Merged OAuth2 client deregistration controllers.
Change-Id: I02d12a8fb3651354f2ceb1eef6b7dafbcfd4faf6
diff --git a/full/Changes b/full/Changes
index 581dfab..d3d8dab 100644
--- a/full/Changes
+++ b/full/Changes
@@ -1,5 +1,5 @@
version 0.60.4
-02/07/2018
+03/07/2018
- implemented OAuth2 authorization code request with OpenID Authentication (margaretha)
- enabled OAuth2 authorization without OpenID authentication using Nimbus library (margaretha)
- implemented response handler for OpenID authentication errors in authorization requests (margaretha)
@@ -16,6 +16,7 @@
- updated redirect URI validator (margaretha)
- updated client registration requirement to allow desktop applications (margaretha)
- fixed RSA key configuration (margaretha)
+ - merged OAuth2 client deregistration controllers (margaretha)
version 0.60.3
06/06/2018
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/ClientDeregistrationValidator.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/ClientDeregistrationValidator.java
deleted file mode 100644
index 72be70d..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/ClientDeregistrationValidator.java
+++ /dev/null
@@ -1,23 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.AbstractValidator;
-
-public class ClientDeregistrationValidator extends AbstractValidator<HttpServletRequest>{
-
- public ClientDeregistrationValidator () {
- enforceClientAuthentication = true;
- }
-
- @Override
- public void validateMethod (HttpServletRequest request)
- throws OAuthProblemException {
- if (!request.getMethod().equals(OAuth.HttpMethod.DELETE)) {
- throw OAuthUtils.handleOAuthProblemException("Method not set to DELETE.");
- }
- }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2DeregisterClientRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2DeregisterClientRequest.java
deleted file mode 100644
index 3da0c02..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2DeregisterClientRequest.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.as.request.OAuthRequest;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.OAuthValidator;
-
-public class OAuth2DeregisterClientRequest extends OAuthRequest {
-
- public OAuth2DeregisterClientRequest (HttpServletRequest request)
- throws OAuthSystemException, OAuthProblemException {
- super(request);
- }
-
- @Override
- protected OAuthValidator<HttpServletRequest> initValidator ()
- throws OAuthProblemException, OAuthSystemException {
- validators.put("client_deregistration",
- ClientDeregistrationValidator.class);
- final Class<? extends OAuthValidator<HttpServletRequest>> clazz =
- validators.get("client_deregistration");
- return OAuthUtils.instantiateClass(clazz);
- }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index 3ae7c54..20c6f02 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -7,7 +7,6 @@
import java.sql.SQLException;
import org.apache.commons.validator.routines.UrlValidator;
-import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -163,22 +162,16 @@
}
- public void deregisterPublicClient (String clientId, String username)
- throws KustvaktException {
+ public void deregisterClient (String clientId, String clientSecret,
+ String username) throws KustvaktException {
OAuth2Client client = clientDao.retrieveClientById(clientId);
- if (adminDao.isAdmin(username)) {
- clientDao.deregisterClient(client);
+ if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
+ authenticateClient(clientId, clientSecret);
}
- else if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
- throw new KustvaktException(
- StatusCodes.CLIENT_DEREGISTRATION_FAILED,
- "Service is limited to public clients. To deregister "
- + "confidential clients, use service at path: "
- + "oauth2/client/deregister/confidential.",
- OAuth2Error.INVALID_REQUEST);
- }
- else if (client.getRegisteredBy().equals(username)) {
+
+ if (adminDao.isAdmin(username)
+ || client.getRegisteredBy().equals(username)) {
clientDao.deregisterClient(client);
}
else {
@@ -187,14 +180,6 @@
}
}
-
- public void deregisterConfidentialClient (String clientId,
- String clientSecret) throws KustvaktException {
-
- OAuth2Client client = authenticateClient(clientId, clientSecret);
- clientDao.deregisterClient(client);
- }
-
public OAuth2Client authenticateClient (String clientId,
String clientSecret) throws KustvaktException {
@@ -206,28 +191,34 @@
}
OAuth2Client client = clientDao.retrieveClientById(clientId);
- if (clientSecret == null || clientSecret.isEmpty()) {
- if (client.getSecret() != null
- || client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
+ authenticateClient(client, clientSecret);
+ return client;
+ }
+
+ public void authenticateClient (OAuth2Client client, String clientSecret)
+ throws KustvaktException {
+ if (clientSecret == null) {
+ if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
throw new KustvaktException(
StatusCodes.CLIENT_AUTHENTICATION_FAILED,
"Missing parameters: client_secret",
OAuth2Error.INVALID_REQUEST);
}
- else
