From 8a3e2d254d4f155dd6ab289992b0d02e821f9deb Mon Sep 17 00:00:00 2001 From: Vigneshan Date: Mon, 30 Nov 2020 08:59:36 +0530 Subject: [PATCH] Update apim dbscripts to increase scope length in oauth2 authorization code table --- modules/distribution/pom.xml | 2 +- modules/distribution/src/assembly/bin.xml | 36 + .../core/resources/dbscripts/apimgt/db2.sql | 621 ++++++++- .../dbscripts/apimgt/h2-sample-data.sql | 2 +- .../core/resources/dbscripts/apimgt/h2.sql | 423 +++++- .../core/resources/dbscripts/apimgt/mssql.sql | 1241 +++++++++++------ .../core/resources/dbscripts/apimgt/mysql.sql | 392 +++++- .../resources/dbscripts/apimgt/mysql5.7.sql | 415 +++++- .../dbscripts/apimgt/mysql_cluster.sql | 519 +++++-- .../resources/dbscripts/apimgt/oracle.sql | 649 ++++++++- .../resources/dbscripts/apimgt/oracle_rac.sql | 642 ++++++++- .../resources/dbscripts/apimgt/postgresql.sql | 474 ++++++- 12 files changed, 4574 insertions(+), 842 deletions(-) diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml index 6aec08c2..ab926ee9 100644 --- a/modules/distribution/pom.xml +++ b/modules/distribution/pom.xml @@ -515,7 +515,7 @@ - + diff --git a/modules/distribution/src/assembly/bin.xml b/modules/distribution/src/assembly/bin.xml index cca652fe..a7b94044 100755 --- a/modules/distribution/src/assembly/bin.xml +++ b/modules/distribution/src/assembly/bin.xml @@ -1751,6 +1751,42 @@ src/core/resources/dbscripts/postgresql.sql ${pom.artifactId}-${pom.version}/dbscripts + + src/core/resources/dbscripts/apimgt/db2.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/h2.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/mssql.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/mysql.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/mysql5.7.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/mysql_cluster.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/oracle.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/oracle_rac.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + + + src/core/resources/dbscripts/apimgt/postgresql.sql + ${pom.artifactId}-${pom.version}/dbscripts/apimgt + diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/db2.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/db2.sql index bb56b48c..08d6af0f 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/db2.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/db2.sql @@ -8,7 +8,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server') CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( ID INTEGER NOT NULL, CONSUMER_KEY VARCHAR (255) NOT NULL, - CONSUMER_SECRET VARCHAR (512), + CONSUMER_SECRET VARCHAR (2048), USERNAME VARCHAR (255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -18,6 +18,10 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID)) / @@ -30,6 +34,13 @@ REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL = (NEXTVAL FOR IDN_OAUTH_CONSUMER_APPS_SEQUENCE); END / +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID, SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +) +/ CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR (512) NOT NULL, REQUEST_TOKEN_SECRET VARCHAR (512), @@ -55,8 +66,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN ( / CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255) NOT NULL, - ACCESS_TOKEN VARCHAR (255) NOT NULL, - REFRESH_TOKEN VARCHAR (255), + ACCESS_TOKEN VARCHAR (2048) NOT NULL, + REFRESH_TOKEN VARCHAR (2048), CONSUMER_KEY_ID INTEGER NOT NULL, AUTHZ_USER VARCHAR (100) NOT NULL, TENANT_ID INTEGER NOT NULL, @@ -71,6 +82,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE' NOT NULL, TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL, SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR (512), + REFRESH_TOKEN_HASH VARCHAR (512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -83,12 +96,15 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) / +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) +/ + CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255) NOT NULL, - AUTHORIZATION_CODE VARCHAR (512) NOT NULL, + AUTHORIZATION_CODE VARCHAR (2048) NOT NULL, CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR (1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100) NOT NULL, TENANT_ID INTEGER, USER_DOMAIN VARCHAR (50) NOT NULL, @@ -99,10 +115,14 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR(255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR (512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) / +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID) +/ + CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255) NOT NULL, TOKEN_SCOPE VARCHAR (60) NOT NULL, @@ -112,11 +132,10 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( / CREATE TABLE IDN_OAUTH2_SCOPE ( SCOPE_ID INTEGER NOT NULL, - SCOPE_KEY VARCHAR (100) NOT NULL, - NAME VARCHAR (255) NULL, - DESCRIPTION VARCHAR (512) NULL, - TENANT_ID INTEGER DEFAULT 0 NOT NULL, - ROLES VARCHAR (500) NULL, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID)) / CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE @@ -131,14 +150,18 @@ BEGIN ATOMIC END / +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE) +/ CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR (255) NOT NULL, SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE -)/ - + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE) +/ CREATE TABLE IDN_SCIM_GROUP ( ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL, @@ -210,7 +233,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234 NOT NULL, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) / CREATE TABLE IDN_IDENTITY_META_DATA ( @@ -256,6 +279,7 @@ CREATE TABLE SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -304,6 +328,7 @@ CREATE TABLE SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -359,6 +384,7 @@ CREATE TABLE SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID)) / @@ -424,6 +450,7 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR ( APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID)) / CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 NOCACHE @@ -439,6 +466,26 @@ CREATE TRIGGER SP_PROV_CONNECTOR_TRIG NO CASCADE / ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE / +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER SP_AUTH_SCRIPT_TRIG NO CASCADE + BEFORE INSERT + ON SP_AUTH_SCRIPT + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR SP_AUTH_SCRIPT_SEQ); + END +/ CREATE TABLE IDP ( ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL, @@ -474,9 +521,6 @@ CREATE TRIGGER IDP_TRIG NO CASCADE SET (NEW.ID) = (NEXTVAL FOR IDP_SEQ); END / - -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost')/ - CREATE TABLE IDP_ROLE ( ID INTEGER NOT NULL, IDP_ID INTEGER NOT NULL, @@ -583,10 +627,6 @@ CREATE TRIGGER IDP_AUTHENTICATOR_TRIG NO CASCADE END / -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso')/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties')/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests')/ - CREATE TABLE IDP_METADATA ( ID INTEGER NOT NULL, IDP_ID INTEGER NOT NULL, @@ -610,10 +650,6 @@ CREATE TRIGGER IDP_METADATA_TRIG NO CASCADE SET (NEW.ID) = (NEXTVAL FOR IDP_METADATA_SEQ); END / - -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout')/ -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout')/ - CREATE TABLE IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL, @@ -637,9 +673,6 @@ CREATE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG NO CASCADE END / -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0')/ -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0')/ - CREATE TABLE IDP_PROVISIONING_CONFIG ( ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL, @@ -647,6 +680,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) @@ -790,7 +824,7 @@ CREATE TABLE WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID)) @@ -861,11 +895,486 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( PRIMARY KEY (RELATIONSHIP_ID), FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) - / +/ + +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1 NOT NULL, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500), + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE)) +/ + +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1 NOT NULL, + SALT_VALUE VARCHAR(255) NOT NULL, + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + ) +/ +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE TRIGGER IDN_PASSWORD_HISTORY_DATA NO CASCADE + BEFORE INSERT + ON IDN_PASSWORD_HISTORY_DATA + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_PASSWORD_HISTORY_DATA_SEQ); + END +/ + +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CLAIM_DIALECT_TRIG NO CASCADE + BEFORE INSERT + ON IDN_CLAIM_DIALECT + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_DIALECT_SEQ); + END +/ + +CREATE TABLE IDN_CLAIM ( + ID INTEGER NOT NULL, + DIALECT_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CLAIM_TRIG NO CASCADE + BEFORE INSERT + ON IDN_CLAIM + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_SEQ); + END +/ + +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL, + LOCAL_CLAIM_ID INTEGER NOT NULL, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG NO CASCADE + BEFORE INSERT + ON IDN_CLAIM_MAPPED_ATTRIBUTE + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ); + END +/ + +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL, + LOCAL_CLAIM_ID INTEGER NOT NULL, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CLAIM_PROPERTY_TRIG NO CASCADE + BEFORE INSERT + ON IDN_CLAIM_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_PROPERTY_SEQ); + END +/ + +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CLAIM_MAPPING_TRIG NO CASCADE + BEFORE INSERT + ON IDN_CLAIM_MAPPING + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPING_SEQ); + END +/ + +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG NO CASCADE + BEFORE INSERT + ON IDN_SAML2_ASSERTION_STORE + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_SAML2_ASSERTION_STORE_SEQ); + END +/ +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (JWT_ID)) +/ + + +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_PROPERTY_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_PROPERTY_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQUEST_OBJECT_REF_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_REFERENCE + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQUEST_OBJECT_REF_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL, + REQ_OBJECT_ID INTEGER , + CLAIM_ATTRIBUTE VARCHAR(255), + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0', + VALUE VARCHAR(255), + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIMS_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_CLAIMS + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL, + REQ_OBJECT_CLAIMS_ID INTEGER, + CLAIM_VALUES VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ); + END +/ + +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER NOT NULL, + NAME VARCHAR(100) NOT NULL, + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER NOT NULL, + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CERTIFICATE_TRIGGER NO CASCADE BEFORE INSERT ON IDN_CERTIFICATE +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) + = (NEXTVAL FOR IDN_CERTIFICATE_SEQUENCE); + END +/ -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER NOT NULL , + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PII_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PII_CATEGORY +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PII_CATEGORY_SEQ); + +END +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PURPOSE_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PURPOSE_SEQ); + +END +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PURPOSE_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE_CATEGORY +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PURPOSE_CATEGORY_SEQ); + +END +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER NOT NULL, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_RECEIPT_SP_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_RECEIPT_SP_ASSOC +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_RECEIPT_SP_ASSOC_SEQ); + +END +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER NOT NULL, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_SP_PURPOSE_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_SP_PURPOSE_ASSOC +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_SP_PURPOSE_ASSOC_SEQ); + +END +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_PII_CAT_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')/ + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')/ + +-- End of CONSENT-MGT Tables -- -- Start of API-MGT Tables -- CREATE TABLE AM_SUBSCRIBER ( @@ -949,7 +1458,7 @@ CREATE TABLE AM_SUBSCRIPTION ( CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING ( SUBSCRIPTION_ID INTEGER NOT NULL, - ACCESS_TOKEN VARCHAR(255) NOT NULL, + ACCESS_TOKEN VARCHAR(512) NOT NULL, KEY_TYPE VARCHAR(512) NOT NULL, FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON DELETE RESTRICT, PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) @@ -1045,7 +1554,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT NOT NULL, TOKEN_TYPE VARCHAR(30) NOT