Implemented loading VC from gz files & updated OAuth2 expiry check.

Change-Id: I01c607b86b992526400a3df9c5a66fa6211f4ac8
diff --git a/core/pom.xml b/core/pom.xml
index 01dbacd..7f9e282 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -203,8 +203,18 @@
 		    <groupId>org.apache.logging.log4j</groupId>
 		    <artifactId>log4j-jul</artifactId>
 		    <version>2.11.0</version>
+		    <exclusions>
+		    	<exclusion>
+					<groupId>org.slf4j</groupId>
+					<artifactId>slf4j-api</artifactId>
+				</exclusion>
+		    </exclusions>
 		</dependency>
-		
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+		    <version>1.7.25</version>
+		</dependency>
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
@@ -283,6 +293,10 @@
 				</exclusion>
 				<exclusion>
 					<groupId>org.slf4j</groupId>
+					<artifactId>slf4j-api</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.slf4j</groupId>
 					<artifactId>slf4j-log4j12</artifactId>
 				</exclusion>
 				<exclusion>
diff --git a/full/Changes b/full/Changes
index bf6739c..b6613e7 100644
--- a/full/Changes
+++ b/full/Changes
@@ -24,6 +24,9 @@
     - Improved and added OAuth2 tests (margaretha)
 21/08/2018
     - Added VC name pattern check (margaretha)
+22/08/2018
+    - Implemented loading VC from gz files (margaretha)
+    - Updated OAuth2 authorization codes' & access tokens' expiry check (margaretha)
 
 # version 0.60.5
 
diff --git a/full/pom.xml b/full/pom.xml
index 4dac5d4..557b114 100644
--- a/full/pom.xml
+++ b/full/pom.xml
@@ -214,24 +214,6 @@
 			<version>${jersey.version}</version>
 			<scope>test</scope>
 		</dependency>
-		<dependency>
-		    <groupId>com.sun.jersey.jersey-test-framework</groupId>
-		    <artifactId>jersey-test-framework-embedded-glassfish</artifactId>
-		    <version>${jersey.version}</version>
-		    <scope>test</scope>
-		</dependency>
-		<dependency>
-		    <groupId>com.sun.jersey.jersey-test-framework</groupId>
-		    <artifactId>jersey-test-framework-external</artifactId>
-		    <version>${jersey.version}</version>
-		    <scope>test</scope>
-		</dependency>
-		<dependency>
-		    <groupId>com.sun.jersey.jersey-test-framework</groupId>
-		    <artifactId>jersey-test-framework-grizzly2</artifactId>
-		    <version>1.19.4</version>
-		    <scope>test</scope>
-		</dependency>
 		
 		<dependency>
 			<groupId>com.sun.jersey</groupId>
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/OAuth2Authentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/OAuth2Authentication.java
index 1b42d3e..d203b51 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/OAuth2Authentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/OAuth2Authentication.java
@@ -1,13 +1,11 @@
 package de.ids_mannheim.korap.authentication;
 
-import java.time.ZonedDateTime;
 import java.util.Map;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.constant.TokenType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
@@ -25,8 +23,6 @@
     private AccessTokenDao accessDao;
     @Autowired
     private OAuth2ScopeService scopeService;
-    @Autowired
-    private FullConfiguration config;
 
     @Override
     public TokenContext getTokenContext (String authToken)
@@ -38,14 +34,12 @@
                     "Access token has been revoked");
         }
 
-        ZonedDateTime expiry = accessToken.getCreatedDate()
-                .plusSeconds(config.getAccessTokenExpiry());
         String scopes = scopeService
                 .convertAccessScopesToString(accessToken.getScopes());
 
