Fix redundant initial-super-client generation.
Change-Id: If2044ea7c8a1f4ee98997fb89daaa7cffc835284
diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java b/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
index e7d23eb..2f3f35e 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
@@ -52,8 +52,8 @@
public void registerClient (boolean isSuper, String id,
String secretHashcode, String name, OAuth2ClientType type,
String url, String redirectURI, String registeredBy,
- String description, int refreshTokenExpiry, JsonNode source,
- boolean isPermitted) throws KustvaktException {
+ String description, int refreshTokenExpiry, JsonNode source)
+ throws KustvaktException {
ParameterChecker.checkStringValue(id, "client_id");
ParameterChecker.checkStringValue(name, "client_name");
@@ -83,9 +83,7 @@
client.setSource(source.toString());
// setting permit for plugin, used in OAuth2TestBase
// this should be an admin function
- if (isPermitted) {
- client.setPermitted(isPermitted);
- }
+ client.setPermitted(false);
}
else {
throw new KustvaktException(StatusCodes.NOT_SUPPORTED,
@@ -115,14 +113,6 @@
entityManager.persist(client);
}
- public void registerClient (String id, String secretHashcode, String name,
- OAuth2ClientType type, String url, String redirectURI,
- String registeredBy, String description, int refreshTokenExpiry,
- JsonNode source) throws KustvaktException {
- registerClient(false, id, secretHashcode, name, type, url, redirectURI,
- registeredBy, description, refreshTokenExpiry, source, false);
- }
-
public OAuth2Client retrieveClientById (String clientId)
throws KustvaktException {
@@ -149,6 +139,32 @@
e.getMessage(), "invalid_client");
}
}
+
+ // EM: used for testing only
+ public int retrieveSuperClients ()
+ throws KustvaktException {
+
+ CriteriaBuilder builder = entityManager.getCriteriaBuilder();
+ CriteriaQuery<OAuth2Client> query = builder
+ .createQuery(OAuth2Client.class);
+
+ Root<OAuth2Client> root = query.from(OAuth2Client.class);
+ query.select(root);
+ query.where(builder.equal(root.get(OAuth2Client_.isSuper), true));
+
+ Query q = entityManager.createQuery(query);
+ try {
+ return q.getResultList().size();
+ }
+ catch (NoResultException e) {
+ throw new KustvaktException(StatusCodes.CLIENT_NOT_FOUND,
+ "No super client found.");
+ }
+ catch (Exception e) {
+ throw new KustvaktException(StatusCodes.CLIENT_NOT_FOUND,
+ e.getMessage(), "invalid_client");
+ }
+ }
public void deregisterClient (OAuth2Client client)
throws KustvaktException {
diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index 6d01bf2..3d4e3be 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -1,9 +1,5 @@
package de.ids_mannheim.korap.oauth2.service;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
@@ -16,7 +12,6 @@
import com.fasterxml.jackson.databind.JsonNode;
import com.nimbusds.oauth2.sdk.OAuth2Error;
-import de.ids_mannheim.korap.config.FullConfiguration;
import de.ids_mannheim.korap.dao.AdminDao;
import de.ids_mannheim.korap.dto.InstalledPluginDto;
import de.ids_mannheim.korap.encryption.RandomCodeGenerator;
@@ -88,12 +83,10 @@
private EncryptionIface encryption;
@Autowired
private RandomCodeGenerator codeGenerator;
- @Autowired
- private FullConfiguration config;
-
- public OAuth2ClientDto registerClient (OAuth2ClientJson clientJson,
- String registeredBy) throws KustvaktException {
- try {
+
+ private void checkClientJson (OAuth2ClientJson clientJson)
+ throws KustvaktException {
+ try {
ParameterChecker.checkNameValue(clientJson.getName(),
"client_name");
ParameterChecker.checkObjectValue(clientJson.getType(),
@@ -127,8 +120,53 @@
throw new KustvaktException(StatusCodes.INVALID_REDIRECT_URI,
"Invalid redirect URI", OAuth2Error.INVALID_REQUEST);
}
+ }
+
