Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kalamar / a85abb455a72e0e7587b63fa303b04e2f4262fbc / . / t / server / mock.pl
blob: e6153063c0d3f6b6b1eef4fb079e626f095f200b [file] [log] [blame]
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]1#!/usr/bin/env perl
2use Mojolicious::Lite;
3use Mojo::ByteStream 'b';
4use Mojo::Date;
5use Mojo::JSON qw/true false encode_json decode_json/;
6use strict;
7use warnings;
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]8use Mojo::File qw/path/;
9use Mojo::Util qw/slugify/;
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]10
11# This is an API fake server with fixtures
12
13my $secret = 's3cr3t';
Akron73f36082018-10-25 15:34:59 +0200[diff] [blame]14my $fixture_path = path(Mojo::File->new(__FILE__)->dirname)->child('..', 'fixtures');
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]15
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]16our %tokens = (
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]17 'access_token' => "4dcf8784ccfd26fac9bdb82778fe60e2",
18 'refresh_token' => "hlWci75xb8atDiq3924NUSvOdtAh7Nlf9z",
19 'access_token_2' => "abcde",
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]20 'access_token_3' => 'jvgjbvjgzucgdwuiKHJK',
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]21 'refresh_token_2' => "fghijk",
22 'new_client_id' => 'fCBbQkA2NDA3MzM1Yw==',
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]23 'new_client_id_2' => 'hghGHhjhFRz_gJhjrd==',
Akron6b75d122022-05-12 17:39:05 +0200[diff] [blame]24 'new_client_id_3' => 'jh0gfjhjbfdsgzjghj==',
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]25 'new_client_secret' => 'KUMaFxs6R1WGud4HM22w3HbmYKHMnNHIiLJ2ihaWtB4N5JxGzZgyqs5GTLutrORj',
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]26 'auth_token_1' => 'mscajfdghnjdfshtkjcuynxahgz5il'
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]27);
28
29helper get_token => sub {
30 my ($c, $token) = @_;
31 return $tokens{$token}
32};
33
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]34# Expiration helper
35helper expired => sub {
36 my ($c, $auth, $set) = @_;
37
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]38 $auth =~ s/^[^ ]+? //;
39 if ($set) {
40 $c->app->log->debug("Set $auth for expiration");
41 $c->app->defaults('auth_' . $auth => 1);
42 return 1;
43 };
44
45 $c->app->log->debug("Check $auth for expiration: " . (
46 $c->app->defaults('auth_' . $auth) // '0'
47 ));
48
49 return $c->app->defaults('auth_' . $auth);
50};
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]51
Akron408bc7c2022-04-28 15:46:43 +0200[diff] [blame]52
53helper 'add_client' => sub {
54 my $c = shift;
55 my $client = shift;
Akrondb1f4672023-01-24 12:05:07 +0100[diff] [blame]56 my $list = $c->stash('oauth.client_list');
Akron408bc7c2022-04-28 15:46:43 +0200[diff] [blame]57 push @$list, $client;
58};
59
60
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]61# Load fixture responses
62helper 'load_response' => sub {
63 my $c = shift;
64 my $q_name = shift;
65 my $file = $fixture_path->child("response_$q_name.json");
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]66 $c->app->log->debug("Load response from $file");
67
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]68 unless (-f $file) {
69 return {
70 status => 500,
71 json => {
72 errors => [[0, 'Unable to load query response from ' . $file]]
73 }
74 }
75 };
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]76
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]77 my $response = $file->slurp;
Akrona3c353c2019-02-14 23:50:00 +0100[diff] [blame]78 my $decode = decode_json($response);
79 unless ($decode) {
80 return {
81 status => 500,
82 json => {
83 errors => [[0, 'Unable to parse JSON']]
84 }
85 }
86 };
87
88 return $decode;
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]89};
90
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]91app->defaults('oauth.client_list' => []);
92
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]93
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]94# Base page
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]95get '/v1.0/' => sub {
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]96 shift->render(text => 'Fake server available');
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]97};
98
Akron32396632018-10-11 17:08:37 +0200[diff] [blame]99
Akrond00b4272020-02-05 17:00:33 +0100[diff] [blame]100get '/v1.0/redirect-target-a' => sub {