         TokenContext c = new TokenContext();
         c.setUsername(accessToken.getUserId());
-        c.setExpirationTime(expiry.toInstant().toEpochMilli());
+        c.setExpirationTime(accessToken.getExpiryDate().toInstant().toEpochMilli());
         c.setToken(authToken);
         c.setTokenType(TokenType.BEARER);
         c.addContextParameter(Attributes.SCOPE, scopes);
diff --git a/full/src/main/java/de/ids_mannheim/korap/config/NamedVCLoader.java b/full/src/main/java/de/ids_mannheim/korap/config/NamedVCLoader.java
index 043f77e..0549106 100644
--- a/full/src/main/java/de/ids_mannheim/korap/config/NamedVCLoader.java
+++ b/full/src/main/java/de/ids_mannheim/korap/config/NamedVCLoader.java
@@ -1,9 +1,12 @@
 package de.ids_mannheim.korap.config;
 
 import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
+import java.util.zip.GZIPInputStream;
 
 import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.output.ByteArrayOutputStream;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -18,11 +21,10 @@
     private FullConfiguration config;
     @Autowired
     private SearchKrill searchKrill;
-    
+
     private static Logger jlog = LogManager.getLogger(NamedVCLoader.class);
 
-    public void loadVCToCache ()
-            throws IOException {
+    public void loadVCToCache () throws IOException {
 
         String dir = config.getNamedVCPath();
         File d = new File(dir);
@@ -34,23 +36,45 @@
             if (!file.exists()) {
                 throw new IOException("File " + file + " is not found.");
             }
-            else if (!file.getName().endsWith(".jsonld")) {
-                throw new IOException("File " + file
-                        + " is not allowed. Filename must ends with .jsonld");
-            }
 
-            long start = System.currentTimeMillis();
-            String json = FileUtils.readFileToString(file, "utf-8");
+            long start, end;
+            String json;
+            String filename = file.getName();
+
+            if (file.getName().endsWith(".jsonld")) {
+                filename = filename.substring(0, filename.length() - 7);
+                start = System.currentTimeMillis();
+                json = FileUtils.readFileToString(file, "utf-8");
+                end = System.currentTimeMillis();
+            }
+            else if (filename.endsWith(".jsonld.gz")) {
+                filename = filename.substring(0, filename.length() - 10);
+                start = System.currentTimeMillis();
+
+                GZIPInputStream gzipInputStream =
+                        new GZIPInputStream(new FileInputStream(file));
+                ByteArrayOutputStream bos = new ByteArrayOutputStream(512);
+                bos.write(gzipInputStream);
+                json = bos.toString("utf-8");
+                bos.close();
+                end = System.currentTimeMillis();
+            }
+            else {
+                System.err.println("File " + filename
+                        + " is not allowed. Filename must ends with .jsonld or .jsonld.gz");
+                continue;
+            }
+            jlog.debug(
+                    "READ " + file.getName() + " duration: " + (end - start));
+
             KrillCollection collection = new KrillCollection(json);
             collection.setIndex(searchKrill.getIndex());
-            
-            String filename = file.getName();
-            filename = filename.substring(0,filename.length()-7);
+
             if (collection != null) {
                 collection.storeInCache(filename);
             }
-            long end = System.currentTimeMillis();
-            jlog.debug(filename + " duration: " + (end - start));
+            end = System.currentTimeMillis();
+            jlog.debug(filename + "caching duration: " + (end - start));
             jlog.debug("memory cache: "
                     + KrillCollection.cache.calculateInMemorySize());
         }
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
index 5564ee7..f701777 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
@@ -1,5 +1,6 @@
 package de.ids_mannheim.korap.oauth2.dao;
 
+import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.List;
 import java.util.Set;
@@ -13,9 +14,12 @@
 import javax.persistence.criteria.Predicate;
 import javax.persistence.criteria.Root;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Repository;
 import org.springframework.transaction.annotation.Transactional;
 
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.config.KustvaktCacheable;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
@@ -30,13 +34,15 @@
 @Transactional
 public class AccessTokenDao extends KustvaktCacheable {
 
+    @PersistenceContext
+    private EntityManager entityManager;
+    @Autowired
+    private FullConfiguration config;
+
     public AccessTokenDao () {
         super("access_token", "key:access_token");
     }
 
-    @PersistenceContext
-    private EntityManager entityManager;
-
     @Deprecated
     public void storeAccessToken (Authorization authorization, String token)
             throws KustvaktException {
@@ -64,7 +70,15 @@
         ParameterChecker.checkObjectValue(authenticationTime,
                 "authentication time");
 
