have a "," at the end as the remove removes "jti + ,"
pst.setLong(8, exp);

pst.setString(9, externalRefreshToken);
pst.setString(10, internalRefreshToken);
pst.setString(11, sessionHandle);
pst.setString(12, jtiDbValue);
pst.setString(12, jtiToInsert);
pst.setLong(13, exp);
});
}
Expand Down Expand Up @@ -283,7 +283,7 @@ public static boolean deleteJTIFromOAuthSession(Start start, AppIdentifier appId
+ " SET jti = REPLACE(jti, ?, '')" // deletion means replacing the jti with empty char
+ " WHERE app_id = ? and gid = ?";
int numberOfRows = update(start, DELETE, pst -> {
pst.setString(1, jti);
pst.setString(1, jti + ","); //removing with the "," to not leave behind trash
pst.setString(2, appIdentifier.getAppId());
pst.setString(3, gid);
});
Expand Down

0 comments on commit 664e82a

Please sign in to comment.