Skip to content

Commit

Permalink
Merge branch 'feat/oauth/pass-thru-apis' into feat/oauth/revoke-apis
Browse files Browse the repository at this point in the history
  • Loading branch information
@sattvikc
sattvikc committed Sep 19, 2024
2 parents 1dee4cc + c568f5c commit 9e3caf5
Show file tree
Hide file tree
Showing 18 changed files with 264 additions and 310 deletions.
51 changes: 26 additions & 25 deletions src/main/java/io/supertokens/webserver/api/oauth/CreateUpdateOrGetOAuthClientAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,9 @@ public CreateUpdateOrGetOAuthClientAPI(Main main){
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
String clientId = InputParser.getQueryParamOrThrowError(req, "clientId", false);

try {
OAuthProxyHelper.proxyGET(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyGET(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
Expand All @@ -67,11 +67,11 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO
true, // proxyToAdmin
true, // camelToSnakeCaseConversion
OAuthProxyHelper.defaultGetQueryParamsFromRequest(req),
new HashMap<>(), // getHeadersForProxy
(statusCode, headers, rawBody, jsonBody) -> { // getJsonResponse
return jsonBody.getAsJsonObject();
}
new HashMap<>()
);
if (response != null) {
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand All @@ -92,7 +92,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I

input.addProperty("owner", appIdentifier.getAppId());

OAuthProxyHelper.proxyJsonPOST(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonPOST(
main, req, resp,
appIdentifier,
storage,
Expand All @@ -101,20 +101,20 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
true, // proxyToAdmin
true, // camelToSnakeCaseConversion
input, // jsonBody
new HashMap<>(), // headers
(statusCode, headers, rawBody, jsonBody) -> { // getJsonResponse
String clientId = jsonBody.getAsJsonObject().get("clientId").getAsString();

try {
OAuth.addClientId(main, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req), clientId);
} catch (StorageQueryException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
} catch (OAuth2ClientAlreadyExistsForAppException e) {
// ignore
}
return jsonBody.getAsJsonObject();
}
new HashMap<>() // headers
);
if (response != null) {
String clientId = response.jsonResponse.getAsJsonObject().get("clientId").getAsString();

try {
OAuth.addClientId(main, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req), clientId);
} catch (StorageQueryException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
} catch (OAuth2ClientAlreadyExistsForAppException e) {
// ignore
}
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down Expand Up @@ -151,7 +151,7 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
}

try {
OAuthProxyHelper.proxyJsonPUT(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonPUT(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
Expand All @@ -161,11 +161,12 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
true, // camelToSnakeCaseConversion
new HashMap<>(), // queryParams
input, // jsonBody
new HashMap<>(), // headers
(statusCode, headers, rawBody, jsonBody) -> { // getJsonResponse
return jsonBody.getAsJsonObject();
}
new HashMap<>() // headers
);

if (response != null) {
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down
15 changes: 8 additions & 7 deletions src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthConsentRequestAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@

import io.supertokens.Main;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.oauth.HttpRequestForOry;
import io.supertokens.pluginInterface.RECIPE_ID;
import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
import io.supertokens.webserver.InputParser;
Expand All @@ -31,7 +32,7 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
JsonObject input = InputParser.parseJsonObjectOrThrowError(req);

try {
OAuthProxyHelper.proxyJsonPUT(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonPUT(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
Expand All @@ -41,13 +42,13 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
true, // camelToSnakeCaseConversion
OAuthProxyHelper.defaultGetQueryParamsFromRequest(req),
input, // jsonBody
new HashMap<>(), // headers
(statusCode, headers, rawBody, jsonBody) -> { // getJsonResponse
JsonObject response = jsonBody.getAsJsonObject();
response.addProperty("status", "OK");
return response;
}
new HashMap<>() // headers
);

if (response != null) {
response.jsonResponse.getAsJsonObject().addProperty("status", "OK");
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down
15 changes: 8 additions & 7 deletions src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLoginRequestAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import io.supertokens.pluginInterface.RECIPE_ID;
import io.supertokens.webserver.WebserverAPI;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.oauth.HttpRequestForOry;
import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
import io.supertokens.webserver.InputParser;
import jakarta.servlet.ServletException;
Expand All @@ -31,7 +32,7 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
JsonObject input = InputParser.parseJsonObjectOrThrowError(req);

try {
OAuthProxyHelper.proxyJsonPUT(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonPUT(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
Expand All @@ -41,13 +42,13 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
true,
OAuthProxyHelper.defaultGetQueryParamsFromRequest(req),
input, // jsonBody
new HashMap<>(), // headers
(statusCode, headers, rawBody, jsonBody) -> {
JsonObject response = jsonBody.getAsJsonObject();
response.addProperty("status", "OK");
return response;
}
new HashMap<>() // headers
);

if (response != null) {
response.jsonResponse.getAsJsonObject().addProperty("status", "OK");
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down
25 changes: 13 additions & 12 deletions src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLogoutRequestAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@

import io.supertokens.Main;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.oauth.HttpRequestForOry;
import io.supertokens.pluginInterface.RECIPE_ID;
import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
import io.supertokens.webserver.InputParser;
Expand All @@ -31,23 +32,23 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
JsonObject input = InputParser.parseJsonObjectOrThrowError(req);

try {
OAuthProxyHelper.proxyJsonPUT(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonPUT(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
null, // clientIdToCheck
"/admin/oauth2/auth/requests/logout/accept",
true,
true,
OAuthProxyHelper.defaultGetQueryParamsFromRequest(req),
input,
new HashMap<>(),
(statusCode, headers, rawBody, jsonBody) -> {
JsonObject response = jsonBody.getAsJsonObject();
response.addProperty("status", "OK");
return response;
}
"/admin/oauth2/auth/requests/logout/accept", // proxyPath
true, // proxyToAdmin
true, // camelToSnakeCaseConversion
OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), // queryParams
input, // jsonBody
new HashMap<>() // headers
);

if (response != null) {
response.jsonResponse.getAsJsonObject().addProperty("status", "OK");
super.sendJsonResponse(200, response.jsonResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down
47 changes: 25 additions & 22 deletions src/main/java/io/supertokens/webserver/api/oauth/OAuthAuthAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@

import io.supertokens.Main;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.oauth.HttpRequestForOry;
import io.supertokens.pluginInterface.RECIPE_ID;
import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
import io.supertokens.webserver.InputParser;
Expand Down Expand Up @@ -64,7 +65,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
}

try {
OAuthProxyHelper.proxyGET(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyGET(
main, req, resp,
getAppIdentifier(req),
enforcePublicTenantAndGetPublicTenantStorage(req),
Expand All @@ -73,30 +74,32 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
false, // proxyToAdmin
false, // camelToSnakeCaseConversion
queryParams,
headers,
(statusCode, responseHeaders, rawBody, jsonBody) -> { // getJsonResponse
if (headers == null || !responseHeaders.containsKey("Location")) {
throw new IllegalStateException("Invalid response from hydra");
}

String redirectTo = responseHeaders.get("Location").get(0);
List<String> responseCookies = responseHeaders.get("Set-Cookie");

JsonObject response = new JsonObject();
response.addProperty("redirectTo", redirectTo);
headers
);

JsonArray jsonCookies = new JsonArray();
if (responseCookies != null) {
for (String cookie : responseCookies) {
jsonCookies.add(new JsonPrimitive(cookie));
}
if (response != null) {
if (response.headers == null || !response.headers.containsKey("Location")) {
throw new IllegalStateException("Invalid response from hydra");
}

String redirectTo = response.headers.get("Location").get(0);
List<String> responseCookies = response.headers.get("Set-Cookie");

JsonObject finalResponse = new JsonObject();
finalResponse.addProperty("redirectTo", redirectTo);