101 shift->render(text => 'Redirect Target!');
102} => 'redirect-target';
103
104
105# Base page
106get '/v1.0/redirect' => sub {
107 my $c = shift;
108 $c->res->code(308);
109 $c->res->headers->location($c->url_for('redirect-target')->to_abs);
110 return $c->render(text => '');
111};
112
113
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]114# Search fixtures
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]115get '/v1.0/search' => sub {
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]116 my $c = shift;
117 my $v = $c->validation;
118 $v->optional('q');
119 $v->optional('page');
120 $v->optional('ql');
Akroncd42a142019-07-12 18:55:37 +0200[diff] [blame]121 $v->optional('cq');
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]122 $v->optional('count');
123 $v->optional('context');
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]124 $v->optional('offset');
Akronc58bfc42020-10-05 12:09:45 +0200[diff] [blame]125 $v->optional('pipes');
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]126 $v->optional('cutoff')->in(qw/true false/);
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]127
Akron32396632018-10-11 17:08:37 +0200[diff] [blame]128 $c->app->log->debug('Receive request');
129
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]130 # Response q=x&ql=cosmas3
131 if ($v->param('ql') && $v->param('ql') eq 'cosmas3') {
132 return $c->render(
133 status => 400,
134 json => {
135 "\@context" => "http://korap.ids-mannheim.de/ns/koral/0.3/context.jsonld",
136 "errors" => [[307,"cosmas3 is not a supported query language!"]]
137 });
138 };
139
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]140 if (!$v->param('q')) {
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]141 return $c->render(%{$c->load_response('query_no_query')});
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]142 };
143
Akroncce055c2021-07-02 12:18:03 +0200[diff] [blame]144 if ($v->param('q') eq 'error') {
145 return $c->render(
146 status => 500,
147 inline => '<html><head>ERROR</head></html>'
148 );
149 };
150
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]151 my @slug_base = ($v->param('q'));
152 push @slug_base, 'o' . $v->param('offset') if defined $v->param('offset');
153 push @slug_base, 'c' . $v->param('count') if defined $v->param('count');
154 push @slug_base, 'co' . $v->param('cutoff') if defined $v->param('cutoff');
Akroncd42a142019-07-12 18:55:37 +0200[diff] [blame]155 push @slug_base, 'cq' if defined $v->param('cq');
Akronc58bfc42020-10-05 12:09:45 +0200[diff] [blame]156 push @slug_base, 'p' . $v->param('pipes') if defined $v->param('pipes');
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]157
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]158 # Get response based on query parameter
Akron8ea84292018-10-24 13:41:52 +0200[diff] [blame]159 my $response = $c->load_response('query_' . slugify(join('_', @slug_base)));
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]160
161 # Check authentification
162 if (my $auth = $c->req->headers->header('Authorization')) {
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]163
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]164 $c->app->log->debug("There is an authorization header $auth");
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]165 if ($auth =~ /^Bearer/) {
166 # Username unknown in OAuth2
167 $response->{json}->{meta}->{authorized} = 'yes';
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]168 };
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]169
170 # Code is expired
171 if ($c->expired($auth)) {
172
173 $c->app->log->debug("The access token has expired");
174
175 return $c->render(
176 status => 401,
177 json => {
178 errors => [[2003, 'Access token is expired']]
179 }
180 );
181 }
182
183 # Auth token is invalid
184 if ($auth =~ /^Bearer inv4lid/) {
185 $c->app->log->debug("The access token is invalid");
186
187 return $c->render(
188 status => 401,
189 json => {
190 errors => [[2011, 'Access token is invalid']]
191 }
192 );
193 }
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]194 };
195
Akronc58bfc42020-10-05 12:09:45 +0200[diff] [blame]196 if ($v->param('pipes')) {
197 $response->{json}->{meta}->{pipes} = $v->param('pipes');
Akron7b9a1962020-07-02 09:52:53 +0200[diff] [blame]198 };
199
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]200 # Set page parameter
