From ff1494821f50c261cee2e85aa7ff6e0be0f01917 Mon Sep 17 00:00:00 2001 From: Sachin Mamoru <59449070+Sachin-Mamoru@users.noreply.github.com> Date: Mon, 2 Dec 2024 01:35:17 +0530 Subject: [PATCH] add new idexing strategy to support case insensitivity --- .../resources/dbscripts/db2.sql | 56 ++++++++++------ .../resources/dbscripts/mssql.sql | 10 +-- .../resources/dbscripts/mysql-cluster.sql | 14 ++-- .../resources/dbscripts/mysql.sql | 9 +-- .../resources/dbscripts/oracle.sql | 54 ++++++++++----- .../resources/dbscripts/oracle_rac.sql | 66 ++++++++++++------- .../resources/dbscripts/postgresql.sql | 56 ++++++++++------ 7 files changed, 164 insertions(+), 101 deletions(-) diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql index c8934674be58..e5d83f0c6a9c 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/db2.sql @@ -97,10 +97,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( CONSENTED_TOKEN VARCHAR(6), AUTHORIZED_ORGANIZATION VARCHAR(36) DEFAULT 'NONE' NOT NULL, PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION)) - INDEX IN TS32K + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) +/ + +CREATE UNIQUE INDEX IDX_CON_APP_KEY ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID,LOWER(AUTHZ_USER),TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION) INDEX IN TS32K / CREATE TABLE IDN_OAUTH2_TOKEN_BINDING ( @@ -271,8 +272,9 @@ CREATE TABLE IDN_OPENID_REMEMBER_ME ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT 0 NOT NULL, COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID)) + CREATED_TIME TIMESTAMP) +/ +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID ON IDN_OPENID_REMEMBER_ME(LOWER(USER_NAME), TENANT_ID) / CREATE TABLE IDN_OPENID_USER_RPS ( USER_NAME VARCHAR(255) NOT NULL, @@ -284,6 +286,8 @@ CREATE TABLE IDN_OPENID_USER_RPS ( DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_RP_URL ON IDN_OPENID_USER_RPS(LOWER(USER_NAME), TENANT_ID, RP_URL) +/ CREATE TABLE IDN_OPENID_ASSOCIATIONS ( HANDLE VARCHAR(255) NOT NULL, ASSOC_TYPE VARCHAR(255) NOT NULL, @@ -318,16 +322,18 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234 NOT NULL, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) + DATA_VALUE VARCHAR(2048)) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_DATA_KEY ON IDN_IDENTITY_USER_DATA(TENANT_ID, LOWER(USER_NAME), DATA_KEY) / CREATE TABLE IDN_IDENTITY_META_DATA ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT -1234 NOT NULL, METADATA_TYPE VARCHAR(255) NOT NULL, METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)) + VALID VARCHAR(255) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_METADATA_TYPE_METADATA ON IDN_IDENTITY_META_DATA(TENANT_ID, LOWER(USER_NAME), METADATA_TYPE, METADATA) / CREATE TABLE IDN_THRIFT_SESSION ( SESSION_ID VARCHAR(255) NOT NULL, @@ -369,10 +375,11 @@ CREATE TABLE IDN_AUTH_USER ( TENANT_ID INTEGER NOT NULL, DOMAIN_NAME VARCHAR(255) NOT NULL, IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID) + PRIMARY KEY (USER_ID) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_DOMAIN_NAME_IDP_ID ON IDN_AUTH_USER(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, IDP_ID) +/ CREATE TABLE IDN_AUTH_USER_SESSION_MAPPING ( ID INTEGER NOT NULL GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1), @@ -1051,8 +1058,9 @@ CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( ASSOCIATION_KEY VARCHAR(255) NOT NULL, TENANT_ID INTEGER NOT NULL, DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)) + USER_NAME VARCHAR(255) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME ON IDN_USER_ACCOUNT_ASSOCIATION(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME)) / CREATE TABLE FIDO_DEVICE_STORE ( TENANT_ID INTEGER NOT NULL, @@ -1060,8 +1068,9 @@ CREATE TABLE FIDO_DEVICE_STORE ( USER_NAME VARCHAR(45) NOT NULL, TIME_REGISTERED TIMESTAMP, KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)) + DEVICE_DATA VARCHAR(2048) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME_KEY_HANDLE ON FIDO_DEVICE_STORE(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME), KEY_HANDLE) / CREATE