From ab35186696eb266102b2e511bd57e1332eb1ccca Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Thu, 31 Jan 2013 11:57:46 -0500
Subject: [PATCH] added scope service, repository, and API

---
 .../repository/SystemScopeRepository.java     |  26 ++++
 .../oauth2/service/SystemScopeService.java    |  30 ++++
 .../impl/JpaSystemScopeRepository.java        |  85 ++++++++++++
 .../impl/DefaultSystemScopeService.java       | 107 ++++++++++++++
 .../java/org/mitre/oauth2/web/ScopeAPI.java   | 131 ++++++++++++++++++
 .../RequestObjectAuthorizationEndpoint.java   |   4 +
 6 files changed, 383 insertions(+)
 create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java
 create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
 create mode 100644 openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
 create mode 100644 openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
 create mode 100644 openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java

diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java
new file mode 100644
index 000000000..a7ff78e5f
--- /dev/null
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java
@@ -0,0 +1,26 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.repository;
+
+import java.util.Set;
+
+import org.mitre.oauth2.model.SystemScope;
+
+/**
+ * @author jricher
+ *
+ */
+public interface SystemScopeRepository {
+
+	public Set<SystemScope> getAll();
+	
+	public SystemScope getById(Long id);
+	
+	public SystemScope getByValue(String value);
+	
+	public void remove(SystemScope scope);
+	
+	public SystemScope save(SystemScope scope);
+	
+}
diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
new file mode 100644
index 000000000..143074e7b
--- /dev/null
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
@@ -0,0 +1,30 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.service;
+
+import java.util.Set;
+
+import org.mitre.oauth2.model.SystemScope;
+
+/**
+ * @author jricher
+ *
+ */
+public interface SystemScopeService {
+	
+	public Set<SystemScope> getAll();
+	
+	public Set<SystemScope> getDefaults();
+	
+	public Set<SystemScope> getDynReg();
+
+	public SystemScope getById(Long id);
+	
+	public SystemScope getByValue(String value);
+	
+	public void remove(SystemScope scope);
+	
+	public SystemScope save(SystemScope scope);
+	
+}
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
new file mode 100644
index 000000000..915a598c6
--- /dev/null
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java
@@ -0,0 +1,85 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.repository.impl;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceUnit;
+import javax.persistence.TypedQuery;
+
+import org.mitre.oauth2.model.SystemScope;
+import org.mitre.oauth2.repository.SystemScopeRepository;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import static org.mitre.util.jpa.JpaUtil.getSingleResult;
+import static org.mitre.util.jpa.JpaUtil.saveOrUpdate;
+
+/**
+ * @author jricher
+ *
+ */
+@Repository("jpaSystemScopeRepository")
+public class JpaSystemScopeRepository implements SystemScopeRepository {
+
+	@PersistenceUnit
+	private EntityManager em;
+	
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.SystemScopeRepository#getAll()
+	 */
+	@Override
+	@Transactional
+	public Set<SystemScope> getAll() {
+		TypedQuery<SystemScope> query = em.createNamedQuery("SystemScope.findAll", SystemScope.class);
+		
+		return new HashSet<SystemScope>(query.getResultList());
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.SystemScopeRepository#getById(java.lang.Long)
+	 */
+	@Override
+	@Transactional
+	public SystemScope getById(Long id) {
+		return em.find(SystemScope.class, id);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.SystemScopeRepository#getByValue(java.lang.String)
+	 */
+	@Override
+	@Transactional
+	public SystemScope getByValue(String value) {
+		TypedQuery<SystemScope> query = em.createNamedQuery("SystemScope.getByValue", SystemScope.class);
+		query.setParameter("value", value);
+		return getSingleResult(query.getResultList());
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.SystemScopeRepository#remove(org.mitre.oauth2.model.SystemScope)
+	 */
+	@Override
+	@Transactional
+	public void remove(SystemScope scope) {
+		SystemScope found = getById(scope.getId());
+		
+		if (found != null) {
+			em.remove(found);
+		}
+
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.repository.SystemScopeRepository#save(org.mitre.oauth2.model.SystemScope)
+	 */
+	@Override
+	@Transactional
+	public SystemScope save(SystemScope scope) {
+		return saveOrUpdate(scope.getId(), em, scope);
+	}
+
+}
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
new file mode 100644
index 000000000..20b27f109
--- /dev/null
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
@@ -0,0 +1,107 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.service.impl;
+
+import java.util.Set;
+
+import javax.annotation.Nullable;
+
+import org.mitre.oauth2.model.SystemScope;
+import org.mitre.oauth2.repository.SystemScopeRepository;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.google.common.base.Predicate;
+import com.google.common.collect.Sets;
+
+/**
+ * @author jricher
+ *
+ */
+@Service("defaultSystemScopeService")
+public class DefaultSystemScopeService implements SystemScopeService {
+
+	@Autowired
+	private SystemScopeRepository repository;
+	
+	private Predicate<SystemScope> isDefault = new Predicate<SystemScope>() {
+
+		@Override
+        public boolean apply(@Nullable SystemScope input) {
+			return (input != null && input.isDefaultScope());
+        }
+	};
+	
+	
+	private Predicate<SystemScope> isDynReg = new Predicate<SystemScope>() {
+
+		@Override
+        public boolean apply(@Nullable SystemScope input) {
+			return (input != null && input.isAllowDynReg());
+        }
+	};
+	
+	
+	
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#getAll()
+	 */
+    @Override
+    public Set<SystemScope> getAll() {
+	    return repository.getAll();
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#getDefaults()
+	 */
+    @Override
+    public Set<SystemScope> getDefaults() {
+		return Sets.filter(getAll(), isDefault);
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#getDynReg()
+	 */
+    @Override
+    public Set<SystemScope> getDynReg() {
+	    return Sets.filter(getAll(), isDynReg);
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#getById(java.lang.Long)
+	 */
+    @Override
+    public SystemScope getById(Long id) {
+	    return repository.getById(id);
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#getByValue(java.lang.String)
+	 */
+    @Override
+    public SystemScope getByValue(String value) {
+	    return repository.getByValue(value);
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#remove(org.mitre.oauth2.model.SystemScope)
+	 */
+    @Override
+    public void remove(SystemScope scope) {
+    	repository.remove(scope);
+	    
+    }
+
+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.SystemScopeService#save(org.mitre.oauth2.model.SystemScope)
+	 */
+    @Override
+    public SystemScope save(SystemScope scope) {
+    	return repository.save(scope);
+    }
+
+	
+	
+}
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java
new file mode 100644
index 000000000..41ea7f8ae
--- /dev/null
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java
@@ -0,0 +1,131 @@
+/**
+ * 
+ */
+package org.mitre.oauth2.web;
+
+import java.util.Set;
+
+import org.mitre.oauth2.model.SystemScope;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.gson.Gson;
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/api/scopes")
+public class ScopeAPI {
+
+	
+	@Autowired
+	private SystemScopeService scopeService;
+	
+	private Gson gson = new Gson();
+	
+	@RequestMapping(value = "", method = RequestMethod.GET, produces = "application/json")
+	public String getAll(ModelMap m) {
+		
+		Set<SystemScope> allScopes = scopeService.getAll();
+		
+		m.put("entity", allScopes);
+		
+		return "jsonEntityView";
+	}
+	
+	@RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = "application/json")
+	public String getScope(@PathVariable("id") Long id, ModelMap m) {
+		
+		SystemScope scope = scopeService.getById(id);
+		
+		if (scope != null) {
+		
+			m.put("entity", scope);
+			
+			return "jsonEntityView";
+		} else {
+			m.put("code", HttpStatus.NOT_FOUND);
+			
+			return "httpCodeView";
+		}
+	}
+
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
+	@RequestMapping(value = "/id", method = RequestMethod.PUT, produces = "application/json", consumes = "application/json")
+	public String updateScope(@PathVariable("id") Long id, @RequestBody String json, ModelMap m) {
+		
+		SystemScope existing = scopeService.getById(id);
+		
+		SystemScope scope = gson.fromJson(json, SystemScope.class);
+		
+		if (existing != null && scope != null) {
+		
+			if (existing.getId().equals(scope.getId())) {
+				// sanity check
+				
+				scope = scopeService.save(scope);
+				
+				m.put("entity", scope);
+				
+				return "jsonEntityView";
+			} else {
+				m.put("code", HttpStatus.BAD_REQUEST);
+				
+				return "httpCodeView";
+			}
+			
+		} else {
+			
+			m.put("code", HttpStatus.NOT_FOUND);
+			
+			return "httpCodeView";
+		}
+	}
+	
+	@RequestMapping(value = "", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
+	public String createScope(@RequestBody String json, ModelMap m) {
+		SystemScope scope = gson.fromJson(json, SystemScope.class);
+		
+		scope = scopeService.save(scope);
+		
+		if (scope != null && scope.getId() != null) {
+
+			m.put("entity", scope);
+			
+			return "jsonEntityView";
+		} else {
+			m.put("code", HttpStatus.BAD_REQUEST);
+			
+			return "httpCodeView";
+			
+		}
+	}
+	
+	@RequestMapping(value = "/{id}", method = RequestMethod.DELETE)
+	public String deleteScope(@PathVariable("id") Long id, ModelMap m) {
+		SystemScope existing = scopeService.getById(id);
+		
+		if (existing != null) {
+
+			scopeService.remove(existing);
+			
+			return "httpCodeview";
+		} else {
+			
+			m.put("code", HttpStatus.NOT_FOUND);
+			
+			return "httpCodeView";
+		}
+	}
+	
+}
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
index c3c2da144..8a43a93a9 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
@@ -15,6 +15,10 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.support.SessionStatus;
 import org.springframework.web.servlet.ModelAndView;
 
+// 
+// TODO: make this into a controller again, use the forward: or redirect: mechanism to send to auth endpoint
+//
+
 //@Controller("requestObjectAuthorzationEndpoint")
 public class RequestObjectAuthorizationEndpoint {