- return client;
}
- else {
- if (client.getSecret() != null) {
- if (encryption.checkHash(clientSecret, client.getSecret(),
- config.getPasscodeSaltField())) {
- return client;
- }
+ else if (clientSecret.isEmpty()) {
+ if (client.getType().equals(OAuth2ClientType.CONFIDENTIAL)) {
+ throw new KustvaktException(
+ StatusCodes.CLIENT_AUTHENTICATION_FAILED,
+ "Missing parameters: client_secret",
+ OAuth2Error.INVALID_REQUEST);
}
}
-
- throw new KustvaktException(StatusCodes.CLIENT_AUTHENTICATION_FAILED,
- "Invalid client credentials", OAuth2Error.INVALID_CLIENT);
+ else if (!encryption.checkHash(clientSecret, client.getSecret(),
+ config.getPasscodeSaltField())) {
+ throw new KustvaktException(
+ StatusCodes.CLIENT_AUTHENTICATION_FAILED,
+ "Invalid client credentials", OAuth2Error.INVALID_CLIENT);
+ }
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index e4f2e72..61295e7 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -1,21 +1,17 @@
package de.ids_mannheim.korap.web.controller;
-import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
-import org.apache.oltu.oauth2.as.request.OAuthRequest;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
@@ -23,14 +19,12 @@
import de.ids_mannheim.korap.dto.OAuth2ClientDto;
import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.oauth2.oltu.OAuth2DeregisterClientRequest;
import de.ids_mannheim.korap.oauth2.service.OAuth2ClientService;
import de.ids_mannheim.korap.security.context.TokenContext;
import de.ids_mannheim.korap.web.OAuth2ResponseHandler;
import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
import de.ids_mannheim.korap.web.filter.BlockingFilter;
import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
-import de.ids_mannheim.korap.web.utils.FormRequestWrapper;
/**
@@ -82,7 +76,6 @@
OAuth2ClientJson clientJson) {
TokenContext context =
(TokenContext) securityContext.getUserPrincipal();
-
try {
return clientService.registerClient(clientJson,
context.getUsername());
@@ -94,25 +87,29 @@
/**
- * Deregisters a public client via owner authentication.
+ * Deregisters a client requires client owner authentication. For
+ * confidential clients, client authentication is also required.
*
*
* @param securityContext
* @param clientId
* the client id
+ * @param clientSecret
+ * the client secret
* @return HTTP Response OK if successful.
*/
@DELETE
- @Path("deregister/public")
+ @Path("deregister/{client_id}")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
public Response deregisterPublicClient (
@Context SecurityContext securityContext,
- @FormParam("client_id") String clientId) {
+ @PathParam("client_id") String clientId,
+ @FormParam("client_secret") String clientSecret) {
TokenContext context =
(TokenContext) securityContext.getUserPrincipal();
try {
- clientService.deregisterPublicClient(clientId,
+ clientService.deregisterClient(clientId, clientSecret,
context.getUsername());
return Response.ok().build();
}
@@ -120,39 +117,4 @@
throw responseHandler.throwit(e);
}
}
-
-
- /**
- * Deregisters confidential clients. Clients must authenticate.
- *
- * @param securityContext
- * @param request
- * @param form
- * @return
- */
- @DELETE
- @Path("deregister/confidential")
- @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- public Response deregisterConfidentialClient (
- @Context SecurityContext securityContext,
- @Context HttpServletRequest request,
- MultivaluedMap<String, String> form) {
- try {
- OAuthRequest oAuthRequest = new OAuth2DeregisterClientRequest(
- new FormRequestWrapper(request, form));
-
- clientService.deregisterConfidentialClient(
- oAuthRequest.getClientId(), oAuthRequest.getClientSecret());
- return Response.ok().build();
- }
- catch (KustvaktException e) {
- throw responseHandler.throwit(e);
- }
- catch (OAuthSystemException e) {
- throw responseHandler.throwit(e);
- }
- catch (OAuthProblemException e) {
- throw responseHandler.throwit(e);
- }
- }
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index b9d640f..4f13ad9 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -27,6 +27,7 @@
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.config.SpringJerseyTest;
import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
import de.ids_mannheim.korap.utils.JsonUtils;
@@ -89,7 +90,7 @@
node = JsonUtils.readTree(response.getEntity(String.class));
assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
- testDeregisterConfidentialClientMissingParameters();
+ testDeregisterConfidentialClientMissingSecret(clientId);
testDeregisterClientIncorrectCredentials(clientId);
testDeregisterConfidentialClient(clientId, clientSecret);
}
@@ -120,6 +121,8 @@
assertNotNull(clientId);
assertTrue(node.at("/client_secret").isMissingNode());
+ testDeregisterPublicClientMissingUserAuthentication(clientId);
+ testDeregisterPublicClientMissingId();
testDeregisterPublicClient(clientId);
}
@@ -172,22 +175,43 @@
assertTrue(node.at("/client_secret").isMissingNode());
}
+ private void testDeregisterPublicClientMissingUserAuthentication (
