Fixed content-type in error responses by changing it to application/json
Change-Id: I0120534fa5b61bbd3de71ad9ee08a78237a12601
diff --git a/full/Changes b/full/Changes
index 8147bcc..0ceb78d 100644
--- a/full/Changes
+++ b/full/Changes
@@ -9,7 +9,8 @@
- Made scope param required in authorization request (solved #508)
2023-01-31
- Allowed OAuth2 clients to use localhost as redirect URIs.
-
+2023-02-03
+- Fixed content-type in error responses by changing it to application/json
# version 0.69.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
index 1ab9d06..9027071 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
@@ -5,6 +5,7 @@
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -27,6 +28,7 @@
@Controller
@Path("{version}/oauth2/admin")
@ResourceFilters({ APIVersionFilter.class, AdminFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class OAuth2AdminController {
@Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
index 0efcbbe..f7df50b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
@@ -62,6 +62,7 @@
@Controller
@Path("{version}/oauth2")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class, BlockingFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class OAuth2Controller {
@Autowired
@@ -238,7 +239,6 @@
@Path("token")
@ResourceFilters({APIVersionFilter.class})
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public Response requestAccessToken (@Context HttpServletRequest request,
@FormParam("grant_type") String grantType,
MultivaluedMap<String, String> form) {
@@ -391,7 +391,6 @@
@POST
@Path("token/list")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2TokenDto> listUserToken (
@Context SecurityContext context,
@FormParam("super_client_id") String superClientId,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index 7ec4758..ae27c80 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -5,7 +5,6 @@
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
-import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
@@ -58,6 +57,7 @@
@Path("{version}/oauth2/client")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
BlockingFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class OAuthClientController {
@Autowired
@@ -92,7 +92,6 @@
@POST
@Path("register")
@Consumes(MediaType.APPLICATION_JSON)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public OAuth2ClientDto registerClient (
@Context SecurityContext securityContext,
OAuth2ClientJson clientJson) {
@@ -147,7 +146,6 @@
@POST
@Path("reset")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public OAuth2ClientDto resetClientSecret (
@Context SecurityContext securityContext,
@FormParam("client_id") String clientId) {
@@ -166,7 +164,6 @@
@POST
@Path("{client_id}")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
@ResourceFilters({ APIVersionFilter.class})
public OAuth2ClientInfoDto retrieveClientInfo (
@PathParam("client_id") String clientId,
@@ -203,7 +200,6 @@
@POST
@Path("/list")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2ClientInfoDto> listUserClients (
@Context SecurityContext context,
@FormParam("super_client_id") String superClientId,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/PluginController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/PluginController.java
index d377da3..006698b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/PluginController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/PluginController.java
@@ -33,6 +33,7 @@
@Path("{version}/plugins")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
BlockingFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class PluginController {
@Autowired
@@ -44,7 +45,6 @@
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2ClientInfoDto> listPlugins (
@Context SecurityContext context,
@FormParam("super_client_id") String superClientId,
@@ -68,7 +68,6 @@
@POST
@Path("/install")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public InstalledPluginDto installPlugin (
@Context SecurityContext context,
@FormParam("super_client_id") String superClientId,
@@ -93,7 +92,6 @@
@POST
@Path("/installed")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<InstalledPluginDto> listInstalledPlugins (
@Context SecurityContext context,
@FormParam("super_client_id") String superClientId,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/QueryReferenceController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/QueryReferenceController.java
index 012bc97..3c93e50 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/QueryReferenceController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/QueryReferenceController.java
@@ -50,6 +50,7 @@
@Path("{version}/query")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
BlockingFilter.class, PiwikFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class QueryReferenceController {
@Autowired
@@ -120,7 +121,6 @@
*/
@GET
@Path("~{createdBy}/{qName}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
DemoUserFilter.class, PiwikFilter.class })
public QueryDto retrieveQueryByName (
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
index efab410..2d053fa 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
@@ -52,6 +52,7 @@
@Path("{version}/group")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
BlockingFilter.class, PiwikFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class UserGroupController {
@Autowired
@@ -74,7 +75,6 @@
*
*/
@GET
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<UserGroupDto> listUserGroups (
@Context SecurityContext securityContext) {
TokenContext context =
@@ -104,7 +104,6 @@
*/
@GET
@Path("list/system-admin")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<UserGroupDto> getUserGroupBySystemAdmin (
@Context SecurityContext securityContext,
@QueryParam("username") String username,
@@ -132,7 +131,6 @@
*/
@GET
@Path("@{groupName}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public UserGroupDto retrieveUserGroup (
@Context SecurityContext securityContext,
@PathParam("groupName") String groupName) {
