Commit acb687cc authored by Matija Obreza's avatar Matija Obreza

OAuth: Check if origin is registered

parent 0b286d69
......@@ -102,4 +102,12 @@ public interface OAuthClientDetailsService extends ClientDetailsService {
*/
OAuthClient removeSecret(OAuthClient oauthClient);
/**
* Check if the origin is registered with one of the clients
*
* @param origin the origin
* @return true if a client exists with this origin, false otherwise
*/
boolean isOriginRegistered(String origin);
}
......@@ -17,6 +17,9 @@ package org.genesys.blocks.oauth.service;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.persistence.EntityNotFoundException;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
......@@ -44,8 +47,6 @@ import org.springframework.transaction.annotation.Transactional;
import com.querydsl.core.types.Predicate;
import javax.persistence.EntityNotFoundException;
/**
* The Class OAuthServiceImpl.
*/
......@@ -218,4 +219,17 @@ public class OAuthServiceImpl implements OAuthClientDetailsService {
oauthClient = oauthClientRepository.save(oauthClient);
return lazyLoad(oauthClient);
}
@Override
public boolean isOriginRegistered(String origin) {
AtomicBoolean found = new AtomicBoolean(false);
oauthClientRepository.findAll(QOAuthClient.oAuthClient.origins.contains(origin)).forEach(client -> {
if (client.getAllowedOrigins().contains(origin)) {
found.set(true);
}
});
return found.get();
}
}
......@@ -103,6 +103,28 @@ public class OAuthClientTest extends AbstractRestTest {
assertThat("OAuthClient#clientSecret must be null", client.getClientSecret(), nullValue());
}
/**
* Origin is registered
*/
@Test
public void isOriginRegistered() {
oauthClientDetailsService.addClient(makeClient());
String localhost = "https://localhost";
String origin = "https://www.genesys-pgr.org";
assertThat("Origin must not be registered", oauthClientDetailsService.isOriginRegistered(localhost), is(false));
assertThat("Origin must not be registered", oauthClientDetailsService.isOriginRegistered(origin), is(false));
OAuthClient client = makeClient();
client.getAllowedOrigins().add(origin);
oauthClientDetailsService.addClient(client);
assertThat("Origin must not be registered", oauthClientDetailsService.isOriginRegistered(localhost), is(false));
assertThat("Origin must be registered", oauthClientDetailsService.isOriginRegistered(origin), is(true));
assertThat("Origin must be registered", oauthClientDetailsService.isOriginRegistered(origin + ".com"), is(false));
}
private OAuthClient makeClient() {
OAuthClient client=new OAuthClient();
client.setTitle("JUnit OAuth Client");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment