blob: 6c9318f224bc9f9eb8fd52fe1198ccda0ef7c16e [file] [log] [blame]
#!/usr/bin/env perl
use Mojolicious::Lite;
use Mojo::ByteStream 'b';
use Mojo::Date;
use Mojo::JSON qw/true false encode_json decode_json/;
use strict;
use warnings;
use Mojo::JWT;
use Mojo::File qw/path/;
use Mojo::Util qw/slugify/;
# This is an API fake server with fixtures
my $secret = 's3cr3t';
my $fixture_path = path(Mojo::File->new(__FILE__)->dirname)->child('..', 'fixtures');
our %tokens = (
'access_token' => "4dcf8784ccfd26fac9bdb82778fe60e2",
'refresh_token' => "hlWci75xb8atDiq3924NUSvOdtAh7Nlf9z",
'access_token_2' => "abcde",
'access_token_3' => 'jvgjbvjgzucgdwuiKHJK',
'refresh_token_2' => "fghijk",
'new_client_id' => 'fCBbQkA2NDA3MzM1Yw==',
'new_client_secret' => 'KUMaFxs6R1WGud4HM22w3HbmYKHMnNHIiLJ2ihaWtB4N5JxGzZgyqs5GTLutrORj',
'auth_token_1' => 'mscajfdghnjdfshtkjcuynxahgz5il'
);
helper get_token => sub {
my ($c, $token) = @_;
return $tokens{$token}
};
# Legacy:
helper jwt_encode => sub {
shift;
return Mojo::JWT->new(
secret => $secret,
token_type => 'api_token',
expires => time + (3 * 34 * 60 * 60),
claims => { @_ }
);
};
# Legacy;
helper jwt_decode => sub {
my ($c, $auth) = @_;
$auth =~ s/\s*api_token\s+//;
return Mojo::JWT->new(secret => $secret)->decode($auth);
};
# Expiration helper
helper expired => sub {
my ($c, $auth, $set) = @_;
$auth =~ s/^[^ ]+? //;
if ($set) {
$c->app->log->debug("Set $auth for expiration");
$c->app->defaults('auth_' . $auth => 1);
return 1;
};
$c->app->log->debug("Check $auth for expiration: " . (
$c->app->defaults('auth_' . $auth) // '0'
));
return $c->app->defaults('auth_' . $auth);
};
# Load fixture responses
helper 'load_response' => sub {
my $c = shift;
my $q_name = shift;
my $file = $fixture_path->child("response_$q_name.json");
$c->app->log->debug("Load response from $file");
unless (-f $file) {
return {
status => 500,
json => {
errors => [[0, 'Unable to load query response from ' . $file]]
}
}
};
my $response = $file->slurp;
my $decode = decode_json($response);
unless ($decode) {
return {
status => 500,
json => {
errors => [[0, 'Unable to parse JSON']]
}
}
};
return $decode;
};
app->defaults('oauth.client_list' => []);
# Base page
get '/v1.0/' => sub {
shift->render(text => 'Fake server available');
};
get '/v1.0/redirect-target-a' => sub {
shift->render(text => 'Redirect Target!');
} => 'redirect-target';
# Base page
get '/v1.0/redirect' => sub {
my $c = shift;
$c->res->code(308);
$c->res->headers->location($c->url_for('redirect-target')->to_abs);
return $c->render(text => '');
};
# Search fixtures
get '/v1.0/search' => sub {
my $c = shift;
my $v = $c->validation;
$v->optional('q');
$v->optional('page');
$v->optional('ql');
$v->optional('cq');
$v->optional('count');
$v->optional('context');
$v->optional('offset');
$v->optional('pipes');
$v->optional('cutoff')->in(qw/true false/);
$c->app->log->debug('Receive request');
# Response q=x&ql=cosmas3
if ($v->param('ql') && $v->param('ql') eq 'cosmas3') {
return $c->render(
status => 400,
json => {
"\@context" => "http://korap.ids-mannheim.de/ns/koral/0.3/context.jsonld",
"errors" => [[307,"cosmas3 is not a supported query language!"]]
});
};
if (!$v->param('q')) {
return $c->render(%{$c->load_response('query_no_query')});
};
my @slug_base = ($v->param('q'));
push @slug_base, 'o' . $v->param('offset') if defined $v->param('offset');
push @slug_base, 'c' . $v->param('count') if defined $v->param('count');
push @slug_base, 'co' . $v->param('cutoff') if defined $v->param('cutoff');
push @slug_base, 'cq' if defined $v->param('cq');
push @slug_base, 'p' . $v->param('pipes') if defined $v->param('pipes');
# Get response based on query parameter
my $response = $c->load_response('query_' . slugify(join('_', @slug_base)));
# Check authentification
if (my $auth = $c->req->headers->header('Authorization')) {
$c->app->log->debug("There is an authorization header $auth");
my $jwt;
if ($auth =~ /^Bearer/) {
# Username unknown in OAuth2
$response->{json}->{meta}->{authorized} = 'yes';
}
elsif ($auth =~ /^api_token/ && ($jwt = $c->jwt_decode($auth))) {
$response->{json}->{meta}->{authorized} = $jwt->{username} if $jwt->{username};
};
# Code is expired
if ($c->expired($auth)) {
$c->app->log->debug("The access token has expired");
return $c->render(
status => 401,
json => {
errors => [[2003, 'Access token is expired']]
}
);
}
# Auth token is invalid
if ($auth =~ /^Bearer inv4lid/) {
$c->app->log->debug("The access token is invalid");
return $c->render(
status => 401,
json => {
errors => [[2011, 'Access token is invalid']]
}
);
}
};
if ($v->param('pipes')) {
$response->{json}->{meta}->{pipes} = $v->param('pipes');
};
# Set page parameter
if ($v->param('page')) {
$response->{json}->{meta}->{startIndex} = $v->param("startIndex");
};
# Simple search fixture
$c->render(%$response);
$c->app->log->debug('Rendered result');
return 1;
};
# Textinfo fixtures
get '/v1.0/corpus/:corpusId/:docId/:textId' => sub {
my $c = shift;
my $file = join('_', (
'textinfo',
$c->stash('corpusId'),
$c->stash('docId'),
$c->stash('textId')
));
my $slug = slugify($file);
# Get response based on query parameter
my $response = $c->load_response($slug);
return $c->render(%$response);
};
# Matchinfo fixtures
get '/v1.0/corpus/:corpusId/:docId/:textId/:matchId/matchInfo' => sub {
my $c = shift;
my $file = join('_', (
'matchinfo',
$c->stash('corpusId'),
$c->stash('docId'),
$c->stash('textId'),
$c->stash('matchId')
));
my $slug = slugify($file);
# Get response based on query parameter
my $response = $c->load_response($slug);
return $c->render(%$response);
};
# Statistics endpoint
get '/v1.0/statistics' => sub {
my $c = shift;
my $v = $c->validation;
$v->optional('cq');
my @list = 'corpusinfo';
if ($v->param('cq')) {
push @list, $v->param('cq');
};
my $slug = slugify(join('_', @list));
# Get response based on query parameter
my $response = $c->load_response($slug);
return $c->render(%$response);
};
############
# Auth API #
############
# Request API token
get '/v1.0/auth/logout' => sub {
my $c = shift;
if (my $auth = $c->req->headers->header('Authorization')) {
if ($auth =~ /^Bearer/) {
$c->app->log->debug('Server-Logout: ' . $auth);
return $c->render(json => { msg => [[0, 'Fine!']]});
}
elsif (my $jwt = $c->jwt_decode($auth)) {
my $user = $jwt->{username} if $jwt->{username};
$c->app->log->debug('Server-Logout: ' . $user);
return $c->render(json => { msg => [[0, 'Fine!']]});
};
};
return $c->render(status => 400, json => { error => [[0, 'No!']]});
};
# Request API token
get '/v1.0/auth/apiToken' => sub {
my $c = shift;
# Get auth header
my $auth = $c->req->headers->authorization;
# Authorization missing or not basic
if (!$auth || $auth !~ s/\s*Basic\s+//gi) {
return $c->render(
json => {
error => [[2, 'x']]
}
);
};
# Decode header
my ($username, $pwd) = @{b($auth)->b64_decode->split(':')->to_array};
# the password is 'pass'
if ($pwd) {
# the password is 'pass'
if ($pwd eq 'pass') {
# Render info with token
my $jwt = $c->jwt_encode(username => $username);
# Render in the Kustvakt fashion:
return $c->render(
format => 'html',
text => encode_json({
%{$jwt->claims},
expires => $jwt->expires,
token => $jwt->encode,
token_type => 'api_token'
})
);
}
elsif ($pwd eq 'ldaperr') {
return $c->render(
format => 'html',
status => 401,
json => {
"errors" => [[2022,"LDAP Authentication failed due to unknown user or password!"]]
