IBM® DB2® can be used for persistent OAuth services. For convenience and reference purposes, this topic documents the steps you need to configure DB2 for OAuth persistent service.
-- Change oauth2db to the name you want for the database
CREATE DATABASE oauth2db USING CODESET UTF8 TERRITORY US;
CONNECT TO oauth2db;
----- CREATE TABLES -----
CREATE TABLE OAuthDBSchema.OAUTH20CACHE
(
LOOKUPKEY VARCHAR(256) NOT NULL,
UNIQUEID VARCHAR(128) NOT NULL,
COMPONENTID VARCHAR(256) NOT NULL,
TYPE VARCHAR(64) NOT NULL,
SUBTYPE VARCHAR(64),
CREATEDAT BIGINT,
LIFETIME INT,
EXPIRES BIGINT,
TOKENSTRING VARCHAR(2048) NOT NULL,
CLIENTID VARCHAR(64) NOT NULL,
USERNAME VARCHAR(64) NOT NULL,
SCOPE VARCHAR(512) NOT NULL,
REDIRECTURI VARCHAR(2048),
STATEID VARCHAR(64) NOT NULL
);
CREATE TABLE OAuthDBSchema.OAUTH20CLIENTCONFIG
(
COMPONENTID VARCHAR(256) NOT NULL,
CLIENTID VARCHAR(256) NOT NULL,
CLIENTSECRET VARCHAR(256),
DISPLAYNAME VARCHAR(256) NOT NULL,
REDIRECTURI VARCHAR(2048),
ENABLED INT
);
----- ADD CONSTRAINTS -----
ALTER TABLE OAuthDBSchema.OAUTH20CACHE
ADD CONSTRAINT PK_LOOKUPKEY PRIMARY KEY (LOOKUPKEY);
ALTER TABLE OAuthDBSchema.OAUTH20CLIENTCONFIG
ADD CONSTRAINT PK_COMPIDCLIENTID PRIMARY KEY (COMPONENTID,CLIENTID);
----- CREATE INDEXES -----
CREATE INDEX OAUTH20CACHE_EXPIRES ON OAUTHDBSCHEMA.OAUTH20CACHE (EXPIRES ASC);
----- GRANT PRIVILIGES -----
----- UNCOMMENT THE FOLLOWING IF YOU USE ANOTHER ACCOUNT OTHER THAN ADMINISTRATOR FOR DB ACCESS -----
-- Change dbuser to the account you want to use to access your database
-- GRANT ALL ON OAuthDBSchema.OAUTH20CACHE TO USER dbuser;
-- GRANT ALL ON OAuthDBSchema.OAUTH20CLIENTCONFIG TO USER dbuser;
----- END OF GRANT PRIVILIGES -----
DISCONNECT CURRENT;
The default DB2 listening port is 50000. If you want to find
it, run the following command and find the value of the SVCENAME parameter.
If it is a number, then it is the port number. If it is a name, look
for the name in the /etc/services file or the Windows equivalent if you are
using Windows.Linux/Unix: db2 get dbm cfg | grep SVCENAME
Windows: db2 get dbm cfg | findstr SVCENAME
You can
create a database and tables in DB2 by
running the following statement:db2 -tvf createTables.sql
In the administrative console, go to
.INSERT INTO OAuthDBSchema.OAUTH20CLIENTCONFIG
(
COMPONENTID,
CLIENTID,
CLIENTSECRET,
DISPLAYNAME,
REDIRECTURI,
ENABLED
)
VALUES
(
'1',
'key',
'secret',
'My Client',
'https://localhost:9443/oauth/redirect.jsp',
1
)