Added a new API: install plugin
Change-Id: I3f8cb4935487cee9b2fa83a0c4d6fa15a53d3b29
diff --git a/core/src/main/java/de/ids_mannheim/korap/constant/OAuth2Scope.java b/core/src/main/java/de/ids_mannheim/korap/constant/OAuth2Scope.java
index ffcf431..915efb5 100644
--- a/core/src/main/java/de/ids_mannheim/korap/constant/OAuth2Scope.java
+++ b/core/src/main/java/de/ids_mannheim/korap/constant/OAuth2Scope.java
@@ -14,6 +14,7 @@
AUTHORIZE,
LIST_USER_CLIENT,
+ INSTALL_USER_CLIENT,
CLIENT_INFO,
REGISTER_CLIENT,
diff --git a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
index 285485d..71e5384 100644
--- a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
+++ b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
@@ -148,6 +148,13 @@
public static final int USER_REAUTHENTICATION_REQUIRED = 1815;
/**
+ * 1850 Plugins
+ */
+
+ public static final int PLUGIN_NOT_PERMITTED = 1850;
+
+
+ /**
* 1900 User account and logins
*/
diff --git a/full/Changes b/full/Changes
index 9bf30f2..18bb5ef 100644
--- a/full/Changes
+++ b/full/Changes
@@ -6,6 +6,7 @@
- Handled user-defined refresh token expiry (added in client info and
list API response)
- Added installed_plugins table
+ - Added a new API: install plugin
# version 0.67.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/dto/InstalledPluginDto.java b/full/src/main/java/de/ids_mannheim/korap/dto/InstalledPluginDto.java
new file mode 100644
index 0000000..3cef4c6
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/dto/InstalledPluginDto.java
@@ -0,0 +1,31 @@
+package de.ids_mannheim.korap.dto;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+
+import de.ids_mannheim.korap.entity.InstalledPlugin;
+import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
+import lombok.Getter;
+import lombok.Setter;
+
+@Setter
+@Getter
+@JsonInclude(Include.NON_EMPTY)
+public class InstalledPluginDto {
+ private String client_id; // oauth2 client id
+ private String name;
+ private String description;
+ private String url;
+ @JsonProperty("installed_date")
+ private String installedDate;
+
+ public InstalledPluginDto (InstalledPlugin plugin) {
+ OAuth2Client client = plugin.getClient();
+ setClient_id(client.getId());
+ setInstalledDate(plugin.getInstalledDate().toString());
+ setName(client.getName());
+ setDescription(client.getDescription());
+ setUrl(client.getUrl());
+ }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/entity/InstalledPlugin.java b/full/src/main/java/de/ids_mannheim/korap/entity/InstalledPlugin.java
new file mode 100644
index 0000000..1aef8b6
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/entity/InstalledPlugin.java
@@ -0,0 +1,36 @@
+package de.ids_mannheim.korap.entity;
+
+import java.time.ZonedDateTime;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.Table;
+
+import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
+import lombok.Getter;
+import lombok.Setter;
+
+@Setter
+@Getter
+@Entity
+@Table(name = "installed_plugin")
+public class InstalledPlugin {
+
+ @Id
+ @GeneratedValue(strategy = GenerationType.IDENTITY)
+ private int id;
+ @Column(name = "installed_by")
+ private String installedBy;
+ @Column(name = "installed_date")
+ private ZonedDateTime installedDate;
+
+ @ManyToOne(fetch = FetchType.EAGER)
+ @JoinColumn(name = "client_id")
+ private OAuth2Client client;
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/InstalledPluginDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/InstalledPluginDao.java
new file mode 100644
index 0000000..8cd5368
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/InstalledPluginDao.java
@@ -0,0 +1,37 @@
+package de.ids_mannheim.korap.oauth2.dao;
+
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.entity.InstalledPlugin;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
+import de.ids_mannheim.korap.utils.ParameterChecker;
+
+@Repository
+@Transactional
+public class InstalledPluginDao {
+
+ @PersistenceContext
+ private EntityManager entityManager;
+
+ public InstalledPlugin storeUserPlugin (OAuth2Client client,
+ String installedBy) throws KustvaktException {
+ ParameterChecker.checkStringValue(installedBy, "installed_by");
+
+ InstalledPlugin p = new InstalledPlugin();
+ p.setInstalledBy(installedBy);
+ p.setInstalledDate(
+ ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE)));
+ p.setClient(client);
+ entityManager.persist(p);
+ return p;
+ }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
index 13f0397..6961092 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
@@ -104,7 +104,7 @@
}
catch (NoResultException e) {
throw new KustvaktException(StatusCodes.CLIENT_NOT_FOUND,
- "Unknown client with " + clientId + ".", "invalid_client");
+ "Unknown client: " + clientId, "invalid_client");
}
catch (Exception e) {
throw new KustvaktException(StatusCodes.CLIENT_NOT_FOUND,
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
index 62bb543..88c572c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
@@ -12,6 +12,7 @@
import javax.persistence.OneToMany;
import javax.persistence.Table;
+import de.ids_mannheim.korap.entity.InstalledPlugin;
import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
/** Describe oauth2_client database table mapping.