TABLE FIDO2_DEVICE_STORE ( @@ -1098,10 +1107,11 @@ CREATE TABLE IDN_RECOVERY_DATA ( TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REMAINING_SETS VARCHAR(2500), RECOVERY_FLOW_ID VARCHAR(255), - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), FOREIGN KEY (RECOVERY_FLOW_ID) REFERENCES IDN_RECOVERY_FLOW_DATA(RECOVERY_FLOW_ID) ON DELETE CASCADE, UNIQUE(CODE)) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SCENARIO_STEP ON IDN_RECOVERY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SCENARIO, STEP) +/ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( ID INTEGER NOT NULL, @@ -1112,9 +1122,11 @@ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( HASH VARCHAR(255) NOT NULL, TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SALT_VALUE_HASH ON IDN_PASSWORD_HISTORY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +/ CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE / @@ -2129,6 +2141,12 @@ CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KE / CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE) / +CREATE INDEX IDX_AT_CK_AU_LO ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TOKEN_STATE, USER_TYPE) + / +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID) + / +CREATE INDEX IDX_AT_AU_CKID_TS_UT_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE) + / -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID) @@ -2185,7 +2203,7 @@ CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME) / -- IDN_AUTH_USER -- -CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME) +CREATE INDEX IDX_AUTH_LOWER_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME) / CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID) / diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql index ae2824ced0bc..c5cb516d8cba 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mssql.sql @@ -1540,7 +1540,9 @@ CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); CREATE INDEX IDX_AT_RT ON IDN_OAUTH2_ACCESS_TOKEN (AUTHZ_USER) INCLUDE (REFRESH_TOKEN); CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE); - +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); +CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); @@ -1561,9 +1563,6 @@ CREATE INDEX IDX_IDN_AUTH_SSTR_ET_ID ON IDN_AUTH_SESSION_STORE (EXPIRY_TIME, SES -- IDN_AUTH_TEMP_SESSION_STORE -- CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); --- IDN_OIDC_SCOPE_CLAIM_MAPPING -- -CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - -- IDN_OAUTH2_SCOPE -- CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); @@ -1576,9 +1575,6 @@ CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); --- SP_TEMPLATE -- -CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - -- IDN_AUTH_USER -- CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql index d9a4e310daab..c3e1191b88d8 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql-cluster.sql @@ -1561,6 +1561,12 @@ CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE); +CREATE INDEX IDX_AT_CK_AU + ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID + ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); +CREATE INDEX IDX_AT_AU_CKID_TS_UT + ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH @@ -1592,10 +1598,6 @@ CREATE INDEX IDX_IDN_AUTH_SSTR_ET_ID CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); --- IDN_OIDC_SCOPE_CLAIM_MAPPING -- -CREATE INDEX IDX_AT_SI_ECI - ON IDN_OIDC_SCOPE_CLAIM_MAPPING (SCOPE_ID, EXTERNAL_CLAIM_ID); - -- IDN_OAUTH2_SCOPE -- CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE (TENANT_ID); @@ -1612,10 +1614,6 @@ CREATE INDEX IDX_OROR_TID CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE (TOKEN_ID); --- SP_TEMPLATE -- -CREATE INDEX IDX_SP_TEMPLATE - ON SP_TEMPLATE (TENANT_ID, NAME); - -- IDN_OAUTH_CONSUMER_APPS -- CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql index 60bf37f8ca0f..820549cbe069 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/mysql.sql @@ -1419,6 +1419,9 @@ CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKE CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); +CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); @@ -1438,9 +1441,6 @@ CREATE INDEX IDX_IDN_AUTH_SSTR_ET_ID ON IDN_AUTH_SESSION_STORE (EXPIRY_TIME, SES -- IDN_AUTH_TEMP_SESSION_STORE -- CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); --- IDN_OIDC_SCOPE_CLAIM_MAPPING -- -CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - -- IDN_OAUTH2_SCOPE -- CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); @@ -1453,9 +1453,6 @@ CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); --- SP_TEMPLATE -- -CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - -- IDN_AUTH_USER -- CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql index b1daec5a8412..a2a6cca863d4 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle.sql @@ -91,9 +91,10 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( CONSENTED_TOKEN VARCHAR(6), AUTHORIZED_ORGANIZATION VARCHAR(36) DEFAULT 'NONE' NOT NULL, PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION)) + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) +/ +CREATE UNIQUE INDEX IDX_CON_APP_KEY ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID,LOWER(AUTHZ_USER),TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION) / CREATE TABLE IDN_OAUTH2_TOKEN_BINDING ( TOKEN_ID VARCHAR2 (255), @@ -294,6 +295,8 @@ CREATE TABLE IDN_OPENID_REMEMBER_ME ( CREATED_TIME TIMESTAMP, PRIMARY KEY (USER_NAME, TENANT_ID)) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID ON IDN_OPENID_REMEMBER_ME(LOWER(USER_NAME), TENANT_ID) +/ CREATE TABLE IDN_OPENID_USER_RPS ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT 0, @@ -301,8 +304,9 @@ CREATE TABLE IDN_OPENID_USER_RPS ( TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', LAST_VISIT DATE NOT NULL, VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)) + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT') +/ +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_RP_URL ON IDN_OPENID_USER_RPS(LOWER(USER_NAME), TENANT_ID, RP_URL) / CREATE TABLE IDN_OPENID_ASSOCIATIONS ( HANDLE VARCHAR(255) NOT NULL, @@ -338,16 +342,18 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) + DATA_VALUE VARCHAR(2048)) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_DATA_KEY ON IDN_IDENTITY_USER_DATA(TENANT_ID, LOWER(USER_NAME), DATA_KEY) / CREATE TABLE IDN_IDENTITY_META_DATA ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT -1234, METADATA_TYPE VARCHAR(255) NOT NULL, METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)) + VALID VARCHAR(255) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_METADATA_TYPE_METADATA ON IDN_IDENTITY_META_DATA(TENANT_ID, LOWER(USER_NAME), METADATA_TYPE, METADATA) / CREATE TABLE IDN_THRIFT_SESSION ( SESSION_ID VARCHAR2(255) NOT NULL, @@ -389,10 +395,11 @@ CREATE TABLE IDN_AUTH_USER ( TENANT_ID INTEGER NOT NULL, DOMAIN_NAME VARCHAR(255) NOT NULL, IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID) + PRIMARY KEY (USER_ID) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_DOMAIN_NAME_IDP_ID ON IDN_AUTH_USER(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, IDP_ID) +/ CREATE TABLE IDN_AUTH_USER_SESSION_MAPPING ( ID INTEGER, @@ -1188,8 +1195,9 @@ CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( ASSOCIATION_KEY VARCHAR(255) NOT NULL, TENANT_ID INTEGER, DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)) + USER_NAME VARCHAR(255) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME ON IDN_USER_ACCOUNT_ASSOCIATION(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME)) / CREATE TABLE FIDO_DEVICE_STORE ( TENANT_ID INTEGER, @@ -1197,8 +1205,9 @@ CREATE TABLE FIDO_DEVICE_STORE ( USER_NAME VARCHAR(45) NOT NULL, TIME_REGISTERED TIMESTAMP, KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)) + DEVICE_DATA VARCHAR(2048) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME_KEY_HANDLE ON FIDO_DEVICE_STORE(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME), KEY_HANDLE) / CREATE TABLE FIDO2_DEVICE_STORE ( @@ -1236,11 +1245,12 @@ CREATE TABLE IDN_RECOVERY_DATA ( TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, REMAINING_SETS VARCHAR2(2500) DEFAULT NULL, RECOVERY_FLOW_ID VARCHAR2(255), - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), FOREIGN KEY (RECOVERY_FLOW_ID) REFERENCES IDN_RECOVERY_FLOW_DATA(RECOVERY_FLOW_ID) ON DELETE CASCADE, UNIQUE(CODE) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SCENARIO_STEP ON IDN_RECOVERY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SCENARIO, STEP) +/ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( ID INTEGER, @@ -1254,6 +1264,8 @@ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SALT_VALUE_HASH ON IDN_PASSWORD_HISTORY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +/ CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE / @@ -2194,6 +2206,12 @@ CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KE / CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE) / +CREATE INDEX IDX_AT_CK_AU_LO ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TOKEN_STATE, USER_TYPE) +/ +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID) +/ +CREATE INDEX IDX_AT_AU_CKID_TS_UT_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE) +/ -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID) @@ -2240,7 +2258,7 @@ CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID) / -- IDN_AUTH_USER -- -CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME) +CREATE INDEX IDX_LOWER_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME) / CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID) / @@ -2272,7 +2290,7 @@ CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(LOWER(USER_NAME), TENANT_ID, DO / -- IDN_ASSOCIATED_ID -- -CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, LOWER(USER_NAME), ASSOCIATION_ID) +CREATE INDEX IDX_AI_DN_LO_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, LOWER(USER_NAME), ASSOCIATION_ID) / -- IDN_OAUTH2_TOKEN_BINDING -- diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql index 430f4458488f..e7377cd96a78 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/oracle_rac.sql @@ -91,9 +91,10 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( CONSENTED_TOKEN VARCHAR(6), AUTHORIZED_ORGANIZATION VARCHAR(36) DEFAULT 'NONE' NOT NULL, PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION)) + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE) +/ +CREATE UNIQUE INDEX IDX_CON_APP_KEY ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID,LOWER(AUTHZ_USER),TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION) / CREATE TABLE IDN_OAUTH2_TOKEN_BINDING ( TOKEN_ID VARCHAR2 (255), @@ -287,8 +288,9 @@ CREATE TABLE IDN_OPENID_REMEMBER_ME ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT 0, COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID)) + CREATED_TIME TIMESTAMP) +/ +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID ON IDN_OPENID_REMEMBER_ME(LOWER(USER_NAME), TENANT_ID) / CREATE TABLE IDN_OPENID_USER_RPS ( USER_NAME VARCHAR(255) NOT NULL, @@ -297,8 +299,9 @@ CREATE TABLE IDN_OPENID_USER_RPS ( TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', LAST_VISIT DATE NOT NULL, VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)) + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT') +/ +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_RP_URL ON IDN_OPENID_USER_RPS(LOWER(USER_NAME), TENANT_ID, RP_URL) / CREATE TABLE IDN_OPENID_ASSOCIATIONS ( HANDLE VARCHAR(255) NOT NULL, @@ -333,8 +336,9 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( TENANT_ID INTEGER DEFAULT -1234, USER_NAME VARCHAR(255) NOT NULL, DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)) + DATA_VALUE VARCHAR(2048)) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_DATA_KEY ON IDN_IDENTITY_USER_DATA(TENANT_ID, LOWER(USER_NAME), DATA_KEY) / CREATE TABLE IDN_IDENTITY_META_DATA ( USER_NAME VARCHAR(255) NOT NULL, @@ -342,7 +346,9 @@ CREATE TABLE IDN_IDENTITY_META_DATA ( METADATA_TYPE VARCHAR(255) NOT NULL, METADATA VARCHAR(255) NOT NULL, VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)) + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE, METADATA)) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_METADATA_TYPE_METADATA