UnitVectorY-Labs · Copilot · Jan 31, 2026 · Jan 31, 2026 · Feb 12, 2026 · Feb 12, 2026
diff --git a/datamodel-postgres/README.md b/datamodel-postgres/README.md
@@ -0,0 +1,5 @@
+# datamodel-postgres
+
+This module provides a PostgreSQL implementation of the data model interfaces so that the underlying implementation can be swapped out as a runtime dependency.
+
+For additional details on this module see, please visit the [Datamodel Postgres documentation](/docs/modules/datamodel/postgres.md).
diff --git a/datamodel-postgres/pom.xml b/datamodel-postgres/pom.xml
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>com.unitvectory</groupId>
+        <artifactId>serviceauthcentral</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+
+    <groupId>com.unitvectory.serviceauthcentral</groupId>
+    <artifactId>datamodel-postgres</artifactId>
+
+    <properties>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.unitvectory</groupId>
+            <artifactId>consistgen</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.unitvectory.serviceauthcentral</groupId>
+            <artifactId>util</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.unitvectory.serviceauthcentral</groupId>
+            <artifactId>datamodel</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.postgresql</groupId>
+            <artifactId>postgresql</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mapstruct</groupId>
+            <artifactId>mapstruct</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok-mapstruct-binding</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <additionalClasspathElements>
+                        <additionalClasspathElement>${project.build.directory}/generated-sources/annotations</additionalClasspathElement>
+                    </additionalClasspathElements>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <!-- Required as this is a library that needs to not be repackaged -->
+                    <skip>true</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>${java.version}</source>
+                    <target>${java.version}</target>
+                    <annotationProcessorPaths>
+                        <path>
+                            <groupId>org.projectlombok</groupId>
+                            <artifactId>lombok</artifactId>
+                            <version>${lombok.version}</version>
+                        </path>
+                        <path>
+                            <groupId>org.mapstruct</groupId>
+                            <artifactId>mapstruct-processor</artifactId>
+                            <version>${mapstruct.version}</version>
+                        </path>
+                        <path>
+                            <groupId>org.projectlombok</groupId>
+                            <artifactId>lombok-mapstruct-binding</artifactId>
+                            <version>${lombok-mapstruct-binding.version}</version>
+                        </path>
+                    </annotationProcessorPaths>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/datamodel-postgres/src/lombok.config b/datamodel-postgres/src/lombok.config
@@ -0,0 +1,7 @@
+# This tells lombok this directory is the root,
+# no need to look somewhere else for java code.
+config.stopBubbling = true
+# This will add the @lombok.Generated annotation
+# to all the code generated by Lombok,
+# so it can be excluded from coverage by jacoco.
+lombok.addLombokGeneratedAnnotation = true
diff --git a/...com/unitvectory/serviceauthcentral/datamodel/postgres/config/DatamodelPostgresConfig.java b/...com/unitvectory/serviceauthcentral/datamodel/postgres/config/DatamodelPostgresConfig.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2026 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.unitvectory.serviceauthcentral.datamodel.postgres.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.domain.EntityScan;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+
+import com.unitvectory.consistgen.epoch.EpochTimeProvider;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.AuthorizationJpaRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.CachedJwkJpaRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.ClientJpaRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.LoginCodeJpaRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.LoginStateJpaRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.PostgresAuthorizationRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.PostgresClientRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.PostgresJwkCacheRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.PostgresLoginCodeRepository;
+import com.unitvectory.serviceauthcentral.datamodel.postgres.repository.PostgresLoginStateRepository;
+import com.unitvectory.serviceauthcentral.datamodel.repository.AuthorizationRepository;
+import com.unitvectory.serviceauthcentral.datamodel.repository.ClientRepository;
+import com.unitvectory.serviceauthcentral.datamodel.repository.JwkCacheRepository;
