From 8de5b840377c8c233ecd0ed6ca95aaf78bb92e34 Mon Sep 17 00:00:00 2001 From: timparsons Date: Tue, 1 Aug 2023 16:34:58 -0400 Subject: [PATCH 1/3] [BI-1872] updating serverinfo endpoint to have help text in the serverDescription on how to use BrAPI with DeltaBreed --- .../java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java b/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java index 0dcaa029b..702a0ca14 100644 --- a/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java +++ b/src/main/java/org/breedinginsight/brapi/v2/BrAPIV2Controller.java @@ -63,10 +63,11 @@ public BrAPIV2Controller(SecurityService securityService, ProgramService program @Secured(SecurityRule.IS_ANONYMOUS) public BrAPIServerInfoResponse serverinfo() { BrAPIServerInfo serverInfo = new BrAPIServerInfo(); - serverInfo.setOrganizationName("Breeding Insight Platform"); - serverInfo.setServerName("bi-api"); + serverInfo.setOrganizationName("Breeding Insight"); + serverInfo.setServerName("DeltaBreed"); serverInfo.setContactEmail("bidevteam@cornell.edu"); serverInfo.setOrganizationURL("breedinginsight.org"); + serverInfo.setServerDescription("BrAPI endpoints are not implemented at the root of this domain. Please make BrAPI calls in the context of a program (ex: https://app.breedinginsight.net/v1/programs//brapi/v2)"); return new BrAPIServerInfoResponse().result(serverInfo); } From 269c5135525a6b3a40e39beebd08553b4cc5555e Mon Sep 17 00:00:00 2001 From: timparsons Date: Tue, 1 Aug 2023 16:35:33 -0400 Subject: [PATCH 2/3] [BI-1872] expanding the usage of the api-token endpoint to allow the frontend to use it to generate a token for a user --- .../api/v1/controller/TokenController.java | 26 ++++++++++++------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java index 6c5442585..184d9b327 100644 --- a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java +++ b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java @@ -24,14 +24,17 @@ import io.micronaut.security.annotation.Secured; import io.micronaut.security.rules.SecurityRule; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.breedinginsight.api.auth.AuthenticatedUser; import org.breedinginsight.api.auth.SecurityService; import org.breedinginsight.model.ApiToken; import org.breedinginsight.services.TokenService; +import javax.annotation.Nullable; import javax.inject.Inject; import javax.validation.constraints.NotBlank; import java.net.URI; +import java.util.Map; import java.util.Optional; @Slf4j @@ -47,9 +50,9 @@ public TokenController(SecurityService securityService, TokenService tokenServic this.tokenService = tokenService; } - @Get("/api-token") + @Get("/api-token{?returnUrl}") @Secured(SecurityRule.IS_AUTHENTICATED) - public HttpResponse apiToken(@QueryValue @NotBlank String returnUrl) { + public HttpResponse apiToken(@QueryValue @Nullable String returnUrl) { AuthenticatedUser actingUser = securityService.getUser(); Optional token = tokenService.generateApiToken(actingUser); @@ -57,18 +60,21 @@ public HttpResponse apiToken(@QueryValue @NotBlank String returnUrl) { if(token.isPresent()) { ApiToken apiToken = token.get(); - URI location = UriBuilder.of(returnUrl) - .queryParam("status", 200) - .queryParam("token", apiToken.getAccessToken()) - .build(); + if(StringUtils.isNotBlank(returnUrl)) { + URI location = UriBuilder.of(returnUrl) + .queryParam("status", 200) + .queryParam("token", apiToken.getAccessToken()) + .build(); - return HttpResponse.seeOther(location) - .header("Cache-Control","no-store") - .header("Pragma", "no-cache"); + return HttpResponse.seeOther(location) + .header("Cache-Control", "no-store") + .header("Pragma", "no-cache"); + } else { + return HttpResponse.ok(Map.of("token", apiToken.getAccessToken())); + } } else { return HttpResponse.serverError(); } - } } From 406ec417b53356895a2ddbfc89f076679872e821 Mon Sep 17 00:00:00 2001 From: timparsons Date: Thu, 31 Aug 2023 16:52:29 -0400 Subject: [PATCH 3/3] [BI-1872] fixing failing unit tests --- .../api/v1/controller/TokenController.java | 5 ++++- .../controller/TokenControllerIntegrationTest.java | 13 ------------- .../brapi/v2/BrAPIV2ControllerIntegrationTest.java | 4 ++-- 3 files changed, 6 insertions(+), 16 deletions(-) diff --git a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java index 184d9b327..9cae400fa 100644 --- a/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java +++ b/src/main/java/org/breedinginsight/api/v1/controller/TokenController.java @@ -60,7 +60,10 @@ public HttpResponse apiToken(@QueryValue @Nullable String returnUrl) { if(token.isPresent()) { ApiToken apiToken = token.get(); - if(StringUtils.isNotBlank(returnUrl)) { + if(returnUrl != null) { + if(StringUtils.trim(returnUrl).isEmpty()) { + return HttpResponse.badRequest("returnUrl cannot be blank"); + } URI location = UriBuilder.of(returnUrl) .queryParam("status", 200) .queryParam("token", apiToken.getAccessToken()) diff --git a/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java b/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java index 7be64187c..badc576a2 100644 --- a/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java +++ b/src/test/java/org/breedinginsight/api/v1/controller/TokenControllerIntegrationTest.java @@ -41,19 +41,6 @@ public class TokenControllerIntegrationTest extends DatabaseTest { @Client("/${micronaut.bi.api.version}") RxHttpClient client; - @Test - void getApiTokenMissingRequiredParameter() { - Flowable> call = client.exchange( - GET("/api-token") - .cookie(new NettyCookie("phylo-token", "test-registered-user")), String.class - ); - - HttpClientResponseException e = Assertions.assertThrows(HttpClientResponseException.class, () -> { - HttpResponse response = call.blockingFirst(); - }); - assertEquals(HttpStatus.BAD_REQUEST, e.getStatus()); - } - @Test void getApiTokenRequiredParameterBlank() { Flowable> call = client.exchange( diff --git a/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java b/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java index f29f76ab0..d9c05ed21 100644 --- a/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java +++ b/src/test/java/org/breedinginsight/brapi/v2/BrAPIV2ControllerIntegrationTest.java @@ -142,8 +142,8 @@ public void testRootServerInfo() { .getAsJsonObject("result"); BrAPIServerInfo serverInfo = GSON.fromJson(result, BrAPIServerInfo.class); - assertEquals("Breeding Insight Platform", serverInfo.getOrganizationName()); - assertEquals("bi-api", serverInfo.getServerName()); + assertEquals("Breeding Insight", serverInfo.getOrganizationName()); + assertEquals("DeltaBreed", serverInfo.getServerName()); assertEquals("bidevteam@cornell.edu", serverInfo.getContactEmail()); assertEquals("breedinginsight.org", serverInfo.getOrganizationURL()); }