NULL, - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -1076,20 +1585,20 @@ CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID) CREATE TABLE AM_ALERT_TYPES ( ALERT_TYPE_ID INT GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1), ALERT_TYPE_NAME VARCHAR(256) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )/ CREATE TABLE AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER NOT NULL, + ALERT_TYPE_ID INTEGER NOT NULL, USER_NAME VARCHAR(256) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONSTRAINT UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )/ -CREATE TABLE AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INT GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1), - USER_NAME VARCHAR(256) NOT NULL , +CREATE TABLE AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INT GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1), + USER_NAME VARCHAR(256) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID), CONSTRAINT AM_ALERT_EMAILLIST_CONSTRAINT UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) @@ -1275,7 +1784,7 @@ CREATE TABLE AM_THROTTLE_TIER_PERMISSIONS ( CREATE TABLE AM_BLOCK_CONDITIONS ( CONDITION_ID INT NOT NULL GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1), TYPE varchar(45) DEFAULT NULL, - VALUE varchar(45) DEFAULT NULL, + VALUE varchar(512) DEFAULT NULL, ENABLED varchar(45) DEFAULT NULL, DOMAIN varchar(45) DEFAULT NULL, UUID VARCHAR(256) NOT NULL, @@ -1283,12 +1792,42 @@ CREATE TABLE AM_BLOCK_CONDITIONS ( UNIQUE (UUID) ) / +CREATE TABLE AM_CERTIFICATE_METADATA ( + TENANT_ID INT NOT NULL, + ALIAS VARCHAR(45) NOT NULL, + END_POINT VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT) +) / + +CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INT NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255) NOT NULL, + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE +) / + +CREATE TABLE AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP(0) NOT NULL DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED SMALLINT NOT NULL DEFAULT 0, + FILE_CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +) / + +CREATE TABLE AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER NOT NULL, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP(0) NOT NULL, + PRIMARY KEY (ID) +) / -- End of API-MGT Tables -- -- Performance indexes start-- - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME)/ -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN)/ create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE)/ create index IDX_AAI_CTX on AM_API (CONTEXT)/ create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY)/ @@ -1300,5 +1839,3 @@ create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE)/ create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID)/ create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE)/ create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY)/ - --- Performance indexes end-- diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/h2-sample-data.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/h2-sample-data.sql index 2b96659e..6d58dae9 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/h2-sample-data.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/h2-sample-data.sql @@ -64,4 +64,4 @@ INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI5', SELECT * FROM AM_SUBSCRIBER; SELECT * FROM AM_APPLICATION; -SELECT * FROM AM_SUBSCRIPTION; \ No newline at end of file +SELECT * FROM AM_SUBSCRIPTION; diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/h2.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/h2.sql index d4ba2707..61745c03 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/h2.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/h2.sql @@ -9,7 +9,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( ID INTEGER NOT NULL AUTO_INCREMENT, CONSUMER_KEY VARCHAR (255), - CONSUMER_SECRET VARCHAR (512), + CONSUMER_SECRET VARCHAR (2048), USERNAME VARCHAR (255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -19,10 +19,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) ); +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +); + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR (512), REQUEST_TOKEN_SECRET VARCHAR (512), @@ -50,8 +61,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR (255), - REFRESH_TOKEN VARCHAR (255), + ACCESS_TOKEN VARCHAR (2048), + REFRESH_TOKEN VARCHAR (2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, @@ -66,6 +77,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR (512), + REFRESH_TOKEN_HASH VARCHAR (512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -76,12 +89,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR (512), + AUTHORIZATION_CODE VARCHAR (2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR (1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), @@ -92,10 +107,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR (255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR (512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255), TOKEN_SCOPE VARCHAR (60), @@ -106,17 +124,22 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INTEGER NOT NULL DEFAULT 0, - ROLES VARCHAR (500) NULL, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID) ); +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER (11) NOT NULL, + SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE @@ -174,7 +197,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) ); @@ -220,6 +243,7 @@ CREATE TABLE IF NOT EXISTS SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -243,6 +267,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -270,14 +295,15 @@ CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_CLAIM VARCHAR (512) NOT NULL , + SP_CLAIM VARCHAR (512) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', + DEFAULT_VALUE VARCHAR(255), + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; @@ -308,10 +334,20 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID)); ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)); + CREATE TABLE IF NOT EXISTS IDP ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -336,8 +372,6 @@ CREATE TABLE IF NOT EXISTS IDP ( PRIMARY KEY (ID), UNIQUE (TENANT_ID, NAME)); -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); - CREATE TABLE IF NOT EXISTS IDP_ROLE ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -388,10 +422,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( UNIQUE (TENANT_ID, IDP_ID, NAME), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); - CREATE TABLE IF NOT EXISTS IDP_METADATA ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -403,9 +433,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA ( CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -417,9 +444,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -427,6 +451,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); @@ -496,7 +521,7 @@ CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( KEY_HANDLE VARCHAR(200) NOT NULL, DEVICE_DATA LONGVARCHAR NOT NULL, PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); - + CREATE TABLE IF NOT EXISTS WF_REQUEST ( UUID VARCHAR (45), CREATED_BY VARCHAR (255), @@ -514,7 +539,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID) @@ -573,6 +598,277 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE ); + +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +); + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH), +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID), +); + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255), + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +); + + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0', + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +); + +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- + -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( @@ -753,7 +1049,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -771,42 +1067,42 @@ CREATE TABLE IF NOT EXISTS AM_API_SCOPES ( ); CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, + DEFAULT_VERSION_ID INT AUTO_INCREMENT, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ); CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - + CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(256) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) ); CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(256) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONSTRAINT UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) ); -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID), CONSTRAINT AM_ALERT_EMAILLIST_CONSTRAINT UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) ); -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAILLIST_DETAILS_CONSTRAINT UNIQUE (EMAIL_LIST_ID,EMAIL) ); @@ -978,7 +1274,7 @@ CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( CREATE TABLE `AM_BLOCK_CONDITIONS` ( `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, `ENABLED` varchar(45) DEFAULT NULL, `DOMAIN` varchar(45) DEFAULT NULL, `UUID` VARCHAR(256), @@ -986,4 +1282,37 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` ( UNIQUE (UUID) ); +CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `END_POINT` VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`), +); + +CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +); + +CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT 0, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +); + +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +); + -- End of API-MGT Tables -- diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/mssql.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/mssql.sql index 058d18ff..50e1029e 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/mssql.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/mssql.sql @@ -1,599 +1,658 @@ -- Start of IDN Tables -- IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_BASE_TABLE]') AND TYPE IN (N'U')) CREATE TABLE IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) + PRODUCT_NAME VARCHAR(20), + PRIMARY KEY (PRODUCT_NAME) ); INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH_CONSUMER_APPS]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER IDENTITY, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(512), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(1024), - GRANT_TYPES VARCHAR(1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) + ID INTEGER IDENTITY, + CONSUMER_KEY VARCHAR(255), + CONSUMER_SECRET VARCHAR(2048), + USERNAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT 0, + USER_DOMAIN VARCHAR(50), + APP_NAME VARCHAR(255), + OAUTH_VERSION VARCHAR(128), + CALLBACK_URL VARCHAR(1024), + GRANT_TYPES VARCHAR(1024), + PKCE_MANDATORY CHAR(1) DEFAULT '0', + PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, + CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_VALIDATORS]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH1A_REQUEST_TOKEN]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(512), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + REQUEST_TOKEN VARCHAR(512), + REQUEST_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(1024), + SCOPE VARCHAR(2048), + AUTHORIZED VARCHAR(128), + OAUTH_VERIFIER VARCHAR(512), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (REQUEST_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH1A_ACCESS_TOKEN]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(512), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + ACCESS_TOKEN VARCHAR(512), + ACCESS_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ACCESS_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_ACCESS_TOKEN]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(255), - REFRESH_TOKEN VARCHAR(255), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED DATETIME, - REFRESH_TOKEN_TIME_CREATED DATETIME, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID) + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED DATETIME, + REFRESH_TOKEN_TIME_CREATED DATETIME, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID) ); CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + IF EXISTS (SELECT NAME FROM SYSINDEXES WHERE NAME = 'IDX_AT_CK_AU') DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT_CK_AU IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_AUTHORIZATION_CODE]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED DATETIME, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR (255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + CODE_ID VARCHAR (255), + AUTHORIZATION_CODE VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(1024), + SCOPE VARCHAR(4096), + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + TIME_CREATED DATETIME, + VALIDITY_PERIOD BIGINT, + STATE VARCHAR (25) DEFAULT 'ACTIVE', + TOKEN_ID VARCHAR(255), + SUBJECT_IDENTIFIER VARCHAR(255), + PKCE_CODE_CHALLENGE VARCHAR (255), + PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), + PRIMARY KEY (CODE_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_ACCESS_TOKEN_SCOPE]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER IDENTITY, - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INTEGER NOT NULL DEFAULT 0, - ROLES VARCHAR (500) NULL, - PRIMARY KEY (SCOPE_ID) + SCOPE_ID INTEGER IDENTITY, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + PRIMARY KEY (SCOPE_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_BINDING]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_RESOURCE_SCOPE]') AND TYPE IN (N'U')) CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE + RESOURCE_PATH VARCHAR(255) NOT NULL, + SCOPE_ID INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SCIM_GROUP]') AND TYPE IN (N'U')) CREATE TABLE IDN_SCIM_GROUP ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) + ID INTEGER IDENTITY, + TENANT_ID INTEGER NOT NULL, + ROLE_NAME VARCHAR(255) NOT NULL, + ATTR_NAME VARCHAR(1024) NOT NULL, + ATTR_VALUE VARCHAR(1024), + PRIMARY KEY (ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_REMEMBER_ME]') AND TYPE IN (N'U')) CREATE TABLE IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME DATETIME, - PRIMARY KEY (USER_NAME, TENANT_ID) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + COOKIE_VALUE VARCHAR(1024), + CREATED_TIME DATETIME, + PRIMARY KEY (USER_NAME, TENANT_ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_USER_RPS]') AND TYPE IN (N'U')) CREATE TABLE IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + RP_URL VARCHAR(255) NOT NULL, + TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', + LAST_VISIT DATE NOT NULL, + VISIT_COUNT INTEGER DEFAULT 0, + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', + PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_ASSOCIATIONS]') AND TYPE IN (N'U')) CREATE TABLE IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN DATETIME NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) + HANDLE VARCHAR(255) NOT NULL, + ASSOC_TYPE VARCHAR(255) NOT NULL, + EXPIRE_IN DATETIME NOT NULL, + MAC_KEY VARCHAR(255) NOT NULL, + ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (HANDLE) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_STS_STORE]') AND TYPE IN (N'U')) CREATE TABLE IDN_STS_STORE ( - ID INTEGER IDENTITY, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT VARBINARY(MAX) NOT NULL, - CREATE_DATE DATETIME NOT NULL, - EXPIRE_DATE DATETIME NOT NULL, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) + ID INTEGER IDENTITY, + TOKEN_ID VARCHAR(255) NOT NULL, + TOKEN_CONTENT VARBINARY(MAX) NOT NULL, + CREATE_DATE DATETIME NOT NULL, + EXPIRE_DATE DATETIME NOT NULL, + STATE INTEGER DEFAULT 0, + PRIMARY KEY (ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_IDENTITY_USER_DATA]') AND TYPE IN (N'U')) CREATE TABLE IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) + TENANT_ID INTEGER DEFAULT -1234, + USER_NAME VARCHAR(255) NOT NULL, + DATA_KEY VARCHAR(255) NOT NULL, + DATA_VALUE VARCHAR(2048), + PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_IDENTITY_META_DATA]') AND TYPE IN (N'U')) CREATE TABLE IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + METADATA_TYPE VARCHAR(255) NOT NULL, + METADATA VARCHAR(255) NOT NULL, + VALID VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_THRIFT_SESSION]') AND TYPE IN (N'U')) CREATE TABLE IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) + SESSION_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + CREATED_TIME VARCHAR(255) NOT NULL, + LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (SESSION_ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_AUTH_SESSION_STORE]') AND TYPE IN (N'U')) CREATE TABLE IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT VARBINARY(MAX), - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT VARBINARY(MAX), + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_APP]') AND TYPE IN (N'U')) CREATE TABLE SP_APP ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - PRIMARY KEY (ID), - CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID)); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + APP_NAME VARCHAR (255) NOT NULL , + USER_STORE VARCHAR (255) NOT NULL, + USERNAME VARCHAR (255) NOT NULL , + DESCRIPTION VARCHAR (1024), + ROLE_CLAIM VARCHAR (512), + AUTH_TYPE VARCHAR (255) NOT NULL, + PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), + IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', + IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', + IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', + IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', + SUBJECT_CLAIM_URI VARCHAR (512), + IS_SAAS_APP CHAR(1) DEFAULT '0', + IS_DUMB_MODE CHAR(1) DEFAULT '0', + PRIMARY KEY (ID), + CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID) +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_METADATA]') AND TYPE IN (N'U')) CREATE TABLE SP_METADATA ( - ID INTEGER IDENTITY, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_INBOUND_AUTH]') AND TYPE IN (N'U')) CREATE TABLE SP_INBOUND_AUTH ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + INBOUND_AUTH_KEY VARCHAR (255), + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, + PROP_NAME VARCHAR (255), + PROP_VALUE VARCHAR (1024) , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_STEP]') AND TYPE IN (N'U')) CREATE TABLE SP_AUTH_STEP ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL, - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID), - CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + STEP_ORDER INTEGER DEFAULT 1, + APP_ID INTEGER NOT NULL, + IS_SUBJECT_STEP CHAR(1) DEFAULT '0', + IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', + PRIMARY KEY (ID), + CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_FEDERATED_IDP]') AND TYPE IN (N'U')) CREATE TABLE SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID), - CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_ID INTEGER NOT NULL, + PRIMARY KEY (ID, AUTHENTICATOR_ID), + CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_CLAIM_MAPPING]') AND TYPE IN (N'U')) CREATE TABLE SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + IDP_CLAIM VARCHAR (512) NOT NULL , + SP_CLAIM VARCHAR (512) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', + DEFAULT_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_ROLE_MAPPING]') AND TYPE IN (N'U')) CREATE TABLE SP_ROLE_MAPPING ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + IDP_ROLE VARCHAR (255) NOT NULL , + SP_ROLE VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_REQ_PATH_AUTHENTICATOR]') AND TYPE IN (N'U')) CREATE TABLE SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_PROVISIONING_CONNECTOR]') AND TYPE IN (N'U')) CREATE TABLE SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL IDENTITY, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE); + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER NOT NULL, + IDP_NAME VARCHAR (255) NOT NULL , + CONNECTOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', + BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +); + +IF NOT EXISTS(SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_SCRIPT]') AND TYPE IN (N'U')) +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER IDENTITY NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT VARBINARY(MAX) DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID) +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP]') AND TYPE IN (N'U')) CREATE TABLE IDP ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE VARBINARY(MAX), - CERTIFICATE VARBINARY(MAX), - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - DISPLAY_NAME VARCHAR(255), - UNIQUE (TENANT_ID, NAME)); - -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE VARBINARY(MAX), + CERTIFICATE VARBINARY(MAX), + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + DISPLAY_NAME VARCHAR(255), + UNIQUE (TENANT_ID, NAME) +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE]') AND TYPE IN (N'U')) CREATE TABLE IDP_ROLE ( - ID INTEGER IDENTITY, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE_MAPPING]') AND TYPE IN (N'U')) CREATE TABLE IDP_ROLE_MAPPING ( - ID INTEGER IDENTITY, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM]') AND TYPE IN (N'U')) CREATE TABLE IDP_CLAIM ( - ID INTEGER IDENTITY, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM_MAPPING]') AND TYPE IN (N'U')) CREATE TABLE IDP_CLAIM_MAPPING ( - ID INTEGER IDENTITY, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + IDP_CLAIM_ID INTEGER, + TENANT_ID INTEGER, + LOCAL_CLAIM VARCHAR(253), + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), + FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR]') AND TYPE IN (N'U')) CREATE TABLE IDP_AUTHENTICATOR ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '1', + DISPLAY_NAME VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_METADATA]') AND TYPE IN (N'U')) CREATE TABLE IDP_METADATA ( - ID INTEGER IDENTITY, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); - -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); + ID INTEGER IDENTITY, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR_PROPERTY]') AND TYPE IN (N'U')) CREATE TABLE IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE); - -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + AUTHENTICATOR_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047), + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), + FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_CONFIG]') AND TYPE IN (N'U')) CREATE TABLE IDP_PROVISIONING_CONFIG ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + IDP_ID INTEGER, + PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '0', + IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROV_CONFIG_PROPERTY]') AND TYPE IN (N'U')) CREATE TABLE IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE VARBINARY(MAX), - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + PROVISIONING_CONFIG_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2048), + PROPERTY_BLOB_VALUE VARBINARY(MAX), + PROPERTY_TYPE CHAR(32) NOT NULL, + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_ENTITY]') AND TYPE IN (N'U')) CREATE TABLE IDP_PROVISIONING_ENTITY ( - ID INTEGER IDENTITY, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + PROVISIONING_CONFIG_ID INTEGER, + ENTITY_TYPE VARCHAR(255) NOT NULL, + ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, + ENTITY_NAME VARCHAR(255) NOT NULL, + ENTITY_VALUE VARCHAR(255), + TENANT_ID INTEGER, + ENTITY_LOCAL_ID VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), + UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_LOCAL_CLAIM]') AND TYPE IN (N'U')) CREATE TABLE IDP_LOCAL_CLAIM ( - ID INTEGER IDENTITY, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + ID INTEGER IDENTITY, + TENANT_ID INTEGER, + IDP_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_ASSOCIATED_ID]') AND TYPE IN (N'U')) CREATE TABLE IDN_ASSOCIATED_ID ( - ID INTEGER IDENTITY, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER IDENTITY, + IDP_USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + IDP_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_USER_ACCOUNT_ASSOCIATION]') AND TYPE IN (N'U')) CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) +); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[FIDO_DEVICE_STORE]') AND TYPE IN (N'U')) CREATE TABLE FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED DATETIME, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); - + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED DATETIME, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) +); + IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST]') AND TYPE IN (N'U')) CREATE TABLE WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT DATETIME, - UPDATED_AT DATETIME, - STATUS VARCHAR (30), - REQUEST VARBINARY(MAX), - PRIMARY KEY (UUID) + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT DATETIME, + UPDATED_AT DATETIME, + STATUS VARCHAR (30), + REQUEST VARBINARY(MAX), + PRIMARY KEY (UUID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_BPS_PROFILE]') AND TYPE IN (N'U')) CREATE TABLE WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), - CALLBACK_HOST VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(255), + HOST_URL_WORKER VARCHAR(255), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(1023), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW]') AND TYPE IN (N'U')) CREATE TABLE WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_ASSOCIATION]') AND TYPE IN (N'U')) CREATE TABLE WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL IDENTITY , - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + ID INTEGER NOT NULL IDENTITY , + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_CONFIG_PARAM]') AND TYPE IN (N'U')) CREATE TABLE WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE ); IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST_ENTITY_RELATIONSHIP]') AND TYPE IN (N'U')) @@ -620,6 +679,282 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( ); +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_RECOVERY_DATA]') AND TYPE IN (N'U')) +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED DATETIME NOT NULL, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_PASSWORD_HISTORY_DATA]') AND TYPE IN (N'U')) +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL IDENTITY , + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED DATETIME NOT NULL, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH), +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_DIALECT]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL IDENTITY, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CLAIM ( + ID INTEGER NOT NULL IDENTITY, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPED_ATTRIBUTE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL IDENTITY, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_PROPERTY]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL IDENTITY, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPING]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL IDENTITY, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE , + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE NO ACTION , + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SAML2_ASSERTION_STORE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL IDENTITY, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_JTI]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME DATETIME NOT NULL, + TIME_CREATED DATETIME NOT NULL, + PRIMARY KEY (JWT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_PROPERTY]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER , + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL , + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_REFERENCE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL IDENTITY, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE , + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID), + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_CLAIMS]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL IDENTITY, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJ_CLAIM_VALUES]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL IDENTITY, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CERTIFICATE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER IDENTITY, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM VARBINARY(MAX), + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +); + +-- Start of CONSENT-MGT Tables -- + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PII_CATEGORY]') AND TYPE IN (N'U')) +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT]') AND TYPE IN (N'U')) +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP DATETIME NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_CATEGORY]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT_SP_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER NOT NULL IDENTITY, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER NOT NULL IDENTITY, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID), + FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PURPOSE_CAT_ASSC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID), + FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID), + FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID), + FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID), + FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_CONSENT_RECEIPT_PROPERTY]') AND TYPE IN (N'U')) +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME), + FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- + -- Start of API-Mgt Tables -- IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_SUBSCRIBER]') AND TYPE IN (N'U')) @@ -716,7 +1051,7 @@ IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[A CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING ( SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(512), KEY_TYPE VARCHAR(512) NOT NULL, FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE, PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) @@ -742,7 +1077,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INTEGER, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -852,10 +1187,10 @@ CREATE TABLE AM_API_SCOPES ( IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_DEFAULT_VERSION]') AND TYPE IN (N'U')) CREATE TABLE AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INTEGER NOT NULL IDENTITY, + DEFAULT_VERSION_ID INTEGER NOT NULL IDENTITY, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ); @@ -873,21 +1208,21 @@ CREATE TABLE AM_ALERT_TYPES ( ); CREATE TABLE AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONST UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) ); -CREATE TABLE AM_ALERT_EMAILLIST ( +CREATE TABLE AM_ALERT_EMAILLIST ( EMAIL_LIST_ID INTEGER NOT NULL IDENTITY, - USER_NAME VARCHAR(255) NOT NULL , + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_EMAILLIST_CONST UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER), PRIMARY KEY (EMAIL_LIST_ID) ); -CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAILLIST_DETAILS_CONST UNIQUE (EMAIL_LIST_ID,EMAIL) @@ -1072,7 +1407,7 @@ IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[A CREATE TABLE AM_BLOCK_CONDITIONS ( CONDITION_ID INTEGER IDENTITY(1,1), TYPE varchar(45) DEFAULT NULL, - VALUE varchar(45) DEFAULT NULL, + VALUE varchar(512) DEFAULT NULL, ENABLED varchar(45) DEFAULT NULL, DOMAIN varchar(45) DEFAULT NULL, UUID VARCHAR(256), @@ -1080,13 +1415,49 @@ CREATE TABLE AM_BLOCK_CONDITIONS ( UNIQUE (UUID) ); +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_CERTIFICATE_METADATA]') AND TYPE IN (N'U')) +CREATE TABLE AM_CERTIFICATE_METADATA ( + TENANT_ID INTEGER NOT NULL, + ALIAS VARCHAR(45) NOT NULL, + END_POINT VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APPLICATION_GROUP_MAPPING]') AND TYPE IN (N'U')) +CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512), + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_USAGE_UPLOADED_FILES]') AND TYPE IN (N'U')) +CREATE TABLE AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN VARCHAR(255) NOT NULL, + FILE_NAME VARCHAR(255) NOT NULL, + FILE_TIMESTAMP DATETIME DEFAULT GETDATE(), + FILE_PROCESSED INTEGER DEFAULT 0, + FILE_CONTENT VARBINARY(MAX) DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +); + + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_LC_PUBLISH_EVENTS]') AND TYPE IN (N'U')) +CREATE TABLE AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER NOT NULL IDENTITY, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME DATETIME DEFAULT GETDATE(), + PRIMARY KEY (ID) +); -- End of API-MGT Tables -- --Permance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN); create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); create index IDX_AAI_CTX on AM_API (CONTEXT); create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql.sql index 35e38d7e..419a4652 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql.sql @@ -10,7 +10,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( ID INTEGER NOT NULL AUTO_INCREMENT, CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(512), + CONSUMER_SECRET VARCHAR(2048), USERNAME VARCHAR(255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -20,10 +20,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +)ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR(255), REQUEST_TOKEN_SECRET VARCHAR(512), @@ -51,8 +62,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(255), - REFRESH_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, @@ -67,6 +78,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -77,12 +90,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(512), + AUTHORIZATION_CODE VARCHAR(2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), @@ -93,10 +108,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR(255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255), TOKEN_SCOPE VARCHAR (60), @@ -106,21 +124,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT, - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INT(11) NOT NULL DEFAULT 0, - ROLES VARCHAR (500) NULL, + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID) )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +)ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER (11) NOT NULL, + SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( @@ -175,7 +198,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) )ENGINE INNODB; @@ -222,6 +245,7 @@ CREATE TABLE IF NOT EXISTS SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -247,6 +271,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -283,6 +308,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE INNODB; @@ -318,11 +344,21 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID)); + CREATE TABLE IF NOT EXISTS IDP ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -348,8 +384,6 @@ CREATE TABLE IF NOT EXISTS IDP ( UNIQUE (TENANT_ID, NAME) )ENGINE INNODB; -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); - CREATE TABLE IF NOT EXISTS IDP_ROLE ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -405,10 +439,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); - CREATE TABLE IF NOT EXISTS IDP_METADATA ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -421,9 +451,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -436,9 +463,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -446,6 +470,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE @@ -539,7 +564,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), CALLBACK_USERNAME VARCHAR (45), CALLBACK_PASSWORD VARCHAR (255), @@ -601,8 +626,279 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +)ENGINE INNODB; + + -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +)ENGINE INNODB; + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- + -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( SUBSCRIBER_ID INTEGER AUTO_INCREMENT, @@ -686,7 +982,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(512), KEY_TYPE VARCHAR(255) NOT NULL, FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) @@ -781,7 +1077,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -1010,7 +1306,7 @@ ENGINE = InnoDB; CREATE TABLE `AM_BLOCK_CONDITIONS` ( `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, `ENABLED` varchar(45) DEFAULT NULL, `DOMAIN` varchar(45) DEFAULT NULL, `UUID` VARCHAR(254), @@ -1018,17 +1314,47 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` ( UNIQUE (`UUID`) ) ENGINE=InnoDB; +CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `END_POINT` VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512)NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) ENGINE=InnoDB; + -- End of API-MGT Tables -- -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN); create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); -create index IDX_AAI_CTX on AM_API (CONTEXT); create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); -create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql5.7.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql5.7.sql index c644470c..5eafb186 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql5.7.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql5.7.sql @@ -10,7 +10,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( ID INTEGER NOT NULL AUTO_INCREMENT, CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(512), + CONSUMER_SECRET VARCHAR(2048), USERNAME VARCHAR(255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -20,10 +20,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +)ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR(255), REQUEST_TOKEN_SECRET VARCHAR(512), @@ -51,22 +62,24 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(255), - REFRESH_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), USER_TYPE VARCHAR (25), GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, VALIDITY_PERIOD BIGINT, REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, TOKEN_SCOPE_HASH VARCHAR(32), TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -77,12 +90,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(512), + AUTHORIZATION_CODE VARCHAR(2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), @@ -93,10 +108,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR(255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255), TOKEN_SCOPE VARCHAR (60), @@ -106,21 +124,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT, - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INT(11) NOT NULL DEFAULT 0, - ROLES VARCHAR (500) NULL, + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID) )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +)ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER (11) NOT NULL, + SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( @@ -175,7 +198,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) )ENGINE INNODB; @@ -222,6 +245,7 @@ CREATE TABLE IF NOT EXISTS SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -247,6 +271,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -283,6 +308,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE INNODB; @@ -318,11 +344,21 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)); + CREATE TABLE IF NOT EXISTS IDP ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -348,8 +384,6 @@ CREATE TABLE IF NOT EXISTS IDP ( UNIQUE (TENANT_ID, NAME) )ENGINE INNODB; -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); - CREATE TABLE IF NOT EXISTS IDP_ROLE ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -405,10 +439,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); - CREATE TABLE IF NOT EXISTS IDP_METADATA ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -421,9 +451,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -436,9 +463,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE )ENGINE INNODB; -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -446,6 +470,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE @@ -521,7 +546,7 @@ CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( DEVICE_DATA VARCHAR(2048) NOT NULL, PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) )ENGINE INNODB; - + CREATE TABLE IF NOT EXISTS WF_REQUEST ( UUID VARCHAR (45), CREATED_BY VARCHAR (255), @@ -539,7 +564,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), CALLBACK_USERNAME VARCHAR (45), CALLBACK_PASSWORD VARCHAR (255), @@ -601,8 +626,279 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +)ENGINE INNODB; + + -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +)ENGINE INNODB; + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +)ENGINE INNODB; + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- + -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( SUBSCRIBER_ID INTEGER AUTO_INCREMENT, @@ -686,7 +982,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(512), KEY_TYPE VARCHAR(512) NOT NULL, FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) @@ -781,7 +1077,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -799,10 +1095,10 @@ CREATE TABLE IF NOT EXISTS AM_API_SCOPES ( )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, + DEFAULT_VERSION_ID INT AUTO_INCREMENT, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) )ENGINE = INNODB; @@ -811,29 +1107,29 @@ CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID) CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; @@ -1009,7 +1305,7 @@ ENGINE = InnoDB; CREATE TABLE `AM_BLOCK_CONDITIONS` ( `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, `ENABLED` varchar(45) DEFAULT NULL, `DOMAIN` varchar(45) DEFAULT NULL, `UUID` VARCHAR(256), @@ -1017,12 +1313,43 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` ( UNIQUE (`UUID`) ) ENGINE=InnoDB; +CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `END_POINT` VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) ENGINE=InnoDB; -- End of API-MGT Tables -- -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN); create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); create index IDX_AAI_CTX on AM_API (CONTEXT); create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql_cluster.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql_cluster.sql index 2c6721ff..9198ff02 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/mysql_cluster.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/mysql_cluster.sql @@ -19,13 +19,24 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) )ENGINE NDB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +)ENGINE NDB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), + REQUEST_TOKEN_SECRET VARCHAR(2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR(1024), SCOPE VARCHAR(2048), @@ -50,8 +61,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(255), - REFRESH_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, @@ -66,6 +77,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -76,12 +89,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(512), + AUTHORIZATION_CODE VARCHAR(2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), @@ -92,10 +107,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR(255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE NDB; +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255), TOKEN_SCOPE VARCHAR (60), @@ -105,21 +123,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( )ENGINE NDB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT, - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INT(11) NOT NULL DEFAULT 0, - ROLES VARCHAR (500) NULL, + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID) )ENGINE NDB; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +)ENGINE NDB; + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER (11) NOT NULL, + SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE NDB; CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( @@ -174,7 +197,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) )ENGINE NDB; @@ -209,21 +232,22 @@ CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( CREATE TABLE IF NOT EXISTS SP_APP ( ID INTEGER NOT NULL AUTO_INCREMENT, TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, + APP_NAME VARCHAR (255) NOT NULL , + USER_STORE VARCHAR (255) NOT NULL, USERNAME VARCHAR (255) NOT NULL , DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), + ROLE_CLAIM VARCHAR (512), AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', + PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), + IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', + IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', + IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', + SUBJECT_CLAIM_URI VARCHAR (512), + IS_SAAS_APP CHAR(1) DEFAULT '0', + IS_DUMB_MODE CHAR(1) DEFAULT '0', PRIMARY KEY (ID) )ENGINE NDB; @@ -246,6 +270,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -282,6 +307,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE NDB; @@ -317,67 +343,75 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID) )ENGINE NDB; ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID)); + CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME) + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME) )ENGINE NDB; -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE NDB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE NDB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE NDB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( @@ -404,10 +438,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE NDB; -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); - CREATE TABLE IF NOT EXISTS IDP_METADATA ( ID INTEGER AUTO_INCREMENT, IDP_ID INTEGER, @@ -420,9 +450,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA ( FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE NDB; -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -435,9 +462,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE )ENGINE NDB; -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( ID INTEGER AUTO_INCREMENT, TENANT_ID INTEGER, @@ -445,6 +469,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE @@ -520,7 +545,7 @@ CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( DEVICE_DATA VARCHAR(2048) NOT NULL, PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) )ENGINE NDB; - + CREATE TABLE IF NOT EXISTS WF_REQUEST ( UUID VARCHAR (45), CREATED_BY VARCHAR (255), @@ -538,7 +563,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), CALLBACK_USERNAME VARCHAR (45), CALLBACK_PASSWORD VARCHAR (255), @@ -600,7 +625,278 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE NDB; --- End of IDN Tables-- +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) DEFAULT '0' , + VALUE VARCHAR(255) , + ESSENTIAL CHAR(1) DEFAULT '0' , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +)ENGINE NDB; + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +)ENGINE NDB; + + +-- End of IDENTITY Tables-- + +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +)ENGINE NDB; + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +)ENGINE NDB; + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +)ENGINE NDB; + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +)ENGINE NDB; + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +)ENGINE NDB; + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +)ENGINE NDB; + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( @@ -685,7 +981,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(512), KEY_TYPE VARCHAR(255) NOT NULL, FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) @@ -780,7 +1076,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -798,10 +1094,10 @@ CREATE TABLE IF NOT EXISTS AM_API_SCOPES ( )ENGINE = NDB; CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, + DEFAULT_VERSION_ID INT AUTO_INCREMENT, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ); @@ -811,28 +1107,28 @@ CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID) CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )ENGINE NDB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONSTRAINT UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE NDB; -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID), CONSTRAINT AM_ALERT_EMAILLIST_CONSTRAINT UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = NDB; -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAILLIST_DETAILS_CONSTRAINT UNIQUE (EMAIL_LIST_ID,EMAIL) @@ -1010,7 +1306,7 @@ ENGINE = NDB; CREATE TABLE `AM_BLOCK_CONDITIONS` ( `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, `ENABLED` varchar(45) DEFAULT NULL, `DOMAIN` varchar(45) DEFAULT NULL, `UUID` VARCHAR(254), @@ -1018,12 +1314,43 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` ( UNIQUE (`UUID`) ) ENGINE = NDB; +CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `END_POINT` VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`) +) ENGINE = NDB; + +CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +) ENGINE=NDB; -- End of API-MGT Tables -- +CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +) ENGINE=NDB; + +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) ENGINE=NDB; + -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN); create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); create index IDX_AAI_CTX on AM_API (CONTEXT); create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/oracle.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/oracle.sql index 40b8f1fe..d4d397ca 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/oracle.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/oracle.sql @@ -1,12 +1,11 @@ -- Create Oracle New User and Connect -------------------------------------- --- CREATE USER apimuser IDENTIFIED BY wso2; --- GRANT CONNECT,RESOURCE to apimuser WITH ADMIN OPTION; +-- CREATE USER apimuser IDENTIFIED BY wso2; +-- GRANT CONNECT,RESOURCE to apimuser WITH ADMIN OPTION; -- CONNECT apimuser/wso2 -- -- Start of IDN Tables -- - CREATE TABLE IDN_BASE_TABLE ( PRODUCT_NAME VARCHAR2 (20), PRIMARY KEY (PRODUCT_NAME)) @@ -16,7 +15,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server') CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( ID INTEGER, CONSUMER_KEY VARCHAR2 (255), - CONSUMER_SECRET VARCHAR2 (512), + CONSUMER_SECRET VARCHAR2 (2048), USERNAME VARCHAR2 (255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -26,9 +25,20 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID)) / +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +) +/ CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE / CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG @@ -65,8 +75,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN ( / CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR2 (255), - REFRESH_TOKEN VARCHAR2 (255), + ACCESS_TOKEN VARCHAR2 (2048), + REFRESH_TOKEN VARCHAR2 (2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR2 (100), TENANT_ID INTEGER, @@ -81,6 +91,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR2 (25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR2 (512), + REFRESH_TOKEN_HASH VARCHAR2 (512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -88,14 +100,16 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( / CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) / +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) +/ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE) / CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR2 (512), + AUTHORIZATION_CODE VARCHAR2 (2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR2 (1024), - SCOPE VARCHAR2(2048), + SCOPE VARCHAR2(4096), AUTHZ_USER VARCHAR2 (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR2 (50), @@ -106,9 +120,12 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR (255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR2 (512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) / +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID) +/ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR2 (255), TOKEN_SCOPE VARCHAR2 (60), @@ -117,12 +134,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE) / CREATE TABLE IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER, - SCOPE_KEY VARCHAR2 (100) NOT NULL, - NAME VARCHAR2 (255) NULL, - DESCRIPTION VARCHAR2 (512) NULL, - TENANT_ID INTEGER DEFAULT 0, - ROLES VARCHAR2 (500) NULL, + SCOPE_ID INTEGER NOT NULL, + NAME VARCHAR2(255) NOT NULL, + DISPLAY_NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(512), + TENANT_ID INTEGER DEFAULT -1 NOT NULL, PRIMARY KEY (SCOPE_ID)) / CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE @@ -136,6 +152,11 @@ CREATE OR REPLACE TRIGGER IDN_OAUTH2_SCOPE_TRIGGER SELECT IDN_OAUTH2_SCOPE_SEQUENCE.nextval INTO :NEW.SCOPE_ID FROM dual; END; / +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR2(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE) +/ CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR2 (255) NOT NULL, SCOPE_ID INTEGER NOT NULL, @@ -214,7 +235,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) / CREATE TABLE IDN_IDENTITY_META_DATA ( @@ -259,6 +280,7 @@ CREATE TABLE SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -307,6 +329,7 @@ CREATE TABLE SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -345,7 +368,7 @@ CREATE OR REPLACE TRIGGER SP_AUTH_STEP_TRIG SELECT SP_AUTH_STEP_SEQ.nextval INTO :NEW.ID FROM dual; END; / -ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONST_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE / CREATE TABLE SP_FEDERATED_IDP ( ID INTEGER NOT NULL, @@ -362,6 +385,7 @@ CREATE TABLE SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID)) / @@ -426,7 +450,8 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR ( CONNECTOR_NAME VARCHAR (255) NOT NULL , APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) DEFAULT '0', - BLOCKING CHAR(1) DEFAULT '0', + BLOCKING CHAR(1) DEFAULT '0', + RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL, PRIMARY KEY (ID)) / CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 NOCACHE @@ -440,7 +465,30 @@ CREATE OR REPLACE TRIGGER SP_PROV_CONNECTOR_TRIG SELECT SP_PROV_CONNECTOR_SEQ.nextval INTO :NEW.ID FROM dual; END; / -ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONST FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE +/ +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG + BEFORE INSERT + ON SP_AUTH_SCRIPT + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT SP_AUTH_SCRIPT_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; / CREATE TABLE IDP ( ID INTEGER, @@ -488,8 +536,6 @@ CREATE TABLE IDP_ROLE ( / CREATE SEQUENCE IDP_ROLE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE / -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost') -/ CREATE OR REPLACE TRIGGER IDP_ROLE_TRIG BEFORE INSERT ON IDP_ROLE @@ -584,12 +630,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_TRIG SELECT IDP_AUTHENTICATOR_SEQ.nextval INTO :NEW.ID FROM dual; END; / -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso') -/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties') -/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests') -/ CREATE TABLE IDP_METADATA ( ID INTEGER, IDP_ID INTEGER, @@ -612,11 +652,6 @@ CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual; END; / - -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout') -/ -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout') -/ CREATE TABLE IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER, TENANT_ID INTEGER, @@ -639,10 +674,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG SELECT IDP_AUTHENTICATOR_PROP_SEQ.nextval INTO :NEW.ID FROM dual; END; / -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0') -/ -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0') -/ CREATE TABLE IDP_PROVISIONING_CONFIG ( ID INTEGER, TENANT_ID INTEGER, @@ -650,6 +681,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) @@ -720,7 +752,7 @@ CREATE TABLE IDP_LOCAL_CLAIM ( IDP_ID INTEGER, CLAIM_URI VARCHAR(255) NOT NULL, DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_REQUESTED VARCHAR(128) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) @@ -795,7 +827,7 @@ CREATE TABLE WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR2(255), HOST_URL_WORKER VARCHAR2(255), USERNAME VARCHAR2(45), - PASSWORD VARCHAR2(255), + PASSWORD VARCHAR2(1023), CALLBACK_HOST VARCHAR2 (45), TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID)) @@ -868,8 +900,472 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) / + +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR2(255) NOT NULL, + SCENARIO VARCHAR2(255) NOT NULL, + STEP VARCHAR2(127) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + REMAINING_SETS VARCHAR2(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +) + +/ +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER, + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR2(255), + HASH VARCHAR2(255) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + PRIMARY KEY(ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +) +/ + +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG +BEFORE INSERT +ON IDN_PASSWORD_HISTORY_DATA +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG + BEFORE INSERT + ON IDN_CLAIM_DIALECT + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_DIALECT_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM ( + ID INTEGER, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG + BEFORE INSERT + ON IDN_CLAIM + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG + BEFORE INSERT + ON IDN_CLAIM_MAPPED_ATTRIBUTE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG + BEFORE INSERT + ON IDN_CLAIM_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG + BEFORE INSERT + ON IDN_CLAIM_MAPPING + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPING_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR2(4000) , + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG + BEFORE INSERT + ON IDN_SAML2_ASSERTION_STORE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + PRIMARY KEY (JWT_ID)) +/ + +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG + BEFORE INSERT + ON IDN_OIDC_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_REFERENCE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER, + REQ_OBJECT_ID INTEGER , + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) DEFAULT '0', + VALUE VARCHAR(255), + IS_USERINFO CHAR(1) DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_CLAIMS + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER, + REQ_OBJECT_CLAIMS_ID INTEGER, + CLAIM_VALUES VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER + BEFORE INSERT + ON IDN_CERTIFICATE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual; + END; +/ + -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG + BEFORE INSERT + ON CM_PII_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + VERSION VARCHAR2(255) NOT NULL, + JURISDICTION VARCHAR2(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR2(255) NOT NULL, + LANGUAGE VARCHAR2(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR2(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR2(255) NOT NULL, + STATE VARCHAR2(255) NOT NULL, + PII_CONTROLLER VARCHAR2(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG + BEFORE INSERT + ON CM_PURPOSE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG + BEFORE INSERT + ON CM_PURPOSE_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER, + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + SP_NAME VARCHAR2(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG + BEFORE INSERT + ON CM_RECEIPT_SP_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR2(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR2(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR2(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG + BEFORE INSERT + ON CM_SP_PURPOSE_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID,PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + NAME VARCHAR2(255) NOT NULL, + VALUE VARCHAR2(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234') +/ +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234') +/ + +-- End of CONSENT-MGT Tables -- + -- Start of API-MGT Tables-- CREATE TABLE AM_SUBSCRIBER ( SUBSCRIBER_ID INTEGER, @@ -1048,7 +1544,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR2(255) NOT NULL, APP_ID INTEGER, TOKEN_TYPE VARCHAR2(30), - TOKEN_SCOPE VARCHAR2(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR2(1500) DEFAULT 'default', INPUTS VARCHAR2(1024), ALLOWED_DOMAINS VARCHAR2(256), VALIDITY_PERIOD NUMBER(19), @@ -1241,10 +1737,10 @@ CREATE OR REPLACE TRIGGER AM_EXTERNAL_STORES_TRIGGER / CREATE TABLE AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID NUMBER, + DEFAULT_VERSION_ID NUMBER, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ) @@ -1267,7 +1763,7 @@ CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID) CREATE TABLE AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID)) / @@ -1286,15 +1782,15 @@ CREATE OR REPLACE TRIGGER AM_ALERT_TYPES_TRIG CREATE TABLE AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONST UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER)) / CREATE TABLE AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , + EMAIL_LIST_ID INTEGER, + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_EMAILLIST_CONST UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER), PRIMARY KEY (EMAIL_LIST_ID)) @@ -1313,9 +1809,9 @@ CREATE OR REPLACE TRIGGER AM_ALERT_EMAILLIST_TRIG END; / -CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAIL_LIST_DET_CONST UNIQUE (EMAIL_LIST_ID,EMAIL)) / @@ -1444,7 +1940,7 @@ CREATE TABLE AM_CONDITION_GROUP ( TIME_UNIT VARCHAR2(25) NOT NULL, DESCRIPTION VARCHAR2(1024) DEFAULT NULL NULL, PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE + FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1486,7 +1982,7 @@ CREATE TABLE AM_HEADER_FIELD_CONDITION ( HEADER_FIELD_VALUE VARCHAR2(255) DEFAULT NULL, IS_HEADER_FIELD_MAPPING CHAR(1) DEFAULT 1, PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1507,7 +2003,7 @@ CREATE TABLE AM_JWT_CLAIM_CONDITION ( CLAIM_ATTRIB VARCHAR2(1024) DEFAULT NULL, IS_CLAIM_MAPPING CHAR(1) DEFAULT 1, PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1594,13 +2090,13 @@ END; CREATE TABLE AM_BLOCK_CONDITIONS ( CONDITION_ID INTEGER NOT NULL, TYPE varchar2(45) DEFAULT NULL, - VALUE varchar2(45) DEFAULT NULL, + VALUE varchar2(512) DEFAULT NULL, ENABLED varchar2(45) DEFAULT NULL, DOMAIN varchar2(45) DEFAULT NULL, UUID VARCHAR2(256), PRIMARY KEY (CONDITION_ID), UNIQUE (UUID) -) +) / -- Generate ID using sequence and trigger CREATE SEQUENCE AM_BLOCK_CONDITIONS_seq START WITH 1 INCREMENT BY 1 @@ -1613,6 +2109,54 @@ BEGIN END; / +CREATE TABLE AM_CERTIFICATE_METADATA ( + TENANT_ID INTEGER NOT NULL, + ALIAS VARCHAR2(45) NOT NULL, + END_POINT VARCHAR2(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT) +) +/ + +CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR2(512) NOT NULL, + TENANT VARCHAR2 (255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE +) +/ + +CREATE TABLE AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN VARCHAR2 (255) NOT NULL, + FILE_NAME VARCHAR2 (255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED INTEGER DEFAULT 0, + FILE_CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)) +/ + +CREATE TABLE AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER, + TENANT_DOMAIN VARCHAR2 (500) NOT NULL, + API_ID VARCHAR2 (500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) +/ + +CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE OR REPLACE TRIGGER AM_API_LC_PUBLISH_EVENTS_TRIG + BEFORE INSERT + ON AM_API_LC_PUBLISH_EVENTS + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT AM_API_LC_PUBLISH_EVENTS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ -- End of API-MGT Tables -- --permance indexes start-- @@ -1644,4 +2188,3 @@ create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE) create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY) / -- Performance indexes end-- - diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/oracle_rac.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/oracle_rac.sql index 3f0d9d64..c72dbf48 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/oracle_rac.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/oracle_rac.sql @@ -1,7 +1,7 @@ -- Create Oracle New User and Connect -------------------------------------- --- CREATE USER apimuser IDENTIFIED BY wso2; --- GRANT CONNECT,RESOURCE to apimuser WITH ADMIN OPTION; +-- CREATE USER apimuser IDENTIFIED BY wso2; +-- GRANT CONNECT,RESOURCE to apimuser WITH ADMIN OPTION; -- CONNECT apimuser/wso2 -- @@ -15,7 +15,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server') CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( ID INTEGER, CONSUMER_KEY VARCHAR2 (255), - CONSUMER_SECRET VARCHAR2 (512), + CONSUMER_SECRET VARCHAR2 (2048), USERNAME VARCHAR2 (255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -25,9 +25,20 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID)) / +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +) +/ CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER / CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG @@ -64,8 +75,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN ( / CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR2 (255), - REFRESH_TOKEN VARCHAR2 (255), + ACCESS_TOKEN VARCHAR2 (2048), + REFRESH_TOKEN VARCHAR2 (2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR2 (100), TENANT_ID INTEGER, @@ -80,6 +91,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR2 (25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR2 (512), + REFRESH_TOKEN_HASH VARCHAR2 (512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -89,12 +102,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER / CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) / +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) +/ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR2 (512), + AUTHORIZATION_CODE VARCHAR2 (2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR2 (1024), - SCOPE VARCHAR2(2048), + SCOPE VARCHAR2(4096), AUTHZ_USER VARCHAR2 (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR2(50), @@ -105,9 +120,12 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR (255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR2 (512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) / +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID) +/ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR2 (255), TOKEN_SCOPE VARCHAR2 (60), @@ -116,12 +134,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE) / CREATE TABLE IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER, - SCOPE_KEY VARCHAR2 (100) NOT NULL, - NAME VARCHAR2 (255) NULL, - DESCRIPTION VARCHAR2 (512) NULL, - TENANT_ID INTEGER DEFAULT 0, - ROLES VARCHAR2 (500) NULL, + SCOPE_ID INTEGER NOT NULL, + NAME VARCHAR2(255) NOT NULL, + DISPLAY_NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(512), + TENANT_ID INTEGER DEFAULT -1 NOT NULL, PRIMARY KEY (SCOPE_ID)) / CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 CACHE 20 ORDER @@ -135,6 +152,11 @@ CREATE OR REPLACE TRIGGER IDN_OAUTH2_SCOPE_TRIGGER SELECT IDN_OAUTH2_SCOPE_SEQUENCE.nextval INTO :NEW.SCOPE_ID FROM dual; END; / +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR2(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE) +/ CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR2 (255) NOT NULL, SCOPE_ID INTEGER NOT NULL, @@ -213,7 +235,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) / CREATE TABLE IDN_IDENTITY_META_DATA ( @@ -258,6 +280,7 @@ CREATE TABLE SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -305,6 +328,7 @@ CREATE TABLE SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -360,6 +384,7 @@ CREATE TABLE SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID)) / @@ -424,7 +449,8 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR ( CONNECTOR_NAME VARCHAR (255) NOT NULL , APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) DEFAULT '0', - BLOCKING CHAR(1) DEFAULT '0', + BLOCKING CHAR(1) DEFAULT '0', + RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL, PRIMARY KEY (ID)) / CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER @@ -440,6 +466,27 @@ CREATE OR REPLACE TRIGGER SP_PROV_CONNECTOR_TRIG / ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE / +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG + BEFORE INSERT + ON SP_AUTH_SCRIPT + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT SP_AUTH_SCRIPT_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + CREATE TABLE IDP ( ID INTEGER, TENANT_ID INTEGER, @@ -476,8 +523,6 @@ CREATE OR REPLACE TRIGGER IDP_TRIG END; / -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost') -/ CREATE TABLE IDP_ROLE ( ID INTEGER, IDP_ID INTEGER, @@ -583,12 +628,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_TRIG SELECT IDP_AUTHENTICATOR_SEQ.nextval INTO :NEW.ID FROM dual; END; / -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso') -/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties') -/ -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests') -/ CREATE TABLE IDP_METADATA ( ID INTEGER, IDP_ID INTEGER, @@ -611,10 +650,6 @@ CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual; END; -/ -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout') -/ -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout') / CREATE TABLE IDP_AUTHENTICATOR_PROPERTY ( ID INTEGER, @@ -638,10 +673,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG SELECT IDP_AUTHENTICATOR_PROP_SEQ.nextval INTO :NEW.ID FROM dual; END; / -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0') -/ -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0') -/ CREATE TABLE IDP_PROVISIONING_CONFIG ( ID INTEGER, TENANT_ID INTEGER, @@ -649,6 +680,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) @@ -792,7 +824,7 @@ CREATE TABLE WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR2(255), HOST_URL_WORKER VARCHAR2(255), USERNAME VARCHAR2(45), - PASSWORD VARCHAR2(255), + PASSWORD VARCHAR2(1023), CALLBACK_HOST VARCHAR2 (45), TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID)) @@ -866,8 +898,473 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) / + +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR2(255) NOT NULL, + SCENARIO VARCHAR2(255) NOT NULL, + STEP VARCHAR2(127) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + REMAINING_SETS VARCHAR2(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +) +/ +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER, + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR2(255), + HASH VARCHAR2(255) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +) +/ + +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG +BEFORE INSERT +ON IDN_PASSWORD_HISTORY_DATA +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG + BEFORE INSERT + ON IDN_CLAIM_DIALECT + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_DIALECT_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM ( + ID INTEGER, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG + BEFORE INSERT + ON IDN_CLAIM + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG + BEFORE INSERT + ON IDN_CLAIM_MAPPED_ATTRIBUTE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG + BEFORE INSERT + ON IDN_CLAIM_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG + BEFORE INSERT + ON IDN_CLAIM_MAPPING + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPING_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR2(4000) , + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG + BEFORE INSERT + ON IDN_SAML2_ASSERTION_STORE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) , + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + PRIMARY KEY (JWT_ID)) +/ + +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID) , + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG + BEFORE INSERT + ON IDN_OIDC_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_REFERENCE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER, + REQ_OBJECT_ID INTEGER , + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) DEFAULT '0', + VALUE VARCHAR(255), + IS_USERINFO CHAR(1) DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_CLAIMS + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER, + REQ_OBJECT_CLAIMS_ID INTEGER, + CLAIM_VALUES VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER + BEFORE INSERT + ON IDN_CERTIFICATE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual; + END; +/ + + -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG + BEFORE INSERT + ON CM_PII_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + VERSION VARCHAR2(255) NOT NULL, + JURISDICTION VARCHAR2(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR2(255) NOT NULL, + LANGUAGE VARCHAR2(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR2(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR2(255) NOT NULL, + STATE VARCHAR2(255) NOT NULL, + PII_CONTROLLER VARCHAR2(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG + BEFORE INSERT + ON CM_PURPOSE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG + BEFORE INSERT + ON CM_PURPOSE_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER, + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + SP_NAME VARCHAR2(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG + BEFORE INSERT + ON CM_RECEIPT_SP_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR2(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR2(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR2(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG + BEFORE INSERT + ON CM_SP_PURPOSE_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + NAME VARCHAR2(255) NOT NULL, + VALUE VARCHAR2(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234') +/ +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234') +/ + +-- End of CONSENT-MGT Tables -- + -- Start of API-MGT Tables-- CREATE TABLE AM_SUBSCRIBER ( SUBSCRIBER_ID INTEGER, @@ -1046,7 +1543,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR2(255) NOT NULL, APP_ID INTEGER, TOKEN_TYPE VARCHAR2(30), - TOKEN_SCOPE VARCHAR2(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR2(1500) DEFAULT 'default', INPUTS VARCHAR2(1000), ALLOWED_DOMAINS VARCHAR2(256), VALIDITY_PERIOD NUMBER(19), @@ -1240,10 +1737,10 @@ CREATE OR REPLACE TRIGGER AM_EXTERNAL_STORES_TRIGGER / CREATE TABLE AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID NUMBER, + DEFAULT_VERSION_ID NUMBER, API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ) @@ -1266,7 +1763,7 @@ CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID) CREATE TABLE AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID)) / @@ -1285,15 +1782,15 @@ CREATE OR REPLACE TRIGGER AM_ALERT_TYPES_TRIG CREATE TABLE AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONST UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER)) / CREATE TABLE AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , + EMAIL_LIST_ID INTEGER, + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_EMAILLIST_CONST UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER), PRIMARY KEY (EMAIL_LIST_ID)) @@ -1312,9 +1809,9 @@ CREATE OR REPLACE TRIGGER AM_ALERT_EMAILLIST_TRIG END; / -CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAIL_LIST_DET_CONST UNIQUE (EMAIL_LIST_ID,EMAIL)) / @@ -1444,7 +1941,7 @@ CREATE TABLE AM_CONDITION_GROUP ( TIME_UNIT VARCHAR2(25) NOT NULL, DESCRIPTION VARCHAR2(1024) DEFAULT NULL NULL, PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE + FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1486,7 +1983,7 @@ CREATE TABLE AM_HEADER_FIELD_CONDITION ( HEADER_FIELD_VALUE VARCHAR2(255) DEFAULT NULL, IS_HEADER_FIELD_MAPPING CHAR(1) DEFAULT 1, PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1507,7 +2004,7 @@ CREATE TABLE AM_JWT_CLAIM_CONDITION ( CLAIM_ATTRIB VARCHAR2(1024) DEFAULT NULL, IS_CLAIM_MAPPING CHAR(1) DEFAULT 1, PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ) / -- Generate ID using sequence and trigger @@ -1594,13 +2091,13 @@ END; CREATE TABLE AM_BLOCK_CONDITIONS ( CONDITION_ID INTEGER NOT NULL, TYPE varchar2(45) DEFAULT NULL, - VALUE varchar2(45) DEFAULT NULL, + VALUE varchar2(512) DEFAULT NULL, ENABLED varchar2(45) DEFAULT NULL, DOMAIN varchar2(45) DEFAULT NULL, UUID VARCHAR2(256), PRIMARY KEY (CONDITION_ID), UNIQUE (UUID) -) +) / -- Generate ID using sequence and trigger CREATE SEQUENCE AM_BLOCK_CONDITIONS_seq START WITH 1 INCREMENT BY 1 CACHE 20 ORDER @@ -1613,14 +2110,61 @@ BEGIN END; / +CREATE TABLE AM_CERTIFICATE_METADATA ( + TENANT_ID INTEGER NOT NULL, + ALIAS VARCHAR2(45) NOT NULL, + END_POINT VARCHAR2(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT) +) +/ + +CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR2(512) NOT NULL, + TENANT VARCHAR2 (255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE +) +/ + +CREATE TABLE AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN VARCHAR2 (255) NOT NULL, + FILE_NAME VARCHAR2 (255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED INTEGER DEFAULT 0, + FILE_CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)) +/ + +CREATE TABLE AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER, + TENANT_DOMAIN VARCHAR2 (500) NOT NULL, + API_ID VARCHAR2 (500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) +/ + +CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ + +CREATE OR REPLACE TRIGGER AM_API_LC_PUBLISH_EVENTS_TRIG + BEFORE INSERT + ON AM_API_LC_PUBLISH_EVENTS + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT AM_API_LC_PUBLISH_EVENTS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + -- End of API-MGT Tables -- --permance indexes start-- / create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME) / -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN) -/ create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE) / create index IDX_AAI_CTX on AM_API (CONTEXT) diff --git a/modules/distribution/src/core/resources/dbscripts/apimgt/postgresql.sql b/modules/distribution/src/core/resources/dbscripts/apimgt/postgresql.sql index a8f0a407..4737dbf9 100644 --- a/modules/distribution/src/core/resources/dbscripts/apimgt/postgresql.sql +++ b/modules/distribution/src/core/resources/dbscripts/apimgt/postgresql.sql @@ -15,7 +15,7 @@ CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_PK_SEQ; CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH_CONSUMER_APPS_PK_SEQ'), CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(512), + CONSUMER_SECRET VARCHAR(2048), USERNAME VARCHAR(255), TENANT_ID INTEGER DEFAULT 0, USER_DOMAIN VARCHAR(50), @@ -25,10 +25,22 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS ( GRANT_TYPES VARCHAR (1024), PKCE_MANDATORY CHAR(1) DEFAULT '0', PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000, CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) ); +DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_VALIDATORS; +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +); + DROP TABLE IF EXISTS IDN_OAUTH1A_REQUEST_TOKEN; CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN ( REQUEST_TOKEN VARCHAR(512), @@ -59,8 +71,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN ( DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN; CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(255), - REFRESH_TOKEN VARCHAR(255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), CONSUMER_KEY_ID INTEGER, AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, @@ -75,6 +87,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, @@ -85,13 +99,15 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + DROP TABLE IF EXISTS IDN_OAUTH2_AUTHORIZATION_CODE; CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(512), + AUTHORIZATION_CODE VARCHAR(2048), CONSUMER_KEY_ID INTEGER, CALLBACK_URL VARCHAR(1024), - SCOPE VARCHAR(2048), + SCOPE VARCHAR(4096), AUTHZ_USER VARCHAR (100), TENANT_ID INTEGER, USER_DOMAIN VARCHAR(50), @@ -102,10 +118,13 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE ( SUBJECT_IDENTIFIER VARCHAR(255), PKCE_CODE_CHALLENGE VARCHAR (255), PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), PRIMARY KEY (CODE_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); + DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE; CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( TOKEN_ID VARCHAR (255), @@ -119,21 +138,27 @@ DROP SEQUENCE IF EXISTS IDN_OAUTH2_SCOPE_PK_SEQ; CREATE SEQUENCE IDN_OAUTH2_SCOPE_PK_SEQ; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( SCOPE_ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH2_SCOPE_PK_SEQ'), - SCOPE_KEY VARCHAR(100) NOT NULL, - NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(512) NULL, - TENANT_ID INTEGER DEFAULT 0, - ROLES VARCHAR (500) NULL, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, PRIMARY KEY (SCOPE_ID) ); +DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_BINDING; +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +); + DROP TABLE IF EXISTS IDN_OAUTH2_RESOURCE_SCOPE; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ); DROP TABLE IF EXISTS IDN_SCIM_GROUP; @@ -198,7 +223,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(255), + DATA_VALUE VARCHAR(2048), PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) ); @@ -251,6 +276,7 @@ CREATE TABLE SP_APP ( IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', SUBJECT_CLAIM_URI VARCHAR (512), IS_SAAS_APP CHAR(1) DEFAULT '0', IS_DUMB_MODE CHAR(1) DEFAULT '0', @@ -280,6 +306,7 @@ CREATE TABLE SP_INBOUND_AUTH ( TENANT_ID INTEGER NOT NULL, INBOUND_AUTH_KEY VARCHAR (255), INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, PROP_NAME VARCHAR (255), PROP_VALUE VARCHAR (1024) , APP_ID INTEGER NOT NULL, @@ -320,6 +347,7 @@ CREATE TABLE SP_CLAIM_MAPPING ( SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID)); @@ -360,11 +388,25 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR ( CONNECTOR_NAME VARCHAR (255) NOT NULL , APP_ID INTEGER NOT NULL, IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', + BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', PRIMARY KEY (ID)); ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; +DROP TABLE IF EXISTS SP_AUTH_SCRIPT; +DROP SEQUENCE IF EXISTS SP_AUTH_SCRIPT_SEQ; +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL DEFAULT NEXTVAL('SP_AUTH_SCRIPT_SEQ'), + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BYTEA DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID) +); + DROP TABLE IF EXISTS IDP; DROP SEQUENCE IF EXISTS IDP_SEQ; CREATE SEQUENCE IDP_SEQ; @@ -394,9 +436,6 @@ CREATE TABLE IDP ( DROP TABLE IF EXISTS IDP_ROLE; DROP SEQUENCE IF EXISTS IDP_ROLE_SEQ; - -INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost'); - CREATE SEQUENCE IDP_ROLE_SEQ; CREATE TABLE IDP_ROLE ( ID INTEGER DEFAULT NEXTVAL('IDP_ROLE_SEQ'), @@ -460,11 +499,6 @@ CREATE TABLE IDP_AUTHENTICATOR ( UNIQUE (TENANT_ID, IDP_ID, NAME), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties'); -INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests'); - - DROP TABLE IF EXISTS IDP_METADATA; DROP SEQUENCE IF EXISTS IDP_METADATA_SEQ; CREATE SEQUENCE IDP_METADATA_SEQ; @@ -479,9 +513,6 @@ CREATE TABLE IDP_METADATA ( CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout'); -INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout'); - DROP TABLE IF EXISTS IDP_AUTHENTICATOR_PROP; DROP SEQUENCE IF EXISTS IDP_AUTHENTICATOR_PROP_SEQ; CREATE SEQUENCE IDP_AUTHENTICATOR_PROP_SEQ; @@ -496,9 +527,6 @@ CREATE TABLE IDP_AUTHENTICATOR_PROPERTY ( UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0'); -INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0'); - DROP TABLE IF EXISTS IDP_PROV_CONFIG; DROP SEQUENCE IF EXISTS IDP_PROV_CONFIG_SEQ; CREATE SEQUENCE IDP_PROV_CONFIG_SEQ; @@ -509,6 +537,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG ( PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, IS_ENABLED CHAR (1) DEFAULT '0', IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', PRIMARY KEY (ID), UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); @@ -612,7 +641,7 @@ CREATE TABLE WF_BPS_PROFILE ( HOST_URL_MANAGER VARCHAR(255), HOST_URL_WORKER VARCHAR(255), USERNAME VARCHAR(45), - PASSWORD VARCHAR(255), + PASSWORD VARCHAR(1023), CALLBACK_HOST VARCHAR (45), TENANT_ID INTEGER DEFAULT -1, PRIMARY KEY (PROFILE_NAME, TENANT_ID) @@ -679,8 +708,334 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE ); +DROP TABLE IF EXISTS IDN_RECOVERY_DATA; +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +); + +DROP TABLE IF EXISTS IDN_PASSWORD_HISTORY_DATA; +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_PK_SEQ; +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER DEFAULT NEXTVAL('IDN_PASSWORD_HISTORY_DATA_PK_SEQ'), + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +); + +DROP TABLE IF EXISTS IDN_CLAIM_DIALECT; +DROP SEQUENCE IF EXISTS IDN_CLAIM_DIALECT_SEQ; +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ; +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_DIALECT_SEQ'), + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM; +DROP SEQUENCE IF EXISTS IDN_CLAIM_SEQ; +CREATE SEQUENCE IDN_CLAIM_SEQ; +CREATE TABLE IDN_CLAIM ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_SEQ'), + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE; +DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ; +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ; +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ'), + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_PROPERTY; +DROP SEQUENCE IF EXISTS IDN_CLAIM_PROPERTY_SEQ; +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ; +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_PROPERTY_SEQ'), + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_MAPPING; +DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPING_SEQ; +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ; +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPING_SEQ'), + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_SAML2_ASSERTION_STORE; +DROP SEQUENCE IF EXISTS IDN_SAML2_ASSERTION_STORE_SEQ; +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ; +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER DEFAULT NEXTVAL('IDN_SAML2_ASSERTION_STORE_SEQ'), + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +); +DROP TABLE IF EXISTS IDN_OIDC_JTI; +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (JWT_ID) +); + +DROP TABLE IF EXISTS IDN_OIDC_PROPERTY; +DROP SEQUENCE IF EXISTS IDN_OIDC_PROPERTY_SEQ; +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ; +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_PROPERTY_SEQ'), + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID) , + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQUEST_OBJECT_REF_SEQ; +CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQUEST_OBJECT_REF_SEQ'), + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ; +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ'), + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ; +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ'), + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_CERTIFICATE; +DROP SEQUENCE IF EXISTS IDN_CERTIFICATE_PK_SEQ; +CREATE SEQUENCE IDN_CERTIFICATE_PK_SEQ; +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER DEFAULT NEXTVAL('IDN_CERTIFICATE_PK_SEQ'), + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BYTEA, + TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + + -- End of IDENTITY Tables-- +-- Start of CONSENT-MGT Tables -- + +DROP TABLE IF EXISTS CM_PII_CATEGORY; +DROP SEQUENCE IF EXISTS CM_PII_CATEGORY_PK_SEQ; +CREATE SEQUENCE CM_PII_CATEGORY_PK_SEQ; +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER DEFAULT NEXTVAL('CM_PII_CATEGORY_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_RECEIPT; +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE; +DROP SEQUENCE IF EXISTS CM_PURPOSE_PK_SEQ; +CREATE SEQUENCE CM_PURPOSE_PK_SEQ; +CREATE TABLE CM_PURPOSE ( + ID INTEGER DEFAULT NEXTVAL('CM_PURPOSE_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE_CATEGORY; +DROP SEQUENCE IF EXISTS CM_PURPOSE_CATEGORY_PK_SEQ; +CREATE SEQUENCE CM_PURPOSE_CATEGORY_PK_SEQ; +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER DEFAULT NEXTVAL('CM_PURPOSE_CATEGORY_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_RECEIPT_SP_ASSOC; +DROP SEQUENCE IF EXISTS CM_RECEIPT_SP_ASSOC_PK_SEQ; +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_PK_SEQ; +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER DEFAULT NEXTVAL('CM_RECEIPT_SP_ASSOC_PK_SEQ'), + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_ASSOC; +DROP SEQUENCE IF EXISTS CM_SP_PURPOSE_ASSOC_PK_SEQ; +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_PK_SEQ; +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER DEFAULT NEXTVAL('CM_SP_PURPOSE_ASSOC_PK_SEQ'), + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_PURPOSE_CAT_ASSC; +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE_PII_CAT_ASSOC; +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_PII_CAT_ASSOC; +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_CONSENT_RECEIPT_PROPERTY; +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + +-- End of CONSENT-MGT Tables -- + CREATE SEQUENCE AM_SUBSCRIBER_SEQUENCE START WITH 1 INCREMENT BY 1; CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( SUBSCRIBER_ID INTEGER DEFAULT nextval('am_subscriber_sequence'), @@ -797,7 +1152,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( WF_REF VARCHAR(255) NOT NULL, APP_ID INT, TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(256) DEFAULT 'default', + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', INPUTS VARCHAR(1000), ALLOWED_DOMAINS VARCHAR(256), VALIDITY_PERIOD BIGINT, @@ -906,10 +1261,10 @@ CREATE TABLE IF NOT EXISTS AM_API_SCOPES ( CREATE SEQUENCE AM_API_DEFAULT_VERSION_PK_SEQ; CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INTEGER DEFAULT NEXTVAL('am_api_default_version_pk_seq'), + DEFAULT_VERSION_ID INTEGER DEFAULT NEXTVAL('am_api_default_version_pk_seq'), API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , PRIMARY KEY (DEFAULT_VERSION_ID) ); @@ -923,12 +1278,12 @@ CREATE SEQUENCE AM_ALERT_TYPES_SEQ START WITH 1 INCREMENT BY 1; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER DEFAULT NEXTVAL('am_alert_types_seq'), ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) ); CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, + ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_TYPES_VALUES_CONST UNIQUE (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) @@ -936,17 +1291,17 @@ CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( CREATE SEQUENCE AM_ALERT_EMAILLIST_SEQ START WITH 1 INCREMENT BY 1; -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER DEFAULT NEXTVAL('am_alert_emaillist_seq'), - USER_NAME VARCHAR(255) NOT NULL , +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INTEGER DEFAULT NEXTVAL('am_alert_emaillist_seq'), + USER_NAME VARCHAR(255) NOT NULL , STAKE_HOLDER VARCHAR(100) NOT NULL , CONSTRAINT AM_ALERT_EMAILLIST_CONST UNIQUE (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER), PRIMARY KEY (EMAIL_LIST_ID) ); -CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( +CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), CONSTRAINT AM_ALERT_EMAILLIST_DETAILS_CONST UNIQUE (EMAIL_LIST_ID,EMAIL) ); @@ -1129,7 +1484,7 @@ CREATE SEQUENCE AM_BLOCK_CONDITIONS_SEQ START WITH 1 INCREMENT BY 1; CREATE TABLE AM_BLOCK_CONDITIONS ( CONDITION_ID INTEGER DEFAULT NEXTVAL('AM_BLOCK_CONDITIONS_SEQ'), TYPE varchar(45) DEFAULT NULL, - VALUE varchar(45) DEFAULT NULL, + VALUE varchar(512) DEFAULT NULL, ENABLED varchar(45) DEFAULT NULL, DOMAIN varchar(45) DEFAULT NULL, UUID VARCHAR(256), @@ -1137,12 +1492,49 @@ CREATE TABLE AM_BLOCK_CONDITIONS ( UNIQUE (UUID) ); +DROP TABLE IF EXISTS AM_CERTIFICATE_METADATA; +CREATE TABLE AM_CERTIFICATE_METADATA ( + TENANT_ID INTEGER NOT NULL, + ALIAS VARCHAR(45) NOT NULL, + END_POINT VARCHAR(45) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT) +); + +DROP TABLE IF EXISTS AM_APPLICATION_GROUP_MAPPING; +CREATE TABLE AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +); + +DROP TABLE IF EXISTS AM_USAGE_UPLOADED_FILES; +CREATE TABLE AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN VARCHAR(255) NOT NULL, + FILE_NAME VARCHAR(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED INTEGER DEFAULT 0, + FILE_CONTENT BYTEA DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +); + +DROP TABLE IF EXISTS AM_API_LC_PUBLISH_EVENTS; +DROP SEQUENCE IF EXISTS AM_API_LC_PUBLISH_EVENTS_PK_SEQ; +CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_PK_SEQ; +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER NOT NULL DEFAULT NEXTVAL('AM_API_LC_PUBLISH_EVENTS_PK_SEQ'), + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID) +); -- End of API-MGT Tables -- -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); -create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN); create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); create index IDX_AAI_CTX on AM_API (CONTEXT); create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);