use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testClientsAdminPermissions.
@Test
void testClientsAdminPermissions() throws Exception {
ClientDetails adminsClient = createClientAdminsClient(adminToken);
// create clients
ClientDetailsModification[] clients = createBaseClients(3, SECRET, Arrays.asList("client_credentials", "refresh_token"));
for (ClientDetailsModification c : clients) {
c.setScope(Collections.singletonList("oauth.approvals"));
c.setAction(ClientDetailsModification.ADD);
}
String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.admin");
MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
ResultActions result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isOk());
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testCreateAsAdminPermissions.
@Test
void testCreateAsAdminPermissions() throws Exception {
ClientDetails adminsClient = createClientAdminsClient(adminToken);
// create clients
ClientDetailsModification[] clients = createBaseClients(1, SECRET, Arrays.asList("client_credentials", "refresh_token"));
for (ClientDetailsModification c : clients) {
c.setScope(Collections.singletonList("oauth.approvals"));
c.setAction(ClientDetailsModification.ADD);
}
String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.admin");
MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients[0]));
ResultActions result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isCreated());
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpoints method changeSecretTx.
@RequestMapping(value = "/oauth/clients/tx/secret", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK)
@Transactional
@ResponseBody
public ClientDetailsModification[] changeSecretTx(@RequestBody SecretChangeRequest[] change) {
ClientDetailsModification[] clientDetails = new ClientDetailsModification[change.length];
String clientId = null;
try {
for (int i = 0; i < change.length; i++) {
clientId = change[i].getClientId();
clientDetails[i] = new ClientDetailsModification(clientDetailsService.retrieve(clientId, IdentityZoneHolder.get().getId()));
boolean oldPasswordOk = authenticateClient(clientId, change[i].getOldSecret());
clientDetailsValidator.getClientSecretValidator().validate(change[i].getSecret());
clientRegistrationService.updateClientSecret(clientId, change[i].getSecret(), IdentityZoneHolder.get().getId());
if (!oldPasswordOk) {
deleteApprovals(clientId);
clientDetails[i].setApprovalsDeleted(true);
}
clientDetails[i] = removeSecret(clientDetails[i]);
}
} catch (InvalidClientException e) {
throw new NoSuchClientException("No such client: " + clientId);
}
clientSecretChanges.getAndAdd(change.length);
return clientDetails;
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpoints method modifyClientDetailsTx.
@RequestMapping(value = "/oauth/clients/tx/modify", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK)
@Transactional
@ResponseBody
public ClientDetailsModification[] modifyClientDetailsTx(@RequestBody ClientDetailsModification[] details) {
ClientDetailsModification[] result = new ClientDetailsModification[details.length];
for (int i = 0; i < result.length; i++) {
if (ClientDetailsModification.ADD.equals(details[i].getAction())) {
ClientDetails client = clientDetailsValidator.validate(details[i], Mode.CREATE);
clientRegistrationService.addClientDetails(client, IdentityZoneHolder.get().getId());
clientUpdates.incrementAndGet();
result[i] = new ClientDetailsModification(clientDetailsService.retrieve(details[i].getClientId(), IdentityZoneHolder.get().getId()));
} else if (ClientDetailsModification.DELETE.equals(details[i].getAction())) {
result[i] = new ClientDetailsModification(clientDetailsService.retrieve(details[i].getClientId(), IdentityZoneHolder.get().getId()));
doProcessDeletes(new ClientDetails[] { result[i] });
result[i].setApprovalsDeleted(true);
} else if (ClientDetailsModification.UPDATE.equals(details[i].getAction())) {
result[i] = updateClientNotSecret(details[i]);
} else if (ClientDetailsModification.UPDATE_SECRET.equals(details[i].getAction())) {
boolean approvalsDeleted = updateClientSecret(details[i]);
result[i] = updateClientNotSecret(details[i]);
result[i].setApprovalsDeleted(approvalsDeleted);
} else if (ClientDetailsModification.SECRET.equals(details[i].getAction())) {
boolean approvalsDeleted = updateClientSecret(details[i]);
result[i] = details[i];
result[i].setApprovalsDeleted(approvalsDeleted);
} else {
throw new InvalidClientDetailsException("Invalid action.");
}
result[i].setAction(details[i].getAction());
result[i].setClientSecret(null);
}
return result;
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpoints method removeSecret.
private ClientDetailsModification removeSecret(ClientDetails client) {
if (client == null) {
return null;
}
ClientDetailsModification details = new ClientDetailsModification(client);
details.setClientSecret(null);
return details;
}
Aggregations