OAuthManagementController.java
/*
* Copyright 2019 Global Crop Diversity Trust
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.genesys.server.mvc.admin;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.model.OAuthRole;
import org.genesys.blocks.oauth.service.OAuthClientService;
import org.genesys.server.exception.NotFoundElement;
import org.genesys.server.mvc.BaseController;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
/**
* Allow administrators to manage OAuth clients and keys.
*/
@Controller
@RequestMapping(OAuthManagementController.CONTROLLER_PATH)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public class OAuthManagementController extends BaseController {
final static String CONTROLLER_PATH = "/admin/oauth-clients";
final static String VIEW_PATH = "/admin/oauth";
@Autowired
private OAuthClientService clientDetailsService;
@RequestMapping("/")
public String listClients(Model model) {
model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
return VIEW_PATH + "/clientslist";
}
@RequestMapping("/add-client")
public String addClientEntry() {
return VIEW_PATH + "/edit";
}
@RequestMapping("/{id}/edit")
public String editClient(Model model, @PathVariable("id") String clientId) {
final OAuthClient client = clientDetailsService.getClient(clientId);
model.addAttribute("clientDetails", client);
model.addAttribute("ROLE_CLIENT", OAuthRole.CLIENT);
model.addAttribute("ROLE_TRUSTED_CLIENT", OAuthRole.TRUSTED_CLIENT);
model.addAttribute("ROLE_EVERYONE", OAuthRole.EVERYONE);
return VIEW_PATH + "/edit";
}
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = "action-save")
public @ResponseBody OAuthClient createClientEntry(Model model, @RequestBody OAuthClient client) {
OAuthClient oauthClient = clientDetailsService.addClient(client);
LOG.info("Created OAuth client with clientId={}", oauthClient.getClientId());
return oauthClient;
}
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = "action-secret")
public String generateSecret(Model model, @RequestParam("id") String clientId) {
OAuthClient oauthClient = clientDetailsService.getClient(clientId);
String clientSecret = clientDetailsService.resetSecret(oauthClient);
model.addAttribute("clientSecret", clientSecret);
return clientDetailsInfo(model, clientId);
}
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = "action-nosecret")
public String removeSecret(Model model, @RequestParam("id") String clientId) {
OAuthClient oauthClient = clientDetailsService.getClient(clientId);
clientDetailsService.removeSecret(oauthClient);
return clientDetailsInfo(model, clientId);
}
@PostMapping(value = "/{clientId}/set-recaptcha-keys")
public @ResponseBody boolean setRecaptchaKeys(@PathVariable("clientId") String clientId, @RequestParam("privateKey") String privateKey,
@RequestParam("publicKey") String publicKey) {
OAuthClient oauthClient = clientDetailsService.getClient(clientId);
if (oauthClient == null) {
throw new NotFoundElement("No such client");
}
oauthClient.setPrivateRecaptchaKey(privateKey);
oauthClient.setPublicRecaptchaKey(publicKey);
clientDetailsService.updateClient(oauthClient.getId(), oauthClient.getVersion(), oauthClient);
return true;
}
@PostMapping(value = "/{clientId}/set-client-secret")
public @ResponseBody boolean setClientSecret(@PathVariable("clientId") String clientId, @RequestBody String secret) {
OAuthClient oauthClient = clientDetailsService.getClient(clientId);
if (oauthClient == null) {
throw new NotFoundElement("No such client");
}
clientDetailsService.setSecret(oauthClient, secret);
return true;
}
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = "action-delete")
public String deleteClient(Model model, @RequestParam("clientId") String clientId) {
OAuthClient clientDetails = clientDetailsService.getClient(clientId);
if (clientDetails == null) {
throw new NotFoundElement("Not found by clientId = " + clientId);
}
LOG.info("Deleting client {}", clientDetails.getClientId());
clientDetailsService.removeClient(clientDetails);
return "redirect:" + CONTROLLER_PATH + "/";
}
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = { "id", "version", "action-save" }, consumes = { MediaType.APPLICATION_JSON_VALUE }, produces = {
MediaType.APPLICATION_JSON_VALUE })
public @ResponseBody OAuthClient saveExistingClient(Model model, @RequestBody OAuthClient updates, @RequestParam("id") long id,
@RequestParam("version") int version) {
OAuthClient loaded = clientDetailsService.getClient(updates.getClientId());
if (loaded == null) {
throw new NotFoundElement("Not found by clientId = " + updates.getClientId());
}
// save old recaptcha keys
updates.setPrivateRecaptchaKey(loaded.getPrivateRecaptchaKey());
updates.setPublicRecaptchaKey(loaded.getPublicRecaptchaKey());
return clientDetailsService.updateClient(id, version, updates);
}
@RequestMapping(value = "/{clientId}", method = RequestMethod.GET)
public String clientDetailsInfo(Model model, @PathVariable("clientId") String clientId) {
final OAuthClient clientDetails = clientDetailsService.getClient(clientId);
clientDetails.setPrivateRecaptchaKey(null);
model.addAttribute("clientDetails", clientDetails);
return VIEW_PATH + "/detailsinfo";
}
}