+        ZonedDateTime now =
+                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
+        
         AccessToken accessToken = new AccessToken();
+        accessToken.setCreatedDate(now);
+        accessToken
+                .setExpiryDate(now.plusSeconds(config.getAccessTokenExpiry()));
+        accessToken.setRefreshTokenExpiryDate(
+                now.plusSeconds(config.getRefreshTokenExpiry()));
         accessToken.setToken(token);
         accessToken.setRefreshToken(refreshToken);
         accessToken.setScopes(scopes);
@@ -150,7 +164,6 @@
                 builder.equal(root.get(AccessToken_.token), token),
                 builder.equal(root.get(AccessToken_.refreshToken), token));
 
-
         query.select(root);
         query.where(condition);
         Query q = entityManager.createQuery(query);
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java
index af83e16..ee2b130 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java
@@ -1,11 +1,16 @@
 package de.ids_mannheim.korap.oauth2.dao;
 
+import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.config.KustvaktCacheable;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
@@ -19,6 +24,9 @@
 public class AuthorizationCacheDao extends KustvaktCacheable
         implements AuthorizationDaoInterface {
 
+    @Autowired
+    private FullConfiguration config;
+
     public AuthorizationCacheDao () {
         super("authorization", "key:authorization");
     }
@@ -43,7 +51,12 @@
         authorization.setRedirectURI(redirectURI);
         authorization.setUserAuthenticationTime(authenticationTime);
         authorization.setNonce(nonce);
-        authorization.setCreatedDate(ZonedDateTime.now());
+
+        ZonedDateTime now =
+                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
+        authorization.setCreatedDate(now);
+        authorization.setExpiryDate(
+                now.plusSeconds(config.getAuthorizationCodeExpiry()));
 
         this.storeInCache(code, authorization);
         return authorization;
@@ -77,11 +90,11 @@
     public List<Authorization> retrieveAuthorizationsByClientId (
             String clientId) {
         List<Authorization> authList = new ArrayList<>();
-        
+
         Map<Object, Element> map = getAllCacheElements();
-        for (Object key : map.keySet()){
-            Authorization auth =  (Authorization) map.get(key).getObjectValue();
-            if (auth.getClientId().equals(clientId)){
+        for (Object key : map.keySet()) {
+            Authorization auth = (Authorization) map.get(key).getObjectValue();
+            if (auth.getClientId().equals(clientId)) {
                 authList.add(auth);
             }
         }
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
index ff82d9c..4abb92b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
@@ -1,5 +1,6 @@
 package de.ids_mannheim.korap.oauth2.dao;
 
+import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.List;
 import java.util.Set;
@@ -12,9 +13,12 @@
 import javax.persistence.criteria.Predicate;
 import javax.persistence.criteria.Root;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Repository;
 import org.springframework.transaction.annotation.Transactional;
 
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
@@ -30,7 +34,9 @@
 
     @PersistenceContext
     private EntityManager entityManager;
-
+    @Autowired
+    private FullConfiguration config;
+    
     public Authorization storeAuthorizationCode (String clientId, String userId,
             String code, Set<AccessScope> scopes, String redirectURI,
             ZonedDateTime authenticationTime, String nonce)
@@ -50,6 +56,12 @@
         authorization.setRedirectURI(redirectURI);
         authorization.setUserAuthenticationTime(authenticationTime);
         authorization.setNonce(nonce);
+        
+        ZonedDateTime now =
+                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
+        authorization.setCreatedDate(now);
+        authorization.setExpiryDate(
+                now.plusSeconds(config.getAuthorizationCodeExpiry()));
 