@@ -53,6 +54,9 @@
@OneToMany(fetch = FetchType.LAZY, mappedBy = "client")
private List<AccessToken> accessTokens;
+ @OneToMany(fetch = FetchType.LAZY, mappedBy = "client")
+ private List<InstalledPlugin> installedPlugins;
+
@Override
public String toString () {
return "id=" + id + ", name=" + name + ", secret=" + secret + ", type="
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
index b9e32c6..076a762 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
@@ -141,7 +141,7 @@
if (refreshTokenStr == null || refreshTokenStr.isEmpty()) {
throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
- "Missing parameters: refresh_token",
+ "Missing parameter: refresh_token",
OAuth2Error.INVALID_REQUEST);
}
@@ -317,7 +317,7 @@
if (clientSecret == null || clientSecret.isEmpty()) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Missing parameters: client_secret",
+ "Missing parameter: client_secret",
OAuth2Error.INVALID_REQUEST);
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
index 85bb057..93692ad 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
@@ -154,7 +154,7 @@
if (clientAuthentication == null) {
if (clientId == null) {
throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
- "Missing parameters: client_id",
+ "Missing parameter: client_id",
OAuth2Error.INVALID_REQUEST);
}
else {
@@ -208,7 +208,7 @@
if (clientAuthentication == null) {
if (clientId == null) {
throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
- "Missing parameters: client_id",
+ "Missing parameter: client_id",
OAuth2Error.INVALID_REQUEST);
}
else {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index 33ef04e..acaaa88 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -15,7 +15,9 @@
import de.ids_mannheim.korap.config.FullConfiguration;
import de.ids_mannheim.korap.dao.AdminDao;
+import de.ids_mannheim.korap.dto.InstalledPluginDto;
import de.ids_mannheim.korap.encryption.RandomCodeGenerator;
+import de.ids_mannheim.korap.entity.InstalledPlugin;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.exceptions.StatusCodes;
import de.ids_mannheim.korap.interfaces.EncryptionIface;
@@ -25,6 +27,7 @@
import de.ids_mannheim.korap.oauth2.dao.AuthorizationDao;
import de.ids_mannheim.korap.oauth2.dao.OAuth2ClientDao;
import de.ids_mannheim.korap.oauth2.dao.RefreshTokenDao;
+import de.ids_mannheim.korap.oauth2.dao.InstalledPluginDao;
import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientDto;
import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientInfoDto;
import de.ids_mannheim.korap.oauth2.dto.OAuth2UserClientDto;
@@ -63,6 +66,8 @@
// UrlValidator.NO_FRAGMENTS + UrlValidator.ALLOW_LOCAL_URLS);
@Autowired
+ private InstalledPluginDao pluginDao;
+ @Autowired
private OAuth2ClientDao clientDao;
@Autowired
private AccessTokenDao tokenDao;
@@ -272,26 +277,35 @@
public OAuth2Client authenticateClient (String clientId,
String clientSecret) throws KustvaktException {
-
+ return authenticateClient(clientId, clientSecret, false);
+ }
+
+ public OAuth2Client authenticateClient (String clientId,
+ String clientSecret, boolean isSuper) throws KustvaktException {
+ String errorClient = "client";
+ if (isSuper) {
+ errorClient = "super_client";
+ }
+
if (clientId == null || clientId.isEmpty()) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Missing parameters: client id",
+ "Missing parameter: "+errorClient+"_id",
OAuth2Error.INVALID_REQUEST);
}
OAuth2Client client = clientDao.retrieveClientById(clientId);
- authenticateClient(client, clientSecret);
+ authenticateClient(client, clientSecret, errorClient);
return client;
}
- public void authenticateClient (OAuth2Client client, String clientSecret)
- throws KustvaktException {
+ public void authenticateClient (OAuth2Client client, String clientSecret,
+ String errorClient) throws KustvaktException {
if (clientSecret == null || clientSecret.isEmpty()) {
if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Missing parameters: client_secret",
+ "Missing parameter: "+errorClient+"_secret",
OAuth2Error.INVALID_REQUEST);
}
}
@@ -299,14 +313,14 @@
if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Client secret was not registered",