+import com.unitvectory.serviceauthcentral.datamodel.repository.LoginCodeRepository;
+import com.unitvectory.serviceauthcentral.datamodel.repository.LoginStateRepository;
+
+/**
+ * The data model config for PostgreSQL
+ * 
+ * @author Jared Hatfield (UnitVectorY Labs)
+ */
+@Configuration
+@Profile("datamodel-postgres")
+@EntityScan(basePackages = "com.unitvectory.serviceauthcentral.datamodel.postgres.entity")
+@EnableJpaRepositories(basePackages = "com.unitvectory.serviceauthcentral.datamodel.postgres.repository")
+public class DatamodelPostgresConfig {
+
+    @Autowired
+    private EpochTimeProvider epochTimeProvider;
+
+    @Autowired
+    private AuthorizationJpaRepository authorizationJpaRepository;
+
+    @Autowired
+    private ClientJpaRepository clientJpaRepository;
+
+    @Autowired
+    private CachedJwkJpaRepository cachedJwkJpaRepository;
+
+    @Autowired
+    private LoginCodeJpaRepository loginCodeJpaRepository;
+
+    @Autowired
+    private LoginStateJpaRepository loginStateJpaRepository;
+
+    @Bean
+    public AuthorizationRepository authorizationRepository() {
+        return new PostgresAuthorizationRepository(this.authorizationJpaRepository, this.epochTimeProvider);
+    }
+
+    @Bean
+    public ClientRepository clientRepository() {
+        return new PostgresClientRepository(this.clientJpaRepository, this.epochTimeProvider);
+    }
+
+    @Bean
+    public JwkCacheRepository jwkCacheRepository() {
+        return new PostgresJwkCacheRepository(this.cachedJwkJpaRepository);
+    }
+
+    @Bean
+    public LoginCodeRepository loginCodeRepository() {
+        return new PostgresLoginCodeRepository(this.loginCodeJpaRepository);
+    }
+
+    @Bean
+    public LoginStateRepository loginStateRepository() {
+        return new PostgresLoginStateRepository(this.loginStateJpaRepository);
+    }
+}
diff --git a/...ava/com/unitvectory/serviceauthcentral/datamodel/postgres/entity/AuthorizationEntity.java b/...ava/com/unitvectory/serviceauthcentral/datamodel/postgres/entity/AuthorizationEntity.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2026 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.unitvectory.serviceauthcentral.datamodel.postgres.entity;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import com.unitvectory.serviceauthcentral.datamodel.model.Authorization;
+
+import jakarta.persistence.CollectionTable;
+import jakarta.persistence.Column;
+import jakarta.persistence.ElementCollection;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.Table;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * The Authorization Entity for PostgreSQL
+ * 
+ * @author Jared Hatfield (UnitVectorY Labs)
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Entity
+@Table(name = "authorizations")
+public class AuthorizationEntity implements Authorization {
+
+    @Id
+    @Column(name = "document_id", nullable = false, length = 64)
+    private String documentId;
+
+    @Column(name = "authorization_created")
+    private String authorizationCreated;
+
+    @Column(name = "subject", nullable = false)
+    private String subject;
+
+    @Column(name = "audience", nullable = false)
+    private String audience;
+
+    @Builder.Default
+    @ElementCollection(fetch = FetchType.EAGER)
+    @CollectionTable(name = "authorization_scopes", joinColumns = @JoinColumn(name = "authorization_id"))
+    @Column(name = "scope")
+    private List<String> authorizedScopes = new ArrayList<>();
+}
diff --git a/...in/java/com/unitvectory/serviceauthcentral/datamodel/postgres/entity/CachedJwkEntity.java b/...in/java/com/unitvectory/serviceauthcentral/datamodel/postgres/entity/CachedJwkEntity.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2026 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.unitvectory.serviceauthcentral.datamodel.postgres.entity;
+
+import com.unitvectory.serviceauthcentral.datamodel.model.CachedJwk;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * The Cached JWK Entity for PostgreSQL
+ * 
+ * @author Jared Hatfield (UnitVectorY Labs)
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Entity
+@Table(name = "cached_jwks")
+public class CachedJwkEntity implements CachedJwk {
+
+    @Id
+    @Column(name = "document_id", nullable = false, length = 64)
+    private String documentId;
+
+    @Column(name = "url", nullable = false)
+    private String url;
+
+    @Column(name = "ttl", nullable = false)
+    private Long ttl;
+
+    @Column(name = "valid")
+    private boolean valid;
+
+    @Column(name = "kid", nullable = false)
+    private String kid;
+
+    @Column(name = "kty")
+    private String kty;
+
+    @Column(name = "alg")
+    private String alg;
+
+    @Column(name = "use_value")
+    private String use;
+
+    @Column(name = "n", columnDefinition = "TEXT")
+    private String n;
+
+    @Column(name = "e")
+    private String e;
+
+    @Override
+    public boolean isExpired(long now) {
+        return ttl < now;
+    }
+}