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]201 if ($v->param('page')) {
Akron6d49c1f2018-10-11 14:22:21 +0200[diff] [blame]202 $response->{json}->{meta}->{startIndex} = $v->param("startIndex");
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]203 };
204
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]205 # Simple search fixture
Akron32396632018-10-11 17:08:37 +0200[diff] [blame]206 $c->render(%$response);
207
208 $c->app->log->debug('Rendered result');
209
210 return 1;
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]211};
212
Akron80a84b22018-10-24 17:44:24 +0200[diff] [blame]213# Textinfo fixtures
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]214get '/v1.0/corpus/:corpusId/:docId/:textId' => sub {
Akron80a84b22018-10-24 17:44:24 +0200[diff] [blame]215 my $c = shift;
216
217 my $file = join('_', (
218 'textinfo',
219 $c->stash('corpusId'),
220 $c->stash('docId'),
221 $c->stash('textId')
222 ));
223
224 my $slug = slugify($file);
225
226 # Get response based on query parameter
227 my $response = $c->load_response($slug);
228 return $c->render(%$response);
229};
230
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]231
Akronb80341d2018-10-15 19:46:23 +0200[diff] [blame]232# Matchinfo fixtures
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]233get '/v1.0/corpus/:corpusId/:docId/:textId/:matchId/matchInfo' => sub {
Akronb80341d2018-10-15 19:46:23 +0200[diff] [blame]234 my $c = shift;
235
236 my $file = join('_', (
237 'matchinfo',
238 $c->stash('corpusId'),
239 $c->stash('docId'),
240 $c->stash('textId'),
241 $c->stash('matchId')
242 ));
243
Akronb8d0b402018-10-18 23:51:52 +0200[diff] [blame]244 my $slug = slugify($file);
245
Akronb80341d2018-10-15 19:46:23 +0200[diff] [blame]246 # Get response based on query parameter
Akronb8d0b402018-10-18 23:51:52 +0200[diff] [blame]247 my $response = $c->load_response($slug);
Akronb80341d2018-10-15 19:46:23 +0200[diff] [blame]248 return $c->render(%$response);
249};
250
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]251
Akronbe61f4c2018-10-20 00:52:58 +0200[diff] [blame]252# Statistics endpoint
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]253get '/v1.0/statistics' => sub {
Akronbe61f4c2018-10-20 00:52:58 +0200[diff] [blame]254 my $c = shift;
255 my $v = $c->validation;
Akron5fa61e92019-07-15 11:56:11 +0200[diff] [blame]256 $v->optional('cq');
Akronbe61f4c2018-10-20 00:52:58 +0200[diff] [blame]257
258 my @list = 'corpusinfo';
Akron5fa61e92019-07-15 11:56:11 +0200[diff] [blame]259 if ($v->param('cq')) {
260 push @list, $v->param('cq');
Akronbe61f4c2018-10-20 00:52:58 +0200[diff] [blame]261 };
262 my $slug = slugify(join('_', @list));
263
264 # Get response based on query parameter
265 my $response = $c->load_response($slug);
266 return $c->render(%$response);
267};
268
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]269############
270# Auth API #
271############
272
273# Request API token
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]274get '/v1.0/auth/logout' => sub {
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]275 my $c = shift;
276
277 if (my $auth = $c->req->headers->header('Authorization')) {
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]278
279 if ($auth =~ /^Bearer/) {
280 $c->app->log->debug('Server-Logout: ' . $auth);
281 return $c->render(json => { msg => [[0, 'Fine!']]});
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]282 };
283 };
284
285 return $c->render(status => 400, json => { error => [[0, 'No!']]});
286};
287
288
289# Request API token
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]290get '/v1.0/auth/apiToken' => sub {
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]291 my $c = shift;
292
293 # Get auth header
294 my $auth = $c->req->headers->authorization;
295
296 # Authorization missing or not basic
297 if (!$auth || $auth !~ s/\s*Basic\s+//gi) {
298 return $c->render(
299 json => {
300 error => [[2, 'x']]
301 }
302 );
303 };
304
305 # Decode header
306 my ($username, $pwd) = @{b($auth)->b64_decode->split(':')->to_array};
307
308 # the password is 'pass'
309 if ($pwd) {
Akrona205b142022-11-28 13:35:19 +0100[diff] [blame]310 if ($pwd eq 'ldaperr') {
Akron3d673062019-01-29 15:54:16 +0100[diff] [blame]311 return $c->render(
312 format => 'html',
313 status => 401,
314 json => {
315 "errors" => [[2022,"LDAP Authentication failed due to unknown user or password!"]]
316 }
317 );
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]318 };
319
320 return $c->render(
321 json => {
322 error => [[2004, undef]]
323 }
324 );
325 };
326
327 return $c->render(
328 json => {
329 error => [[2004, undef]]
330 }
331 );
332};
333
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]334
335# Request API token
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]336post '/v1.0/oauth2/token' => sub {
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]337 my $c = shift;
338
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]339 my $grant_type = $c->param('grant_type') // 'undefined';
340
341 if ($grant_type eq 'password') {
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]342
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]343 # Check for wrong client id
344 if ($c->param('client_id') ne '2') {
345 return $c->render(
346 json => {
347 "error_description" => "Unknown client with " . $_->{client_id},
348 "error" => "invalid_client"
349 },
350 status => 401
351 );
352 }
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]353
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]354 # Check for wrong client secret
355 elsif ($c->param('client_secret') ne 'k414m4r-s3cr3t') {
356 return $c->render(
357 json => {
358 "error_description" => "Invalid client credentials",
359 "error" => "invalid_client"
360 },
361 status => 401
362 );
363 }
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]364
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]365 # Check for wrong user name
Akron6a228db2021-10-14 15:57:00 +0200[diff] [blame]366 elsif ($c->param('username') !~ /^t.st$/) {
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]367 return $c->render(json => {
368 error => [[2004, undef]]
369 });
370 }
371
372 # Check for ldap error
373 elsif ($c->param('password') eq 'ldaperr') {
374 return $c->render(
375 format => 'html',
376 status => 401,
377 json => {
378 "errors" => [
379 [
380 2022,
381 "LDAP Authentication failed due to unknown user or password!"
382 ]
383 ]
384 }
385 );
386 }
387
388 # Check for wrong password
389 elsif ($c->param('password') ne 'pass') {
390 return $c->render(json => {
391 format => 'html',
392 status => 401,
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]393 "errors" => [[2022,"LDAP Authentication failed due to unknown user or password!"]]
