From 92a487e3f89d56472f7815ac413bfb5f645faa15 Mon Sep 17 00:00:00 2001
From: "konstantina.galouni" <kgalouni@di.uoa.gr>
Date: Sun, 14 Feb 2021 22:52:16 +0000
Subject: [PATCH] [Trunk | Orcid Service]: 1. pom.xml: Change version from
 2.0.0 to 1.0.0 (not yet released and was set to 2.0.0 as a false copy-paste).
 2. UserTokensController.java & WorkController.java: Added
 @PreAuthorize("isAuthenticated()") in class (some methods were missing that).
 3. UserTokensController.java: 	a. Change "public String saveUserTokens(...)"
 to "public SingleValueWrapperResponse<Boolean> saveUserTokens(...)" - Do not
 return access token! 	b. Comment "decryptToken()" (/local/tokens/decrypt)
 and "encryptToken()" (/local/tokens/encrypt) methods - used for testing.

---
 pom.xml                                       |  2 +-
 .../controllers/UserTokensController.java     | 37 ++++++++++---------
 .../controllers/WorkController.java           |  9 +----
 3 files changed, 21 insertions(+), 27 deletions(-)

diff --git a/pom.xml b/pom.xml
index 705f9b4..9b60839 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 
 	<groupId>eu.dnetlib</groupId>
 	<artifactId>uoa-orcid-service</artifactId>
-	<version>2.0.0-SNAPSHOT</version>
+	<version>1.0.0-SNAPSHOT</version>
 	<packaging>war</packaging>
 
 	<name>uoa-orcid-service</name>
diff --git a/src/main/java/eu/dnetlib/uoaorcidservice/controllers/UserTokensController.java b/src/main/java/eu/dnetlib/uoaorcidservice/controllers/UserTokensController.java
index b225513..cc70e16 100644
--- a/src/main/java/eu/dnetlib/uoaorcidservice/controllers/UserTokensController.java
+++ b/src/main/java/eu/dnetlib/uoaorcidservice/controllers/UserTokensController.java
@@ -27,6 +27,7 @@ import java.util.List;
 
 @RestController
 //@RequestMapping("/orcid")
+@PreAuthorize("isAuthenticated()")
 @CrossOrigin(origins = "*")
 public class UserTokensController {
     private final Logger log = Logger.getLogger(this.getClass());
@@ -58,9 +59,8 @@ public class UserTokensController {
         return new SingleValueWrapperResponse<String>(userOrcid);
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/orcid/token/save", method = RequestMethod.GET)
-    public String saveUserTokens(@RequestParam String code
+    public SingleValueWrapperResponse<Boolean> saveUserTokens(@RequestParam String code
 //            , @RequestParam String redirect_uri
     ) throws BadPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidKeyException, InvalidKeySpecException, IOException {
         log.debug("saveUserTokens: code="+code);
@@ -94,14 +94,15 @@ public class UserTokensController {
         if(response.getStatusCode() != HttpStatus.OK) {
             orcid_log.error("User tokens response code is: " + response.getStatusCode());
             orcid_log.error("Unexpected Response: "+response.getBody());
-            return null;
+            return new SingleValueWrapperResponse<Boolean>(false);
         } else {
             orcid_log.info("Response: "+response);
 
             UserTokens userTokens = userTokensService.json2UserTokens(response.getBody().toString());
-                userTokensService.saveUserTokens(userTokens);
+            userTokensService.saveUserTokens(userTokens);
 
-            return "\""+userTokens.getAccessToken()+"\"";
+            return new SingleValueWrapperResponse<Boolean>(true);
+//            return "\""+userTokens.getAccessToken()+"\"";
         }
     }
 