         entityManager.persist(authorization);
         // what if unique fails
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
index e9aa596..e7509d0 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
@@ -31,8 +31,10 @@
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private int id;
     private String token;
-    @Column(name = "created_date")
+    @Column(name = "created_date", updatable = false)
     private ZonedDateTime createdDate;
+    @Column(name = "expiry_date", updatable = false)
+    private ZonedDateTime expiryDate;
     @Column(name = "user_id")
     private String userId;
     @Column(name = "client_id")
@@ -43,6 +45,8 @@
     private ZonedDateTime userAuthenticationTime;
     @Column(name = "refresh_token", updatable = false)
     private String refreshToken;
+    @Column(name = "refresh_expiry_date", updatable = false)
+    private ZonedDateTime refreshTokenExpiryDate;
     @Column(name = "is_refresh_revoked")
     private boolean isRefreshTokenRevoked;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
index bbd954b..bb38fb5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
@@ -35,6 +35,8 @@
     private String redirectURI;
     @Column(name = "created_date", updatable = false)
     private ZonedDateTime createdDate;
+    @Column(name = "expiry_date")
+    private ZonedDateTime expiryDate;
     @Column(name = "is_revoked")
     private boolean isRevoked;
     @Column(name = "total_attempts")
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
index 1aba796..7730b1e 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
@@ -124,8 +124,7 @@
                     OAuth2Error.INVALID_GRANT);
         }
         else if (ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE))
-                .isAfter(origin.getCreatedDate()
-                        .plusSeconds(config.getRefreshTokenExpiry()))) {
+                .isAfter(origin.getRefreshTokenExpiryDate())) {
             throw new KustvaktException(StatusCodes.INVALID_REFRESH_TOKEN,
                     "Refresh token is expired.", OAuth2Error.INVALID_GRANT);
         }
@@ -221,7 +220,7 @@
         if (scopes == null || scopes.isEmpty()) {
             scopes = new HashSet<String>(1);
             scopes.add("all");
-//            scopes = config.getDefaultAccessScopes();
+            // scopes = config.getDefaultAccessScopes();
         }
 
         ZonedDateTime authenticationTime =
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
index ae29e4c..a8e7106 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
@@ -1,5 +1,6 @@
 package de.ids_mannheim.korap.oauth2.service;
 
+import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.Set;
 
@@ -8,6 +9,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
@@ -123,7 +125,6 @@
         return redirectUri;
     }
 
-
     public Authorization retrieveAuthorization (String code)
             throws KustvaktException {
         return authorizationDao.retrieveAuthorizationCode(code);
@@ -143,7 +144,7 @@
                     "Invalid authorization", OAuth2Error.INVALID_GRANT);
         }
 
-        if (isExpired(authorization.getCreatedDate())) {
+        if (isExpired(authorization.getExpiryDate())) {
             throw new KustvaktException(StatusCodes.INVALID_AUTHORIZATION,
                     "Authorization expired", OAuth2Error.INVALID_GRANT);
         }
@@ -175,14 +176,13 @@
         authorizationDao.updateAuthorization(authorization);
     }
 
-    private boolean isExpired (ZonedDateTime createdDate) {
-        jlog.debug("createdDate: " + createdDate);
-        ZonedDateTime expiration =
-                createdDate.plusSeconds(config.getAuthorizationCodeExpiry());
-        ZonedDateTime now = ZonedDateTime.now();
-        jlog.debug("expiration: " + expiration + ", now: " + now);
+    private boolean isExpired (ZonedDateTime expiryDate) {
+        ZonedDateTime now =
+                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
+        jlog.debug("createdDate: " + expiryDate);
+        jlog.debug("expiration: " + expiryDate + ", now: " + now);
 
-        if (expiration.isAfter(now)) {
+        if (expiryDate.isAfter(now)) {
             return false;
         }
         return true;
diff --git a/full/src/main/resources/db/insert/V3.5__insert_oauth2_clients.sql b/full/src/main/resources/db/insert/V3.5__insert_oauth2_clients.sql
index 68bbfa7..0d518a3 100644
--- a/full/src/main/resources/db/insert/V3.5__insert_oauth2_clients.sql
+++ b/full/src/main/resources/db/insert/V3.5__insert_oauth2_clients.sql
@@ -47,6 +47,7 @@
 --  "https://korap.ids-mannheim.de/public/redirect","system", 
 --  "This is a test super public client."); 
 
