Remove deprecated authorized_only param in the client list API for v1.1

Change-Id: Ic39ce8a313b3526fe5aa6e57f347f66d71831ba3
diff --git a/Changes b/Changes
index ce601e1..5f1f4fe 100644
--- a/Changes
+++ b/Changes
@@ -5,6 +5,7 @@
 - Remove deprecated Authorization Post web-service for API v1.1 (#767)
 - Remove deprecated user-group web-services for API v1.1 (#769)
 - Remove deprecated vc web-services for API v1.1 (#771)
+- Remove deprecated authorized_only parameter in the client list API for v1.1 (#760)
 
 # version 0.79.1
 
diff --git a/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index 1c41998..c0dcd8f 100644
--- a/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -27,8 +27,10 @@
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.PathParam;
 import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.core.Context;
 import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.PathSegment;
 import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.core.SecurityContext;
 
@@ -218,11 +220,17 @@
     @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
     public List<OAuth2ClientInfoDto> listUserClients (
             @Context SecurityContext context,
+            @Context ContainerRequestContext requestContext,
             @FormParam("super_client_id") String superClientId,
             @FormParam("super_client_secret") String superClientSecret,
             @FormParam("authorized_only") boolean authorizedOnly, // deprecated
             @FormParam("filter_by") String filterBy) {
 
+    	List<PathSegment> pathSegments = requestContext.getUriInfo()
+    			.getPathSegments();
+        String version = pathSegments.get(0).getPath();
+        double requestedVersion = Double.parseDouble(version.substring(1));
+        
         TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
         String username = tokenContext.getUsername();
 
@@ -234,28 +242,34 @@
             
             List<OAuth2ClientInfoDto> clients = null; 
             
-            if (authorizedOnly) {
-                clients = clientService.listUserAuthorizedClients(username);
+        	if (requestedVersion == 1) {
+        		if (authorizedOnly) {
+            		clients = clientService.listUserAuthorizedClients(username);
+            		return clients;
+            	}
+            }
+            
+        	if (filterBy !=null && !filterBy.isEmpty()) {
+                if (filterBy.equals("authorized_only")) {
+                    clients = clientService.listUserAuthorizedClients(username);
+                }
+                else if (filterBy.equals("owned_only")) {
+                    clients = clientService.listUserRegisteredClients(username); 
+                }
+                else {
+                    throw new KustvaktException(
+                            StatusCodes.UNSUPPORTED_VALUE, "filter_by");
+                }
             }
             else {
-                if (filterBy !=null && !filterBy.isEmpty()) {
-                    if (filterBy.equals("authorized_only")) {
-                        clients = clientService.listUserAuthorizedClients(username);
-                    }
-                    else if (filterBy.equals("owned_only")) {
-                        clients = clientService.listUserRegisteredClients(username); 
-                    }
-                    else {
-                        throw new KustvaktException(
-                                StatusCodes.UNSUPPORTED_VALUE, "filter_by");
-                    }
-                }
-                else {               
-//                    clients = clientService.listUserAuthorizedClients(username);
-//                    clients.addAll(clientService.listUserRegisteredClients(username));
-                
-                    clients = clientService.listUserRegisteredClients(username);
-                }
+            	if (requestedVersion == 1) {
+            		clients = clientService.listUserRegisteredClients(username);
+            	}
+				else {
+					clients = clientService.listUserAuthorizedClients(username);
+					clients.addAll(
+							clientService.listUserRegisteredClients(username));
+				}
             }
             
             return clients;
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2DeprecationTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2DeprecationTest.java
new file mode 100644
index 0000000..934d6f3
--- /dev/null
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2DeprecationTest.java
@@ -0,0 +1,129 @@
+package de.ids_mannheim.korap.web.controller.oauth2;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import org.apache.http.entity.ContentType;
+import org.junit.jupiter.api.Test;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.net.HttpHeaders;
+
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
+import de.ids_mannheim.korap.utils.JsonUtils;
+import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+
+public class OAuth2DeprecationTest extends OAuth2TestBase{
+	private String userAuthHeader;
+	private String username = "dory";
+
+    public OAuth2DeprecationTest () throws KustvaktException {
+        userAuthHeader = HttpAuthorizationHandler
+                .createBasicAuthorizationHeaderValue(username, "password");
+    }
+
+	@Test
+	public void testListClients () throws KustvaktException {
+		// authorized client
+		String code = requestAuthorizationCode(publicClientId, userAuthHeader);
+		Response response = requestTokenWithAuthorizationCodeAndForm(
+				publicClientId, "", code);
+		
+		// owned client
+		OAuth2ClientJson clientJson = createOAuth2ClientJson(
+                "OAuth2DesktopClient", OAuth2ClientType.PUBLIC,
+                "This is a desktop test client.");
+        response = registerClient(username, clientJson);
+        String entity = response.readEntity(String.class);
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        JsonNode node = JsonUtils.readTree(entity);
+        String clientId = node.at("/client_id").asText();
+        assertNotNull(clientId);
+        assertTrue(node.at("/client_secret").isMissingNode());
+
+        testListAuthorizedClients(publicClientId);
+        testListOwnedClient(clientId);
+        testFilterBy(publicClientId);
+        
+        response = target().path(API_VERSION).path("oauth2")
+                .path("client").path("deregister").path(clientId).request()
+                .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+                        .createBasicAuthorizationHeaderValue(username, "pass"))
+                .delete();
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+	}
+	
+	private void testListAuthorizedClients(String clientId) throws KustvaktException {
+		// List clients
+		Form form = getSuperClientForm();
+		form.param("authorized_only","true");
+		// V1.0
+        Response response = target().path(API_VERSION_V1_0).path("oauth2")
+                .path("client").path("list").request()
+                .header(Attributes.AUTHORIZATION, userAuthHeader)
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .post(Entity.form(form));
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        String entity = response.readEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(1, node.size());
+        assertEquals(clientId, node.at("/0/client_id").asText());
+        
+        // current version
+        response = target().path(API_VERSION).path("oauth2")
+                .path("client").path("list").request()
+                .header(Attributes.AUTHORIZATION, userAuthHeader)
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .post(Entity.form(form));
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        entity = response.readEntity(String.class);
+        node = JsonUtils.readTree(entity);
+        assertEquals(2, node.size());
+	}
+	
+	private void testListOwnedClient (String clientId) throws KustvaktException {
+		// List clients
+		Form form = getSuperClientForm();
+		// V1.0
+        Response response = target().path(API_VERSION_V1_0).path("oauth2")
+                .path("client").path("list").request()
+                .header(Attributes.AUTHORIZATION, userAuthHeader)
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .post(Entity.form(form));
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        String entity = response.readEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(1, node.size());
+        assertEquals(clientId, node.at("/0/client_id").asText());
+	}
+	
+	private void testFilterBy (String clientId) throws KustvaktException {
+		// List clients
+		Form form = getSuperClientForm();
+		form.param("filter_by","authorized_only");
+		// V1.0
+        Response response = target().path(API_VERSION_V1_0).path("oauth2")
+                .path("client").path("list").request()
+                .header(Attributes.AUTHORIZATION, userAuthHeader)
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .post(Entity.form(form));
+        assertEquals(Status.OK.getStatusCode(), response.getStatus());
+        String entity = response.readEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(1, node.size());
+        assertEquals(clientId, node.at("/0/client_id").asText());
+	}
+	
+}