@@ -151,17 +152,17 @@ public class UserTokensController {
     }
 
 
-    @PreAuthorize("isAuthenticated()")
-    @RequestMapping(value = "/local/tokens/decrypt", method = RequestMethod.GET)
-    public UserTokens decryptToken(@RequestParam String aaiId) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException, IOException {
-        return userTokensService.getUserTokensByAai(aaiId);
-    }
-
-
-    @PreAuthorize("isAuthenticated()")
-    @RequestMapping(value = "/local/tokens/encrypt", method = RequestMethod.GET)
-    public UserTokens encryptToken(@RequestParam String aaiId) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException, IOException {
-        UserTokens userTokens = userTokensService.getEncryptedUserTokensByAai(aaiId);
-        return userTokensService.encryptTokens(userTokens);
-    }
+//    @PreAuthorize("isAuthenticated()")
+//    @RequestMapping(value = "/local/tokens/decrypt", method = RequestMethod.GET)
+//    public UserTokens decryptToken(@RequestParam String aaiId) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException, IOException {
+//        return userTokensService.getUserTokensByAai(aaiId);
+//    }
+//
+//
+//    @PreAuthorize("isAuthenticated()")
+//    @RequestMapping(value = "/local/tokens/encrypt", method = RequestMethod.GET)
+//    public UserTokens encryptToken(@RequestParam String aaiId) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException, IOException {
+//        UserTokens userTokens = userTokensService.getEncryptedUserTokensByAai(aaiId);
+//        return userTokensService.encryptTokens(userTokens);
+//    }
 }
diff --git a/src/main/java/eu/dnetlib/uoaorcidservice/controllers/WorkController.java b/src/main/java/eu/dnetlib/uoaorcidservice/controllers/WorkController.java
index 7512e72..81e0db4 100644
--- a/src/main/java/eu/dnetlib/uoaorcidservice/controllers/WorkController.java
+++ b/src/main/java/eu/dnetlib/uoaorcidservice/controllers/WorkController.java
@@ -35,6 +35,7 @@ import java.util.*;
 
 @RestController
 //@RequestMapping("/orcid")
+@PreAuthorize("isAuthenticated()")
 @CrossOrigin(origins = "*")
 public class WorkController {
     private final Logger log = Logger.getLogger(this.getClass());
@@ -49,7 +50,6 @@ public class WorkController {
     @Autowired
     private WorkService workService;
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/local/put-code", method = RequestMethod.GET)
     public List<String> getPutCode(@RequestParam String[] pids) {
         String userOrcid = userTokensService.getCurrentUserOrcid();
@@ -64,7 +64,6 @@ public class WorkController {
         return null;
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/local/put-codes", method = RequestMethod.POST)
     public List<List<String>> getPutCodes(@RequestBody String[][] pids) {
         String userOrcid = userTokensService.getCurrentUserOrcid();
@@ -84,7 +83,6 @@ public class WorkController {
         return putCodes;
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/local/works", method = RequestMethod.POST)
     public List<List<Work>> getLocalWorks(@RequestBody String[][] pids) {
         String userOrcid = userTokensService.getCurrentUserOrcid();
@@ -100,7 +98,6 @@ public class WorkController {
         return returnedWorks;
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/orcid/work/save", method = RequestMethod.POST)
     public Work saveWork(@RequestBody String resultString) throws Exception {
         log.debug("saveWork: result = " + resultString);
@@ -295,7 +292,6 @@ public class WorkController {
         }
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/orcid/work/{putCode}/delete", method = RequestMethod.DELETE)
     public String deleteWork(@PathVariable String putCode) throws IOException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException {
         log.debug("deleteWork: putCode = " + putCode);
@@ -354,7 +350,6 @@ public class WorkController {
 
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/orcid/works/delete", method = RequestMethod.POST)
     public List<String> deleteWorks(@RequestBody List<String> putCodes) throws IOException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException {
         log.debug("deleteWorks: putCodes = " + putCodes);
@@ -421,7 +416,6 @@ public class WorkController {
         return deletedPutCodes;
     }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/orcid/work", method = RequestMethod.GET)
     public List<String> getWorksOfReuslt(@RequestParam String[] pids, @RequestParam String orcid) throws BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException, IOException {
         log.debug("getWorks: pids = " + pids + " - orcid = "+orcid);
@@ -516,7 +510,6 @@ public class WorkController {
 //        return response;
 //    }
 
-    @PreAuthorize("isAuthenticated()")
     @RequestMapping(value = "/local/works", method = RequestMethod.GET)
     public List<Work> getMyLocalWorks() {
         log.debug("getMyWorks");