diff --git a/AUT/AUT_IND.SRC b/AUT/AUT_IND.SRC index 93357be0..c1aadec6 100644 --- a/AUT/AUT_IND.SRC +++ b/AUT/AUT_IND.SRC @@ -2,6 +2,9 @@ * $Id$ */ +CREATE UNIQUE INDEX aut_i_idp_code ON aut_idp(aut_idp_code); +CREATE UNIQUE INDEX aut_i_idp2 ON aut_idp(aut_idp_issuer, aut_idp_audience, aut_idp_type); + CREATE UNIQUE INDEX aut_i_cp_refreshtkn ON aut_client_perslid(aut_client_perslid_refreshtkn); CREATE UNIQUE INDEX aut_i_cp_accesstoken ON aut_client_perslid(aut_client_perslid_accesstoken); diff --git a/AUT/AUT_SEQ.SRC b/AUT/AUT_SEQ.SRC index 0c808555..7ff10497 100644 --- a/AUT/AUT_SEQ.SRC +++ b/AUT/AUT_SEQ.SRC @@ -3,7 +3,10 @@ * $Id$ */ -CREATE SEQUENCE aut_s_aut_client_key MINVALUE 1; -CREATE SEQUENCE aut_s_aut_client_perslid_key MINVALUE 1; +CREATE SEQUENCE aut_s_aut_idp_key MINVALUE 1; +CREATE SEQUENCE aut_s_aut_idp_map_key MINVALUE 1; + +CREATE SEQUENCE aut_s_aut_client_key MINVALUE 1; +CREATE SEQUENCE aut_s_aut_client_perslid_key MINVALUE 1; REGISTERONCE('$Id$') diff --git a/AUT/AUT_TAB.SRC b/AUT/AUT_TAB.SRC index ef2f9bd2..26606a2e 100644 --- a/AUT/AUT_TAB.SRC +++ b/AUT/AUT_TAB.SRC @@ -3,6 +3,88 @@ * $Id$ */ +// Documentatie in de wiki onder Authenticeren +CREATE TABLE aut_idp +( + aut_idp_key + NUMBER(10) + CONSTRAINT aut_k_idp_key PRIMARY KEY, + aut_idp_code -- Voor &sso= + VARCHAR2(30), + aut_idp_type -- 1=Internal (login.asp, future use), 2=UID_DEC (deprecated), + NUMBER(3), -- 3=GUID-encrypted (deprecated), 4=JWT, 5=SAML (future use) + aut_idp_algorithm -- HS256 is HMAC-SHA256 + VARCHAR2(30), + aut_idp_omschrijving + VARCHAR2(30), + aut_idp_opmerking + VARCHAR2(320), + aut_idp_secret + VARCHAR2(128), + aut_idp_audience + VARCHAR2(128), + aut_idp_issuer + VARCHAR2(128), + aut_idp_remote_loginurl + VARCHAR2(128), + aut_idp_remote_logouturl + VARCHAR2(128), + aut_idp_saml_metaurl + VARCHAR2(128), + aut_idp_clockskew + NUMBER(10), + aut_idp_duration + NUMBER(10), + aut_idp_autocreate + NUMBER(1) + DEFAULT 0 -- +1: create; +2: update + NOT NULL, +-- Note: these column are defined in PRS_TAB.SRC +-- prs_afdeling_key NUMBER(10) +-- prs_bedrijf_key NUMBER(10) + fac_functie_key + NUMBER(10) + CONSTRAINT aut_r_idp_functie REFERENCES fac_functie(fac_functie_key), + aut_idp_internal -- can be used for FACFAC + NUMBER(1) + DEFAULT 0 NOT NULL, + aut_idp_ipfilter + VARCHAR2(320), + aut_idp_ipauto + NUMBER(1) + DEFAULT 0 NOT NULL, + aut_idp_loglevel + NUMBER(1) DEFAULT 0 NOT NULL, + aut_idp_aanmaak + DATE + DEFAULT SYSDATE +); + +CREATE TABLE aut_idp_map +( + aut_idp_map_key + NUMBER(10) + CONSTRAINT aut_k_idp_map_key PRIMARY KEY, + aut_idp_key + NUMBER(10) + CONSTRAINT aut_r_idp_map_id REFERENCES