fixed typos in data layer, added blank service layer to resource set

openid-connect-common/src/main/java/org/mitre/openid/connect/model/ResourceSet.java

@@ -21,6 +21,7 @@ import java.util.Set;
 import javax.persistence.Basic;
 import javax.persistence.CollectionTable;
 import javax.persistence.Column;
+import javax.persistence.ElementCollection;
 import javax.persistence.Entity;
 import javax.persistence.FetchType;
 import javax.persistence.GeneratedValue;
@@ -111,7 +112,7 @@ public class ResourceSet {
 	/**
 	 * @return the scopes
 	 */
-	@OneToMany(fetch=FetchType.EAGER)
+	@ElementCollection(fetch=FetchType.EAGER)
 	@CollectionTable(
 		name="resource_set_scope",
 		joinColumns=@JoinColumn(name="owner_id")

openid-connect-server-webapp/src/main/resources/db/tables/hsql_database_tables.sql

@@ -220,7 +220,7 @@ CREATE TABLE IF NOT EXISTS pairwise_identifier (
 );
 
 CREATE TABLE IF NOT EXISTS resource_set (
-	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITHP 1) PRIMARY KEY,
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
 	name VARCHAR(1024),
 	uri VARCHAR(1024),
 	icon_uri VARCHAR(1024),

openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml

@@ -117,6 +117,13 @@
 		<security:intercept-url pattern="/resource/**" access="permitAll"/>
 	</security:http>
 
+	<security:http pattern="#{T(org.mitre.openid.connect.web.ResourceSetRegistrationEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:intercept-url pattern="/resource/**" access="permitAll"/>
+	</security:http>
+
 	<security:http pattern="/userinfo**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
 		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
 		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultResourceSetService.java

@@ -0,0 +1,30 @@
+/*******************************************************************************
+ * Copyright 2015 The MITRE Corporation
+ *   and the MIT Kerberos and Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.openid.connect.service.impl;
+
+import org.mitre.openid.connect.service.ResourceSetService;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author jricher
+ *
+ */
+@Service
+public class DefaultResourceSetService implements ResourceSetService {
+
+}

openid-connect-server/src/main/java/org/mitre/openid/connect/view/ResourceSetEntityView.java

@@ -0,0 +1,91 @@
+package org.mitre.openid.connect.view;
+
+import java.io.IOException;
+import java.io.Writer;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.model.ResourceSet;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonObject;
+
+@Component(ResourceSetEntityView.VIEWNAME)
+public class ResourceSetEntityView extends AbstractView {
+	private static Logger logger = LoggerFactory.getLogger(JsonEntityView.class);
+
+	public static final String VIEWNAME = "resourceSetEntityView";
+	
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	private Gson gson = new GsonBuilder()
+		.setExclusionStrategies(new ExclusionStrategy() {
+	
+			@Override
+			public boolean shouldSkipField(FieldAttributes f) {
+	
+				return false;
+			}
+	
+			@Override
+			public boolean shouldSkipClass(Class<?> clazz) {
+				// skip the JPA binding wrapper
+				if (clazz.equals(BeanPropertyBindingResult.class)) {
+					return true;
+				}
+				return false;
+			}
+	
+		})
+		.serializeNulls()
+		.setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
+		.create();
+
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
+
+		response.setContentType("application/json");
+
+
+		HttpStatus code = (HttpStatus) model.get("code");
+		if (code == null) {
+			code = HttpStatus.OK; // default to 200
+		}
+
+		response.setStatus(code.value());
+
+		try {
+
+			Writer out = response.getWriter();
+			ResourceSet rs = (ResourceSet) model.get("entity");
+
+			JsonObject o = new JsonObject();
+			
+			o.addProperty("_id", rs.getId());
+			o.addProperty("user_access_policy_uri", config.getIssuer() + "manage/resource/" + rs.getId());
+
+			
+			gson.toJson(o, out);
+			
+		} catch (IOException e) {
+
+			logger.error("IOException in ResourceSetEntityView.java: ", e);
+
+		}
+	}
+
+}

openid-connect-server/src/main/java/org/mitre/openid/connect/web/ResourceSetRegistrationEndpoint.java

@@ -16,19 +16,102 @@
  *******************************************************************************/
 package org.mitre.openid.connect.web;
 
+import static org.mitre.util.JsonUtils.getAsString;
+import static org.mitre.util.JsonUtils.getAsStringSet;
+
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.openid.connect.model.ResourceSet;
 import org.mitre.openid.connect.service.ResourceSetService;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.openid.connect.view.ResourceSetEntityView;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParseException;
+import com.google.gson.JsonParser;
+import com.google.gson.JsonSyntaxException;
 
 @Controller
-@RequestMapping("/rs/resource_set")
+@RequestMapping(ResourceSetRegistrationEndpoint.URL)
 public class ResourceSetRegistrationEndpoint {
 
+	public static final String URL = "/resource_set/resource_set";
+
 	@Autowired
 	private ResourceSetService resourceSetService;
 	
-
+	private JsonParser parser = new JsonParser();
 	
+	@RequestMapping(method = RequestMethod.POST, produces = MimeTypeUtils.APPLICATION_JSON_VALUE, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	@PreAuthorize("hasRole('ROLE_USER')")
+	public String createResourceSet(@RequestBody String jsonString, Model m, Authentication auth) {
+		
+		// if auth is OAuth, make sure we've got the right scope
+		if (auth instanceof OAuth2Authentication) {
+			OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) auth;
+			if (oAuth2Authentication.getOAuth2Request().getScope() == null
+					|| oAuth2Authentication.getOAuth2Request().getScope().contains(SystemScopeService.RESOURCE_SET_REGISTRATION_SCOPE)) {
+				
+				// it was an OAuth2 request but it didn't have the right scope
+				m.addAttribute("code", HttpStatus.FORBIDDEN);
+				return JsonErrorView.VIEWNAME;
+				
+			}
+		}
+		
+		ResourceSet rs = parseResourceSet(jsonString);
+		
+		if (rs == null) {
+			// there was no resource set in the body
+			m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			return JsonErrorView.VIEWNAME;
+		}
+		
+		rs.setOwner(auth.getName());
+		
+		m.addAttribute("code", HttpStatus.CREATED);
+		m.addAttribute("entity", rs);
+		return ResourceSetEntityView.VIEWNAME;
+		
+	}
+
+
+	private ResourceSet parseResourceSet(String jsonString) {
+
+		try {
+			JsonElement el = parser.parse(jsonString);
+			
+			if (el.isJsonObject()) {
+				JsonObject o = el.getAsJsonObject();
+				
+				ResourceSet rs = new ResourceSet();
+				rs.setName(getAsString(o, "name"));
+				rs.setIconUri(getAsString(o, "icon_uri"));
+				rs.setType(getAsString(o, "type"));
+				rs.setScopes(getAsStringSet(o, "scope"));
+				rs.setUri(getAsString(o, "uri"));
+				
+				return rs;
+				
+			}
+			
+			return null;
+			
+		} catch (JsonParseException e) {
+			return null;
+		}
+		
+	}
 	
 }