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]394 });
395 }
396
397 # Return fine access
398 return $c->render(
399 json => {
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]400 "access_token" => $c->get_token('access_token'),
401 "refresh_token" => $c->get_token('refresh_token'),
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]402 "scope" => "all",
403 "token_type" => "Bearer",
404 "expires_in" => 86400
405 });
406 }
407
408 # Refresh token
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]409 elsif ($grant_type eq 'refresh_token') {
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]410
411 if ($c->param('refresh_token') eq 'inv4lid') {
412 return $c->render(
413 status => 400,
414 json => {
415 "error_description" => "Refresh token is expired",
416 "error" => "invalid_grant"
417 }
418 );
419 };
420
421 $c->app->log->debug("Refresh the token in the mock server!");
422
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]423 return $c->render(
424 status => 200,
425 json => {
Akroncdfd9d52019-07-23 11:35:00 +0200[diff] [blame]426 "access_token" => $c->get_token("access_token_2"),
427 "refresh_token" => $c->get_token("refresh_token_2"),
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]428 "token_type" => "Bearer",
429 "expires_in" => 86400
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]430 }
431 );
432 }
433
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]434 # Get auth_token_1
435 elsif ($grant_type eq 'authorization_code') {
436 if ($c->param('code') eq $tokens{auth_token_1}) {
437 return $c->render(
438 status => 200,
439 json => {
440 "access_token" => $tokens{access_token_3},
441 "expires_in" => 31536000,
442 "scope" => 'match_info search openid',
443 "token_type" => "Bearer"
444 }
445 );
446 };
447 }
448
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]449 # Unknown token grant
450 else {
451 return $c->render(
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]452 status => 400,
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]453 json => {
454 "errors" => [
455 [
Akron63d963b2019-07-05 15:35:51 +0200[diff] [blame]456 0, "Grant Type unknown", $grant_type
Akron8bbbecf2019-07-01 18:57:30 +0200[diff] [blame]457 ]
458 ]
459 }
460 )
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]461 }
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]462};
463
Akron4cefe1f2019-09-04 10:11:28 +0200[diff] [blame]464# Revoke API token
465post '/v1.0/oauth2/revoke' => sub {
466 my $c = shift;
467
468 my $refresh_token = $c->param('token');
469
470 if ($c->param('client_secret') ne 'k414m4r-s3cr3t') {
471 return $c->render(
472 json => {
473 "error_description" => "Invalid client credentials",
474 "error" => "invalid_client"
475 },
476 status => 401
477 );
478 };
479
480 return $c->render(
481 text => ''
482 )
483};
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]484
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]485# Register a client
486post '/v1.0/oauth2/client/register' => sub {
487 my $c = shift;
488 my $json = $c->req->json;
489
Akrondc50c892021-05-05 18:12:02 +0200[diff] [blame]490 if ($json->{redirectURI}) {
491 return $c->render(
492 status => 400,
493 json => {
494 errors => [
495 [
496 201,
497 "Unrecognized field \"redirectURI\" (class de.ids_mannheim.korap.web.input.OAuth2ClientJson), not marked as ignorable (5 known properties: \"redirect_uri\", \"type\", \"name\", \"description\", \"url\"])\n at [Source: (org.eclipse.jetty.server.HttpInputOverHTTP); line: 1, column: 94] (through reference chain: de.ids_mannheim.korap.web.input.OAuth2ClientJson[\"redirectURI\"])"
498 ]
499 ]
500 }
501 );
502 };
503
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]504 my $name = $json->{name};
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]505 my $desc = $json->{description};
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]506 my $type = $json->{type};
507 my $url = $json->{url};
Akron9f2ad342022-05-04 16:16:40 +0200[diff] [blame]508 my $src = $json->{source};
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]509 my $redirect_uri = $json->{redirect_uri};
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]510
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]511 my $list = $c->app->defaults('oauth.client_list');
512
Akron6b75d122022-05-12 17:39:05 +0200[diff] [blame]513 my $obj = {
Akrondc50c892021-05-05 18:12:02 +0200[diff] [blame]514 "client_id" => $tokens{new_client_id},
515 "client_name" => $name,
Akronbc94a9c2021-04-15 00:07:35 +0200[diff] [blame]516 "client_description" => $desc,
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]517 "client_url" => $url,
Akron9f2ad342022-05-04 16:16:40 +0200[diff] [blame]518 "client_redirect_uri" => $redirect_uri,
Akron6b75d122022-05-12 17:39:05 +0200[diff] [blame]519 "client_type" => $type
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]520 };
521
Akron6b75d122022-05-12 17:39:05 +0200[diff] [blame]522 # Plugin!
523 if ($src) {
524 $obj->{source} = $src;
525 $obj->{client_id} = $tokens{new_client_id_3};
526 };
527
528 push @$list, $obj;
529
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]530 if ($redirect_uri && $redirect_uri =~ /FAIL$/) {
531 return $c->render(
532 status => 400,
533 json => {
534 "error_description" => $redirect_uri . " is invalid.",
535 "error" => "invalid_request"
536 }
537 )
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]538 };
539
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]540 # Confidential server application
541 if ($type eq 'CONFIDENTIAL') {
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]542
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]543 return $c->render(json => {
Akronb6b156e2022-03-31 14:57:49 +0200[diff] [blame]544 client_id => $tokens{new_client_id_2},
Akron59992122019-10-29 11:28:45 +0100[diff] [blame]545 client_secret => $tokens{new_client_secret}
546 });
547 };
548
549 # Desktop application
550 return $c->render(json => {
551 client_id => $tokens{new_client_id}
552 });
553};
554
Akron33f5c672019-06-24 19:40:47 +0200[diff] [blame]555
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]556# Register a client
557post '/v1.0/oauth2/client/list' => sub {
558 my $c = shift;
559
Akron276afc02021-06-14 11:00:21 +0200[diff] [blame]560 my $v = $c->validation;
561
562 $v->required('super_client_id');
563 $v->required('super_client_secret');
564
565 if ($v->has_error) {
566 return $c->render(
567 json => [],
568 status => 400
569 );
570 };
571
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]572 # $c->param('client_secret');
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]573
574 # Is empty [] when nothing registered
575
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]576 return $c->render(
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]577 json => $c->stash('oauth.client_list'),
578 status => 200
579 );
580};
581
Akrondb1f4672023-01-24 12:05:07 +0100[diff] [blame]582# Get client info
583post '/v1.0/oauth2/client/:client_id' => sub {
584 my $c = shift;
585
586 # Validate input
587 my $v = $c->validation;
588 $v->required('super_client_id');
589 $v->required('super_client_secret');
590
591 if ($v->has_error) {
592 return $c->render(
593 status => 400,
594 json => {
595 error_description => "No super client",
596 error => "no_superclient"
597 }
598 );
599 };
600
601 my $client_id = $c->stash('client_id');
602
603 my $list = $c->stash('oauth.client_list');
604
605 foreach (@$list) {
606 if ($_->{client_id} eq $client_id) {
607 return $c->render(
608 json => $_,
609 status => 200
610 );
611 };
612 };
613
614 return $c->render(
615 json => {
616 error_description => "Unknown client with $client_id.",
617 error => "invalid_client"
618 },
619 status => 401
620 );
621};
622
Akronbc94a9c2021-04-15 00:07:35 +0200[diff] [blame]623
624# Get token list
625post '/v1.0/oauth2/token/list' => sub {
626 my $c = shift;
627 return $c->render(json => [
628 {
629 "client_description" => "Nur ein Beispiel",
630 "client_id" => $tokens{new_client_id},
631 "client_name" => "Beispiel",
632 "client_url" => "",
633 "created_date" => "2021-04-14T19:40:26.742+02:00[Europe\/Berlin]",
634 "expires_in" => "31533851",
635 "scope" => [
636 "match_info",
637 "search",
638 "openid"
639 ],
640 "token" => "jhkhkjhk_hjgjsfz67i",
641 "user_authentication_time" => "2021-04-14T19:39:41.81+02:00[Europe\/Berlin]"
642 }
643 ]);
644};
645
