simplification and documentation of client api views

openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java

@@ -30,6 +30,12 @@ import com.google.gson.JsonSerializationContext;
 import com.google.gson.JsonSerializer;
 
 /**
+ * 
+ * Abstract superclass for client entity view, used with the ClientApi.
+ * 
+ * @see ClientEntityViewForUsers
+ * @see ClientEntityViewForAdmins
+ * 
  * @author jricher
  *
  */

openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForAdmins.java

@@ -7,6 +7,7 @@ import java.io.IOException;
 import java.io.Writer;
 import java.lang.reflect.Type;
 import java.util.Map;
+import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -21,6 +22,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.validation.BeanPropertyBindingResult;
 import org.springframework.web.servlet.view.AbstractView;
 
+import com.google.common.collect.ImmutableSet;
 import com.google.gson.ExclusionStrategy;
 import com.google.gson.FieldAttributes;
 import com.google.gson.Gson;
@@ -31,6 +33,8 @@ import com.google.gson.JsonSerializationContext;
 import com.google.gson.JsonSerializer;
 
 /**
+ * 
+ * View bean for full view of client entity, for admins.
  * 
  * @see ClientEntityViewForUsers
  * @author jricher
@@ -39,6 +43,8 @@ import com.google.gson.JsonSerializer;
 @Component("clientEntityViewAdmins")
 public class ClientEntityViewForAdmins extends AbstractClientEntityView {
 
+	private Set<String> blacklistedFields = ImmutableSet.of("additionalProperties");
+	
 	/**
 	 * @return
 	 */
@@ -46,7 +52,7 @@ public class ClientEntityViewForAdmins extends AbstractClientEntityView {
 	    return new ExclusionStrategy() {
 	
 	        public boolean shouldSkipField(FieldAttributes f) {
-	        	if (f.getName().equals("additionalProperties")) {
+	        	if (blacklistedFields.contains(f.getName())) {
 	        		return true;
 	        	} else {
 	        		return false;

openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForUsers.java

@@ -7,6 +7,7 @@ import java.io.IOException;
 import java.io.Writer;
 import java.lang.reflect.Type;
 import java.util.Map;
+import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -21,6 +22,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.validation.BeanPropertyBindingResult;
 import org.springframework.web.servlet.view.AbstractView;
 
+import com.google.common.collect.ImmutableSet;
 import com.google.gson.ExclusionStrategy;
 import com.google.gson.FieldAttributes;
 import com.google.gson.Gson;
@@ -32,6 +34,9 @@ import com.google.gson.JsonSerializer;
 
 /**
  * 
+ * View bean for field-limited view of client entity, for regular users.  
+ * 
+ * @see AbstractClientEntityView
  * @see ClientEntityViewForAdmins
  * @author jricher
  *
@@ -39,6 +44,8 @@ import com.google.gson.JsonSerializer;
 @Component("clientEntityViewUsers")
 public class ClientEntityViewForUsers extends AbstractClientEntityView {
 
+	private Set<String> whitelistedFields = ImmutableSet.of("clientName", "clientId", "id", "clientDescription", "scope", "logoUri");
+	
 	/* (non-Javadoc)
 	 * @see org.mitre.openid.connect.view.AbstractClientEntityView#getExclusionStrategy()
 	 */
@@ -48,12 +55,7 @@ public class ClientEntityViewForUsers extends AbstractClientEntityView {
     		
 	        public boolean shouldSkipField(FieldAttributes f) {
 	        	// whitelist the handful of fields that are good 
-	        	if (f.getName().equals("clientName") ||
+	        	if (whitelistedFields.contains(f.getName())) {
-	        			f.getName().equals("clientId") ||
-	        			f.getName().equals("id") || 
-	        			f.getName().equals("clientDescription") ||
-	        			f.getName().equals("scope")) {
-	        	
 	        		return false;
 	        	} else {
 	        		return true;