Merged list authorized client and list registered client services
Change-Id: I573b3a6b5c6009b559faedf4a2a043f2bbab69c0
diff --git a/full/Changes b/full/Changes
index 3670dcc..e9e62c9 100644
--- a/full/Changes
+++ b/full/Changes
@@ -19,6 +19,9 @@
- Implemented a service to list clients registered by a user (margaretha,
close #52)
- Added a check for OAuth2 client, VC, and group name length (margaretha)
+15/11/2019
+ - Merged list authorized client and list registered client services
+ (margaretha)
# version 0.62.1
08/07/2019
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index be4cb9f..6763241 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -248,14 +248,15 @@
* given user
*/
@POST
- @Path("list")
+ @Path("/list")
@ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2UserClientDto> listUserAuthorizedClients (
@Context SecurityContext context,
@FormParam("client_id") String clientId,
- @FormParam("client_secret") String clientSecret) {
+ @FormParam("client_secret") String clientSecret,
+ @FormParam("authorized-only") boolean authorizedOnly) {
TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
String username = tokenContext.getUsername();
@@ -263,48 +264,14 @@
try {
scopeService.verifyScope(tokenContext,
OAuth2Scope.LIST_USER_CLIENT);
-
- return clientService.listUserAuthorizedClients(username, clientId,
- clientSecret);
- }
- catch (KustvaktException e) {
- throw responseHandler.throwit(e);
- }
- }
-
- /**
- * Lists clients registered by the authenticated user, e.g. an R
- * client. This service is intended for client management. It is
- * not part of the OAuth2 specification. Only super clients are
- * allowed to use this service. It requires user and client
- * authentications.
- *
- * @param context
- * @param clientId
- * the client id of the super client
- * @param clientSecret
- * the client secret of the super client
- * @return a list of clients registered by a user
- */
- @POST
- @Path("registered")
- @ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
- @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
- public List<OAuth2UserClientDto> listUserRegisteredClients (
- @Context SecurityContext context,
- @FormParam("client_id") String clientId,
- @FormParam("client_secret") String clientSecret) {
-
- TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
- String username = tokenContext.getUsername();
-
- try {
- scopeService.verifyScope(tokenContext,
- OAuth2Scope.LIST_USER_CLIENT);
-
- return clientService.listUserRegisteredClients(username, clientId,
- clientSecret);
+ if(authorizedOnly){
+ return clientService.listUserAuthorizedClients(username,
+ clientId, clientSecret);
+ }
+ else {
+ return clientService.listUserRegisteredClients(username,
+ clientId, clientSecret);
+ }
}
catch (KustvaktException e) {
throw responseHandler.throwit(e);
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 59b96f1..1e1b6cf 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -484,6 +484,7 @@
MultivaluedMap<String, String> form = new MultivaluedMapImpl();
form.add("client_id", superClientId);
form.add("client_secret", clientSecret);
+ form.add("authorized-only", "true");
ClientResponse response = resource().path(API_VERSION).path("oauth2")
.path("client").path("list")
@@ -614,7 +615,7 @@
form.add("client_secret", clientSecret);
ClientResponse response = resource().path(API_VERSION).path("oauth2")
- .path("client").path("registered")
+ .path("client").path("list")
.header(Attributes.AUTHORIZATION, userAuthHeader)
.header(HttpHeaders.CONTENT_TYPE,
ContentType.APPLICATION_FORM_URLENCODED)