Examples with ClientRegistration com.gw2auth.oauth2.server.service.client.registration.ClientRegistration used on opensource projects

Example 1 with ClientRegistration

use of com.gw2auth.oauth2.server.service.client.registration.ClientRegistration in project oauth2-server by gw2auth.

the class ClientRegistrationServiceImpl method addRedirectUri.

@Override
public ClientRegistration addRedirectUri(long accountId, UUID clientId, String redirectUri) {
    if (!this.redirectUriValidator.validate(redirectUri)) {
        throw new ClientRegistrationServiceException(ClientRegistrationServiceException.INVALID_REDIRECT_URI, HttpStatus.BAD_REQUEST);
    }
    ClientRegistrationEntity clientRegistrationEntity = this.clientRegistrationRepository.findByAccountIdIdAndClientId(accountId, clientId).orElseThrow(() -> new ClientRegistrationServiceException(ClientRegistrationServiceException.NOT_FOUND, HttpStatus.NOT_FOUND));
    clientRegistrationEntity.redirectUris().add(redirectUri);
    clientRegistrationEntity = this.clientRegistrationRepository.save(clientRegistrationEntity);
    return ClientRegistration.fromEntity(clientRegistrationEntity);
}

Example 2 with ClientRegistration

use of com.gw2auth.oauth2.server.service.client.registration.ClientRegistration in project oauth2-server by gw2auth.

the class ClientRegistrationServiceImpl method removeRedirectUri.

@Override
public ClientRegistration removeRedirectUri(long accountId, UUID clientId, String redirectUri) {
    ClientRegistrationEntity clientRegistrationEntity = this.clientRegistrationRepository.findByAccountIdIdAndClientId(accountId, clientId).orElseThrow(() -> new ClientRegistrationServiceException(ClientRegistrationServiceException.NOT_FOUND, HttpStatus.NOT_FOUND));
    clientRegistrationEntity.redirectUris().remove(redirectUri);
    if (clientRegistrationEntity.redirectUris().isEmpty()) {
        throw new ClientRegistrationServiceException(ClientRegistrationServiceException.NOT_ENOUGH_REDIRECT_URIS, HttpStatus.BAD_REQUEST);
    }
    clientRegistrationEntity = this.clientRegistrationRepository.save(clientRegistrationEntity);
    return ClientRegistration.fromEntity(clientRegistrationEntity);
}

Example 3 with ClientRegistration

use of com.gw2auth.oauth2.server.service.client.registration.ClientRegistration in project oauth2-server by gw2auth.

the class ClientConsentController method getClientConsents.

@GetMapping(value = "/api/client/consent", produces = MediaType.APPLICATION_JSON_VALUE)
public List<ClientConsentResponse> getClientConsents(@AuthenticationPrincipal Gw2AuthUser user) {
    final List<ClientConsent> clientConsents = this.clientConsentService.getClientConsents(user.getAccountId());
    // get all client registration ids for batch lookup
    final Set<Long> clientRegistrationIds = clientConsents.stream().map(ClientConsent::clientRegistrationId).collect(Collectors.toSet());
    final Map<Long, ClientRegistration> clientRegistrationById = this.clientRegistrationService.getClientRegistrations(clientRegistrationIds).stream().collect(Collectors.toMap(ClientRegistration::id, Function.identity()));
    final List<ClientConsentResponse> result = new ArrayList<>(clientConsents.size());
    for (ClientConsent clientConsent : clientConsents) {
        final ClientRegistration clientRegistration = clientRegistrationById.get(clientConsent.clientRegistrationId());
        // only happens if theres a race, but dont want to add locks here
        if (clientRegistration != null) {
            result.add(ClientConsentResponse.create(clientConsent, clientRegistration));
        }
    }
    return result;
}

Example 4 with ClientRegistration

use of com.gw2auth.oauth2.server.service.client.registration.ClientRegistration in project oauth2-server by gw2auth.

the class ClientConsentControllerTest method getClientConsents.