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]646del '/v1.0/oauth2/client/deregister/:client_id' => sub {
647 my $c = shift;
648 my $client_id = $c->stash('client_id');
649
650 my $list = $c->app->defaults('oauth.client_list');
651
652 my $break = -1;
653 for (my $i = 0; $i < @$list; $i++) {
Akrondc50c892021-05-05 18:12:02 +0200[diff] [blame]654 if ($list->[$i]->{client_id} eq $client_id) {
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]655 $break = $i;
656 last;
657 };
658 };
659
660 if ($break != -1) {
661 splice @$list, $break, 1;
662 }
663
664 else {
665 return $c->render(
666 json => {
667 error_description => "Unknown client with $client_id.",
668 error => "invalid_client"
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]669 },
Akron1a9d5be2020-03-19 17:28:33 +0100[diff] [blame]670 status => 401
671 );
672 };
673
674 return $c->render(
675 json => $c->stash('oauth.client_list'),
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]676 status => 200
677 );
678};
679
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]680post '/v1.0/oauth2/authorize' => sub {
681 my $c = shift;
682 my $type = $c->param('response_type');
683 my $client_id = $c->param('client_id');
Akrona8efaa92022-04-09 14:45:43 +0200[diff] [blame]684 my $scope = $c->param('scope');
685 my $state = $c->param('state');
686 my $redirect_uri = $c->param('redirect_uri') // 'NO';
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]687
Akrona8efaa92022-04-09 14:45:43 +0200[diff] [blame]688 if ($type eq 'code' && $client_id eq 'xyz') {
689
690 if ($state eq 'fail') {
691 $c->res->headers->location(
692 Mojo::URL->new($redirect_uri)->query({
693 error_description => 'FAIL'
694 })
695 );
696 $c->res->code(400);
697 return $c->rendered;
698 };
699
Akron9ccf69a2023-01-31 14:21:37 +0100[diff] [blame]700 if (index($redirect_uri,'http://wrong') >= 0) {
701 return $c->render(
702 code => 400,
703 content_type => 'text/plain',
704 text => '{"error_description":"Invalid redirect URI","state":"ZMwDGTZ2RY","error":"invalid_request"}'
705 );
706 };
707
Akrona8efaa92022-04-09 14:45:43 +0200[diff] [blame]708 return $c->redirect_to(
709 Mojo::URL->new($redirect_uri)->query({
710 code => $tokens{auth_token_1},
711 scope => $scope,
712 })
713 );
714 }
715
716 elsif ($type eq 'code') {
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]717
718 return $c->redirect_to(
719 Mojo::URL->new($redirect_uri)->query({
720 code => $tokens{auth_token_1},
721 scope => 'match_info search openid'
722 })
723 );
Akron9ccf69a2023-01-31 14:21:37 +0100[diff] [blame]724 };
725
726 return $c->render(
727 code => 400,
728 content_type => 'text/plain',
729 content => 'Unknown'
730 );
Akron83209f72021-01-29 17:54:15 +0100[diff] [blame]731};
732
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]733
Akronabdf9a92021-01-12 19:06:57 +0100[diff] [blame]734#######################
735# Query Reference API #
736#######################
737
738use CHI;
739my $chi = CHI->new(
740 driver => 'Memory',
741 global => 1
742);
743
744# Store query
745put '/v1.0/query/~:user/:query_name' => sub {
746 my $c = shift;
747 my $user = $c->stash('user');
748 my $qname = $c->stash('query_name');
749
750 if ($chi->is_valid($qname)) {
751 return $c->render(
752 json => {
753 errors => [
754 {
755 message => 'Unable to store query reference'
756 }
757 ]
758 }, status => 400
759 );
760 };
761
762 my $json = $c->req->json;
763
764 my $store = {
765 name => $qname,
766 koralQuery => { '@type' => 'Okay' },
767 query => $json->{query},
