Define new db for token storage

okta · Feb 20, 2024 · 9647787 · 9647787
1 parent cbbc8a9
commit 9647787
Show file tree

Hide file tree

Showing 10 changed files with 440 additions and 0 deletions.
diff --git a/auth-foundation/api/auth-foundation.api b/auth-foundation/api/auth-foundation.api
@@ -381,6 +381,18 @@ public final class com/okta/authfoundation/credential/events/TokenStorageAccessE
 	public final fun setShouldClearStorageAndTryAgain (Z)V
 }
 
+public final class com/okta/authfoundation/credential/storage/typeconverters/JsonObjectTypeConverter {
+	public fun <init> ()V
+	public final fun convertToJsonString (Lkotlinx/serialization/json/JsonObject;)Ljava/lang/String;
+	public final fun convertToObject (Ljava/lang/String;)Lkotlinx/serialization/json/JsonObject;
+}
+
+public final class com/okta/authfoundation/credential/storage/typeconverters/StringStringMapTypeConverter {
+	public fun <init> ()V
+	public final fun convertToJsonString (Ljava/util/Map;)Ljava/lang/String;
+	public final fun convertToObject (Ljava/lang/String;)Ljava/util/Map;
+}
+
 public final class com/okta/authfoundation/events/EventCoordinator {
 	public fun <init> (Lcom/okta/authfoundation/events/EventHandler;)V
 	public fun <init> (Ljava/util/List;)V

diff --git a/auth-foundation/build.gradle b/auth-foundation/build.gradle
@@ -24,6 +24,11 @@ android {
 
         testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
         consumerProguardFiles "consumer-rules.pro"
+
+        ksp {
+            arg("room.generateKotlin", "true")
+            arg("room.schemaLocation", "$projectDir/schemas")
+        }
     }
 
     buildTypes {
@@ -68,11 +73,13 @@ dependencies {
     implementation deps.security_crypto
     implementation deps.startup_runtime
     implementation deps.room.runtime
+    implementation deps.room.ktx
     annotationProcessor deps.room.compiler
     ksp deps.room.compiler
 
     testImplementation deps.coroutines.test
     testImplementation deps.androidx_test.core
+    testImplementation deps.androidx_test.ext_junit
     testImplementation deps.junit
     testImplementation deps.truth
     testImplementation deps.kotlin.test

