Make URL mandatory for plugin registration (Close #573) Change-Id: I7477eda28559274a4ee923cae092e7b5e380460e

commit: b30b015cd2abcdd51c32f4d57bfe0130dae0cd0e [log] [tgz]
author: margaretha <margaretha@ids-mannheim.de> Fri Nov 15 14:06:00 2024 +0100
committer: margaretha <margaretha@ids-mannheim.de> Fri Nov 15 14:06:37 2024 +0100
tree: f60d91a45922330ee8c32d6e02e5b658e9284697
parent: 1c0a41d638e6fdd7dfa09d91dc6cfb5ed31ee828 [diff]
diff --git a/Changes b/Changes
index cf7213f..a621898 100644
--- a/Changes
+++ b/Changes

@@ -1,6 +1,7 @@
 # version 0.76-SNAPSHOT
 
 - Add institution & landingPage to the resource web-service (#777)
+- Make URL mandatory for plugin registration (#573)
 
 # version 0.75
 

diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index ed68d5d..6d01bf2 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java

@@ -13,6 +13,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import com.fasterxml.jackson.databind.JsonNode;
 import com.nimbusds.oauth2.sdk.OAuth2Error;
 
 import de.ids_mannheim.korap.config.FullConfiguration;
@@ -97,7 +98,7 @@
                     "client_name");
             ParameterChecker.checkObjectValue(clientJson.getType(),
                     "client_type");
-            ParameterChecker.checkStringValue(clientJson.getName(),
+            ParameterChecker.checkStringValue(clientJson.getDescription(),
                     "client_description");
         }
         catch (KustvaktException e) {
@@ -105,6 +106,7 @@
                     OAuth2Error.INVALID_REQUEST);
         }
 
+        JsonNode source = clientJson.getSource();
         String url = clientJson.getUrl();
         if (url != null && !url.isEmpty()) {
             if (!urlValidator.isValid(url)) {
@@ -112,6 +114,12 @@
                         "Invalid URL", OAuth2Error.INVALID_REQUEST);
             }
         }
+        // url is obligatory for plugins 
+        else if (source != null && !source.isNull()) {
+            throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
+                    "URL is required for plugins.", "url");
+        }
+            
 
         String redirectURI = clientJson.getRedirectURI();
         if (redirectURI != null && !redirectURI.isEmpty()

diff --git a/src/main/java/de/ids_mannheim/korap/web/input/OAuth2ClientJson.java b/src/main/java/de/ids_mannheim/korap/web/input/OAuth2ClientJson.java
index 9630a0e..580cf8a 100644
--- a/src/main/java/de/ids_mannheim/korap/web/input/OAuth2ClientJson.java
+++ b/src/main/java/de/ids_mannheim/korap/web/input/OAuth2ClientJson.java

@@ -24,8 +24,9 @@
     private OAuth2ClientType type;
     private String description;
 
-    // optional
+    // required for plugin, otherwise optional
     private String url;
+    
     // redirect URI determines where the OAuth 2.0 service will return
     // the user to after they have authorized a client.
     @JsonProperty("redirect_uri")

diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
index e150d5d..2149461 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java

@@ -58,9 +58,15 @@
         json.setDescription("This is a plugin test client.");
         json.setSource(source);
         json.setRefreshTokenExpiry(refreshTokenExpiry);
+        
+        testRegisterMissingURL(username,json);
+        
+        json.setUrl("https://my.confidential.plugin.de");
+        
         Response response = registerClient(username, json);
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
         JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
+        
         String clientId = node.at("/client_id").asText();
         String clientSecret = node.at("/client_secret").asText();
         assertNotNull(clientId);
@@ -87,12 +93,24 @@
         json.setType(OAuth2ClientType.PUBLIC);
         json.setDescription("This is a public plugin.");
         json.setSource(source);
+        json.setUrl("https://my.public.plugin.de");
         Response response = registerClient(username, json);
         JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
         assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
         assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
         assertFalse(node.at("/error_description").isMissingNode());
     }
+    
+    private void testRegisterMissingURL (String username,
+            OAuth2ClientJson json) throws KustvaktException {
+        Response response = registerClient(username, json);
+        JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
+
+        assertEquals(StatusCodes.MISSING_PARAMETER,
+                node.at("/errors/0/0").asInt());
+        assertEquals("URL is required for plugins.",
+                node.at("/errors/0/1").asText());
+    }
 
     private void testRetrievePluginInfo (String clientId)
             throws ProcessingException, KustvaktException {
commit	b30b015cd2abcdd51c32f4d57bfe0130dae0cd0e	[log] [tgz]
author	margaretha <margaretha@ids-mannheim.de>	Fri Nov 15 14:06:00 2024 +0100
committer	margaretha <margaretha@ids-mannheim.de>	Fri Nov 15 14:06:37 2024 +0100
tree	f60d91a45922330ee8c32d6e02e5b658e9284697
parent	1c0a41d638e6fdd7dfa09d91dc6cfb5ed31ee828 [diff]