ON IDN_IDENTITY_META_DATA(TENANT_ID, LOWER(USER_NAME), METADATA_TYPE, METADATA) / CREATE TABLE IDN_THRIFT_SESSION ( SESSION_ID VARCHAR2(255) NOT NULL, @@ -385,6 +391,8 @@ CREATE TABLE IDN_AUTH_USER ( CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_DOMAIN_NAME_IDP_ID ON IDN_AUTH_USER(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, IDP_ID) +/ CREATE TABLE IDN_AUTH_USER_SESSION_MAPPING ( ID INTEGER, USER_ID VARCHAR(255) NOT NULL, @@ -1067,8 +1075,9 @@ CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( ASSOCIATION_KEY VARCHAR(255) NOT NULL, TENANT_ID INTEGER, DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)) + USER_NAME VARCHAR(255) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME ON IDN_USER_ACCOUNT_ASSOCIATION(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME)) / CREATE TABLE FIDO_DEVICE_STORE ( TENANT_ID INTEGER, @@ -1076,8 +1085,9 @@ CREATE TABLE FIDO_DEVICE_STORE ( USER_NAME VARCHAR(45) NOT NULL, TIME_REGISTERED TIMESTAMP, KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)) + DEVICE_DATA VARCHAR(2048) NOT NULL) +/ +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME_KEY_HANDLE ON FIDO_DEVICE_STORE(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME), KEY_HANDLE) / CREATE TABLE FIDO2_DEVICE_STORE ( TENANT_ID INTEGER, @@ -1112,11 +1122,12 @@ CREATE TABLE IDN_RECOVERY_DATA ( TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, REMAINING_SETS VARCHAR2(2500) DEFAULT NULL, RECOVERY_FLOW_ID VARCHAR2(255), - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), FOREIGN KEY (RECOVERY_FLOW_ID) REFERENCES IDN_RECOVERY_FLOW_DATA(RECOVERY_FLOW_ID) ON DELETE CASCADE, UNIQUE(CODE) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SCENARIO_STEP ON IDN_RECOVERY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SCENARIO, STEP) +/ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( ID INTEGER, USER_NAME VARCHAR2(255) NOT NULL, @@ -1125,10 +1136,11 @@ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( SALT_VALUE VARCHAR2(255), HASH VARCHAR2(255) NOT NULL, TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + PRIMARY KEY(ID) ) / +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SALT_VALUE_HASH ON IDN_PASSWORD_HISTORY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +/ CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE / CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG @@ -2115,7 +2127,7 @@ CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) / CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) / -CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN) +CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), TENANT_ID, TOKEN_STATE, USER_DOMAIN) / CREATE INDEX IDX_AT_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN) / @@ -2123,14 +2135,20 @@ CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH) / CREATE INDEX IDX_AT_RT ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN) / -CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE) +CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE) / CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE) / +CREATE INDEX IDX_AT_CK_AU_LO ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TOKEN_STATE, USER_TYPE) + / +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID) + / +CREATE INDEX IDX_AT_AU_CKID_TS_UT_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE) + / -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID) / -CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE) +CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, STATE) / CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID) / @@ -2164,7 +2182,7 @@ CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID) CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID) / -- IDN_AUTH_USER -- -CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME) +CREATE INDEX IDX_LOWER_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME) / CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID) / @@ -2177,7 +2195,7 @@ CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID) CREATE INDEX IDX_AUTH_SAI_UN_AID_SID ON IDN_AUTH_SESSION_APP_INFO (APP_ID, LOWER(SUBJECT), SESSION_ID) / -- IDN_OAUTH_CONSUMER_APPS -- -CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME) +CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(LOWER(USERNAME),TENANT_ID,USER_DOMAIN, APP_NAME) / -- IDX_SPI_APP -- CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID) @@ -2186,10 +2204,10 @@ CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID) CREATE INDEX IDX_IOP_CK ON IDN_OIDC_PROPERTY(TENANT_ID, CONSUMER_KEY) / -- IDN_FIDO2_PROPERTY -- -CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE) +CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE) / -- IDN_ASSOCIATED_ID -- -CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID) +CREATE INDEX IDX_AI_DN_LO_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, LOWER(USER_NAME), ASSOCIATION_ID) / -- IDN_OAUTH2_TOKEN_BINDING -- CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF) diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql index cfd6cabf6105..10eef3d5879f 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/postgresql.sql @@ -92,11 +92,12 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN ( CONSENTED_TOKEN VARCHAR(6), AUTHORIZED_ORGANIZATION VARCHAR(36) DEFAULT 'NONE' NOT NULL, PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION) + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ); +CREATE UNIQUE INDEX IDX_CON_APP_KEY ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID,LOWER(AUTHZ_USER),TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,AUTHORIZED_ORGANIZATION); + DROP TABLE IF EXISTS IDN_OAUTH2_TOKEN_BINDING; CREATE TABLE IDN_OAUTH2_TOKEN_BINDING ( TOKEN_ID VARCHAR (255), @@ -257,16 +258,16 @@ CREATE TABLE IDN_SCIM_GROUP ( PRIMARY KEY (ID) ); - DROP TABLE IF EXISTS IDN_OPENID_REMEMBER_ME; CREATE TABLE IDN_OPENID_REMEMBER_ME ( USER_NAME VARCHAR(255) NOT NULL, TENANT_ID INTEGER DEFAULT 0, COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) + CREATED_TIME TIMESTAMP ); +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID ON IDN_OPENID_REMEMBER_ME(LOWER(USER_NAME), TENANT_ID); + DROP TABLE IF EXISTS IDN_OPENID_USER_RPS; CREATE TABLE IDN_OPENID_USER_RPS ( USER_NAME VARCHAR(255) NOT NULL, @@ -279,6 +280,8 @@ CREATE TABLE IDN_OPENID_USER_RPS ( PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) ); +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_RP_URL ON IDN_OPENID_USER_RPS(LOWER(USER_NAME), TENANT_ID, RP_URL); + DROP TABLE IF EXISTS IDN_OPENID_ASSOCIATIONS; CREATE TABLE IDN_OPENID_ASSOCIATIONS ( HANDLE VARCHAR(255) NOT NULL, @@ -312,6 +315,8 @@ CREATE TABLE IDN_IDENTITY_USER_DATA ( PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) ); +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_DATA_KEY ON IDN_IDENTITY_USER_DATA(TENANT_ID, LOWER(USER_NAME), DATA_KEY); + DROP TABLE IF EXISTS IDN_IDENTITY_META_DATA; CREATE TABLE IDN_IDENTITY_META_DATA ( USER_NAME VARCHAR(255) NOT NULL, @@ -319,9 +324,11 @@ CREATE TABLE IDN_IDENTITY_META_DATA ( METADATA_TYPE VARCHAR(255) NOT NULL, METADATA VARCHAR(255) NOT NULL, VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE, METADATA) ); +CREATE UNIQUE INDEX IDX_TENANT_ID_LOWER_USER_NAME_METADATA_TYPE_METADATA ON IDN_IDENTITY_META_DATA(TENANT_ID, LOWER(USER_NAME), METADATA_TYPE, METADATA); + DROP TABLE IF EXISTS IDN_THRIFT_SESSION; CREATE TABLE IDN_THRIFT_SESSION ( SESSION_ID VARCHAR(255) NOT NULL, @@ -367,8 +374,9 @@ CREATE TABLE IDN_AUTH_USER ( TENANT_ID INTEGER NOT NULL, DOMAIN_NAME VARCHAR(255) NOT NULL, IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); + PRIMARY KEY (USER_ID)); + +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_DOMAIN_NAME_IDP_ID ON IDN_AUTH_USER(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, IDP_ID); DROP TABLE IF EXISTS IDN_AUTH_USER_SESSION_MAPPING; DROP SEQUENCE IF EXISTS IDN_AUTH_USER_SESSION_MAPPING_PK_SEQ; @@ -405,8 +413,9 @@ CREATE TABLE IDN_AUTH_USER ( TENANT_ID INTEGER