Removed unused admin API: clear access token cache.
Change-Id: Iab9628c94711d6a11a465f224ca43983483f6c8c
diff --git a/full/Changes b/full/Changes
index c367b10..8b2f84e 100644
--- a/full/Changes
+++ b/full/Changes
@@ -12,6 +12,7 @@
2022-03-28
- Updated admin filter (admintoken as a form param) and uses
it for the closing index reader API.
+ - Removed unused admin API: clear access token cache.
# version 0.65.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
index 6bbed24..c4dd257 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
@@ -10,7 +10,6 @@
import java.util.Set;
import javax.persistence.NoResultException;
-import javax.servlet.ServletContext;
import javax.ws.rs.core.Response.Status;
import org.apache.oltu.oauth2.as.request.AbstractOAuthTokenRequest;
@@ -603,24 +602,5 @@
}
return dtoList;
}
-
- public String clearAccessTokenCache (String adminToken, String accessToken,
- ServletContext context) throws KustvaktException {
- if (adminToken != null && !adminToken.isEmpty()
- && adminToken.equals(context.getInitParameter("adminToken"))) {
-
- if (accessToken == null) {
- tokenDao.clearCache();
- return "Cache has been cleared";
- }
- else {
- tokenDao.removeCacheEntry(accessToken);
- return "Access token has been removed from the cache";
- }
- }
- else {
- throw new KustvaktException(StatusCodes.INCORRECT_ADMIN_TOKEN,
- "Admin token is incorrect");
- }
- }
+
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AdminService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AdminService.java
index 8000b64..d5861d6 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AdminService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AdminService.java
@@ -3,6 +3,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.oauth2.dao.AccessTokenDao;
import de.ids_mannheim.korap.oauth2.dao.RefreshTokenDao;
@@ -13,12 +14,10 @@
private AccessTokenDao tokenDao;
@Autowired
private RefreshTokenDao refreshDao;
-
-
+
public void cleanTokens () {
tokenDao.deleteInvalidAccessTokens();
refreshDao.deleteInvalidRefreshTokens();
+ tokenDao.clearCache();
}
-
-
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
index f51ab78..1d1ce6a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
@@ -1,6 +1,5 @@
package de.ids_mannheim.korap.web.controller;
-import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
@@ -19,13 +18,10 @@
import de.ids_mannheim.korap.web.OAuth2ResponseHandler;
import de.ids_mannheim.korap.web.filter.APIVersionFilter;
import de.ids_mannheim.korap.web.filter.AdminFilter;
-import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
-import de.ids_mannheim.korap.web.filter.BlockingFilter;
@Controller
@Path("{version}/oauth2/admin")
-@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
- BlockingFilter.class, AdminFilter.class })
+@ResourceFilters({ APIVersionFilter.class, AdminFilter.class })
public class OAuth2AdminController {
@Autowired
@@ -34,19 +30,18 @@
private OAuth2ScopeService scopeService;
@Autowired
private OAuth2ResponseHandler responseHandler;
-
- @POST
- @Path("/token/clean")
+
+ @Path("token/clean")
public Response cleanExpiredInvalidToken (
@Context SecurityContext securityContext) {
TokenContext context =
(TokenContext) securityContext.getUserPrincipal();
-
+
try {
scopeService.verifyScope(context, OAuth2Scope.ADMIN);
adminService.cleanTokens();
-
+
}
catch (KustvaktException e) {
throw responseHandler.throwit(e);
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
index bdc4b18..0b1d438 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
@@ -3,7 +3,6 @@
import java.time.ZonedDateTime;
import java.util.List;
-import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
@@ -60,7 +59,7 @@
*/
@Controller
@Path("{version}/oauth2")
-@ResourceFilters({ APIVersionFilter.class })
+@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class, BlockingFilter.class })
public class OAuth2Controller {
@Autowired
@@ -95,7 +94,6 @@
*/
@POST
@Path("authorize")
- @ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response requestAuthorizationCode (
@Context HttpServletRequest request,
@@ -192,6 +190,7 @@
*/
@POST
@Path("token")
+ @ResourceFilters({APIVersionFilter.class})
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public Response requestAccessToken (@Context HttpServletRequest request,
@@ -247,6 +246,7 @@
*/
@POST
@Path("revoke")
+ @ResourceFilters({APIVersionFilter.class})
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response revokeAccessToken (@Context HttpServletRequest request,
MultivaluedMap<String, String> form) {
@@ -271,7 +271,6 @@
@POST
@Path("revoke/super")
- @ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response revokeTokenViaSuperClient (@Context SecurityContext context,
@Context HttpServletRequest request,
@@ -315,7 +314,6 @@
*/
@POST
@Path("revoke/super/all")
- @ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response revokeAllClientTokensViaSuperClient (
@Context SecurityContext context,
@@ -346,7 +344,6 @@
@POST
@Path("token/list")
- @ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2TokenDto> listUserToken (
@@ -379,21 +376,4 @@
}
}
-
- @POST
- @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Path("token/clear")
- public Response clearAccessTokenCache (
- @FormParam("token") String adminToken,
- @FormParam("access_token") String accessToken,
- @Context ServletContext context) {
- try {
