@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
public String apiAddClient(@RequestBody String jsonString, Model m, Authentication auth) {
JsonObject json = null;
ClientDetailsEntity client = null;
try {
json = parser.parse(jsonString).getAsJsonObject();
client = gson.fromJson(json, ClientDetailsEntity.class);
}
catch (JsonSyntaxException e) {
logger.error("apiAddClient failed due to JsonSyntaxException", e);
m.addAttribute("code", HttpStatus.BAD_REQUEST);
m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
return JsonErrorView.VIEWNAME;
} catch (IllegalStateException e) {
logger.error("apiAddClient failed due to IllegalStateException", e);
m.addAttribute("code", HttpStatus.BAD_REQUEST);
m.addAttribute("errorMessage", "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
return JsonErrorView.VIEWNAME;
}
// if they leave the client identifier empty, force it to be generated
if (Strings.isNullOrEmpty(client.getClientId())) {
client = clientService.generateClientId(client);
}
if (client.getTokenEndpointAuthMethod() == null ||
client.getTokenEndpointAuthMethod().equals(AuthMethod.NONE)) {
// we shouldn't have a secret for this client
client.setClientSecret(null);
} else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC)
|| client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST)
|| client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)) {
// if they've asked for us to generate a client secret (or they left it blank but require one), do so here
if (json.has("generateClientSecret") && json.get("generateClientSecret").getAsBoolean()
|| Strings.isNullOrEmpty(client.getClientSecret())) {
client = clientService.generateClientSecret(client);
}
} else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.PRIVATE_KEY)) {
if (Strings.isNullOrEmpty(client.getJwksUri())) {
logger.error("tried to create client with private key auth but no private key");
m.addAttribute("code", HttpStatus.BAD_REQUEST);
m.addAttribute("errorMessage", "Can not create a client with private key authentication without registering a key via the JWS Set URI.");
return JsonErrorView.VIEWNAME;
}
// otherwise we shouldn't have a secret for this client
client.setClientSecret(null);
} else {
logger.error("unknown auth method");
m.addAttribute("code", HttpStatus.BAD_REQUEST);
m.addAttribute("errorMessage", "Unknown auth method requested");
return JsonErrorView.VIEWNAME;
}
client.setDynamicallyRegistered(false);
ClientDetailsEntity newClient = clientService.saveNewClient(client);
m.addAttribute("entity", newClient);
if (isAdmin(auth)) {
return ClientEntityViewForAdmins.VIEWNAME;
} else {