}
);
};
return $c->render(
json => {
error => [[2004, undef]]
}
);
};
return $c->render(
json => {
error => [[2004, undef]]
}
);
};
# Request API token
post '/v1.0/oauth2/token' => sub {
my $c = shift;
my $grant_type = $c->param('grant_type') // 'undefined';
if ($grant_type eq 'password') {
# Check for wrong client id
if ($c->param('client_id') ne '2') {
return $c->render(
json => {
"error_description" => "Unknown client with " . $_->{client_id},
"error" => "invalid_client"
},
status => 401
);
}
# Check for wrong client secret
elsif ($c->param('client_secret') ne 'k414m4r-s3cr3t') {
return $c->render(
json => {
"error_description" => "Invalid client credentials",
"error" => "invalid_client"
},
status => 401
);
}
# Check for wrong user name
elsif ($c->param('username') ne 'test') {
return $c->render(json => {
error => [[2004, undef]]
});
}
# Check for ldap error
elsif ($c->param('password') eq 'ldaperr') {
return $c->render(
format => 'html',
status => 401,
json => {
"errors" => [
[
2022,
"LDAP Authentication failed due to unknown user or password!"
]
]
}
);
}
# Check for wrong password
elsif ($c->param('password') ne 'pass') {
return $c->render(json => {
format => 'html',
status => 401,
"errors" => [[2022,"LDAP Authentication failed due to unknown user or password!"]]
});
}
# Return fine access
return $c->render(
json => {
"access_token" => $c->get_token('access_token'),
"refresh_token" => $c->get_token('refresh_token'),
"scope" => "all",
"token_type" => "Bearer",
"expires_in" => 86400
});
}
# Refresh token
elsif ($grant_type eq 'refresh_token') {
if ($c->param('refresh_token') eq 'inv4lid') {
return $c->render(
status => 400,
json => {
"error_description" => "Refresh token is expired",
"error" => "invalid_grant"
}
);
};
$c->app->log->debug("Refresh the token in the mock server!");
return $c->render(
status => 200,
json => {
"access_token" => $c->get_token("access_token_2"),
"refresh_token" => $c->get_token("refresh_token_2"),
"token_type" => "Bearer",
"expires_in" => 86400
}
);
}
# Get auth_token_1
elsif ($grant_type eq 'authorization_code') {
if ($c->param('code') eq $tokens{auth_token_1}) {
return $c->render(
status => 200,
json => {
"access_token" => $tokens{access_token_3},
"expires_in" => 31536000,
"scope" => 'match_info search openid',
"token_type" => "Bearer"
}
);
};
}
# Unknown token grant
else {
return $c->render(
status => 400,
json => {
"errors" => [
[
0, "Grant Type unknown", $grant_type
]
]
}
)
}
};
# Revoke API token
post '/v1.0/oauth2/revoke' => sub {
my $c = shift;
my $refresh_token = $c->param('token');
if ($c->param('client_secret') ne 'k414m4r-s3cr3t') {
return $c->render(
json => {
"error_description" => "Invalid client credentials",
"error" => "invalid_client"
},
status => 401
);
};
return $c->render(
text => ''
)
};
# Register a client
post '/v1.0/oauth2/client/register' => sub {
my $c = shift;
my $json = $c->req->json;
if ($json->{redirectURI}) {
return $c->render(
status => 400,
json => {
errors => [
[
201,
"Unrecognized field \"redirectURI\" (class de.ids_mannheim.korap.web.input.OAuth2ClientJson), not marked as ignorable (5 known properties: \"redirect_uri\", \"type\", \"name\", \"description\", \"url\"])\n at [Source: (org.eclipse.jetty.server.HttpInputOverHTTP); line: 1, column: 94] (through reference chain: de.ids_mannheim.korap.web.input.OAuth2ClientJson[\"redirectURI\"])"
]
]
}
);
};
my $name = $json->{name};
my $desc = $json->{description};
my $type = $json->{type};
my $url = $json->{url};
my $redirect_url = $json->{redirect_uri};
my $list = $c->app->defaults('oauth.client_list');
push @$list, {
"client_id" => $tokens{new_client_id},
"client_name" => $name,
"client_description" => $desc,
"client_url" => $url
};
# Confidential server application
if ($type eq 'CONFIDENTIAL') {
return $c->render(json => {
client_id => $tokens{new_client_id},
client_secret => $tokens{new_client_secret}
});
};
# Desktop application
return $c->render(json => {
client_id => $tokens{new_client_id}
});
};
# Register a client
post '/v1.0/oauth2/client/list' => sub {
my $c = shift;
# $c->param('client_secret');
# Is empty [] when nothing registered
return $c->render(
json => $c->stash('oauth.client_list'),
status => 200
);
};
# Get token list
post '/v1.0/oauth2/token/list' => sub {
my $c = shift;
return $c->render(json => [
{