768 queryType => $json->{queryType},
769 type => $json->{type},
770 queryLanguage => $json->{queryLanguage},
771 };
772
773 if (exists $json->{description}) {
774 $store->{description} = $json->{description}
775 };
776
777 # Set query reference
778 $chi->set($qname => $store);
779
780 my $queries = $chi->get('~queries') // [];
781 push @$queries, $qname;
782 $chi->set('~queries' => $queries);
783
784 return $c->render(
785 status => 201,
786 text => ''
787 );
788};
789
790# Get query
791get '/v1.0/query/~:user/:query_name' => sub {
792 my $c = shift;
793
794 my $user = $c->stash('user');
795 my $qname = $c->stash('query_name');
796
797 my $json = $chi->get($qname);
798
799 if ($json) {
800 return $c->render(
801 json => $json
802 );
803 };
804
805 return $c->render(
806 json => {
807 errors => [
808 {
809 message => 'Query reference not found'
810 }
811 ]
812 }, status => 404
813 );
814};
815
816
817# Get all queries
818get '/v1.0/query/~:user' => sub {
819 my $c = shift;
820 my $user = $c->stash('user');
821 my $qs = $chi->get('~queries') // [];
822 my @queries = ();
823 foreach (@$qs) {
824 push @queries, $chi->get($_);
825 };
826 return $c->render(json => { refs => \@queries });
827};
828
829
830# Store query
831del '/v1.0/query/~:user/:query_name' => sub {
832 my $c = shift;
833 my $user = $c->stash('user');
834 my $qname = $c->stash('query_name');
835
836 $chi->remove($qname);
837
838 my $queries = $chi->get('~queries') // [];
839
840 my @clean = ();
841 foreach (@$queries) {
842 push @clean, $_ unless $_ eq $qname
843 };
844
845 $chi->set('~queries' => \@clean);
846
847 return $c->render(
848 status => 200,
849 text => ''
850 );
851};
852
Akronc1aaf932021-06-09 12:19:15 +0200[diff] [blame]853post '/v1.0/oauth2/revoke/super' => sub {
854 my $c = shift;
855
856 my $s_client_id = $c->param('super_client_id');
857 my $s_client_secret = $c->param('super_client_secret');
858 my $token = $c->param('token');
859
860 return $c->render(text => 'SUCCESS');
861};
862
Akrona8efaa92022-04-09 14:45:43 +0200[diff] [blame]863get '/fakeclient/return' => sub {
864 my $c = shift;
865 $c->render(
866 text => 'welcome back! [' . $c->param('code') . ']'
867 );
868} => 'return_uri';
869
Akron0f1b93b2020-03-17 11:37:19 +0100[diff] [blame]870
Akron0e1ed242018-10-11 13:22:00 +0200[diff] [blame]871app->start;
872
873
874__END__
875
876
877 # Temporary:
878 my $collection_query = {
879 '@type' => "koral:docGroup",
880 "operation" => "operation:or",
881 "operands" => [
882 {
883 '@type' => "koral:docGroup",
884 "operation" => "operation:and",
885 "operands" => [
886 {
887 '@type' => "koral:doc",
888 "key" => "title",
889 "match" => "match:eq",
890 "value" => "Der Birnbaum",
891 "type" => "type:string"
892 },
893 {
894 '@type' => "koral:doc",
895 "key" => "pubPlace",
896 "match" => "match:eq",
897 "value" => "Mannheim",
898 "type" => "type:string"
899 },
900 {
901 '@type' => "koral:docGroup",
902 "operation" => "operation:or",
903 "operands" => [
904 {
905 '@type' => "koral:doc",
906 "key" => "subTitle",
907 "match" => "match:eq",
908 "value" => "Aufzucht oder Pflege",
909 "type" => "type:string"
910 },
911 {
912 '@type' => "koral:doc",
913 "key" => "subTitle",
914 "match" => "match:eq",
915 "value" => "Gedichte",
916 "type" => "type:string"
917 }
918 ]
919 }
920 ]
921 },
922 {
923 '@type' => "koral:doc",
924 "key" => "pubDate",
925 "match" => "match:geq",
926 "value" => "2015-03-05",
927 "type" => "type:date"
928 }
929 ]
930 };