OAuthManagementController.java

/*
 * Copyright 2022 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.genesys.server.api.admin.v1;

import java.util.List;

import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientService;
import org.genesys.server.api.ApiBaseController;
import org.genesys.server.exception.NotFoundElement;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

/**
 * Allow administrators to manage OAuth clients and keys.
 */
@RestController("OAuthManagementV1")
@RequestMapping(OAuthManagementController.CONTROLLER_URL)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public class OAuthManagementController extends ApiBaseController {

	/** The Constant CONTROLLER_URL. */
	public static final String CONTROLLER_URL = ApiBaseController.APIv1_BASE + "/admin/oauth-clients";

	@Autowired
	private OAuthClientService clientDetailsService;

	@GetMapping(value = "", produces = { MediaType.APPLICATION_JSON_VALUE })
	public List<OAuthClient> listClients() {
		return clientDetailsService.listClientDetails();
	}

	@GetMapping("/client/{id}")
	public OAuthClient getClient(@PathVariable("id") String clientId) {
		return clientDetailsService.getClient(clientId);
	}

	@PostMapping(value = "/client", produces = { MediaType.APPLICATION_JSON_VALUE })
	public OAuthClient createClientEntry(@RequestBody OAuthClient client) {
		OAuthClient oauthClient = clientDetailsService.addClient(client);
		LOG.info("Created OAuth client with clientId={}", oauthClient.getClientId());
		return oauthClient;
	}

	@PostMapping(value = "/client/{id}/secret")
	public String generateSecret(@PathVariable("id") String clientId) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		return clientDetailsService.resetSecret(oauthClient);
	}

	@DeleteMapping(value = "/client/{id}/secret")
	public void removeSecret(@PathVariable("id") String clientId) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		clientDetailsService.removeSecret(oauthClient);
	}

	@PostMapping(value = "/client/{id}/set-recaptcha-keys")
	public boolean setRecaptchaKeys(@PathVariable("id") String clientId, @RequestParam("privateKey") String privateKey,
			@RequestParam("publicKey") String publicKey) {

		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		if (oauthClient == null) {
			throw new NotFoundElement("No such client");
		}
		oauthClient.setPrivateRecaptchaKey(privateKey);
		oauthClient.setPublicRecaptchaKey(publicKey);
		clientDetailsService.updateClient(oauthClient.getId(), oauthClient.getVersion(), oauthClient);
		return true;
	}

	@PostMapping(value = "/client/{id}/set-client-secret")
	public boolean setClientSecret(@PathVariable("id") String clientId, @RequestBody String secret) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		if (oauthClient == null) {
			throw new NotFoundElement("No such client");
		}
		clientDetailsService.setSecret(oauthClient, secret);
		return true;
	}

	@DeleteMapping(value = "/client/{id}")
	public void deleteClient(@PathVariable("id") String clientId) {
		OAuthClient clientDetails = clientDetailsService.getClient(clientId);
		if (clientDetails == null) {
			throw new NotFoundElement("Not found by clientId = " + clientId);
		}
		LOG.info("Deleting client {}", clientDetails.getClientId());
		clientDetailsService.removeClient(clientDetails);
	}

	@PutMapping(value = "/client/{id}", consumes = { MediaType.APPLICATION_JSON_VALUE }, produces = { MediaType.APPLICATION_JSON_VALUE })
	public OAuthClient updateExistingClient(@PathVariable("id") long id, @RequestBody OAuthClient updates, @RequestParam("version") int version) {

		OAuthClient loaded = clientDetailsService.getClient(updates.getClientId());
		if (loaded == null) {
			throw new NotFoundElement("Not found by clientId = " + updates.getClientId());
		}
		// save old recaptcha keys
		updates.setPrivateRecaptchaKey(loaded.getPrivateRecaptchaKey());
		updates.setPublicRecaptchaKey(loaded.getPublicRecaptchaKey());

		return clientDetailsService.updateClient(id, version, updates);
	}

}
Created with JaCoCo 0.8.11.202310140853