aut_idp(aut_idp_key), + aut_idp_map_from -- as sent in JWT + VARCHAR(100) + NOT NULL, + aut_idp_map_to -- FACILITOR column of 1000+kenmerk_key + NUMBER(10) + NOT NULL, + aut_idp_map_identify + NUMBER(1) + DEFAULT 0 + NOT NULL, + aut_idp_map_default + VARCHAR(256), + aut_idp_map_aanmaak + DATE + DEFAULT SYSDATE +); + CREATE TABLE aut_client ( aut_client_key diff --git a/AUT/AUT_TRI.SRC b/AUT/AUT_TRI.SRC index c812e909..ce9ffbb4 100644 --- a/AUT/AUT_TRI.SRC +++ b/AUT/AUT_TRI.SRC @@ -3,6 +3,24 @@ * $Id$ * */ + +CREATE_TRIGGER(aut_t_aut_idp_B_IU) +BEFORE INSERT OR UPDATE ON aut_idp +FOR EACH ROW +BEGIN + UPDATE_PRIMARY_KEY(aut_idp_key, aut_s_aut_idp_key); + :new.aut_idp_code := UPPER(:new.aut_idp_code); +END; +/ + +CREATE_TRIGGER(aut_t_aut_idp_map_B_I) +BEFORE INSERT ON aut_idp_map +FOR EACH ROW +BEGIN + UPDATE_PRIMARY_KEY(aut_idp_map_key, aut_s_aut_idp_map_key); +END; +/ + CREATE_TRIGGER(aut_t_aut_client_B_I) BEFORE INSERT ON aut_client FOR EACH ROW diff --git a/FAC/FAC_IND.SRC b/FAC/FAC_IND.SRC index ea0d8b5a..ec7e4039 100644 --- a/FAC/FAC_IND.SRC +++ b/FAC/FAC_IND.SRC @@ -57,7 +57,6 @@ CREATE UNIQUE INDEX fac_i_fac_menuitems1 ON fac_menuitems (fac_menuitems_label); CREATE INDEX fac_i_fac_menu_perslid_key ON fac_menu (prs_perslid_key); CREATE UNIQUE INDEX fac_i_idp_code ON fac_idp(fac_idp_code); -CREATE UNIQUE INDEX fac_i_idp2 ON fac_idp(fac_idp_issuer, fac_idp_audience, fac_idp_type); CREATE UNIQUE INDEX fac_i_imp_usrdata1 ON fac_imp_usrdata (fac_usrtab_naam, fac_usrdata_code); diff --git a/FAC/FAC_INI.SRC b/FAC/FAC_INI.SRC index 4e443595..6c33924e 100644 --- a/FAC/FAC_INI.SRC +++ b/FAC/FAC_INI.SRC @@ -3055,7 +3055,8 @@ DEF_MENUENTRY(2, 99070, 'lcl_menu_cad_verify' , '', 'FAC', 'appl/cad/ca DEF_MENUENTRY(2, 99080, 'lcl_menu_fac_verify_data' , '', 'FAC', 'appl/fac/fac_verify_data.asp', 0, 0, 'WEB_FACTAB'); DEF_MENUENTRY(2, 99090, 'lcl_menu_fac_email_setting' , '', 'FAC', 'appl/mgt/fac_email_setting.asp', 0, 0, 'WEB_FACTAB'); DEF_MENUENTRY(2, 99100, 'lcl_menu_fac_custnotificaties' , '', 'FAC', 'appl/mgt/fac_srtnotificatie.asp?cust=1', 0, 0, 'WEB_FACTAB'); -DEF_MENUENTRY(2, 99110, 'lcl_menu_fac_idp' , '', 'FAC', 'appl/mgt/fac_idp.asp', 0, 0, 'WEB_FACFAC'); +DEF_MENUENTRY(2, 99110, 'lcl_menu_aut_idp' , '', 'FAC', 'appl/mgt/aut_idp.asp', 0, 0, 'WEB_FACTAB'); +DEF_MENUENTRY(2, 99110, 'lcl_menu_aut_client' , '', 'FAC', 'appl/mgt/aut_client.asp', 0, 0, 'WEB_FACTAB'); DEF_MENUENTRY(2, 99120, 'lcl_menu_fac_anytable' , '', 'FAC', 'appl/mgt/user_tables.asp', 0, 0, 'WEB_FACFAC'); diff --git a/FAC/FAC_LCL.SRC b/FAC/FAC_LCL.SRC index ea4ef8d6..35cb4466 100644 --- a/FAC/FAC_LCL.SRC +++ b/FAC/FAC_LCL.SRC @@ -5008,6 +5008,7 @@ FAC_LCL('mld_typeopdr_slamodeLOV', '1;Supplier-SLA;2;Issue-SLA', '1;Lieferant-SLA;2;Meldung-SLA', '1;SLA de Fournisseur;2;SLA d''appel') +FAC_LCL('lcl_typeopdr_sequential', 'Strikt sequentieel', 'Strictly sequentail', 'Streng sequentiell', 'Strictement séquentielle') FAC_LCL('mld_impropdr', 'Improductief', 'Unproductive', 'Unproduktiv', 'Improductif') FAC_LCL('mld_impropdr_m', 'Improductieve uren', 'Unproductive hours', 'Unproduktive Stunden', 'Heures improductives') @@ -5502,37 +5503,38 @@ FAC_LCL('fac_gebruiker_schrijven', 'Schrijven', 'Write', 'Schreiben', 'Ecrire') FAC_LCL('fac_gebruiker_outerfunctie', 'Alleen geautoriseerde functies', 'Authorised functions only', 'Nur Autorisierte Funktionen', 'Seulement functions autorisé') FAC_LCL('fac_gebruiker_outergroep', 'Alleen geautoriseerde groepen', 'Authorised groups only', 'Nur Autorisierte Gruppen', 'Seulement groupes autorisé') FAC_LCL('fac_gebruiker_outerdisc', 'Alleen geautoriseerde vakgroepen/catalogi', 'Authorised disciplines only', 'Nur Autorisierte Kataloge', 'Seulement catalogues autorisé') -FAC_LCL('fac_idp', 'Identity provider', 'Identity provider', 'Identity-Provider', 'Fournisseur d''identité') -FAC_LCL('fac_idp_m', 'Identity providers', 'Identity providers', 'Identity-Providers', 'Fournisseurs d''identité') -FAC_LCL('lcl_menu_fac_idp', 'Identity providers', 'Identity providers', 'Identity-Providers', 'Fournisseurs d''identité') -FAC_LCL('fac_idp_code', 'Code voor ?sso=', 'Code for ?sso=', 'Code für ?sso=', 'Code pour ?sso=') -FAC_LCL('fac_idp_omschrijving', 'Omschrijving', 'Description', 'Umschreibung', 'Description') -FAC_LCL('fac_idp_opmerking', 'Opmerking', 'Remark', 'Bemerkung', 'Remarque') -FAC_LCL('fac_idp_type', 'Identity type', 'Identity type', 'Identitätstyp', 'Type d''identité') -FAC_LCL('fac_idp_typeLOV', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML') -FAC_LCL('fac_idp_secret', 'Gedeeld geheim', 'Shared secret', 'Geteiltes Geheimnis', 'Secret partagé') -FAC_LCL('fac_idp_audience', 'JWT audience', 'JWT audience', 'JWT audience', 'JWT audience') -FAC_LCL('fac_idp_issuer', 'JWT issuer', 'JWT issuer', 'JWT issuer', 'JWT issuer') -FAC_LCL('fac_idp_algorithm', 'JWT algoritme', 'JWT algorithm', 'JWT algorithm', 'JWT algorithm') -FAC_LCL('fac_idp_remote_loginurl', 'Remote Login URL', 'Remote Login URL', 'Remote-Login-URL', 'Remote Login URL') -FAC_LCL('fac_idp_remote_logouturl', 'Remote Logout URL', 'Remote Logout URL', 'Remote-Logout-URL', 'Remote Logout URL') -FAC_LCL('fac_idp_ipfilter', 'IP adres filter', 'IP adress filter', 'IP-Adressfilter ', 'filtre d''adresse IP') -FAC_LCL('fac_idp_ipauto', 'Automatisch SSO voor IP', 