OAuthManagementController.java

/*
 * Copyright 2019 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.genesys.server.api.v1;

import java.io.IOException;

import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientService;
import org.genesys.server.api.ApiBaseController;
import org.genesys.server.api.FilteredPage;
import org.genesys.server.api.Pagination;
import org.genesys.server.exception.NotFoundElement;
import org.genesys.server.service.ShortFilterService;
import org.genesys.server.service.filter.OAuthClientFilter;
import org.genesys.server.service.worker.ShortFilterProcessor;
import org.springdoc.api.annotations.ParameterObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import io.swagger.annotations.Api;

/**
 * Allow administrators to manage OAuth clients and keys.
 */
@RestController("oauthManagementApi1")
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping(OAuthManagementController.CONTROLLER_PATH)
@Api(tags = { "oauthManagement" })
public class OAuthManagementController extends ApiBaseController {
	public final static String CONTROLLER_PATH = ApiBaseController.APIv1_BASE + "/admin/oauth-clients";

	/**
	 * The short filter service.
	 */
	@Autowired
	protected ShortFilterProcessor shortFilterProcessor;

	@Autowired
	private OAuthClientService clientDetailsService;

	@PostMapping("/")
	public FilteredPage<OAuthClient, OAuthClientFilter> listClients(@RequestParam(name = "f", required = false) String filterCode, @ParameterObject final Pagination page,
			@RequestBody(required = false) OAuthClientFilter filter) throws IOException {

		if (filterCode != null) {
			filter = shortFilterProcessor.filterByCode(filterCode, OAuthClientFilter.class);
		} else if (filter == null){
			filter = new OAuthClientFilter();
		}
		
		ShortFilterService.FilterInfo<OAuthClientFilter> filterInfo = shortFilterProcessor.processFilter(filterCode, filter, OAuthClientFilter.class);
		return new FilteredPage<>(filterInfo.filterCode, filterInfo.filter, clientDetailsService.listClientDetails(filterInfo.filter.buildPredicate(), page.toPageRequest(MAX_PAGE_SIZE, DEFAULT_PAGE_SIZE, Sort.Direction.ASC, "clientId")));
	}

	@PostMapping(value = "/save-client")
	public @ResponseBody OAuthClient createClientEntry(@RequestBody OAuthClient client) {
		OAuthClient oauthClient = clientDetailsService.addClient(client);
		LOG.info("Created OAuth client with clientId={}", oauthClient.getClientId());

		return oauthClient;
	}

	@PostMapping(value = "/{clientId}/generate-secret")
	public String generateSecret(@PathVariable("clientId") String clientId) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		return clientDetailsService.resetSecret(oauthClient);
	}

	@PostMapping(value = "/{clientId}/set-secret")
	public ResponseEntity<HttpStatus> setSecret(@PathVariable("clientId") String clientId, @RequestBody(required = true) String secret) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		clientDetailsService.setSecret(oauthClient, secret);
		return ResponseEntity.ok().build();
	}

	@PostMapping(value = "/{clientId}/set-recaptcha-keys")
	public OAuthClient setRecaptchaKeys(@PathVariable("clientId") String clientId, @RequestParam("privateKey") String privateKey,
			@RequestParam("publicKey") String publicKey) {

		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		if (oauthClient == null) {
			throw new NotFoundElement("No such client");
		}
		oauthClient.setPrivateRecaptchaKey(privateKey);
		oauthClient.setPublicRecaptchaKey(publicKey);
		return clientDetailsService.updateClient(oauthClient.getId(), oauthClient.getVersion(), oauthClient);
	}

	@PostMapping(value = "/{clientId}/remove-secret")
	public OAuthClient removeSecret(@PathVariable("clientId") String clientId) {
		OAuthClient oauthClient = clientDetailsService.getClient(clientId);
		clientDetailsService.removeSecret(oauthClient);
		return clientDetailsInfo(clientId);
	}

	@DeleteMapping(value = "/{clientId}")
	public OAuthClient deleteClient(@PathVariable("clientId") String clientId) {
		OAuthClient clientDetails = clientDetailsService.getClient(clientId);
		LOG.info("Deleting client {}", clientDetails.getClientId());
		return clientDetailsService.removeClient(clientDetails);
	}

	@PostMapping(value = "/save-client", consumes = { MediaType.APPLICATION_JSON_VALUE }, produces = { MediaType.APPLICATION_JSON_VALUE })
	public @ResponseBody OAuthClient saveOAuthClient(@RequestBody OAuthClient updates) {
		if (updates.getClientId() == null) {
			return clientDetailsService.addClient(updates);
		}

		OAuthClient oauthClient = clientDetailsService.getClient(updates.getClientId());
		if (oauthClient == null) {
			throw new NotFoundElement("No such client");
		}
		// save old recaptcha keys
		updates.setPrivateRecaptchaKey(oauthClient.getPrivateRecaptchaKey());
		updates.setPublicRecaptchaKey(oauthClient.getPublicRecaptchaKey());

		return clientDetailsService.updateClient(updates.getId(), updates.getVersion(), updates);
	}

	@GetMapping(value = "/{clientId}/details")
	public OAuthClient clientDetailsInfo(@PathVariable("clientId") String clientId) {
		return clientDetailsService.getClient(clientId);
	}
}