Prosoft Git

keycloak-aplcache

KEYCLOAK-5667

12/5/2017 5:11:29 PM
stianst

stianst

Commit: 6d1c33c

Tree: 2ffc76e

Parents: f669fdf

Changes

model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java 19(+13 -6)

model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java 2(+1 -1)

Details

model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java 19(+13 -6) 

diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java
index 7e6819c..fc017f6 100644
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AbstractUserFedToComponent.java
@@ -35,7 +35,8 @@ public abstract class AbstractUserFedToComponent extends CustomKeycloakTask {
     private final Logger logger = Logger.getLogger(getClass());
     protected void convertFedProviderToComponent(String providerId, String newMapperType) throws CustomChangeException {
         try {
-            PreparedStatement statement = jdbcConnection.prepareStatement("select ID, REALM_ID, PRIORITY, DISPLAY_NAME, FULL_SYNC_PERIOD, CHANGED_SYNC_PERIOD, LAST_SYNC from " + getTableName("USER_FEDERATION_PROVIDER") + " WHERE PROVIDER_NAME='" + providerId + "'");
+            PreparedStatement statement = jdbcConnection.prepareStatement("select ID, REALM_ID, PRIORITY, DISPLAY_NAME, FULL_SYNC_PERIOD, CHANGED_SYNC_PERIOD, LAST_SYNC from " + getTableName("USER_FEDERATION_PROVIDER") + " WHERE PROVIDER_NAME=?");
+            statement.setString(1, providerId);
 
             try {
                 ResultSet resultSet = statement.executeQuery();
@@ -88,10 +89,13 @@ public abstract class AbstractUserFedToComponent extends CustomKeycloakTask {
                         }
 
                         DeleteStatement configDelete = new DeleteStatement(null, null, database.correctObjectName("USER_FEDERATION_CONFIG", Table.class));
-                        configDelete.setWhere("USER_FEDERATION_PROVIDER_ID='" + id + "'");
+                        configDelete.setWhere("USER_FEDERATION_PROVIDER_ID=?");
+                        configDelete.addWhereParameters(id);
+
                         statements.add(configDelete);
                         DeleteStatement deleteStatement = new DeleteStatement(null, null, database.correctObjectName("USER_FEDERATION_PROVIDER", Table.class));
-                        deleteStatement.setWhere("ID='" + id + "'");
+                        deleteStatement.setWhere("ID=?");
+                        deleteStatement.addWhereParameters(id);
                         statements.add(deleteStatement);
 
                     }
@@ -118,7 +122,8 @@ public abstract class AbstractUserFedToComponent extends CustomKeycloakTask {
 
     protected void convertFedMapperToComponent(String realmId, String parentId, String newMapperType) throws CustomChangeException {
         try {
-            PreparedStatement statement = jdbcConnection.prepareStatement("select ID, NAME, FEDERATION_MAPPER_TYPE from " + getTableName("USER_FEDERATION_MAPPER") + " WHERE FEDERATION_PROVIDER_ID='" + parentId + "'");
+            PreparedStatement statement = jdbcConnection.prepareStatement("select ID, NAME, FEDERATION_MAPPER_TYPE from " + getTableName("USER_FEDERATION_MAPPER") + " WHERE FEDERATION_PROVIDER_ID=?");
+            statement.setString(1, parentId);
 
             try {
                 ResultSet resultSet = statement.executeQuery();
@@ -157,10 +162,12 @@ public abstract class AbstractUserFedToComponent extends CustomKeycloakTask {
                             configStatement.close();
                         }
                         DeleteStatement configDelete = new DeleteStatement(null, null, database.correctObjectName("USER_FEDERATION_MAPPER_CONFIG", Table.class));
-                        configDelete.setWhere("USER_FEDERATION_MAPPER_ID='" + id + "'");
+                        configDelete.setWhere("USER_FEDERATION_MAPPER_ID=?");
+                        configDelete.addWhereParameters(id);
                         statements.add(configDelete);
                         DeleteStatement deleteStatement = new DeleteStatement(null, null, database.correctObjectName("USER_FEDERATION_MAPPER", Table.class));
-                        deleteStatement.setWhere("ID='" + id + "'");
+                        deleteStatement.setWhere("ID=?");
+                        deleteStatement.addWhereParameters(id);
                         statements.add(deleteStatement);

model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java 2(+1 -1) 

diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java
index 86e470a..8f1daad 100755
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/custom/AddRealmCodeSecret.java
@@ -59,7 +59,7 @@ public class AddRealmCodeSecret implements CustomSqlChange {
 
                     UpdateStatement statement = new UpdateStatement(null, null, correctedTableName)
                             .addNewColumnValue("CODE_SECRET", KeycloakModelUtils.generateCodeSecret())
-                            .setWhereClause("ID='" + id + "'");
+                            .setWhereClause("ID=?").addWhereParameters(id);
                     statements.add(statement);
 
                     if (!resultSet.isFirst()) {

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github