"client_description" => "Nur ein Beispiel",
"client_id" => $tokens{new_client_id},
"client_name" => "Beispiel",
"client_url" => "",
"created_date" => "2021-04-14T19:40:26.742+02:00[Europe\/Berlin]",
"expires_in" => "31533851",
"scope" => [
"match_info",
"search",
"openid"
],
"token" => "jhkhkjhk_hjgjsfz67i",
"user_authentication_time" => "2021-04-14T19:39:41.81+02:00[Europe\/Berlin]"
}
]);
};
del '/v1.0/oauth2/client/deregister/:client_id' => sub {
my $c = shift;
my $client_id = $c->stash('client_id');
my $list = $c->app->defaults('oauth.client_list');
my $break = -1;
for (my $i = 0; $i < @$list; $i++) {
if ($list->[$i]->{client_id} eq $client_id) {
$break = $i;
last;
};
};
if ($break != -1) {
splice @$list, $break, 1;
}
else {
return $c->render(
json => {
error_description => "Unknown client with $client_id.",
error => "invalid_client"
},
status => 401
);
};
return $c->render(
json => $c->stash('oauth.client_list'),
status => 200
);
};
post '/v1.0/oauth2/authorize' => sub {
my $c = shift;
my $type = $c->param('response_type');
my $client_id = $c->param('client_id');
my $redirect_uri = $c->param('redirect_uri');
if ($type eq 'code') {
return $c->redirect_to(
Mojo::URL->new($redirect_uri)->query({
code => $tokens{auth_token_1},
scope => 'match_info search openid'
})
);
}
};
#######################
# Query Reference API #
#######################
use CHI;
my $chi = CHI->new(
driver => 'Memory',
global => 1
);
# Store query
put '/v1.0/query/~:user/:query_name' => sub {
my $c = shift;
my $user = $c->stash('user');
my $qname = $c->stash('query_name');
if ($chi->is_valid($qname)) {
return $c->render(
json => {
errors => [
{
message => 'Unable to store query reference'
}
]
}, status => 400
);
};
my $json = $c->req->json;
my $store = {
name => $qname,
koralQuery => { '@type' => 'Okay' },
query => $json->{query},
queryType => $json->{queryType},
type => $json->{type},
queryLanguage => $json->{queryLanguage},
};
if (exists $json->{description}) {
$store->{description} = $json->{description}
};
# Set query reference
$chi->set($qname => $store);
my $queries = $chi->get('~queries') // [];
push @$queries, $qname;
$chi->set('~queries' => $queries);
return $c->render(
status => 201,
text => ''
);
};
# Get query
get '/v1.0/query/~:user/:query_name' => sub {
my $c = shift;
my $user = $c->stash('user');
my $qname = $c->stash('query_name');
my $json = $chi->get($qname);
if ($json) {
return $c->render(
json => $json
);
};
return $c->render(
json => {
errors => [
{
message => 'Query reference not found'
}
]
}, status => 404
);
};
# Get all queries
get '/v1.0/query/~:user' => sub {
my $c = shift;
my $user = $c->stash('user');
my $qs = $chi->get('~queries') // [];
my @queries = ();
foreach (@$qs) {
push @queries, $chi->get($_);
};
return $c->render(json => { refs => \@queries });
};
# Store query
del '/v1.0/query/~:user/:query_name' => sub {
my $c = shift;
my $user = $c->stash('user');
my $qname = $c->stash('query_name');
$chi->remove($qname);
my $queries = $chi->get('~queries') // [];
my @clean = ();
foreach (@$queries) {
push @clean, $_ unless $_ eq $qname
};
$chi->set('~queries' => \@clean);
return $c->render(
status => 200,
text => ''
);
};
post '/v1.0/oauth2/revoke/super' => sub {
my $c = shift;
my $s_client_id = $c->param('super_client_id');
my $s_client_secret = $c->param('super_client_secret');
my $token = $c->param('token');
return $c->render(text => 'SUCCESS');
};
app->start;
__END__
# Temporary:
my $collection_query = {
'@type' => "koral:docGroup",
"operation" => "operation:or",
"operands" => [
{
'@type' => "koral:docGroup",
"operation" => "operation:and",
"operands" => [
{
'@type' => "koral:doc",
"key" => "title",
"match" => "match:eq",
"value" => "Der Birnbaum",
"type" => "type:string"
},
{
'@type' => "koral:doc",
"key" => "pubPlace",
"match" => "match:eq",
"value" => "Mannheim",
"type" => "type:string"
},
{
'@type' => "koral:docGroup",
"operation" => "operation:or",
"operands" => [
{
'@type' => "koral:doc",
"key" => "subTitle",
"match" => "match:eq",
"value" => "Aufzucht oder Pflege",
"type" => "type:string"
},
{
'@type' => "koral:doc",
"key" => "subTitle",
"match" => "match:eq",
"value" => "Gedichte",
"type" => "type:string"
}
]
}
]
},
{
'@type' => "koral:doc",
"key" => "pubDate",
"match" => "match:geq",
"value" => "2015-03-05",
"type" => "type:date"
}
]
};