+ private void throwRegistrationException (Exception e) throws KustvaktException {
+ Throwable cause = e;
+ Throwable lastCause = null;
+ while ((cause = cause.getCause()) != null
+ && !cause.equals(lastCause)) {
+ if (cause instanceof SQLException) {
+ break;
+ }
+ lastCause = cause;
+ }
+ throw new KustvaktException(StatusCodes.CLIENT_REGISTRATION_FAILED,
+ cause.getMessage(), OAuth2Error.INVALID_REQUEST);
+ }
+
+ public void registerExistingClient (OAuth2ClientJson clientJson,
+ String registeredBy, boolean isSuper, String clientId,
+ String clientSecret) throws KustvaktException {
+ ParameterChecker.checkStringValue(clientId,
+ "client_id");
+ ParameterChecker.checkStringValue(clientSecret,
+ "client_secret");
+
+ checkClientJson(clientJson);
+
+ try {
+ clientDao.registerClient(isSuper, clientId, clientSecret,
+ clientJson.getName(), clientJson.getType(),
+ clientJson.getUrl(), clientJson.getRedirectURI(),
+ registeredBy, clientJson.getDescription(),
+ clientJson.getRefreshTokenExpiry(), clientJson.getSource());
+ }
+ catch (KustvaktException e) {
+ throw new KustvaktException(e.getStatusCode(), e.getMessage(),
+ OAuth2Error.INVALID_REQUEST);
+ }
+ catch (Exception e) {
+ throwRegistrationException(e);
+ }
+
+ }
- // boolean isNative = isNativeClient(url, redirectURI);
+ public OAuth2ClientDto registerClient (OAuth2ClientJson clientJson,
+ String registeredBy, boolean isSuper) throws KustvaktException {
+
+ checkClientJson(clientJson);
String secret = null;
String secretHashcode = null;
@@ -153,70 +191,61 @@
id = codeGenerator.filterRandomCode(id);
try {
- clientDao.registerClient(id, secretHashcode, clientJson.getName(),
- clientJson.getType(), url, redirectURI, registeredBy,
- clientJson.getDescription(),
- clientJson.getRefreshTokenExpiry(), clientJson.getSource());
+ clientDao.registerClient(isSuper, id, secretHashcode,
+ clientJson.getName(), clientJson.getType(),
+ clientJson.getUrl(), clientJson.getRedirectURI(),
+ registeredBy, clientJson.getDescription(),
+ clientJson.getRefreshTokenExpiry(), clientJson.getSource());
}
catch (KustvaktException e) {
throw new KustvaktException(e.getStatusCode(), e.getMessage(),
OAuth2Error.INVALID_REQUEST);
}
catch (Exception e) {
- Throwable cause = e;
- Throwable lastCause = null;
- while ((cause = cause.getCause()) != null
- && !cause.equals(lastCause)) {
- if (cause instanceof SQLException) {
- break;
- }
- lastCause = cause;
- }
- throw new KustvaktException(StatusCodes.CLIENT_REGISTRATION_FAILED,
- cause.getMessage(), OAuth2Error.INVALID_REQUEST);
+ throwRegistrationException(e);
}
return new OAuth2ClientDto(id, secret);
}
- @Deprecated
- private boolean isNativeClient (String url, String redirectURI)
- throws KustvaktException {
- if (url == null || url.isEmpty() || redirectURI == null
- || redirectURI.isEmpty()) {
- return false;
- }
-
- String nativeHost = config.getNativeClientHost();
- String urlHost = null;
- try {
- urlHost = new URL(url).getHost();
- }
- catch (MalformedURLException e) {
- throw new KustvaktException(StatusCodes.INVALID_ARGUMENT,
- "Invalid url :" + e.getMessage(),
- OAuth2Error.INVALID_REQUEST);
- }
-
- if (!urlHost.equals(nativeHost)) {
- return false;
- }
-
- String uriHost = null;
- try {
- uriHost = new URI(redirectURI).getHost();
- }
- catch (URISyntaxException e) {
- throw new KustvaktException(StatusCodes.INVALID_ARGUMENT,
- "Invalid redirectURI: " + e.getMessage(),
- OAuth2Error.INVALID_REQUEST);
- }
- if (!uriHost.equals(nativeHost)) {
- return false;
- }
-
- return true;
- }
+// @Deprecated
+// private boolean isNativeClient (String url, String redirectURI)
+// throws KustvaktException {
+// if (url == null || url.isEmpty() || redirectURI == null
+// || redirectURI.isEmpty()) {
+// return false;
+// }
+//
