RegisteredClientRepository and OAuth2AuthorizationService should have a method to query all active entries.

[bschoenmaeckers]

It is currently not possible to get a list of all registered clients and/or active authorizations (with their corresponding tokens).

RegisteredClientRepository should have a method to get all registered clients. And the OAuth2AuthorizationService should have a method to get all (active) authorizations or all (active) authorizations for a given principal.

[jgrandja]

@bschoenmaeckers A findAll() operation is not needed by the framework at the moment and I'm not anticipating it will be needed.

I see this more of an admin operation, where admins want to view all granted tokens and possibly revoke some. This would be the responsibility of the admin app to extend OAuth2AuthorizationService and provide the extension operations.

I'm going to close this as it's not needed by the existing framework components.

[bschoenmaeckers]

Makes sense! I missed the latest commit which made both JDBC implementations non-final so this should be possible now.

[bschoenmaeckers]

Makes sense! I missed the latest commit which made both JDBC implementations non-final so this should be possible now.

Nevermind... 473dedb

[jgrandja]

@bschoenmaeckers We reverted the commit for now but it will be merged in 3 separate commits and the classes will be made non-final.

[bschoenmaeckers]

@jgrandja Will the findBy methods be accessible to the subclasses as well? This would make it considerable easier to make custom query methods.

[jgrandja]

Yes, we'll make the methods protected wherever it makes sense. cc/ @sjohnr

[bschoenmaeckers]

Excellent!

[sjohnr]

Yes, I will fold that in, as that makes a lot of sense for the use case under discussion here. Thanks @bschoenmaeckers!

[sjohnr]

@bschoenmaeckers After discussion, and considering previous comments on this issue, I won't be making any changes related to this. Reason being (as @jgrandja mentioned) this is a product feature needed by an admin application, and should not be provided by the framework. I recommend extending the interface and providing the findAll() functionality in your own application. Sorry about the confusion here.

[bschoenmaeckers]

Hi @sjohnr, I understand your decision. But it will still help to make some helper methods and getters in the JDBC implementation accessible by subclasses. Are you still planning to that or not? Thanks anyway!

[sjohnr]

Yes, I am working on that now. Again, sorry for the confusion 😄, I was just referring to the findAll() discussion.

Update: To be clear, I am working on getter/setter access. If by helper methods you mean findBy, I will not be making that accessible, as it is specifically useful only inside the implementation class. Any querying or logic extension points would be implemented in your application (including any kind of findXyz() methods).

[hezhongfeng]

I use JdbcTemplate to findAll

@Component
public class CustomRegisteredClientRepo {

  @Autowired
  private JdbcTemplate jdbcTemplate;


  public Page<CustomClient> findAll(Pageable page) {
    Order order = !page.getSort().isEmpty() ? page.getSort().toList().get(0) : Order.by("id");

    SqlRowSet rs = jdbcTemplate.queryForRowSet("SELECT * FROM oauth2_registered_client ORDER BY "
        + order.getProperty() + " " + order.getDirection().name() + " LIMIT " + page.getPageSize()
        + " OFFSET " + page.getOffset());

    long count =
        jdbcTemplate.queryForObject("select count(*) from oauth2_registered_client", long.class);

    List<CustomClient> list = new ArrayList<CustomClient>();

    while (rs.next()) {
      CustomClient client = new CustomClient();
      client.setId(rs.getString("id"));
      client.setClientId(rs.getString("client_id"));
      list.add(client);
    }
    return new PageImpl<CustomClient>(list, page, count);
  }
}