+ errorClient+"_secret was not registered",
OAuth2Error.INVALID_CLIENT);
}
}
else if (!encryption.checkHash(clientSecret, client.getSecret())) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Invalid client credentials", OAuth2Error.INVALID_CLIENT);
+ "Invalid "+errorClient+" credentials", OAuth2Error.INVALID_CLIENT);
}
}
@@ -315,7 +329,7 @@
if (clientId == null || clientId.isEmpty()) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Missing parameters: client id",
+ "Missing parameter: client_id",
OAuth2Error.INVALID_REQUEST);
}
@@ -376,6 +390,24 @@
Collections.sort(plugins);
return createClientDtos(plugins);
}
+
+ public InstalledPluginDto installPlugin (String clientId,
+ String installedBy) throws KustvaktException {
+ if (clientId == null || clientId.isEmpty()) {
+ throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
+ "Missing parameter: client_id");
+ }
+ OAuth2Client client = clientDao.retrieveClientById(clientId);
+ if (!client.isPermitted()) {
+ throw new KustvaktException(StatusCodes.PLUGIN_NOT_PERMITTED,
+ "Plugin is not permitted");
+ }
+ InstalledPlugin plugin =
+ pluginDao.storeUserPlugin(client, installedBy);
+
+ InstalledPluginDto dto = new InstalledPluginDto(plugin);
+ return dto;
+ }
private List<OAuth2UserClientDto> createClientDtos (
List<OAuth2Client> userClients) throws KustvaktException {
@@ -394,10 +426,10 @@
public void verifySuperClient (String clientId, String clientSecret)
throws KustvaktException {
- OAuth2Client client = authenticateClient(clientId, clientSecret);
+ OAuth2Client client = authenticateClient(clientId, clientSecret,true);
if (!client.isSuper()) {
throw new KustvaktException(StatusCodes.CLIENT_AUTHORIZATION_FAILED,
- "Only super client is allowed to list user registered clients.",
+ "Only super client is allowed to use this service",
OAuth2Error.UNAUTHORIZED_CLIENT);
}
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index ee2a46e..bbd013a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -21,6 +21,7 @@
import com.sun.jersey.spi.container.ResourceFilters;
import de.ids_mannheim.korap.constant.OAuth2Scope;
+import de.ids_mannheim.korap.dto.InstalledPluginDto;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientDto;
import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientInfoDto;
@@ -255,4 +256,29 @@
throw responseHandler.throwit(e);
}
}
+
+ @POST
+ @Path("/install")
+ @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+ @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
+ public InstalledPluginDto installPlugin (
+ @Context SecurityContext context,
+ @FormParam("super_client_id") String superClientId,
+ @FormParam("super_client_secret") String superClientSecret,
+ @FormParam("client_id") String clientId) {
+
+ TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
+ String username = tokenContext.getUsername();
+
+ try {
+ scopeService.verifyScope(tokenContext,
+ OAuth2Scope.INSTALL_USER_CLIENT);
+
+ clientService.verifySuperClient(superClientId, superClientSecret);
+ return clientService.installPlugin(clientId, username);
+ }
+ catch (KustvaktException e) {
+ throw responseHandler.throwit(e);
+ }
+ }
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 0a2475c..9e586e4 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -164,7 +164,7 @@
String entity = response.getEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(OAuth2Error.INVALID_CLIENT, node.at("/error").asText());
- assertEquals("Unknown client with unknown-client-id.",
+ assertEquals("Unknown client: unknown-client-id",
node.at("/error_description").asText());
}
@@ -556,7 +556,7 @@
JsonNode node = JsonUtils.readTree(entity);
assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
node.at("/error").asText());
- assertEquals("Missing parameters: client_secret",
+ assertEquals("Missing parameter: client_secret",
node.at("/error_description").asText());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
index 8fcccf2..6860e07 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
@@ -325,7 +325,7 @@
String entity = response.getEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
- assertEquals("Missing parameters: client_secret",