diff --git a/auth-foundation/schemas/com.okta.authfoundation.credential.storage.TokenDatabase/1.json b/auth-foundation/schemas/com.okta.authfoundation.credential.storage.TokenDatabase/1.json
@@ -0,0 +1,76 @@
+{
+  "formatVersion": 1,
+  "database": {
+    "version": 1,
+    "identityHash": "80e1abffca66c29c27232553ec643603",
+    "entities": [
+      {
+        "tableName": "TokenEntity",
+        "createSql": "CREATE TABLE IF NOT EXISTS `${TABLE_NAME}` (`id` TEXT NOT NULL, `encryptedToken` BLOB NOT NULL, `tags` TEXT NOT NULL, `payloadData` TEXT NOT NULL, `keyAlias` TEXT NOT NULL, `tokenEncryptionType` TEXT NOT NULL, `isDefault` INTEGER NOT NULL, `encryptionExtras` TEXT NOT NULL, PRIMARY KEY(`id`))",
+        "fields": [
+          {
+            "fieldPath": "id",
+            "columnName": "id",
+            "affinity": "TEXT",
+            "notNull": true
+          },
+          {
+            "fieldPath": "encryptedToken",
+            "columnName": "encryptedToken",
+            "affinity": "BLOB",
+            "notNull": true
+          },
+          {
+            "fieldPath": "tags",
+            "columnName": "tags",
+            "affinity": "TEXT",
+            "notNull": true
+          },
+          {
+            "fieldPath": "payloadData",
+            "columnName": "payloadData",
+            "affinity": "TEXT",
+            "notNull": true
+          },
+          {
+            "fieldPath": "keyAlias",
+            "columnName": "keyAlias",
+            "affinity": "TEXT",
+            "notNull": true
+          },
+          {
+            "fieldPath": "tokenEncryptionType",
+            "columnName": "tokenEncryptionType",
+            "affinity": "TEXT",
+            "notNull": true
+          },
+          {
+            "fieldPath": "isDefault",
+            "columnName": "isDefault",
+            "affinity": "INTEGER",
+            "notNull": true
+          },
+          {
+            "fieldPath": "encryptionExtras",
+            "columnName": "encryptionExtras",
+            "affinity": "TEXT",
+            "notNull": true
+          }
+        ],
+        "primaryKey": {
+          "autoGenerate": false,
+          "columnNames": [
+            "id"
+          ]
+        },
+        "indices": [],
+        "foreignKeys": []
+      }
+    ],
+    "views": [],
+    "setupQueries": [
+      "CREATE TABLE IF NOT EXISTS room_master_table (id INTEGER PRIMARY KEY,identity_hash TEXT)",
+      "INSERT OR REPLACE INTO room_master_table (id,identity_hash) VALUES(42, '80e1abffca66c29c27232553ec643603')"
+    ]
+  }
+}
diff --git a/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenDao.kt b/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenDao.kt
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024-Present Okta, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.okta.authfoundation.credential.storage
+
+import androidx.room.Dao
+import androidx.room.Delete
+import androidx.room.Insert
+import androidx.room.Query
+import androidx.room.Update
+
+@Dao
+internal interface TokenDao {
+    @Query("SELECT * FROM TokenEntity")
+    suspend fun allEntries(): List<TokenEntity>
+
+    @Insert
+    suspend fun insertTokenEntity(tokenEntity: TokenEntity)
+
+    @Update
+    suspend fun updateTokenEntity(vararg tokenEntity: TokenEntity)
+
+    @Delete
+    suspend fun deleteTokenEntity(tokenEntity: TokenEntity)
+}
diff --git a/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenDatabase.kt b/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenDatabase.kt
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024-Present Okta, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.okta.authfoundation.credential.storage
+
+import androidx.room.Database
+import androidx.room.RoomDatabase
+
+@Database(
+    entities = [
+        TokenEntity::class
+    ],
+    version = TokenDatabase.VERSION
+)
+internal abstract class TokenDatabase : RoomDatabase() {
+    internal abstract fun tokenDao(): TokenDao
+
+    companion object {
+        internal const val VERSION = 1
+    }
+}
diff --git a/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenEntity.kt b/auth-foundation/src/main/java/com/okta/authfoundation/credential/storage/TokenEntity.kt
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2024-Present Okta, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.okta.authfoundation.credential.storage
+
+import androidx.room.Entity
+import androidx.room.PrimaryKey
+import androidx.room.TypeConverters
+import com.okta.authfoundation.credential.storage.typeconverters.JsonObjectTypeConverter
+import com.okta.authfoundation.credential.storage.typeconverters.StringStringMapTypeConverter
+import kotlinx.serialization.json.JsonObject
+
+@Entity
+@TypeConverters(
+    StringStringMapTypeConverter::class,
+    JsonObjectTypeConverter::class
+)
+internal data class TokenEntity(
+    @PrimaryKey
+    val id: String,
+    val encryptedToken: ByteArray,
+    val tags: Map<String, String>,
+    val payloadData: JsonObject,
+    val keyAlias: String,
+    val tokenEncryptionType: EncryptionType,
+    val isDefault: Boolean,
+    val encryptionExtras: Map<String, String>
+) {
+    internal enum class EncryptionType {
+        NON_BIO,
+        BIO_ONLY,
+        BIO_AND_PIN
+    }
+
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (javaClass != other?.javaClass) return false
+
+        other as TokenEntity
+
+        if (id != other.id) return false
+        if (!encryptedToken.contentEquals(other.encryptedToken)) return false
+        if (tags != other.tags) return false
+        if (payloadData != other.payloadData) return false
+        if (keyAlias != other.keyAlias) return false
+        if (tokenEncryptionType != other.tokenEncryptionType) return false
+        if (isDefault != other.isDefault) return false
+        return encryptionExtras == other.encryptionExtras
+    }
+
+    override fun hashCode(): Int {
+        var result = id.hashCode()
+        result = 31 * result + encryptedToken.contentHashCode()
+        result = 31 * result + tags.hashCode()
+        result = 31 * result + payloadData.hashCode()
+        result = 31 * result + keyAlias.hashCode()
+        result = 31 * result + tokenEncryptionType.hashCode()
+        result = 31 * result + isDefault.hashCode()
+        result = 31 * result + encryptionExtras.hashCode()
+        return result
+    }
+}
diff --git a/...java/com/okta/authfoundation/credential/storage/typeconverters/JsonObjectTypeConverter.kt b/...java/com/okta/authfoundation/credential/storage/typeconverters/JsonObjectTypeConverter.kt
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2024-Present Okta, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.okta.authfoundation.credential.storage.typeconverters
+
+import androidx.room.TypeConverter
+import com.okta.authfoundation.client.OidcConfiguration
+import kotlinx.serialization.json.JsonObject
+
+class JsonObjectTypeConverter {
+    @TypeConverter
+    fun convertToJsonString(jsonObject: JsonObject?): String? {
+        return jsonObject?.let {
+            OidcConfiguration.defaultJson().encodeToString(JsonObject.serializer(), it)
+        }
+    }
+
+    @TypeConverter
+    fun convertToObject(json: String?): JsonObject? {
+        return json?.let {
+            OidcConfiguration.defaultJson().decodeFromString(JsonObject.serializer(), it)
+        }
+    }
+}
diff --git a/...com/okta/authfoundation/credential/storage/typeconverters/StringStringMapTypeConverter.kt b/...com/okta/authfoundation/credential/storage/typeconverters/StringStringMapTypeConverter.kt
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024-Present Okta, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.okta.authfoundation.credential.storage.typeconverters
+
+import androidx.room.TypeConverter
+import com.okta.authfoundation.client.OidcConfiguration
+import kotlinx.serialization.builtins.MapSerializer
+import kotlinx.serialization.builtins.serializer
+
+class StringStringMapTypeConverter {
+    private val mapSerializer = MapSerializer(String.serializer(), String.serializer())
+
+    @TypeConverter
+    fun convertToJsonString(stringStringMap: Map<String, String>?): String? {
+        return stringStringMap?.let {
+            OidcConfiguration.defaultJson().encodeToString(mapSerializer, it)
+        }
+    }
+
+    @TypeConverter
+    fun convertToObject(json: String?): Map<String, String>? {
+        return json?.let {
+            OidcConfiguration.defaultJson().decodeFromString(mapSerializer, it)
+        }
+    }
+}