|
27 | 27 | import org.orcid.core.manager.ProfileEntityCacheManager; |
28 | 28 | import org.orcid.core.manager.TwoFactorAuthenticationManager; |
29 | 29 | import org.orcid.core.manager.v3.*; |
| 30 | +import org.orcid.core.manager.v3.read_only.ClientManagerReadOnly; |
30 | 31 | import org.orcid.core.manager.v3.read_only.RecordNameManagerReadOnly; |
31 | | -import org.orcid.core.utils.PasswordResetToken; |
32 | 32 | import org.orcid.core.utils.VerifyEmailUtils; |
33 | 33 | import org.orcid.frontend.email.RecordEmailSender; |
34 | 34 | import org.orcid.frontend.web.util.PasswordConstants; |
|
56 | 56 | import org.slf4j.Logger; |
57 | 57 | import org.slf4j.LoggerFactory; |
58 | 58 | import org.springframework.beans.factory.annotation.Value; |
| 59 | +import org.springframework.http.HttpStatus; |
| 60 | +import org.springframework.http.ResponseEntity; |
59 | 61 | import org.springframework.stereotype.Controller; |
60 | 62 | import org.springframework.web.bind.annotation.ModelAttribute; |
61 | 63 | import org.springframework.web.bind.annotation.RequestBody; |
62 | 64 | import org.springframework.web.bind.annotation.RequestMapping; |
63 | 65 | import org.springframework.web.bind.annotation.RequestMethod; |
64 | 66 | import org.springframework.web.bind.annotation.ResponseBody; |
| 67 | +import org.springframework.web.bind.annotation.PostMapping; |
65 | 68 | import org.springframework.web.servlet.ModelAndView; |
66 | 69 |
|
67 | 70 | /** |
@@ -107,6 +110,9 @@ public class AdminController extends BaseController { |
107 | 110 | @Resource(name = "clientManagerV3") |
108 | 111 | private ClientManager clientManager; |
109 | 112 |
|
| 113 | + @Resource(name = "clientManagerReadOnlyV3") |
| 114 | + private ClientManagerReadOnly clientManagerReadOnly; |
| 115 | + |
110 | 116 | @Resource(name = "profileDaoReadOnly") |
111 | 117 | private ProfileDao profileDaoReadOnly; |
112 | 118 |
|
@@ -686,7 +692,7 @@ public Map<String, String> findIdByEmailHelper(String csvEmails) { |
686 | 692 |
|
687 | 693 | /** |
688 | 694 | * Reset password validate |
689 | | - * |
| 695 | + * |
690 | 696 | * @throws IllegalAccessException |
691 | 697 | * @throws UnsupportedEncodingException |
692 | 698 | */ |
@@ -1262,45 +1268,92 @@ private String getOrcidFromParam(String orcidOrEmail) { |
1262 | 1268 | } |
1263 | 1269 |
|
1264 | 1270 | @RequestMapping(value = "/add-client.json", method = RequestMethod.POST) |
1265 | | - @Produces(value = { MediaType.APPLICATION_JSON }) |
1266 | | - public @ResponseBody Client createClient(HttpServletRequest serverRequest, HttpServletResponse response, @RequestBody Client client) throws IllegalAccessException { |
| 1271 | + @Produces(value = {MediaType.APPLICATION_JSON}) |
| 1272 | + @ResponseBody |
| 1273 | + public Client createClient(HttpServletRequest serverRequest, HttpServletResponse response, @RequestBody Client client) throws IllegalAccessException { |
1267 | 1274 | isAdmin(serverRequest, response); |
1268 | | - if(client == null) { |
| 1275 | + |
| 1276 | + List<String> errors = new ArrayList<>(); |
| 1277 | + |
| 1278 | + if (client == null) { |
1269 | 1279 | client = new Client(); |
1270 | | - client.getErrors().add("Client object cannot be null"); |
1271 | | - } else if(client.getMemberId() == null || PojoUtil.isEmpty(client.getMemberId())) { |
1272 | | - client.getErrors().add("Member ID is requiered"); |
| 1280 | + errors.add("Client object cannot be null"); |
| 1281 | + } else if (client.getMemberId() == null || PojoUtil.isEmpty(client.getMemberId())) { |
| 1282 | + errors.add("Member ID is required"); |
1273 | 1283 | } else if (profileDaoReadOnly.getGroupType(client.getMemberId().getValue()) == null) { |
1274 | | - client.getErrors().add("Member with ID " + client.getMemberId().getValue() + " does not exists"); |
1275 | | - } else if(client.getDisplayName() == null || PojoUtil.isEmpty(client.getDisplayName())) { |
1276 | | - client.getErrors().add("Display name is requiered"); |
1277 | | - } else if(client.getShortDescription() == null || PojoUtil.isEmpty(client.getShortDescription())) { |
1278 | | - client.getErrors().add("Description is requiered"); |
1279 | | - } else if(client.getWebsite() == null || PojoUtil.isEmpty(client.getWebsite())) { |
1280 | | - client.getErrors().add("Website is requiered"); |