NOT NULL, DOMAIN_NAME VARCHAR(255) NOT NULL, IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); + PRIMARY KEY (USER_ID)); + +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_TENANT_ID_DOMAIN_NAME_IDP_ID ON IDN_AUTH_USER(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, IDP_ID); DROP TABLE IF EXISTS IDN_AUTH_USER_SESSION_MAPPING; DROP SEQUENCE IF EXISTS IDN_AUTH_USER_SESSION_MAPPING_PK_SEQ; @@ -851,8 +860,9 @@ CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( ASSOCIATION_KEY VARCHAR(255) NOT NULL, TENANT_ID INTEGER, DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); + USER_NAME VARCHAR(255) NOT NULL); + +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME ON IDN_USER_ACCOUNT_ASSOCIATION(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME)); DROP TABLE IF EXISTS FIDO_DEVICE_STORE; CREATE TABLE FIDO_DEVICE_STORE ( @@ -861,8 +871,9 @@ CREATE TABLE FIDO_DEVICE_STORE ( USER_NAME VARCHAR(45) NOT NULL, TIME_REGISTERED TIMESTAMP, KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); + DEVICE_DATA VARCHAR(2048) NOT NULL); + +CREATE UNIQUE INDEX IDX_TENANT_ID_DOMAIN_NAME_LOWER_USER_NAME_KEY_HANDLE ON FIDO_DEVICE_STORE(TENANT_ID, DOMAIN_NAME, LOWER(USER_NAME), KEY_HANDLE); DROP TABLE IF EXISTS FIDO2_DEVICE_STORE; CREATE TABLE FIDO2_DEVICE_STORE ( @@ -900,11 +911,13 @@ CREATE TABLE IDN_RECOVERY_DATA ( TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REMAINING_SETS VARCHAR(2500) DEFAULT NULL, RECOVERY_FLOW_ID VARCHAR(255), - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP), FOREIGN KEY (RECOVERY_FLOW_ID) REFERENCES IDN_RECOVERY_FLOW_DATA(RECOVERY_FLOW_ID) ON DELETE CASCADE, UNIQUE(CODE) ); +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SCENARIO_STEP ON IDN_RECOVERY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SCENARIO, STEP); + DROP TABLE IF EXISTS IDN_PASSWORD_HISTORY_DATA; CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_PK_SEQ; CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( @@ -916,9 +929,11 @@ CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( HASH VARCHAR(255) NOT NULL, TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) ); +CREATE UNIQUE INDEX IDX_LOWER_USER_NAME_USER_DOMAIN_TENANT_ID_SALT_VALUE_HASH ON IDN_PASSWORD_HISTORY_DATA(LOWER(USER_NAME), USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH); + DROP TABLE IF EXISTS IDN_CLAIM_DIALECT; DROP SEQUENCE IF EXISTS IDN_CLAIM_DIALECT_SEQ; CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ; @@ -1662,6 +1677,9 @@ CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); CREATE INDEX IDX_AT_RT ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN); CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); CREATE INDEX IDX_TBR_TS ON IDN_OAUTH2_ACCESS_TOKEN(TOKEN_BINDING_REF, TOKEN_STATE); +CREATE INDEX IDX_AT_CK_AU_LO ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, LOWER(AUTHZ_USER), TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); +CREATE INDEX IDX_AT_AU_CKID_TS_UT_LO ON IDN_OAUTH2_ACCESS_TOKEN(LOWER(AUTHZ_USER), CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); -- IDN_OAUTH2_AUTHORIZATION_CODE -- CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); @@ -1701,7 +1719,7 @@ CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); -- IDN_AUTH_USER -- -CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME); +CREATE INDEX IDX_LOWER_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME); CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); -- IDN_AUTH_USER_SESSION_MAPPING -- @@ -1724,7 +1742,7 @@ CREATE INDEX IDX_IOP_CK ON IDN_OIDC_PROPERTY(TENANT_ID, CONSUMER_KEY); CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(LOWER(USER_NAME), TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); -- IDN_ASSOCIATED_ID -- -CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, LOWER(USER_NAME), ASSOCIATION_ID); +CREATE INDEX IDX_AI_DN_LO_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, LOWER(USER_NAME), ASSOCIATION_ID); -- IDN_OAUTH2_TOKEN_BINDING -- CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF);