Fix oauth warning on access granting for public clients
Change-Id: If23e2bb5066941d0be6fcb4c343db7fa13d4cb7d
diff --git a/Changes b/Changes
index b2561ea..82705c1 100644
--- a/Changes
+++ b/Changes
@@ -1,5 +1,6 @@
0.58 2024-10-08
- Fix meta table view for key value pairs (diewald)
+ - Fix warning on OAuth public clients (diewald)
0.57 2024-10-08
- Support VCs via URL without queries (diewald)
diff --git a/lib/Kalamar.pm b/lib/Kalamar.pm
index 9fa02a0..8d6ba8c 100644
--- a/lib/Kalamar.pm
+++ b/lib/Kalamar.pm
@@ -8,7 +8,7 @@
use List::Util qw!none uniq!;
# Minor version - may be patched from package.json
-our $VERSION = '0.57';
+our $VERSION = '0.58';
# Supported version of Backend API
our $API_VERSION = '1.0';
diff --git a/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep b/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
index f28d8d0..99a8d55 100644
--- a/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
+++ b/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
@@ -13,7 +13,7 @@
<p class="client-url"><a href="<%= stash('client_url') %>"><%= stash('client_url') %></a></p>
% };
% if (stash('client_type') eq 'PUBLIC') {
- <blockquote class="warning"><%= loc 'oauthGrantPublicWarn' %></blockquote>
+ <blockquote class="warning"><%= loc 'Auth_oauthGrantPublicWarn' %></blockquote>
% };
% if (stash('redirect_warning')) {
<blockquote class="warning">
diff --git a/package.json b/package.json
index 41f7b48..31873fb 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "Kalamar",
"description": "Mojolicious-based Frontend for KorAP",
"license": "BSD-2-Clause",
- "version": "0.57.1",
+ "version": "0.58.0",
"pluginVersion": "0.2.2",
"engines": {
"node": ">=6.0.0"
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index ad8d6ae..f1c4f78 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t
@@ -885,6 +885,15 @@
# "client_redirect_uri" => $redirect_uri
});
+$fake_backend_app->add_client({
+ "client_id" => 'xyz-public',
+ "client_name" => 'New added public client',
+ "client_description" => 'This is a new public client',
+ "client_url" => 'http://example.com',
+ "client_type" => 'PUBLIC'
+# "client_redirect_uri" => $redirect_uri
+});
+
$fake_backend_app->add_client({
"client_id" => 'xyz2',
@@ -988,8 +997,31 @@
->element_exists_not('div.notify-error')
->element_exists_not('div.notify-warn')
->element_exists_not('blockquote.warning')
+ ->text_is('h2 + p', ' wants to have access')
;
+$fwd = $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({
+ client_id => 'xyz-public',
+ state => 'abcde',
+ scope => 'search match',
+ redirect_uri => 'http://test.com/',
+}))
+ ->status_is(200)
+ ->attr_is('input[name=client_id]','value','xyz-public')
+ ->attr_is('input[name=state]','value','abcde')
+ ->attr_like('input[name=redirect_uri]','value', qr!^http://test\.com\/\?crto=.{3,}!)
+ ->text_is('ul#scopes li:nth-child(1)','search')
+ ->text_is('ul#scopes li:nth-child(2)','match')
+ ->text_is('span.client-name','New added public client')
+ ->attr_is('a.form-button','href','http://test.com/')
+ ->attr_is('a.embedded-link', 'href', '/doc/korap/kalamar')
+ ->element_exists_not('div.notify-error')
+ ->element_exists_not('div.notify-warn')
+ ->text_is('blockquote.warning','Warning - this is a public client!')
+ ->text_is('h2 + p', ' wants to have access')
+ ;
+
+
$t->get_ok('/settings/marketplace')
->status_is(200)
->text_is('html head title' => 'Marketplace')