+// String nativeHost = config.getNativeClientHost();
+// String urlHost = null;
+// try {
+// urlHost = new URL(url).getHost();
+// }
+// catch (MalformedURLException e) {
+// throw new KustvaktException(StatusCodes.INVALID_ARGUMENT,
+// "Invalid url :" + e.getMessage(),
+// OAuth2Error.INVALID_REQUEST);
+// }
+//
+// if (!urlHost.equals(nativeHost)) {
+// return false;
+// }
+//
+// String uriHost = null;
+// try {
+// uriHost = new URI(redirectURI).getHost();
+// }
+// catch (URISyntaxException e) {
+// throw new KustvaktException(StatusCodes.INVALID_ARGUMENT,
+// "Invalid redirectURI: " + e.getMessage(),
+// OAuth2Error.INVALID_REQUEST);
+// }
+// if (!uriHost.equals(nativeHost)) {
+// return false;
+// }
+//
+// return true;
+// }
public void deregisterClient (String clientId, String username)
throws KustvaktException {
diff --git a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2InitClientService.java b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2InitClientService.java
index 535ded0..4745bc6 100644
--- a/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2InitClientService.java
+++ b/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2InitClientService.java
@@ -16,7 +16,6 @@
import de.ids_mannheim.korap.interfaces.EncryptionIface;
import de.ids_mannheim.korap.oauth2.dao.OAuth2ClientDao;
import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientDto;
-import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
import de.ids_mannheim.korap.utils.JsonUtils;
import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
@@ -50,11 +49,7 @@
if (!f.exists()) {
OAuth2ClientJson json = readOAuth2ClientJsonFile();
OAuth2ClientDto clientDto = clientService.registerClient(json,
- "system");
- String clientId = clientDto.getClient_id();
- OAuth2Client client = clientService.retrieveClient(clientId);
- client.setSuper(true);
- clientDao.updateClient(client);
+ "system",true);
JsonUtils.writeFile(path, clientDto);
log.info(
@@ -76,14 +71,8 @@
log.info("Super client info file exists but the client "
+ "doesn't exist in the database.");
OAuth2ClientJson json = readOAuth2ClientJsonFile();
- OAuth2ClientDto clientDto = clientService.registerClient(json,
- "system");
- String clientId = clientDto.getClient_id();
- OAuth2Client client = clientService.retrieveClient(clientId);
- client.setSuper(true);
- client.setId(existingClientId);
- client.setSecret(secretHashcode);
- clientDao.updateClient(client);
+ clientService.registerExistingClient(json,
+ "system", true, existingClientId, secretHashcode);
}
}
}
diff --git a/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java b/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
index c0dcd8f..58a08fc 100644
--- a/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
+++ b/src/main/java/de/ids_mannheim/korap/web/controller/OAuthClientController.java
@@ -103,7 +103,7 @@
try {
scopeService.verifyScope(context, OAuth2Scope.REGISTER_CLIENT);
return clientService.registerClient(clientJson,
- context.getUsername());
+ context.getUsername(),false);
}
catch (KustvaktException e) {
throw responseHandler.throwit(e);
diff --git a/src/test/java/de/ids_mannheim/korap/web/InitialSuperClientTest.java b/src/test/java/de/ids_mannheim/korap/web/InitialSuperClientTest.java
index afa723d..2649a77 100644
--- a/src/test/java/de/ids_mannheim/korap/web/InitialSuperClientTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/InitialSuperClientTest.java
@@ -25,17 +25,19 @@
@Autowired
private FullConfiguration config;
-
@Autowired
private OAuth2ClientDao clientDao;
+ @Autowired
+ private OAuth2InitClientService clientService;
private String path = KustvaktConfiguration.DATA_FOLDER + "/"
+ OAuth2InitClientService.TEST_OUTPUT_FILENAME;
-
+
@Test
public void testCreatingInitialSuperClient ()