-INSERT INTO oauth2_access_token(token,user_id,created_date, user_auth_time)
-VALUES("fia0123ikBWn931470H8s5gRqx7Moc4p","marlin","2018-05-30 16:25:50",
-"2018-05-30 16:23:10");
\ No newline at end of file
+INSERT INTO oauth2_access_token(token,user_id,created_date, 
+expiry_date, refresh_expiry_date, user_auth_time)
+VALUES("fia0123ikBWn931470H8s5gRqx7Moc4p","marlin","2018-05-30 16:25:50", 
+"2018-05-31 16:25:50", "2018-08-30 16:25:50", "2018-05-30 16:23:10");
diff --git a/full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql b/full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql
index 4c35fca..10e069d 100644
--- a/full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql
+++ b/full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql
@@ -11,7 +11,7 @@
 	name VARCHAR(200) NOT NULL,
 	secret VARCHAR(200) DEFAULT NULL,
 	type VARCHAR(200) NOT NULL,
-	native BOOLEAN DEFAULT FALSE,
+	super BOOLEAN DEFAULT FALSE,
 	redirect_uri TEXT DEFAULT NULL,
 	description VARCHAR(250) NOT NULL,
 	registered_by VARCHAR(100) NOT NULL,
@@ -27,6 +27,7 @@
 	user_id VARCHAR(100) NOT NULL,
 	redirect_uri TEXT DEFAULT NULL,
 	created_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+	expiry_date TIMESTAMP NULL,
 	is_revoked BOOLEAN DEFAULT 0,
 	total_attempts INTEGER DEFAULT 0,
 	user_auth_time TIMESTAMP NULL,
@@ -57,9 +58,11 @@
 	user_id VARCHAR(100) DEFAULT NULL,
 	client_id VARCHAR(100) DEFAULT NULL,
 	created_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+	expiry_date TIMESTAMP NULL,
 	is_revoked BOOLEAN DEFAULT 0,
 	user_auth_time TIMESTAMP NULL,
     refresh_token VARCHAR(255) DEFAULT NULL,
+    refresh_expiry_date TIMESTAMP NULL,
 	is_refresh_revoked BOOLEAN DEFAULT 0,
 	FOREIGN KEY (client_id)
 	   REFERENCES oauth2_client(id)
diff --git a/full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql b/full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql
index 47f0a0f..45fa1f4 100644
--- a/full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql
+++ b/full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql
@@ -28,7 +28,8 @@
 	client_id VARCHAR(100) NOT NULL,
 	user_id VARCHAR(100) NOT NULL,
 	redirect_uri TEXT DEFAULT NULL,
-	created_date TIMESTAMP DEFAULT (datetime('now','localtime')),
+	created_date TIMESTAMP NOT NULL,
+	expiry_date TIMESTAMP NOT NULL,
 	is_revoked BOOLEAN DEFAULT 0,
 	total_attempts INTEGER DEFAULT 0,
 	user_auth_time TIMESTAMP NOT NULL,
@@ -61,10 +62,12 @@
 	token VARCHAR(255) NOT NULL,
 	user_id VARCHAR(100) DEFAULT NULL,
 	client_id VARCHAR(100) DEFAULT NULL,
-	created_date TIMESTAMP DEFAULT (datetime('now','localtime')),
+	created_date TIMESTAMP NOT NULL,
+	expiry_date TIMESTAMP NOT NULL,
 	is_revoked BOOLEAN DEFAULT 0,
 	user_auth_time TIMESTAMP NOT NULL,
 	refresh_token VARCHAR(255) DEFAULT NULL,
+	refresh_expiry_date TIMESTAMP NOT NULL,
 	is_refresh_revoked BOOLEAN DEFAULT 0,
 	FOREIGN KEY (client_id)
 	   REFERENCES oauth2_client(id)
diff --git a/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql b/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
index d62e4df..96329af 100644
--- a/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
+++ b/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
@@ -1,14 +1,15 @@
-CREATE TRIGGER insert_authorization_date AFTER INSERT ON oauth2_authorization
-     BEGIN
-      UPDATE oauth2_authorization
-      SET created_date = DATETIME('now', 'localtime')  
-      WHERE rowid = new.rowid;
-     END;
-
-CREATE TRIGGER insert_access_token_date AFTER INSERT ON oauth2_access_token
-     BEGIN
-      UPDATE oauth2_access_token
-      SET created_date = DATETIME('now', 'localtime')  
-      WHERE rowid = new.rowid;
-     END;
+--CREATE TRIGGER insert_authorization_date AFTER INSERT ON oauth2_authorization
+--     BEGIN
+--      UPDATE oauth2_authorization
+--      SET created_date = DATETIME('now', 'localtime')  
+--      WHERE rowid = new.rowid;
+--     END;
+--     
+--
+--CREATE TRIGGER insert_access_token_date AFTER INSERT ON oauth2_access_token
+--     BEGIN
+--      UPDATE oauth2_access_token
+--      SET created_date = DATETIME('now', 'localtime')  
+--      WHERE rowid = new.rowid;
+--     END;
      
