Added approvedSite API and support structure

openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java

@@ -40,6 +40,7 @@ import javax.persistence.Transient;
 @NamedQueries({
 	@NamedQuery(name = "ApprovedSite.getAll", query = "select a from ApprovedSite a"),
 	@NamedQuery(name = "ApprovedSite.getByUserId", query = "select a from ApprovedSite a where a.userId = :userId"),
+	@NamedQuery(name = "ApprovedSite.getByClientId", query = "select a from ApprovedSite a where a.clientId = :clientId"),
 	@NamedQuery(name = "ApprovedSite.getByClientIdAndUserId", query = "select a from ApprovedSite a where a.clientId = :clientId and a.userId = :userId")
 })
 public class ApprovedSite {

openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java

@@ -61,14 +61,6 @@ public interface ApprovedSiteRepository {
 	 */
 	public void remove(ApprovedSite approvedSite);
 
-	/**
-	 * Removes an ApprovedSite from the repository
-	 * 
-	 * @param id
-	 *            the id of the ApprovedSite to remove
-	 */
-	public void removeById(Long id);
-
 	/**
 	 * Persists an ApprovedSite
 	 * 
@@ -77,4 +69,18 @@ public interface ApprovedSiteRepository {
 	 * @return the persisted entity
 	 */
 	public ApprovedSite save(ApprovedSite approvedSite);
+	
+	/**
+	 * Get all sites approved by this user
+	 * @param userId
+	 * @return
+	 */
+	public Collection<ApprovedSite> getByUserId(String userId);
+	
+	/**
+	 * Get all sites associated with this client
+	 * @param clientId
+	 * @return
+	 */
+	public Collection<ApprovedSite> getByClientId(String clientId);
 }

openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java

@@ -76,11 +76,16 @@ public interface ApprovedSiteService {
 	public void remove(ApprovedSite approvedSite);
 
 	/**
-	 * Remove the ApprovedSite
+	 * Get all sites approved by this user
-	 * 
+	 * @param userId
-	 * @param id
+	 * @return
-	 *            id for ApprovedSite to remove
 	 */
-	public void removeById(Long id);
+	public Collection<ApprovedSite> getByUserId(String userId);
-
+	
+	/**
+	 * Get all sites associated with this client
+	 * @param clientId
+	 * @return
+	 */
+	public Collection<ApprovedSite> getByClientId(String clientId);
 }

openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java

@@ -58,8 +58,7 @@ public class JpaApprovedSiteRepository implements ApprovedSiteRepository {
 	@Override
 	@Transactional
 	public void remove(ApprovedSite approvedSite) {
-		ApprovedSite found = manager.find(ApprovedSite.class,
+		ApprovedSite found = manager.find(ApprovedSite.class, approvedSite.getId());
-				approvedSite.getId());
 		
 		if (found != null) {
 			manager.remove(found);
@@ -68,14 +67,6 @@ public class JpaApprovedSiteRepository implements ApprovedSiteRepository {
 		}
 	}
 
-	@Override
-	@Transactional
-	public void removeById(Long id) {
-		ApprovedSite found = getById(id);
-
-		manager.remove(found);
-	}
-
 	@Override
 	@Transactional
 	public ApprovedSite save(ApprovedSite approvedSite) {
@@ -91,4 +82,23 @@ public class JpaApprovedSiteRepository implements ApprovedSiteRepository {
 		
 		return JpaUtil.getSingleResult(query.getResultList());
 	}
+	
+    @Override
+    @Transactional
+    public Collection<ApprovedSite> getByUserId(String userId) {
+		TypedQuery<ApprovedSite> query = manager.createNamedQuery("ApprovedSite.getByUserId", ApprovedSite.class);
+		query.setParameter("userId", userId);
+
+		return query.getResultList();
+    	
+    }
+
+    @Override
+    @Transactional
+    public Collection<ApprovedSite> getByClientId(String clientId) {
+		TypedQuery<ApprovedSite> query = manager.createNamedQuery("ApprovedSite.getByClientId", ApprovedSite.class);
+		query.setParameter("clientId", clientId);
+		
+		return query.getResultList();
+    }
 }

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/ApprovedSiteServiceImpl.java

@@ -78,12 +78,6 @@ public class ApprovedSiteServiceImpl implements ApprovedSiteService {
 		approvedSiteRepository.remove(approvedSite);
 	}
 
-	@Override
-	@Transactional
-	public void removeById(Long id) {
-		approvedSiteRepository.removeById(id);
-	}
-
 	@Override
 	@Transactional
 	public ApprovedSite createApprovedSite(String clientId, String userId, Date timeoutDate, Set<String> allowedScopes,
@@ -105,11 +99,31 @@ public class ApprovedSiteServiceImpl implements ApprovedSiteService {
 	}
 
 	@Override
-	public ApprovedSite getByClientIdAndUserId(String clientId,
+	public ApprovedSite getByClientIdAndUserId(String clientId, String userId) {
-			String userId) {
 		
 		return approvedSiteRepository.getByClientIdAndUserId(clientId, userId);
 		
 	}
 
+	/**
+     * @param userId
+     * @return
+     * @see org.mitre.openid.connect.repository.ApprovedSiteRepository#getByUserId(java.lang.String)
+     */
+	@Override
+    public Collection<ApprovedSite> getByUserId(String userId) {
+	    return approvedSiteRepository.getByUserId(userId);
+    }
+
+	/**
+     * @param clientId
+     * @return
+     * @see org.mitre.openid.connect.repository.ApprovedSiteRepository#getByClientId(java.lang.String)
+     */
+	@Override
+    public Collection<ApprovedSite> getByClientId(String clientId) {
+	    return approvedSiteRepository.getByClientId(clientId);
+    }
+
+	
 }

openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteApi.java

@@ -0,0 +1,91 @@
+/**
+ * 
+ */
+package org.mitre.openid.connect.web;
+
+import java.security.Principal;
+import java.util.Collection;
+
+import org.mitre.openid.connect.model.ApprovedSite;
+import org.mitre.openid.connect.model.WhitelistedSite;
+import org.mitre.openid.connect.service.ApprovedSiteService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.gson.Gson;
+import com.google.gson.JsonParser;
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/api/approved")
+@PreAuthorize("hasRole('ROLE_USER')")
+public class ApprovedSiteApi {
+
+	@Autowired
+	private ApprovedSiteService approvedSiteService;
+	
+	private Gson gson = new Gson();
+	private JsonParser parser = new JsonParser();
+
+	/**
+	 * Get a list of all of this user's approved sites
+	 * @param m
+	 * @return
+	 */
+	@RequestMapping(method = RequestMethod.GET, headers = "Accept=application/json")
+	public String getAllApprovedSites(ModelMap m, Principal p) {
+		
+		Collection<ApprovedSite> all = approvedSiteService.getByUserId(p.getName());
+		
+		m.put("entity", all);
+		
+		return "jsonEntityView";
+	}
+	
+	/**
+	 * Delete an approved site
+	 * 
+	 */
+	@RequestMapping(value="/{id}", method = RequestMethod.DELETE, headers = "Accept=application/json")
+	public String deleteApprovedSite(@PathVariable("id") Long id, ModelMap m, Principal p) {
+		ApprovedSite approvedSite = approvedSiteService.getById(id);
+		
+		if (approvedSite == null) {
+			m.put("code", HttpStatus.NOT_FOUND);
+		} else if (!approvedSite.getUserId().equals(p.getName())) {
+			m.put("code", HttpStatus.FORBIDDEN);
+		} else {
+			approvedSiteService.remove(approvedSite);
+		}		
+		
+		return "httpCodeView";
+	}
+	
+	/**
+	 * Get a single approved site
+	 */
+	@RequestMapping(value="/{id}", method = RequestMethod.GET, headers = "Accept=application/json")
+	public String getApprovedSite(@PathVariable("id") Long id, ModelMap m, Principal p) {
+		ApprovedSite approvedSite = approvedSiteService.getById(id);
+		if (approvedSite == null) {
+			m.put("code", HttpStatus.NOT_FOUND);
+			return "httpCodeView";
+		} else if (!approvedSite.getUserId().equals(p.getName())) {
+			m.put("code", HttpStatus.FORBIDDEN);
+			return "httpCodeView";
+		} else {
+			m.put("entity", approvedSite);
+			return "jsonEntityView";
+		}
+		
+	}
+}