JsonArray jsonCookies = new JsonArray();
if (responseCookies != null) {
for (String cookie : responseCookies) {
jsonCookies.add(new JsonPrimitive(cookie));
}

response.add("cookies", jsonCookies);
response.addProperty("status", "OK");
return response;
}
);

finalResponse.add("cookies", jsonCookies);
finalResponse.addProperty("status", "OK");

super.sendJsonResponse(200, finalResponse, resp);
}

} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
Expand Down
82 changes: 42 additions & 40 deletions src/main/java/io/supertokens/webserver/api/oauth/OAuthClientListAPI.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@

import io.supertokens.Main;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.oauth.HttpRequestForOry;
import io.supertokens.oauth.OAuth;
import io.supertokens.pluginInterface.RECIPE_ID;
import io.supertokens.pluginInterface.Storage;
Expand Down Expand Up @@ -43,7 +44,7 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO
Map<String, String> queryParams = OAuthProxyHelper.defaultGetQueryParamsFromRequest(req);
queryParams.put("owner", appIdentifier.getAppId());

OAuthProxyHelper.proxyGET(
HttpRequestForOry.Response response = OAuthProxyHelper.proxyGET(
main, req, resp,
appIdentifier,
storage,
Expand All @@ -52,56 +53,57 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO
true, // proxyToAdmin
true, // camelToSnakeCaseConversion
queryParams,
new HashMap<>(), // headers
(statusCode, headers, rawBody, jsonBody) -> { // getJsonResponse
JsonObject response = new JsonObject();
response.addProperty("status", "OK");
new HashMap<>() // headers
);

// Filter out the clients for app
List<String> clientIds;
try {
clientIds = OAuth.listClientIds(main, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req));
} catch (StorageQueryException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
if (response != null) {
JsonObject finalResponse = new JsonObject();
finalResponse.addProperty("status", "OK");

Set<String> clientIdsSet = new HashSet<>(clientIds);
// Filter out the clients for app
List<String> clientIds;
try {
clientIds = OAuth.listClientIds(main, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req));
} catch (StorageQueryException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}

JsonArray clients = new JsonArray();

for (JsonElement clientElem : jsonBody.getAsJsonArray()) {
if (clientIdsSet.contains(clientElem.getAsJsonObject().get("clientId").getAsString())) {
clients.add(clientElem);
}
Set<String> clientIdsSet = new HashSet<>(clientIds);

JsonArray clients = new JsonArray();

for (JsonElement clientElem : response.jsonResponse.getAsJsonArray()) {
if (clientIdsSet.contains(clientElem.getAsJsonObject().get("clientId").getAsString())) {
clients.add(clientElem);
}
}

response.add("clients", clients);
finalResponse.add("clients", clients);

// pagination
List<String> linkHeader = headers.get("Link");
if (linkHeader != null && !linkHeader.isEmpty()) {
for (String nextLink : linkHeader.get(0).split(",")) {
if (!nextLink.contains("rel=\"next\"")) {
continue;
}
// pagination
List<String> linkHeader = response.headers.get("Link");
if (linkHeader != null && !linkHeader.isEmpty()) {
for (String nextLink : linkHeader.get(0).split(",")) {
if (!nextLink.contains("rel=\"next\"")) {
continue;
}

String pageToken = null;
if (nextLink.contains("page_token=")) {
int startIndex = nextLink.indexOf("page_token=") + "page_token=".length();
int endIndex = nextLink.indexOf('>', startIndex);
if (endIndex != -1) {
pageToken = nextLink.substring(startIndex, endIndex);
}
}
if (pageToken != null) {
response.addProperty("nextPaginationToken", pageToken);
String pageToken = null;
if (nextLink.contains("page_token=")) {
int startIndex = nextLink.indexOf("page_token=") + "page_token=".length();
int endIndex = nextLink.indexOf('>', startIndex);
if (endIndex != -1) {
pageToken = nextLink.substring(startIndex, endIndex);
}
}
if (pageToken != null) {
finalResponse.addProperty("nextPaginationToken", pageToken);
}
}

return response;
}
);

super.sendJsonResponse(200, finalResponse, resp);
}
} catch (IOException | TenantOrAppNotFoundException | BadPermissionException e) {
throw new ServletException(e);
}
Expand Down
Loading

0 comments on commit 9e3caf5

Please sign in to comment.