throws IOException, KustvaktException {
- assertTrue(config.createInitialSuperClient());
+ assertTrue(config.createInitialSuperClient());
+ // The file was created during server start
File f = new File(path);
assertTrue(f.exists());
JsonNode node = JsonUtils.readFile(path, JsonNode.class);
@@ -44,6 +46,27 @@
OAuth2Client superClient = clientDao.retrieveClientById(superClientId);
assertTrue(superClient.isSuper());
testLogin(superClientId, superClientSecret);
+ assertEquals(2,clientDao.retrieveSuperClients());
+
+ clientDao.deregisterClient(superClient);
+ assertEquals(1,clientDao.retrieveSuperClients());
+
+ testRegisterFromExistingFile();
+ }
+
+ private void testRegisterFromExistingFile ()
+ throws IOException, KustvaktException {
+
+ clientService.createInitialTestSuperClient();
+ assertEquals(2,clientDao.retrieveSuperClients());
+
+ JsonNode node = JsonUtils.readFile(path, JsonNode.class);
+ String superClientId = node.at("/client_id").asText();
+ OAuth2Client superClient = clientDao.retrieveClientById(superClientId);
+ assertTrue(superClient.isSuper());
+
+ clientDao.deregisterClient(superClient);
+ assertEquals(1,clientDao.retrieveSuperClients());
removeSuperClientFile();
}
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2TestBase.java b/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2TestBase.java
index e8d5b94..6e10946 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2TestBase.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/oauth2/OAuth2TestBase.java
@@ -100,14 +100,14 @@
"super confidential client", OAuth2ClientType.CONFIDENTIAL,
"http://korap.ids-mannheim.de/confidential",
"https://korap.ids-mannheim.de/confidential/redirect",
- "system", "Super confidential client.", 0, null, false);
+ "system", "Super confidential client.", 0, null);
}
try {
clientDao.retrieveClientById(publicClientId);
}
catch (KustvaktException e) {
- clientDao.registerClient(publicClientId, null,
+ clientDao.registerClient(false, publicClientId, null,
"public client plugin with redirect uri",
OAuth2ClientType.PUBLIC, "https://third.party.client.com",
"https://third.party.client.com/redirect", "system",
@@ -119,7 +119,7 @@
clientDao.retrieveClientById(publicClientId2);
}
catch (KustvaktException e) {
- clientDao.registerClient(publicClientId2, null,
+ clientDao.registerClient(false, publicClientId2, null,
"test public client", OAuth2ClientType.PUBLIC,
"http://korap.ids-mannheim.de/public", null, "system",
"Public client without redirect uri", 0, null);
@@ -129,7 +129,7 @@
clientDao.retrieveClientById(confidentialClientId);
}
catch (KustvaktException e) {
- clientDao.registerClient(confidentialClientId,
+ clientDao.registerClient(false, confidentialClientId,
"$2a$08$vi1FbuN3p6GcI1tSxMAoeuIYL8Yw3j6A8wJthaN8ZboVnrQaTwLPq",
"non super confidential client",
OAuth2ClientType.CONFIDENTIAL,
@@ -148,7 +148,10 @@
"confidential client 2", OAuth2ClientType.CONFIDENTIAL,
"http://example.client.de", null, "system",
"Nonsuper confidential client plugin without redirect URI",
- 0, source, true);
+ 0, source);
+ OAuth2Client client = clientDao.retrieveClientById(confidentialClientId2);
+ client.setPermitted(true);
+ clientDao.updateClient(client);
}
}
diff --git a/src/test/resources/test-jdbc.properties b/src/test/resources/test-jdbc.properties
index 5e84ae0..4489537 100644
--- a/src/test/resources/test-jdbc.properties
+++ b/src/test/resources/test-jdbc.properties
@@ -5,7 +5,7 @@
jdbc.driverClassName=org.sqlite.JDBC
#jdbc.url=jdbc:sqlite::memory:
jdbc.url=jdbc:sqlite:file::memory:?cache=shared
-#jdbc.url=jdbc:sqlite:testDB.sqlite
+#jdbc.url=jdbc:sqlite:data/testDB.sqlite
jdbc.username=pc
jdbc.password=pc
jdbc.schemaPath=classpath:db/sqlite,db/predefined
\ No newline at end of file