+ assertEquals("Missing parameter: client_secret",
node.at("/error_description").asText());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
index 4bb0770..83472e5 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
@@ -196,7 +196,7 @@
assertFalse(node.at("/0/registration_date").isMissingNode());
assertFalse(node.at("/0/source").isMissingNode());
assertFalse(node.at("/0/refresh_token_expiry").isMissingNode());
-
+
assertTrue(node.at("/1/refresh_token_expiry").isMissingNode());
}
@@ -222,4 +222,124 @@
return JsonUtils.readTree(entity);
}
+ @Test
+ public void testInstallConfidentialPlugin () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = getSuperClientForm();
+ form.add("client_id", confidentialClientId2);
+ ClientResponse response = installPlugin(form);
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(confidentialClientId2, node.at("/client_id").asText());
+ assertFalse(node.at("/name").isMissingNode());
+ assertFalse(node.at("/description").isMissingNode());
+ assertFalse(node.at("/url").isMissingNode());
+ assertFalse(node.at("/installed_date").isMissingNode());
+
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPublicPlugin () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = getSuperClientForm();
+ form.add("client_id", publicClientId2);
+ ClientResponse response = installPlugin(form);
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(publicClientId2, node.at("/client_id").asText());
+ assertFalse(node.at("/name").isMissingNode());
+ assertFalse(node.at("/description").isMissingNode());
+ assertFalse(node.at("/url").isMissingNode());
+ assertFalse(node.at("/installed_date").isMissingNode());
+
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPluginMissingClientId () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = getSuperClientForm();
+ ClientResponse response = installPlugin(form);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(StatusCodes.MISSING_PARAMETER, node.at("/errors/0/0").asInt());
+ assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPluginInvalidClientId () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = getSuperClientForm();
+ form.add("client_id", "unknown");
+ ClientResponse response = installPlugin(form);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals("Unknown client: unknown",
+ node.at("/error_description").asText());
+ assertEquals("invalid_client", node.at("/error").asText());
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPluginMissingSuperClientSecret () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("super_client_id", superClientId);
+
+ ClientResponse response = installPlugin(form);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals("Missing parameter: super_client_secret",
+ node.at("/error_description").asText());
+ assertEquals("invalid_request", node.at("/error").asText());
+
+ assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPluginMissingSuperClientId () throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ ClientResponse response = installPlugin(form);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals("Missing parameter: super_client_id",
+ node.at("/error_description").asText());
+ assertEquals("invalid_request", node.at("/error").asText());
+
+ assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+ }
+
+ @Test
+ public void testInstallPluginUnauthorizedClient ()
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("super_client_id", confidentialClientId);
+ form.add("super_client_secret", clientSecret);
+
+ ClientResponse response = installPlugin(form);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals("unauthorized_client", node.at("/error").asText());
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ }
+
+ private ClientResponse installPlugin (MultivaluedMap<String, String> form)
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+ return resource().path(API_VERSION).path("oauth2").path("client")
+ .path("install")
+ .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .header(HttpHeaders.CONTENT_TYPE,
+ ContentType.APPLICATION_FORM_URLENCODED)
+ .entity(form).post(ClientResponse.class);
+ }
}