Make URL mandatory for plugin registration (Close #573)

Change-Id: I7477eda28559274a4ee923cae092e7b5e380460e

Changes

@@ -1,6 +1,7 @@
 # version 0.76-SNAPSHOT
 
 - Add institution & landingPage to the resource web-service (#777)
+- Make URL mandatory for plugin registration (#573)
 
 # version 0.75
 

src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java

@@ -13,6 +13,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import com.fasterxml.jackson.databind.JsonNode;
 import com.nimbusds.oauth2.sdk.OAuth2Error;
 
 import de.ids_mannheim.korap.config.FullConfiguration;
@@ -97,21 +98,28 @@ public OAuth2ClientDto registerClient (OAuth2ClientJson clientJson,
                     "client_name");
             ParameterChecker.checkObjectValue(clientJson.getType(),
                     "client_type");
-            ParameterChecker.checkStringValue(clientJson.getName(),
+            ParameterChecker.checkStringValue(clientJson.getDescription(),
                     "client_description");
         }
         catch (KustvaktException e) {
             throw new KustvaktException(e.getStatusCode(), e.getMessage(),
                     OAuth2Error.INVALID_REQUEST);
         }
 
+        JsonNode source = clientJson.getSource();
         String url = clientJson.getUrl();
         if (url != null && !url.isEmpty()) {
             if (!urlValidator.isValid(url)) {
                 throw new KustvaktException(StatusCodes.INVALID_ARGUMENT,
                         "Invalid URL", OAuth2Error.INVALID_REQUEST);
             }
         }
+        // url is obligatory for plugins 
+        else if (source != null && !source.isNull()) {
+            throw new KustvaktException(StatusCodes.MISSING_PARAMETER,
+                    "URL is required for plugins.", "url");
+        }
+
 
         String redirectURI = clientJson.getRedirectURI();
         if (redirectURI != null && !redirectURI.isEmpty()

src/main/java/de/ids_mannheim/korap/web/input/OAuth2ClientJson.java

@@ -24,8 +24,9 @@ public class OAuth2ClientJson {
     private OAuth2ClientType type;
     private String description;
 
-    // optional
+    // required for plugin, otherwise optional
     private String url;
+
     // redirect URI determines where the OAuth 2.0 service will return
     // the user to after they have authorized a client.
     @JsonProperty("redirect_uri")

src/test/java/de/ids_mannheim/korap/web/controller/OAuth2PluginTest.java

@@ -58,9 +58,15 @@ public void testRegisterPlugin ()
         json.setDescription("This is a plugin test client.");
         json.setSource(source);
         json.setRefreshTokenExpiry(refreshTokenExpiry);
+
+        testRegisterMissingURL(username,json);
+
+        json.setUrl("https://my.confidential.plugin.de");
+
         Response response = registerClient(username, json);
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
         JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
+
         String clientId = node.at("/client_id").asText();
         String clientSecret = node.at("/client_secret").asText();
         assertNotNull(clientId);
@@ -87,12 +93,24 @@ public void testRegisterPublicPlugin () throws KustvaktException {
         json.setType(OAuth2ClientType.PUBLIC);
         json.setDescription("This is a public plugin.");
         json.setSource(source);
+        json.setUrl("https://my.public.plugin.de");
         Response response = registerClient(username, json);
         JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
         assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
         assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
         assertFalse(node.at("/error_description").isMissingNode());
     }
+
+    private void testRegisterMissingURL (String username,
+            OAuth2ClientJson json) throws KustvaktException {
+        Response response = registerClient(username, json);
+        JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
+
+        assertEquals(StatusCodes.MISSING_PARAMETER,
+                node.at("/errors/0/0").asInt());
+        assertEquals("URL is required for plugins.",
+                node.at("/errors/0/1").asText());
+    }
 
     private void testRetrievePluginInfo (String clientId)
             throws ProcessingException, KustvaktException {