'Automatic SSO for IP', 'Automatische SSO für IP', 'SSO automatique pour IP') -FAC_LCL('fac_idp_clockskew', 'Toegestane klok afwijking', 'Allowed clock skew', 'Erlaubte Taktverschiebung', 'Allowed clock skew') -FAC_LCL('fac_idp_duration', 'Maximale geldigheid', 'Maximum validity', 'Maximalen Gültigkeitsdauer', 'Validité maximale') +FAC_LCL('aut_idp', 'Identity provider', 'Identity provider', 'Identity-Provider', 'Fournisseur d''identité') +FAC_LCL('aut_idp_m', 'Identity providers', 'Identity providers', 'Identity-Providers', 'Fournisseurs d''identité') +FAC_LCL('lcl_menu_aut_idp', 'Identity providers', 'Identity providers', 'Identity-Providers', 'Fournisseurs d''identité') +FAC_LCL('lcl_menu_aut_client', 'Identity clients', 'Identity clients', 'Identity-clients', 'Client d''identité') +FAC_LCL('aut_idp_code', 'Code voor ?sso=', 'Code for ?sso=', 'Code für ?sso=', 'Code pour ?sso=') +FAC_LCL('aut_idp_omschrijving', 'Omschrijving', 'Description', 'Umschreibung', 'Description') +FAC_LCL('aut_idp_opmerking', 'Opmerking', 'Remark', 'Bemerkung', 'Remarque') +FAC_LCL('aut_idp_type', 'Identity type', 'Identity type', 'Identitätstyp', 'Type d''identité') +FAC_LCL('aut_idp_typeLOV', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML', '1;Internal (login.asp, future use);2;UID_DEC (deprecated);3;GUID-encrypted (deprecated);4;JWT sso;5;SAML') +FAC_LCL('aut_idp_secret', 'Gedeeld geheim', 'Shared secret', 'Geteiltes Geheimnis', 'Secret partagé') +FAC_LCL('aut_idp_audience', 'JWT audience', 'JWT audience', 'JWT audience', 'JWT audience') +FAC_LCL('aut_idp_issuer', 'JWT issuer', 'JWT issuer', 'JWT issuer', 'JWT issuer') +FAC_LCL('aut_idp_algorithm', 'JWT algoritme', 'JWT algorithm', 'JWT algorithm', 'JWT algorithm') +FAC_LCL('aut_idp_remote_loginurl', 'Remote Login URL', 'Remote Login URL', 'Remote-Login-URL', 'Remote Login URL') +FAC_LCL('aut_idp_remote_logouturl', 'Remote Logout URL', 'Remote Logout URL', 'Remote-Logout-URL', 'Remote Logout URL') +FAC_LCL('aut_idp_ipfilter', 'IP adres filter', 'IP adress filter', 'IP-Adressfilter ', 'filtre d''adresse IP') +FAC_LCL('aut_idp_ipauto', 'Automatisch SSO voor IP', 'Automatic SSO for IP', 'Automatische SSO für IP', 'SSO automatique pour IP') +FAC_LCL('aut_idp_clockskew', 'Toegestane klok afwijking', 'Allowed clock skew', 'Erlaubte Taktverschiebung', 'Allowed clock skew') +FAC_LCL('aut_idp_duration', 'Maximale geldigheid', 'Maximum validity', 'Maximalen Gültigkeitsdauer', 'Validité maximale') FAC_LCL('lcl_idp_company', 'Voor bedrijf', 'For company', 'Für Betrieb', 'Pour entreprise') FAC_LCL('lcl_idp_department', 'Voor afdeling', 'For department', 'Für Abteilung', 'Pour département') -FAC_LCL('fac_idp_functie_key', 'Alleen als autorisatie', 'Only for authorisation', 'Nur für Autorisierung', 'Limité à autorisation') -FAC_LCL('fac_idp_internal', 'Internal', 'Internal', 'Internal', 'Internal') -FAC_LCL('fac_idp_autocreate', 'Aanmaken/bijwerken', 'Create/Update', 'Erzeugen/Aktualisieren', 'Créer/Actualiser') -FAC_LCL('fac_idp_saml_metaurl', 'SAML metaurl', 'SAML metaurl', 'SAML metaurl', 'SAML metaurl') +FAC_LCL('aut_idp_functie_key', 'Alleen als autorisatie', 'Only for authorisation', 'Nur für Autorisierung', 'Limité à autorisation') +FAC_LCL('aut_idp_internal', 'Internal', 'Internal', 'Internal', 'Internal') +FAC_LCL('aut_idp_autocreate', 'Aanmaken/bijwerken', 'Create/Update', 'Erzeugen/Aktualisieren', 'Créer/Actualiser') +FAC_LCL('aut_idp_saml_metaurl', 'SAML metaurl', 'SAML metaurl', 'SAML metaurl', 'SAML metaurl') -FAC_LCL('fac_idp_map', 'Identity mapping', 'Identity mapping', 'Identity-Mapping', 'Mapping d''identité') -FAC_LCL('fac_idp_map_m', 'Identity mappings', 'Identity mappings', 'Identity-Mappinge', 'Mapping d''identité') -FAC_LCL('fac_idp_map_identify', 'Identificeren', 'Identification', 'Identifikation', 'Identification') -FAC_LCL('fac_idp_map_to', 'FACILITOR attribuut', 'FACILITOR attribute', 'FACILITOR Attribut', 'FACILITOR attribut') -FAC_LCL('fac_idp_map_from', 'Claim veld', 'Claim field', 'Claim Feld', 'Claim champ') -FAC_LCL('fac_idp_map_default', 'Standaardwaarde', 'Default value', 'Standardwert', 'Par défaut') +FAC_LCL('aut_idp_map', 'Identity mapping', 'Identity mapping', 'Identity-Mapping', 'Mapping d''identité') +FAC_LCL('aut_idp_map_m', 'Identity mappings', 'Identity mappings', 'Identity-Mappinge', 'Mapping d''identité') +FAC_LCL('aut_idp_map_identify', 'Identificeren', 'Identification', 'Identifikation', 'Identification') +FAC_LCL('aut_idp_map_to', 'FACILITOR attribuut', 'FACILITOR attribute', 'FACILITOR Attribut', 'FACILITOR attribut') +FAC_LCL('aut_idp_map_from', 'Claim veld', 'Claim field', 'Claim Feld', 'Claim champ') +FAC_LCL('aut_idp_map_default', 'Standaardwaarde', 'Default value', 'Standardwert', 'Par défaut') FAC_LCL('aut_client_perslid', 'Persoon-App mapping', 'Person-App mapping', '@@', '@@') FAC_LCL('aut_client_perslid_m', 'Persoon-App mappings', 'Person-App mappings', '@@', '@@') diff --git a/FAC/FAC_SEQ.SRC b/FAC/FAC_SEQ.SRC index 3711c0d8..2a5e7ac5 100644 --- a/FAC/FAC_SEQ.SRC +++ b/FAC/FAC_SEQ.SRC @@ -46,7 +46,6 @@ CREATE SEQUENCE faq_s_faq_kenmerkwaarde_key MINVALUE 1; CREATE SEQUENCE faq_s_fac_gui_counter_key MINVALUE 1; CREATE SEQUENCE fac_s_fac_email_setting_key MINVALUE 1; CREATE SEQUENCE fac_s_fac_idp_key MINVALUE 1; -CREATE SEQUENCE fac_s_fac_idp_map_key MINVALUE 1; CREATE SEQUENCE fac_s_fac_bookmark_key MINVALUE 1; CREATE SEQUENCE fac_s_fac_qvw_ticket_key MINVALUE 1; CREATE SEQUENCE fac_s_fac_session_key MINVALUE 1; diff --git a/FAC/FAC_TAB.SRC b/FAC/FAC_TAB.SRC index d8ac80c9..ac2993dc 100644 --- a/FAC/FAC_TAB.SRC +++ b/FAC/FAC_TAB.SRC @@ -1948,6 +1948,8 @@ CREATE_TABLE(fac_sequence, 0) ); // Documentatie in de wiki onder Authenticeren +// LET OP: deprecated sinds 2017.1, gebruik aut_idp +// Te verwijderen met 2017.2 CREATE TABLE fac_idp ( fac_idp_key @@ -1973,16 +1975,12 @@ CREATE TABLE fac_idp VARCHAR2(128), fac_idp_remote_logouturl VARCHAR2(128), - fac_idp_saml_metaurl - VARCHAR2(128), + fac_idp_usermapping + VARCHAR2(30), fac_idp_clockskew NUMBER(10), fac_idp_duration NUMBER(10), - fac_idp_autocreate - NUMBER(1) - DEFAULT 0 -- +1: create; +2: update - NOT NULL, -- Note: these column are defined in PRS_TAB.SRC -- prs_afdeling_key NUMBER(10) -- prs_bedrijf_key NUMBER(10) @@ -2002,29 +2000,4 @@ CREATE TABLE fac_idp DEFAULT SYSDATE ); -CREATE TABLE fac_idp_map -( - fac_idp_map_key - NUMBER(10) - CONSTRAINT fac_k_idp_map_key PRIMARY KEY, - fac_idp_key - NUMBER(10) - CONSTRAINT fac_r_idp_map_id REFERENCES fac_idp(fac_idp_key), - fac_idp_map_from -- as sent in JWT - VARCHAR(100) - NOT NULL, - fac_idp_map_to -- FACILITOR column - NUMBER(3) - NOT NULL, - fac_idp_map_identify - NUMBER(1) - DEFAULT 0 - NOT NULL, - fac_idp_map_default - VARCHAR(256), - fac_idp_map_aanmaak - DATE - DEFAULT SYSDATE -); - REGISTERONCE('$Id$') diff --git a/FAC/FAC_TRI.SRC b/FAC/FAC_TRI.SRC index dc57ee70..617cf133 100644 --- a/FAC/FAC_TRI.SRC +++ b/FAC/FAC_TRI.SRC @@ -925,14 +925,6 @@ BEGIN END; / -CREATE_TRIGGER(fac_t_fac_idp_map_B_I) -BEFORE INSERT ON fac_idp_map -FOR EACH ROW -BEGIN - UPDATE_PRIMARY_KEY(fac_idp_map_key, fac_s_fac_idp_map_key); -END; -/ - CREATE_TRIGGER(fac_t_fac_bookmark_B_I) BEFORE INSERT ON fac_bookmark FOR EACH ROW diff --git a/FCLT.NMK b/FCLT.NMK index 074d8457..7411ee85 100644 --- a/FCLT.NMK +++ b/FCLT.NMK @@ -62,7 +62,7 @@ PROJEXE=z:\Project\FACILITOR\BUILD ## CURRENTVERSION=30 NEXTVERSION=31 -FILEVERSION=z +FILEVERSION= NEXTCAREVERSION=32 NEXTROOT=DB$(NEXTVERSION)$(FILEVERSION) CURRENTUPDATE=DB$(CURRENTVERSION)to$(NEXTVERSION) diff --git a/PRS/PRS_TAB.SRC b/PRS/PRS_TAB.SRC index 8de1e683..1bea7865 100644 --- a/PRS/PRS_TAB.SRC +++ b/PRS/PRS_TAB.SRC @@ -163,6 +163,14 @@ ADD CONSTRAINT fac_r_idp_prs_bedrijf REFERENCES prs_bedrijf(prs_bedrijf_key) ON DELETE CASCADE ); +ALTER TABLE aut_idp +ADD +( + prs_bedrijf_key + NUMBER(10) + CONSTRAINT aut_r_idp_prs_bedrijf REFERENCES prs_bedrijf(prs_bedrijf_key) ON DELETE CASCADE +); + /* Kruistabel met bedrijfsrelaties (use case Mareon): bedrijf 1 doet iets voor bedrijf 2 of andersom */ CREATE_TABLE(prs_bedrijf_bedrijf,0) ( @@ -407,6 +415,12 @@ ALTER TABLE fac_idp ADD NUMBER(10) CONSTRAINT alg_r_idp_prs_afdeling REFERENCES prs_afdeling(prs_afdeling_key) ON DELETE CASCADE ); +ALTER TABLE aut_idp ADD +( + prs_afdeling_key + NUMBER(10) + CONSTRAINT aut_r_idp_prs_afdeling REFERENCES prs_afdeling(prs_afdeling_key) ON DELETE CASCADE +); CREATE_TABLE(prs_srtperslid,0) ( diff --git a/_UP/DB30to31.src b/_UP/DB30to31.src index ab6d207d..fa846abe 100644 --- a/_UP/DB30to31.src +++ b/_UP/DB30to31.src @@ -11,8 +11,6 @@ COMMIT; CREATE UNIQUE INDEX fac_i_fac_api1 ON fac_api (fac_api_name); -CREATE UNIQUE INDEX fac_i_idp2 ON fac_idp(fac_idp_issuer, fac_idp_audience, fac_idp_type); - CREATE UNIQUE INDEX fac_i_fac_session2 ON fac_session(fac_session_sessionid_hash); /////////////////////////////////////////////////////////////////////////////////////////// FSN#39394 @@ -477,45 +475,151 @@ ALTER TABLE fin_factuurregel MODIFY (fin_factuurregel_omschrijving VARCHAR2(250) ALTER TABLE fac_imp_factuur MODIFY (omschrijving VARCHAR2(250)); /////////////////////////////////////////////////////////////////////////////////////////// DJIN#36213 -ALTER TABLE fac_idp -ADD fac_idp_autocreate + +CREATE TABLE aut_idp +( + aut_idp_key + NUMBER(10) + CONSTRAINT aut_k_idp_key PRIMARY KEY, + aut_idp_code -- Voor &sso= + VARCHAR2(30), + aut_idp_type -- 1=Internal (login.asp, future use), 2=UID_DEC (deprecated), + NUMBER(3), -- 3=GUID-encrypted (deprecated), 4=JWT, 5=SAML (future use) + aut_idp_algorithm -- HS256 is HMAC-SHA256 + VARCHAR2(30), + aut_idp_omschrijving + VARCHAR2(30), + aut_idp_opmerking + VARCHAR2(320), + aut_idp_secret + VARCHAR2(128), + aut_idp_audience + VARCHAR2(128), + aut_idp_issuer + VARCHAR2(128), + aut_idp_remote_loginurl + VARCHAR2(128), + aut_idp_remote_logouturl + VARCHAR2(128), + aut_idp_saml_metaurl + VARCHAR2(128), + aut_idp_clockskew + NUMBER(10), + aut_idp_duration + NUMBER(10), + aut_idp_autocreate NUMBER(1) DEFAULT 0 -- +1: create; +2: update - NOT NULL; - -ALTER TABLE fac_idp -ADD fac_idp_saml_metaurl - VARCHAR2(128); - - -ALTER TABLE fac_idp DROP COLUMN fac_idp_usermapping; - -CREATE TABLE fac_idp_map -( - fac_idp_map_key - NUMBER(10) - CONSTRAINT fac_k_idp_map_key PRIMARY KEY, - fac_idp_key - NUMBER(10) - CONSTRAINT fac_r_idp_map_id REFERENCES fac_idp(fac_idp_key), - fac_idp_map_from -- as sent in JWT - VARCHAR(100) NOT NULL, - fac_idp_map_to -- FACILITOR column +-- Note: these column are defined in PRS_TAB.SRC +-- prs_afdeling_key NUMBER(10) +-- prs_bedrijf_key NUMBER(10) + fac_functie_key NUMBER(10) - NOT NULL, - fac_idp_map_identify + CONSTRAINT aut_r_idp_functie REFERENCES fac_functie(fac_functie_key), + aut_idp_internal -- can be used for FACFAC NUMBER(1) - DEFAULT 0 - NOT NULL, - fac_idp_map_default - VARCHAR(256), - fac_idp_map_aanmaak + DEFAULT 0 NOT NULL, + aut_idp_ipfilter + VARCHAR2(320), + aut_idp_ipauto + NUMBER(1) + DEFAULT 0 NOT NULL, + aut_idp_loglevel + NUMBER(1) DEFAULT 0 NOT NULL, + aut_idp_aanmaak DATE DEFAULT SYSDATE ); -CREATE SEQUENCE fac_s_fac_idp_map_key MINVALUE 1; +CREATE TABLE aut_idp_map +( + aut_idp_map_key + NUMBER(10) + CONSTRAINT aut_k_idp_map_key PRIMARY KEY, + aut_idp_key + NUMBER(10) + CONSTRAINT aut_r_idp_map_id REFERENCES aut_idp(aut_idp_key), + aut_idp_map_from -- as sent in JWT + VARCHAR(100) + NOT NULL, + aut_idp_map_to -- FACILITOR column of 1000+kenmerk_key + NUMBER(10) + NOT NULL, + aut_idp_map_identify + NUMBER(1) + DEFAULT 0 + NOT NULL, + aut_idp_map_default + VARCHAR(256), + aut_idp_map_aanmaak + DATE + DEFAULT SYSDATE +); +ALTER TABLE aut_idp +ADD +( + prs_bedrijf_key + NUMBER(10) + CONSTRAINT aut_r_idp_prs_bedrijf REFERENCES prs_bedrijf(prs_bedrijf_key) ON DELETE CASCADE +); +ALTER TABLE aut_idp ADD +( + prs_afdeling_key + NUMBER(10) + CONSTRAINT aut_r_idp_prs_afdeling REFERENCES prs_afdeling(prs_afdeling_key) ON DELETE CASCADE +); + +CREATE SEQUENCE aut_s_aut_idp_key MINVALUE 1; +CREATE SEQUENCE aut_s_aut_idp_map_key MINVALUE 1; + +CREATE UNIQUE INDEX aut_i_idp_code ON aut_idp(aut_idp_code); +CREATE UNIQUE INDEX aut_i_idp2 ON aut_idp(aut_idp_issuer, aut_idp_audience, aut_idp_type); + +-- Alleen nodig voor het conversiestatement +CREATE OR REPLACE TRIGGER aut_t_aut_idp_B_IU +BEFORE INSERT OR UPDATE ON aut_idp +FOR EACH ROW +BEGIN + UPDATE_PRIMARY_KEY(aut_idp_key, aut_s_aut_idp_key); + :new.aut_idp_code := UPPER(:new.aut_idp_code); +END; +/ + +INSERT INTO aut_idp ( + aut_idp_code, + aut_idp_type, + aut_idp_algorithm, + aut_idp_omschrijving, + aut_idp_opmerking, + aut_idp_secret, + aut_idp_audience, + aut_idp_issuer, + aut_idp_remote_loginurl, + aut_idp_remote_logouturl, + aut_idp_clockskew, + aut_idp_duration, + aut_idp_internal, + aut_idp_ipfilter, + aut_idp_aanmaak) +SELECT + fac_idp_code, + fac_idp_type, + fac_idp_algorithm, + fac_idp_omschrijving, + fac_idp_opmerking, + fac_idp_secret, + fac_idp_audience, + fac_idp_issuer, + fac_idp_remote_loginurl, + fac_idp_remote_logouturl, + fac_idp_clockskew, + fac_idp_duration, + fac_idp_internal, + fac_idp_ipfilter, + fac_idp_aanmaak +FROM fac_idp; + /////////////////////////////////////////////////////////////////////////////////////////// FSN#39750 -- Clients (zoals al dan niet native App's)