\ No newline at end of file
diff --git a/full/src/main/resources/default-config.xml b/full/src/main/resources/default-config.xml
index 32ebb35..f9ce666 100644
--- a/full/src/main/resources/default-config.xml
+++ b/full/src/main/resources/default-config.xml
@@ -139,6 +139,7 @@
 				</prop>
 				<prop key="hibernate.cache.provider_class">${hibernate.cache.provider}</prop>
 				<prop key="hibernate.cache.region.factory_class">${hibernate.cache.region.factory}</prop>
+				<prop key="hibernate.jdbc.time_zone">${hibernate.jdbc.time_zone}</prop>
 				<!-- <prop key="net.sf.ehcache.configurationResourceName">classpath:ehcache.xml</prop> -->
 			</props>
 		</property>
diff --git a/full/src/main/resources/properties/hibernate.properties b/full/src/main/resources/properties/hibernate.properties
index 161b737..199dc73 100644
--- a/full/src/main/resources/properties/hibernate.properties
+++ b/full/src/main/resources/properties/hibernate.properties
@@ -4,4 +4,5 @@
 hibernate.cache.use_query_cache=false
 hibernate.cache.use_second_level_cache=false
 hibernate.cache.provider=org.hibernate.cache.EhCacheProvider
-hibernate.cache.region.factory=org.hibernate.cache.ehcache.EhCacheRegionFactory
\ No newline at end of file
+hibernate.cache.region.factory=org.hibernate.cache.ehcache.EhCacheRegionFactory
+hibernate.jdbc.time_zone=UTC
\ No newline at end of file
diff --git a/full/src/main/resources/properties/jdbc.properties b/full/src/main/resources/properties/jdbc.properties
index 1afe44b..1f5e8ab 100644
--- a/full/src/main/resources/properties/jdbc.properties
+++ b/full/src/main/resources/properties/jdbc.properties
@@ -4,7 +4,7 @@
 
 #jdbc.database=mysql
 #jdbc.driverClassName=com.mysql.jdbc.Driver
-#jdbc.url=jdbc:mysql://localhost:3306/kustvakt?autoReconnect=true&useLegacyDatetimeCode=false
+#jdbc.url=jdbc:mysql://localhost:3306/kustvakt?autoReconnect=true&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC
 #jdbc.username=korap
 #jdbc.password=password
 
diff --git a/full/src/test/resources/test-config.xml b/full/src/test/resources/test-config.xml
index f438fd2..945720b 100644
--- a/full/src/test/resources/test-config.xml
+++ b/full/src/test/resources/test-config.xml
@@ -140,6 +140,7 @@
 				</prop>
 				<prop key="hibernate.cache.provider_class">${hibernate.cache.provider}</prop>
 				<prop key="hibernate.cache.region.factory_class">${hibernate.cache.region.factory}</prop>
+				<prop key="hibernate.jdbc.time_zone">${hibernate.jdbc.time_zone}</prop>
 				<!-- <prop key="net.sf.ehcache.configurationResourceName">classpath:ehcache.xml</prop> -->
 			</props>
 		</property>
diff --git a/full/src/test/resources/test-hibernate.properties b/full/src/test/resources/test-hibernate.properties
index 161b737..199dc73 100644
--- a/full/src/test/resources/test-hibernate.properties
+++ b/full/src/test/resources/test-hibernate.properties
@@ -4,4 +4,5 @@
 hibernate.cache.use_query_cache=false
 hibernate.cache.use_second_level_cache=false
 hibernate.cache.provider=org.hibernate.cache.EhCacheProvider
-hibernate.cache.region.factory=org.hibernate.cache.ehcache.EhCacheRegionFactory
\ No newline at end of file
+hibernate.cache.region.factory=org.hibernate.cache.ehcache.EhCacheRegionFactory
+hibernate.jdbc.time_zone=UTC
\ No newline at end of file