1281 | | - } else if(client.getRedirectUris() == null || client.getRedirectUris().isEmpty()) { |
1282 | | - client.getErrors().add("Redirect URIs are requiered"); |
| 1284 | + errors.add("Member with ID " + client.getMemberId().getValue() + " does not exists"); |
| 1285 | + } else if (client.getDisplayName() == null || PojoUtil.isEmpty(client.getDisplayName())) { |
| 1286 | + errors.add("Display name is required"); |
| 1287 | + } else if (client.getShortDescription() == null || PojoUtil.isEmpty(client.getShortDescription())) { |
| 1288 | + errors.add("Description is required"); |
| 1289 | + } else if (client.getWebsite() == null || PojoUtil.isEmpty(client.getWebsite())) { |
| 1290 | + errors.add("Website is required"); |
| 1291 | + } else if (client.getRedirectUris() == null || client.getRedirectUris().isEmpty()) { |
| 1292 | + errors.add("Redirect URIs are required"); |
1283 | 1293 | } else { |
1284 | 1294 | // Validate the redirect uris are valid |
1285 | | - for(RedirectUri r : client.getRedirectUris()) { |
1286 | | - if(r.getType() == null || PojoUtil.isEmpty(r.getType())) { |
1287 | | - client.getErrors().add("Redirect uri type missing on redirect uri " + r.getValue().getValue()); |
| 1295 | + for (RedirectUri r : client.getRedirectUris()) { |
| 1296 | + if (r.getType() == null || PojoUtil.isEmpty(r.getType())) { |
| 1297 | + errors.add("Redirect uri type missing on redirect uri " + r.getValue().getValue()); |
1288 | 1298 | } |
1289 | 1299 | } |
1290 | | - if(client.getErrors().isEmpty()) { |
| 1300 | + |
| 1301 | + if (errors.isEmpty()) { |
1291 | 1302 | org.orcid.jaxb.model.v3.release.client.Client newClient = client.toModelObject(); |
1292 | 1303 | try { |
1293 | | - newClient = clientManager.create(newClient); |
| 1304 | + newClient = clientManager.createWithConfigValues(newClient); |
1294 | 1305 | } catch (Exception e) { |
1295 | 1306 | LOGGER.error(e.getMessage()); |
1296 | | - String errorDesciption = getMessage("manage.developer_tools.group.cannot_create_client") + " " + e.getMessage(); |
| 1307 | + String errorDescription = getMessage("manage.developer_tools.group.cannot_create_client") + " " + e.getMessage(); |
1297 | 1308 | client.setErrors(new ArrayList<String>()); |
1298 | | - client.getErrors().add(errorDesciption); |
| 1309 | + client.getErrors().add(errorDescription); |
1299 | 1310 | return client; |
1300 | 1311 | } |
1301 | 1312 | client = Client.fromModelObject(newClient); |
1302 | 1313 | } |
1303 | 1314 | } |
| 1315 | + |
| 1316 | + if (!errors.isEmpty()) { |
| 1317 | + client.setErrors(errors); |
| 1318 | + return client; |
| 1319 | + } |
| 1320 | + |
| 1321 | + |
1304 | 1322 | return client; |
1305 | 1323 | } |
| 1324 | + |
| 1325 | + |
| 1326 | + @PostMapping(value = "/reset-client-secret.json", produces = MediaType.APPLICATION_JSON) |
| 1327 | + public ResponseEntity<Map<String, String>> resetClientSecret(HttpServletRequest serverRequest, HttpServletResponse response, @RequestBody Client client) throws IllegalAccessException { |
| 1328 | + isAdmin(serverRequest, response); |
| 1329 | + |
| 1330 | + if (client == null || PojoUtil.isEmpty(client.getClientId())) { |
| 1331 | + return ResponseEntity |
| 1332 | + .badRequest() |
| 1333 | + .body(Map.of("error", "Client ID is required")); |
| 1334 | + } |
| 1335 | + |
| 1336 | + String clientId = client.getClientId().getValue(); |
| 1337 | + |
| 1338 | + org.orcid.jaxb.model.v3.release.client.Client existingClient = clientManagerReadOnly.get(clientId); |
| 1339 | + if (existingClient == null) { |
| 1340 | + return ResponseEntity |
| 1341 | + .status(HttpStatus.NOT_FOUND) |
| 1342 | + .body(Map.of("error", "Client “" + clientId + "” not found")); |
| 1343 | + } |
| 1344 | + |
| 1345 | + try { |
| 1346 | + String newSecret = clientManager.resetAndGetClientSecret(clientId); |
| 1347 | + return ResponseEntity |
| 1348 | + .ok(Map.of( |
| 1349 | + "clientId", clientId, |
| 1350 | + "newSecret", newSecret |
| 1351 | + )); |
| 1352 | + } catch (Exception e) { |
| 1353 | + LOGGER.error("Error resetting secret for client {}", clientId, e); |
| 1354 | + return ResponseEntity |
| 1355 | + .status(HttpStatus.INTERNAL_SERVER_ERROR) |
| 1356 | + .body(Map.of("error", "Failed to reset client secret")); |
| 1357 | + } |
| 1358 | + } |
1306 | 1359 | } |
0 commit comments