@WithGw2AuthLogin
public void getClientConsents(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final ClientRegistrationEntity clientRegistrationA = this.testHelper.createClientRegistration(accountId, "Name");
    final ClientRegistrationEntity clientRegistrationC = this.testHelper.createClientRegistration(accountId, "Name");
    final ClientConsentEntity clientConsentA = this.testHelper.createClientConsent(accountId, clientRegistrationA.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2(), ClientConsentService.GW2AUTH_VERIFIED_SCOPE));
    final ClientConsentEntity clientConsentB = this.testHelper.createClientConsent(accountId, clientRegistrationC.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2(), Gw2ApiPermission.GUILDS.oauth2()));
    final String jsonResponse = this.mockMvc.perform(get("/api/client/consent").session(session)).andExpect(status().isOk()).andExpect(jsonPath("$.length()").value(2)).andReturn().getResponse().getContentAsString();
    final ObjectMapper mapper = new ObjectMapper();
    final JsonNode node = mapper.readTree(jsonResponse);
    assertTrue(node.isArray());
    boolean foundAuthorizationA = false;
    boolean foundAuthorizationC = false;
    for (int i = 0; i < node.size(); i++) {
        final JsonNode element = node.get(i);
        final JsonNode clientRegistrationNode = element.get("clientRegistration");
        final ClientRegistrationEntity clientRegistration;
        final ClientConsentEntity clientConsent;
        if (clientRegistrationNode.get("clientId").textValue().equals(clientRegistrationA.clientId().toString())) {
            if (foundAuthorizationA) {
                fail("authorization A appeared at least twice in the response");
                return;
            } else {
                foundAuthorizationA = true;
                clientRegistration = clientRegistrationA;
                clientConsent = clientConsentA;
            }
        } else if (clientRegistrationNode.get("clientId").textValue().equals(clientRegistrationC.clientId().toString())) {
            if (foundAuthorizationC) {
                fail("authorization C appeared at least twice in the response");
                return;
            } else {
                foundAuthorizationC = true;
                clientRegistration = clientRegistrationC;
                clientConsent = clientConsentB;
            }
        } else {
            fail("unknown authorization appeared in response");
            return;
        }
        // registration
        assertInstantEquals(clientRegistration.creationTime(), clientRegistrationNode.get("creationTime").textValue());
        assertEquals(clientRegistration.displayName(), clientRegistrationNode.get("displayName").textValue());
        // accountsub
        assertEquals(clientConsent.accountSub().toString(), element.get("accountSub").textValue());
        // authorized scopes
        final Set<String> expectedScopes = new HashSet<>(clientConsent.authorizedScopes());
        final JsonNode authorizedGw2ApiPermissionsNode = element.get("authorizedGw2ApiPermissions");
        assertTrue(authorizedGw2ApiPermissionsNode.isArray());
        for (int j = 0; j < authorizedGw2ApiPermissionsNode.size(); j++) {
            final Gw2ApiPermission gw2ApiPermission = Gw2ApiPermission.fromGw2(authorizedGw2ApiPermissionsNode.get(j).textValue()).orElseThrow();
            if (!expectedScopes.remove(gw2ApiPermission.oauth2())) {
                fail("got unexpected scope in authorization");
            }
        }
        if (element.get("authorizedVerifiedInformation").booleanValue()) {
            if (!expectedScopes.remove(ClientConsentService.GW2AUTH_VERIFIED_SCOPE)) {
                fail("got unexpected scope in authorization");
            }
        }
        assertTrue(expectedScopes.isEmpty());
    }
    assertTrue(foundAuthorizationA);
    assertTrue(foundAuthorizationC);
}

Example 5 with ClientRegistration

use of com.gw2auth.oauth2.server.service.client.registration.ClientRegistration in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method deleteApiToken.

@WithGw2AuthLogin
public void deleteApiToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final UUID gw2AccountId = UUID.randomUUID();
    this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.GUILDS), "TokenA");
    // verified
    this.testHelper.createAccountVerification(accountId, gw2AccountId);
    // register a client
    final ClientRegistrationEntity clientRegistration = this.testHelper.createClientRegistration(accountId, "ClientA");
    // authorize the client
    final ClientConsentEntity clientConsent = this.testHelper.createClientConsent(accountId, clientRegistration.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final String authorizationId = this.testHelper.createClientAuthorization(accountId, clientConsent.clientRegistrationId(), clientConsent.authorizedScopes()).id();
    // use this token to the authorization
    this.testHelper.createClientAuthorizationToken(accountId, authorizationId, gw2AccountId);
    this.mockMvc.perform(delete("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf())).andExpect(status().isOk());
    // the token should be deleted
    assertTrue(this.apiTokenRepository.findAllByAccountIdAndGw2AccountIds(accountId, Set.of(gw2AccountId)).isEmpty());
    // the verification should still be there
    assertTrue(this.gw2AccountVerificationRepository.findById(gw2AccountId).isPresent());
    // the token should no longer be in the authorization
    assertTrue(this.clientAuthorizationTokenRepository.findAllByAccountIdAndClientAuthorizationId(accountId, authorizationId).isEmpty());
    // the authorization should still be there
    assertTrue(this.clientConsentRepository.findByAccountIdAndClientRegistrationId(accountId, clientConsent.clientRegistrationId()).isPresent());
}