+ String clientId) throws UniformInterfaceException,
+ ClientHandlerException, KustvaktException {
+
+ ClientResponse response = resource().path("oauth2").path("client")
+ .path("deregister").path(clientId).delete(ClientResponse.class);
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ }
+
+ private void testDeregisterPublicClientMissingId ()
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+
+ ClientResponse response = resource().path("oauth2").path("client")
+ .path("deregister")
+ .header(Attributes.AUTHORIZATION, handler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .delete(ClientResponse.class);
+
+ assertEquals(Status.NOT_FOUND.getStatusCode(), response.getStatus());
+ }
+
private void testDeregisterPublicClient (String clientId)
throws UniformInterfaceException, ClientHandlerException,
KustvaktException {
- MultivaluedMap<String, String> form = new MultivaluedMapImpl();
- form.add("client_id", clientId);
-
ClientResponse response = resource().path("oauth2").path("client")
- .path("deregister").path("public")
- .header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue(username,
- "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .header(HttpHeaders.CONTENT_TYPE,
- ContentType.APPLICATION_FORM_URLENCODED)
- .entity(form).delete(ClientResponse.class);
+ .path("deregister").path(clientId)
+ .header(Attributes.AUTHORIZATION, handler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .delete(ClientResponse.class);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
}
@@ -196,35 +220,40 @@
String clientSecret) throws UniformInterfaceException,
ClientHandlerException, KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("client_secret", clientSecret);
+
ClientResponse response = resource().path("oauth2").path("client")
- .path("deregister").path("confidential")
+ .path("deregister").path(clientId)
.header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue(clientId,
- clientSecret))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ handler.createBasicAuthorizationHeaderValue(username,
+ "pass"))
.header(HttpHeaders.CONTENT_TYPE,
ContentType.APPLICATION_FORM_URLENCODED)
- .delete(ClientResponse.class);
+ .entity(form).delete(ClientResponse.class);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
}
- private void testDeregisterConfidentialClientMissingParameters ()
+ private void testDeregisterConfidentialClientMissingSecret (String clientId)
throws KustvaktException {
ClientResponse response = resource().path("oauth2").path("client")
- .path("deregister").path("confidential")
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .path("deregister").path(clientId)
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(username,
+ "pass"))
.header(HttpHeaders.CONTENT_TYPE,
ContentType.APPLICATION_FORM_URLENCODED)
.delete(ClientResponse.class);
String entity = response.getEntity(String.class);
+ System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
- assertEquals("Missing parameters: client_secret client_id",
+ assertEquals("Missing parameters: client_secret",
node.at("/error_description").asText());
}
@@ -232,17 +261,20 @@
throws UniformInterfaceException, ClientHandlerException,
KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("client_secret", "xxx");
+
ClientResponse response = resource().path("oauth2").path("client")
- .path("deregister").path("confidential")
+ .path("deregister").path(clientId)
.header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue(clientId,
+ handler.createBasicAuthorizationHeaderValue(username,
"pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.header(HttpHeaders.CONTENT_TYPE,
ContentType.APPLICATION_FORM_URLENCODED)
- .delete(ClientResponse.class);
+ .entity(form).delete(ClientResponse.class);
String entity = response.getEntity(String.class);
+ System.out.println(entity);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index 89b0f3c..0078a50 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -54,8 +54,8 @@
if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
assertEquals("Api realm=\"Kustvakt\"",
header.getValue().get(0));
-// assertEquals("Session realm=\"Kustvakt\"",
-// header.getValue().get(1));
+ // assertEquals("Session realm=\"Kustvakt\"",
+ // header.getValue().get(1));
assertEquals("Bearer realm=\"Kustvakt\"",
header.getValue().get(1));
assertEquals("Basic realm=\"Kustvakt\"",
@@ -67,15 +67,14 @@
private JsonNode testSearchVC (String username, String vcId)
throws UniformInterfaceException, ClientHandlerException,
KustvaktException {
- ClientResponse response =
- resource().path("vc").path(vcId)
- .header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue(
- username, "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .get(ClientResponse.class);
+ ClientResponse response = resource().path("vc").path(vcId)
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(username,
+ "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .get(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
return JsonUtils.readTree(entity);
@@ -94,7 +93,7 @@
assertEquals(Status.OK.getStatusCode(), response.getStatus());
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
return JsonUtils.readTree(entity);
}
@@ -114,7 +113,7 @@
assertEquals(Status.OK.getStatusCode(), response.getStatus());
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
return JsonUtils.readTree(entity);
}
@@ -142,7 +141,7 @@
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.get(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
return node;
}
@@ -231,7 +230,8 @@
assertEquals(VirtualCorpusType.PUBLISHED.displayName(),
node.at("/type").asText());
- // EM: need admin to check if VirtualCorpusControllerTest is added to the hidden group
+ // EM: need admin to check if VirtualCorpusControllerTest is
+ // added to the hidden group
}
@Test
@@ -362,14 +362,14 @@
node = testCheckHiddenGroup(groupId);
assertEquals("HIDDEN", node.at("/status").asText());
- //EM: delete vc
+ // EM: delete vc
testDeleteVC(vcId, "VirtualCorpusControllerTest");
- //EM: check if the hidden groups are deleted as well
+ // EM: check if the hidden groups are deleted as well
node = testCheckHiddenGroup(groupId);
assertEquals(StatusCodes.GROUP_NOT_FOUND,
node.at("/errors/0/0").asInt());
- assertEquals("Group with id "+groupId+" is not found",
+ assertEquals("Group with id " + groupId + " is not found",
node.at("/errors/0/1").asText());
}
@@ -414,28 +414,25 @@
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(StatusCodes.INVALID_ACCESS_TOKEN, node.at("/errors/0/0").asInt());
+ assertEquals(StatusCodes.INVALID_ACCESS_TOKEN,
+ node.at("/errors/0/0").asInt());
assertEquals("Json Web Signature (JWS) object verification failed.",
node.at("/errors/0/1").asText());
checkWWWAuthenticateHeader(response);
}
-
+
@Test
public void testCreateVCWithExpiredToken ()
throws IOException, KustvaktException {
String json = "{\"name\": \"new vc\",\"type\": \"PRIVATE\","
+ "\"corpusQuery\": \"corpusSigle=GOE\"}";
- InputStream is = getClass().getClassLoader()
- .getResourceAsStream("test-expired.token");
-
- String authToken;
- try (BufferedReader reader =
- new BufferedReader(new InputStreamReader(is));) {
- authToken = reader.readLine();
- }
-
+ String authToken = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0VXNlci"
+ + "IsImlzcyI6Imh0dHBzOlwvXC9rb3JhcC5pZHMtbWFubmhlaW0uZG"
+ + "UiLCJleHAiOjE1MzA2MTgyOTR9.JUMvTQZ4tvdRXFBpQKzoNxrq7"
+ + "CuYAfytr_LWqY8woJs";
+
ClientResponse response = resource().path("vc").path("create")
.header(Attributes.AUTHORIZATION,
AuthenticationScheme.API.displayName() + " "
@@ -443,7 +440,7 @@
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
.entity(json).post(ClientResponse.class);
-
+
String entity = response.getEntity(String.class);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
@@ -512,7 +509,7 @@
.header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
.entity(json).post(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
@@ -534,7 +531,7 @@
.header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
.entity(json).post(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
@@ -556,7 +553,7 @@
.header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
.entity(json).post(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
@@ -641,7 +638,7 @@
.header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
.post(ClientResponse.class, json);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
assertEquals(StatusCodes.AUTHORIZATION_FAILED,
@@ -680,7 +677,7 @@
assertEquals(VirtualCorpusType.PUBLISHED.displayName(),
n.get("type").asText());
- //check hidden VC access
+ // check hidden VC access
node = testlistAccessByVC("admin", vcId);
assertEquals(2, node.size());
@@ -701,7 +698,7 @@
assertEquals(VirtualCorpusType.PROJECT.displayName(),
node.get(1).get("type").asText());
- //check VC access
+ // check VC access
node = testlistAccessByVC("admin", vcId);
assertEquals(1, node.size());
}
@@ -739,7 +736,7 @@
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.get(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(1, node.at("/0/accessId").asInt());
assertEquals(2, node.at("/0/vcId").asInt());
@@ -809,7 +806,7 @@
form.add("groupId", "1");
// share VC
- // dory is VCA in marlin group
+ // dory is VCA in marlin group
ClientResponse response = resource().path("vc").path("access")
.path("share").type(MediaType.APPLICATION_FORM_URLENCODED)
.header(Attributes.AUTHORIZATION,
@@ -838,7 +835,7 @@
form.add("groupId", "1");
// share VC
- // nemo is not VCA in marlin group
+ // nemo is not VCA in marlin group
ClientResponse response = resource().path("vc").path("access")
.path("share").type(MediaType.APPLICATION_FORM_URLENCODED)
.header(Attributes.AUTHORIZATION,
@@ -882,7 +879,7 @@
.delete(ClientResponse.class);
String entity = response.getEntity(String.class);
- // System.out.println(entity);
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
assertEquals(StatusCodes.AUTHORIZATION_FAILED,