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserSettingController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserSettingController.java
index 3ff57a7..dd8d6cd 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserSettingController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserSettingController.java
@@ -44,6 +44,7 @@
@Path("{version}/{username: ~[a-zA-Z0-9_.]+}/setting")
@ResourceFilters({ AuthenticationFilter.class, APIVersionFilter.class,
PiwikFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class UserSettingController {
@Autowired
@@ -102,7 +103,6 @@
@GET
@ResourceFilters({ AuthenticationFilter.class, PiwikFilter.class,
BlockingFilter.class })
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public Response retrieveDefaultSetting (@Context SecurityContext context,
@PathParam("username") String username) {
TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
index a0019cf..19e4b2b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
@@ -63,6 +63,7 @@
@Path("{version}/vc")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
BlockingFilter.class, PiwikFilter.class })
+@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public class VirtualCorpusController {
@Autowired
@@ -135,7 +136,6 @@
*/
@GET
@Path("~{createdBy}/{vcName}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
DemoUserFilter.class, PiwikFilter.class })
public QueryDto retrieveVCByName (
@@ -156,7 +156,6 @@
@GET
@Path("/koralQuery/~{createdBy}/{vcName}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public JsonNode retrieveVCKoralQuery (
@Context SecurityContext securityContext,
@PathParam("createdBy") String createdBy,
@@ -175,7 +174,6 @@
@GET
@Path("/field/~{createdBy}/{vcName}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public JsonNode retrieveVCField (
@Context SecurityContext securityContext,
@PathParam("createdBy") String createdBy,
@@ -209,7 +207,6 @@
* @return a list of virtual corpora
*/
@GET
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<QueryDto> listAvailableVC (
@Context SecurityContext securityContext,
@QueryParam("username") String username) {
@@ -246,7 +243,6 @@
*/
@GET
@Path("~{createdBy}")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<QueryDto> listUserOrSystemVC (
@PathParam("createdBy") String createdBy,
@Context SecurityContext securityContext) {
@@ -284,7 +280,6 @@
*/
@GET
@Path("list/system-admin")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<QueryDto> listVCByType (
@Context SecurityContext securityContext,
@QueryParam("createdBy") String createdBy,
@@ -406,7 +401,6 @@
*/
@GET
@Path("access")
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<QueryAccessDto> listVCAccesses (
@Context SecurityContext securityContext,
@QueryParam("groupName") String groupName) {
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 880d8f2..554d184 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -217,7 +217,8 @@
OAuth2ClientType.PUBLIC, "A public test client.");
clientJson.setRedirectURI(redirectUri);
Response response = registerClient(username, clientJson);
- testInvalidRedirectUri(response.readEntity(String.class), false,
+ testInvalidRedirectUri(response.readEntity(String.class),
+ response.getHeaderString("Content-Type"),false,
response.getStatus());
// localhost is not allowed
@@ -231,7 +232,8 @@
redirectUri = "https://public.client.com/redirect.html#bar";
clientJson.setRedirectURI(redirectUri);
response = registerClient(username, clientJson);
- testInvalidRedirectUri(response.readEntity(String.class), false,
+ testInvalidRedirectUri(response.readEntity(String.class),
+ response.getHeaderString("Content-Type"),false,
response.getStatus());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index f31596f..cf42f7e 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -174,8 +174,10 @@
public void testAuthorizeDifferentRedirectUri () throws KustvaktException {
String redirectUri = "https://different.uri/redirect";
Response response = requestAuthorizationCode("code",
- confidentialClientId, redirectUri, "search", state, userAuthHeader);
- testInvalidRedirectUri(response.readEntity(String.class), true,
+ confidentialClientId, redirectUri, "", state, userAuthHeader);
+
+ testInvalidRedirectUri(response.readEntity(String.class),
+ response.getHeaderString("Content-Type"),true,
response.getStatus());
}
@@ -201,7 +203,8 @@
Response response = requestAuthorizationCode("code",
publicClientId2, "http://public.com/index.html#redirect", "search",
state, userAuthHeader);
- testInvalidRedirectUri(response.readEntity(String.class), true,
+ testInvalidRedirectUri(response.readEntity(String.class),
+ response.getHeaderString("Content-Type"),true,
response.getStatus());
}
@@ -210,8 +213,9 @@
// host not allowed by Apache URI Validator
String redirectUri = "https://public.uri/redirect";
Response response = requestAuthorizationCode("code",
- publicClientId2, redirectUri, "search", state, userAuthHeader);
- testInvalidRedirectUri(response.readEntity(String.class), true,
+ publicClientId2, redirectUri, "", state, userAuthHeader);
+ testInvalidRedirectUri(response.readEntity(String.class),
+ response.getHeaderString("Content-Type"),true,
response.getStatus());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
index 48d888c..df15f81 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
@@ -434,8 +434,8 @@
return JsonUtils.readTree(entity);
}
- protected void testInvalidRedirectUri (String entity, boolean includeState,
- int status) throws KustvaktException {
+ protected void testInvalidRedirectUri (String entity, String contentType,
+ boolean includeState, int status) throws KustvaktException {
JsonNode node = JsonUtils.readTree(entity);
assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
node.at("/error").asText());
@@ -445,6 +445,7 @@
assertEquals(state, node.at("/state").asText());
}
+ assertEquals("application/json;charset=utf-8", contentType);
assertEquals(Status.BAD_REQUEST.getStatusCode(), status);
}
}