Fixed admin clean token API and restrict plugins to confidential only.
Change-Id: Ied9db0db51a013a1b8b28899c64a7dc74ec64611
diff --git a/full/Changes b/full/Changes
index c2adc2a..d36279b 100644
--- a/full/Changes
+++ b/full/Changes
@@ -20,6 +20,9 @@
2022-06-03
- Implemented searching option using a network endpoint
- Implemented initial super client registration for user authentication.
+ - Fixed admin clean token API and restrict plugins to confidential only.
+
+
# version 0.67.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
index 66ba01f..bcf59c5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
@@ -72,8 +72,14 @@
client.setRegisteredBy(registeredBy);
client.setRegistrationDate(ZonedDateTime.now());
client.setDescription(description);
- if (source !=null && !source.isNull()) {
- client.setSource(source.toString());
+ if (source != null && !source.isNull()) {
+ if (type.equals(OAuth2ClientType.CONFIDENTIAL)) {
+ client.setSource(source.toString());
+ }
+ else {
+ throw new KustvaktException(StatusCodes.NOT_SUPPORTED,
+ "Only confidential plugins are supported.");
+ }
}
else {
client.setPermitted(true);
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
index 7249312..7935098 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
@@ -2,6 +2,7 @@
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
+import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
@@ -35,6 +36,7 @@
@Autowired
private OAuth2ResponseHandler responseHandler;
+ @GET
@Path("token/clean")
public Response cleanExpiredInvalidToken (
@Context SecurityContext securityContext) {
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
index a3f567b..7e3b093 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
@@ -86,13 +86,17 @@
json.setSource(source);
ClientResponse response = registerClient(username, json);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(response.getEntity(String.class));
- String clientId = node.at("/client_id").asText();
- assertTrue(node.at("/client_secret").isMissingNode());
+ assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+ assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
+ assertFalse(node.at("/error_description").isMissingNode());
- deregisterClient(username, clientId);
+// assertEquals(Status.OK.getStatusCode(), response.getStatus());
+// String clientId = node.at("/client_id").asText();
+// assertTrue(node.at("/client_secret").isMissingNode());
+//
+// deregisterClient(username, clientId);
}
private void testRetrievePluginInfo (String clientId,