obsolete now: Increase the client additional_information length limit

server/src/main/resources/org/cloudfoundry/identity/uaa/db/hsqldb/V4_104__Extend_additional_information.sql

@@ -0,0 +1 @@
+ALTER TABLE oauth_client_details ALTER COLUMN additional_information CLOB;

server/src/main/resources/org/cloudfoundry/identity/uaa/db/mysql/V4_104__Extend_additional_information.sql

@@ -0,0 +1 @@
+ALTER TABLE oauth_client_details MODIFY COLUMN additional_information TEXT;

server/src/main/resources/org/cloudfoundry/identity/uaa/db/postgresql/V4_104__Extend_additional_information.sql

@@ -0,0 +1 @@
+ALTER TABLE oauth_client_details ALTER COLUMN additional_information TYPE TEXT;

uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ClientAdminEndpointsIntegrationTests.java

@@ -55,6 +55,7 @@
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
@@ -771,6 +772,20 @@ public void testClientTxModifyApprovalsDeleted() throws Exception {
         assertNull(getClient(deletedClientId));
     }
 
+    @Test
+    public void testCreateClientWithValidLongAdditionalInformation() {
+        HashSet<String> uris = new HashSet<>();
+        for (int i = 0; i < 400; ++i) {
+            uris.add("http://example.com/myuri/foo/bar/abcdefg/abcdefghi" + i);
+        }
+        Map<String, Object> additionalInformation = new HashMap<>();
+        additionalInformation.put("privateKeyUrlArray", uris);
+        BaseClientDetails client = createClientWithSecretAndAdditionalInformation("secret", null, additionalInformation,"client_credentials");
+        ResponseEntity<Void> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients"),
+            HttpMethod.POST, new HttpEntity<BaseClientDetails>(client, headers), Void.class);
+        assertEquals(HttpStatus.CREATED, result.getStatusCode());
+    }
+
     private Approval[] getApprovals(String token, String clientId) {
         String filter = "client_id eq \"" + clientId + "\"";
         HttpHeaders headers = getAuthenticatedHeaders(token);
@@ -829,18 +844,22 @@ private ClientDetailsModification createClient(String... grantTypes) {
         return createClientWithSecret("secret", grantTypes);
     }
 
-    private ClientDetailsModification createClientWithSecretAndRedirectUri(
-            String secret, Set<String> redirectUris, String... grantTypes) {
+    private ClientDetailsModification createClientWithSecretAndRedirectUri(String secret, Set<String> redirectUris, String... grantTypes) {
+        return createClientWithSecretAndAdditionalInformation(secret, redirectUris, null, grantTypes);
+    }
+
+    private ClientDetailsModification createClientWithSecretAndAdditionalInformation(
+            String secret, Set<String> redirectUris, Map<String, Object> additionalInformation, String... grantTypes) {
         ClientDetailsModification client = new ClientDetailsModification();
         client.setClientId(new RandomValueStringGenerator().generate());
-        client.setScope(Arrays.asList("oauth.approvals", "foo", "bar"));
-        client.setAuthorizedGrantTypes(Arrays.asList(grantTypes));
+        client.setScope(Set.of("oauth.approvals", "foo", "bar"));
+        client.setAuthorizedGrantTypes(Set.of(grantTypes));
         client.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
         client.setClientSecret(secret);
-        client.setAdditionalInformation(Collections.<String, Object>singletonMap("foo",
-                Collections.singletonList("bar")));
+        client.setAdditionalInformation(additionalInformation== null ? Map.of("foo",
+                Set.of("bar")) : additionalInformation);
         client.setRegisteredRedirectUri(redirectUris == null?
-                Collections.singleton("http://redirect.url"): redirectUris);
+                Set.of("http://redirect.url"): redirectUris);
         return client;
     }
 

uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/clients/ClientAdminEndpointsMockMvcTests.java

@@ -2157,4 +2157,24 @@ private ClientDetails createApprovalsLoginClient(String token) throws Exception
         return getClient(client.getClientId());
     }
 
+    @Test
+    void testCreateClientWithValidLongAdditionalInformation() throws Exception {
+        String id = new RandomValueStringGenerator().generate();
+        BaseClientDetails client = createBaseClient(id, SECRET, Collections.singletonList(GRANT_TYPE_JWT_BEARER), null, Collections.singletonList(id + ".read"));
+        HashSet<String> uris = new HashSet<>();
+        for (int i = 0; i < 400; ++i) {
+            uris.add("http://example.com/myuri/foo/bar/abcdefg/abcdefghi" + i);
+        }
+        Map<String, Object> additionalInformation = new HashMap<>(client.getAdditionalInformation());
+        additionalInformation.put("privateKeyUrlArray", uris);
+        client.setAdditionalInformation(additionalInformation);
+
+        MockHttpServletRequestBuilder createClientPost = post("/oauth/clients")
+            .header("Authorization", "Bearer " + adminToken)
+            .accept(APPLICATION_JSON)
+            .contentType(APPLICATION_JSON)
+            .content(JsonUtils.writeValueAsString(client));
+        mockMvc.perform(createClientPost).andExpect(status().isCreated()).andReturn();
+        verify(mockApplicationEventPublisher, times(1)).publishEvent(abstractUaaEventCaptor.capture());
+    }
 }