diff --git a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java index 6c5442585..9cae400fa 100644 --- a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java +++ b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java @@ -24,14 +24,17 @@ import io.micronaut.security.annotation.Secured; import io.micronaut.security.rules.SecurityRule; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.breedinginsight.api.auth.AuthenticatedUser; import org.breedinginsight.api.auth.SecurityService; import org.breedinginsight.model.ApiToken; import org.breedinginsight.services.TokenService; +import javax.annotation.Nullable; import javax.inject.Inject; import javax.validation.constraints.NotBlank; import java.net.URI; +import java.util.Map; import java.util.Optional; @Slf4j @@ -47,9 +50,9 @@ public TokenController(SecurityService securityService, TokenService tokenServic this.tokenService = tokenService; } - @Get("/api-token") + @Get("/api-token{?returnUrl}") @Secured(SecurityRule.IS_AUTHENTICATED) - public HttpResponse apiToken(@QueryValue @NotBlank String returnUrl) { + public HttpResponse apiToken(@QueryValue @Nullable String returnUrl) { AuthenticatedUser actingUser = securityService.getUser(); Optional token = tokenService.generateApiToken(actingUser); @@ -57,18 +60,24 @@ public HttpResponse apiToken(@QueryValue @NotBlank String returnUrl) { if(token.isPresent()) { ApiToken apiToken = token.get(); - URI location = UriBuilder.of(returnUrl) - .queryParam("status", 200) - .queryParam("token", apiToken.getAccessToken()) - .build(); + if(returnUrl != null) { + if(StringUtils.trim(returnUrl).isEmpty()) { + return HttpResponse.badRequest("returnUrl cannot be blank"); + } + URI location = UriBuilder.of(returnUrl) + .queryParam("status", 200) + .queryParam("token", apiToken.getAccessToken()) + .build(); - return HttpResponse.seeOther(location) - .header("Cache-Control","no-store") - .header("Pragma", "no-cache"); + return HttpResponse.seeOther(location) + .header("Cache-Control", "no-store") + .header("Pragma", "no-cache"); + } else { + return HttpResponse.ok(Map.of("token", apiToken.getAccessToken())); + } } else { return HttpResponse.serverError(); } - } } diff --git a/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java b/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java index 0dcaa029b..702a0ca14 100644 --- a/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java +++ b/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java @@ -63,10 +63,11 @@ public BrAPIV2Controller(SecurityService securityService, ProgramService program @Secured(SecurityRule.IS_ANONYMOUS) public BrAPIServerInfoResponse serverinfo() { BrAPIServerInfo serverInfo = new BrAPIServerInfo(); - serverInfo.setOrganizationName("Breeding Insight Platform"); - serverInfo.setServerName("bi-api"); + serverInfo.setOrganizationName("Breeding Insight"); + serverInfo.setServerName("DeltaBreed"); serverInfo.setContactEmail("bidevteam@cornell.edu"); serverInfo.setOrganizationURL("breedinginsight.org"); + serverInfo.setServerDescription("BrAPI endpoints are not implemented at the root of this domain. Please make BrAPI calls in the context of a program (ex: https://app.breedinginsight.net/v1/programs//brapi/v2)"); return new BrAPIServerInfoResponse().result(serverInfo); } diff --git a/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java b/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java index 7be64187c..badc576a2 100644 --- a/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java +++ b/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java @@ -41,19 +41,6 @@ public class TokenControllerIntegrationTest extends DatabaseTest { @Client("/${micronaut.bi.api.version}") RxHttpClient client; - @Test - void getApiTokenMissingRequiredParameter() { - Flowable> call = client.exchange( - GET("/api-token") - .cookie(new NettyCookie("phylo-token", "test-registered-user")), String.class - ); - - HttpClientResponseException e = Assertions.assertThrows(HttpClientResponseException.class, () -> { - HttpResponse response = call.blockingFirst(); - }); - assertEquals(HttpStatus.BAD_REQUEST, e.getStatus()); - } - @Test void getApiTokenRequiredParameterBlank() { Flowable> call = client.exchange( diff --git a/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java b/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java index f29f76ab0..d9c05ed21 100644 --- a/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java +++ b/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java @@ -142,8 +142,8 @@ public void testRootServerInfo() { .getAsJsonObject("result"); BrAPIServerInfo serverInfo = GSON.fromJson(result, BrAPIServerInfo.class); - assertEquals("Breeding Insight Platform", serverInfo.getOrganizationName()); - assertEquals("bi-api", serverInfo.getServerName()); + assertEquals("Breeding Insight", serverInfo.getOrganizationName()); + assertEquals("DeltaBreed", serverInfo.getServerName()); assertEquals("bidevteam@cornell.edu", serverInfo.getContactEmail()); assertEquals("breedinginsight.org", serverInfo.getOrganizationURL()); }