- String response = tokenService.clearAccessTokenCache(adminToken,
- accessToken, context);
- return Response.ok(response).build();
- }
- catch (KustvaktException e) {
- throw responseHandler.throwit(e);
- }
- }
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AdminControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AdminControllerTest.java
index 50ab44d..24445cd 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AdminControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AdminControllerTest.java
@@ -6,6 +6,7 @@
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
+import com.fasterxml.jackson.databind.JsonNode;
import com.sun.jersey.api.client.ClientResponse;
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
@@ -13,10 +14,13 @@
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.oauth2.dao.AccessTokenDao;
import de.ids_mannheim.korap.oauth2.dao.RefreshTokenDao;
+import de.ids_mannheim.korap.utils.JsonUtils;
public class OAuth2AdminControllerTest extends OAuth2TestBase {
private String adminAuthHeader;
+ private String userAuthHeader;
+
@Autowired
private RefreshTokenDao refreshDao;
@Autowired
@@ -25,6 +29,8 @@
public OAuth2AdminControllerTest () throws KustvaktException {
adminAuthHeader = HttpAuthorizationHandler
.createBasicAuthorizationHeaderValue("admin", "password");
+ userAuthHeader = HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue("dory", "password");
}
@Test
@@ -38,8 +44,36 @@
resource().path(API_VERSION).path("oauth2").path("admin").path("token")
.path("clean").header(Attributes.AUTHORIZATION, adminAuthHeader)
- .entity("token=adminToken").post(ClientResponse.class);
+ .get(ClientResponse.class);
+
assertEquals(0, refreshDao.retrieveInvalidRefreshTokens().size());
assertEquals(0, accessDao.retrieveInvalidAccessTokens().size());
}
+
+ @Test
+ public void testCleanTokenWithRevoke () throws KustvaktException {
+
+ int accessTokensBefore = accessDao.retrieveInvalidAccessTokens().size();
+
+ String code = requestAuthorizationCode(publicClientId, "", null,
+ userAuthHeader);
+
+ ClientResponse response = requestTokenWithAuthorizationCodeAndForm(
+ publicClientId, clientSecret, code);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ String accessToken = node.at("/access_token").asText();
+ testRevokeToken(accessToken, publicClientId, null, ACCESS_TOKEN_TYPE);
+
+ int accessTokensAfter = accessDao.retrieveInvalidAccessTokens().size();
+ assertEquals(accessTokensAfter,accessTokensBefore+1);
+
+ resource().path(API_VERSION).path("oauth2").path("admin").path("token")
+ .path("clean").header(Attributes.AUTHORIZATION, adminAuthHeader)
+ .get(ClientResponse.class);
+
+ assertEquals(0, accessDao.retrieveInvalidAccessTokens().size());
+ }
+
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 12e358f..b6cc9ef 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -39,8 +39,6 @@
public class OAuth2ControllerTest extends OAuth2TestBase {
public String userAuthHeader;
- public static String ACCESS_TOKEN_TYPE = "access_token";
- public static String REFRESH_TOKEN_TYPE = "refresh_token";
public OAuth2ControllerTest () throws KustvaktException {
userAuthHeader = HttpAuthorizationHandler
@@ -659,26 +657,6 @@
assertEquals(OAuth2Error.INVALID_GRANT, node.at("/error").asText());
}
- private void testRevokeToken (String token, String clientId,
- String clientSecret, String tokenType) {
- MultivaluedMap<String, String> form = new MultivaluedMapImpl();
- form.add("token_type", tokenType);
- form.add("token", token);
- form.add("client_id", clientId);
- if (clientSecret != null) {
- form.add("client_secret", clientSecret);
- }
-
- ClientResponse response =
- resource().path(API_VERSION).path("oauth2").path("revoke")
- .header(HttpHeaders.CONTENT_TYPE,
- ContentType.APPLICATION_FORM_URLENCODED)
- .entity(form).post(ClientResponse.class);
-
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
- assertEquals("SUCCESS", response.getEntity(String.class));
- }
-
private JsonNode requestTokenList (String userAuthHeader, String tokenType,
String clientId) throws KustvaktException {
MultivaluedMap<String, String> form = new MultivaluedMapImpl();
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
index b334b65..e039bf1 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
@@ -46,6 +46,9 @@
protected String superClientId = "fCBbQkAyYzI4NzUxMg";
protected String clientSecret = "secret";
+ public static String ACCESS_TOKEN_TYPE = "access_token";
+ public static String REFRESH_TOKEN_TYPE = "refresh_token";
+
protected ClientResponse requestAuthorizationCode (
MultivaluedMap<String, String> form, String authHeader)
throws KustvaktException {
@@ -251,4 +254,23 @@
assertEquals("SUCCESS", response.getEntity(String.class));
}
+ protected void testRevokeToken (String token, String clientId,
+ String clientSecret, String tokenType) {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("token_type", tokenType);
+ form.add("token", token);
+ form.add("client_id", clientId);
+ if (clientSecret != null) {
+ form.add("client_secret", clientSecret);
+ }
+
+ ClientResponse response =
+ resource().path(API_VERSION).path("oauth2").path("revoke")
+ .header(HttpHeaders.CONTENT_TYPE,
+ ContentType.APPLICATION_FORM_URLENCODED)
+ .entity(form).post(ClientResponse.class);
+
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ assertEquals("SUCCESS", response.getEntity(String.class));
+ }
}