diff --git a/src/main/java/org/gcube/portal/oauth/OauthService.java b/src/main/java/org/gcube/portal/oauth/OauthService.java index f7bf7ef..e2bc9de 100644 --- a/src/main/java/org/gcube/portal/oauth/OauthService.java +++ b/src/main/java/org/gcube/portal/oauth/OauthService.java @@ -39,7 +39,7 @@ public class OauthService { private static final org.slf4j.Logger logger = LoggerFactory.getLogger(OauthService.class); /** - * This map contains couples + * This map contains couples */ private Map entries; @@ -115,8 +115,25 @@ public class OauthService { return Response.status(status).entity("{\"error\"=\"Trying to access push-authentication-code method via a token different than USER is not allowed\"").build(); }else{ - logger.info("Saving entry defined by " + bean + " in cache, token is " + token.substring(0, 10)); - entries.put(bean.getCode(), new CacheBean(token, ScopeProvider.instance.get(), bean.getRedirectUri(), bean.getClientId(), System.currentTimeMillis())); + // check parameters + String code = bean.getCode(); + String clientId = bean.getClientId(); + String redirectUri = bean.getRedirectUri(); + + if(code == null || code.isEmpty()) + return Response.status(Status.BAD_REQUEST). + entity("{\"error\"=\"'code' cannot be null or missing\"").build(); + + if(clientId == null || clientId.isEmpty()) + return Response.status(Status.BAD_REQUEST). + entity("{\"error\"=\"'client_id' cannot be null or missing\"").build(); + + if(redirectUri == null || redirectUri.isEmpty()) + return Response.status(Status.BAD_REQUEST). + entity("{\"error\"=\"'redirect_uri' cannot be null or missing\"").build(); + + logger.info("Saving entry defined by " + bean + " in cache, token is " + token.substring(0, 10) + "***************"); + entries.put(code, new CacheBean(token, ScopeProvider.instance.get(), redirectUri, clientId, System.currentTimeMillis())); return Response.status(status).build(); } diff --git a/src/main/java/org/gcube/portal/oauth/cache/CacheBean.java b/src/main/java/org/gcube/portal/oauth/cache/CacheBean.java index 7c5cc72..a904be9 100644 --- a/src/main/java/org/gcube/portal/oauth/cache/CacheBean.java +++ b/src/main/java/org/gcube/portal/oauth/cache/CacheBean.java @@ -39,8 +39,6 @@ public class CacheBean { this.scope = scope; } - - public String getToken() { return token; } diff --git a/src/main/java/org/gcube/portal/oauth/cache/CacheCleaner.java b/src/main/java/org/gcube/portal/oauth/cache/CacheCleaner.java index 7381c55..95e61fb 100644 --- a/src/main/java/org/gcube/portal/oauth/cache/CacheCleaner.java +++ b/src/main/java/org/gcube/portal/oauth/cache/CacheCleaner.java @@ -50,7 +50,7 @@ public class CacheCleaner extends Thread { } } - logger.info("Going to sleep . Number of removed entries is " + removedEntries + " [" + new Date() + "]"); + logger.info("Going to sleep. Number of removed entries is " + removedEntries + " [" + new Date() + "]"); } catch (InterruptedException e) { logger.warn("Exception was " + e.getMessage()); diff --git a/src/main/java/org/gcube/portal/oauth/input/PushCodeBean.java b/src/main/java/org/gcube/portal/oauth/input/PushCodeBean.java index 15ed14f..519a640 100644 --- a/src/main/java/org/gcube/portal/oauth/input/PushCodeBean.java +++ b/src/main/java/org/gcube/portal/oauth/input/PushCodeBean.java @@ -1,7 +1,5 @@ package org.gcube.portal.oauth.input; -import javax.validation.constraints.NotNull; - import com.fasterxml.jackson.annotation.JsonProperty; /** @@ -11,17 +9,18 @@ import com.fasterxml.jackson.annotation.JsonProperty; public class PushCodeBean { @JsonProperty("code") - @NotNull(message="code cannot be null") private String code; - + @JsonProperty("redirect_uri") - @NotNull(message="redirect_uri cannot be null") private String redirectUri; - + @JsonProperty("client_id") - @NotNull(message="client_id cannot be null") private String clientId; + public PushCodeBean() { + super(); + } + /** * @param code * @param redirectUri @@ -41,7 +40,7 @@ public class PushCodeBean { public void setCode(String code) { this.code = code; } - + public String getRedirectUri() { return redirectUri; }