danshannon · vandeseer · Feb 3, 2019 · Feb 10, 2019
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+.idea/
diff --git a/Strava API v3/.gitignore b/Strava API v3/.gitignore
@@ -38,4 +38,7 @@ local.properties
 .target
 
 # TeXlipse plugin
-.texlipse
+.texlipse
+
+.idea/
+*.iml
diff --git a/Strava API v3/pom.xml b/Strava API v3/pom.xml
@@ -148,5 +148,5 @@
 		<url>https://github.com/danshannon/javastravav3api</url>
 		<name>Dan Shannon</name>
 	</organization>
-	<version>2.0.0-SNAPSHOT</version>
+	<version>2.0.1-SNAPSHOT</version>
 </project>
diff --git a/Strava API v3/src/javastrava-config.properties b/Strava API v3/src/javastrava-config.properties
@@ -44,8 +44,13 @@ AuthorisationApprovalPrompt.force=force
 
 AuthorisationResponseType.code=code
 
-AuthorisationScope.view_private=view_private
-AuthorisationScope.write=write
+AuthorisationScope.read=read
+AuthorisationScope.read_all=read_all
+AuthorisationScope.profile_read_all=profile:read_all
+AuthorisationScope.profile_write=profile:write
+AuthorisationScope.activity_read=activity:read
+AuthorisationScope.activity_read_all=activity:read_all
+AuthorisationScope.activity_write=activity:write
 
 StravaActivityType.alpineski=alpineski
 StravaActivityType.backcountryski=backcountryski

diff --git a/Strava API v3/src/javastrava-messages.properties b/Strava API v3/src/javastrava-messages.properties
@@ -2,8 +2,13 @@
 Common.unknown.description=Unknown
 
 # Enum values
-AuthorisationScope.view_private.description=Allow viewing of private data
-AuthorisationScope.write.description=Allow creation of data
+AuthorisationScope.read.description=Allows access to public segments, public routes, public profile data, public posts, public events, club feeds, and leaderboards. This scope matches the old default scope, except it no longer includes access to activities and certain athlete endpoints mentioned below.
+AuthorisationScope.read_all.description=Allows access to view private routes, private segments, and private events. This scope matches the old view_private scope, except that it no longer includes access to private activities.
+AuthorisationScope.profile_read_all.description=NEW! Allows access to read all profile information even if the user has set their profile visibility to “Followers” or “Only You.”
+AuthorisationScope.profile_write.description=NEW! Allows access to update the user’s weight and Functional Threshold Power (FTP), and access to star or unstar segments on their behalf.
+AuthorisationScope.activity_read.description=NEW! Allows access to read the user’s activity data for activities that are visible to “Everyone” and “Followers.”
+AuthorisationScope.activity_read_all.description=NEW! Allows the same access as activity:read, plus access to read the athlete’s activities that are visible to “Only You.”
+AuthorisationScope.activity_write.description=NEW! Allows access to create manual activities and uploads, and access to edit any activities that are visible to the app (based on activity read access level).
 
 RetrofitErrorHandler.rateLimitExceeded=Rate Limit Exceeded
 RetrofitErrorHandler.unknownError=Unknown error has occurred

diff --git a/Strava API v3/src/javastrava/auth/TokenManager.java b/Strava API v3/src/javastrava/auth/TokenManager.java
@@ -1,13 +1,13 @@
 package javastrava.auth;
 
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
 import javastrava.auth.model.Token;
 import javastrava.auth.ref.AuthorisationScope;
 import javastrava.config.Messages;
 
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
 /**
  * <p>
  * Manages the caching of tokens
@@ -32,9 +32,9 @@ public static TokenManager instance() {
 	}
 
 	/**
-	 * Cached tokens, mapped by username
+	 * Cached tokens, mapped by athlete id
 	 */
-	private final Map<String, Token> tokens;
+	private final Map<Integer, Token> tokens;
 
 	/**
 	 * <p>
@@ -43,7 +43,7 @@ public static TokenManager instance() {
 	 */
 	private TokenManager() {
 		// Initialise as a singleton
-		this.tokens = new HashMap<String, Token>();
+		this.tokens = new HashMap<Integer, Token>();
 	}
 
 	/**
@@ -63,16 +63,16 @@ public void clearTokenCache() {
 	 * of scopes
 	 * </p>
 	 *
-	 * @param username
-	 *            The username
+	 * @param athleteId
+	 *            The athleteId
 	 * @param requiredScopes
 	 *            This list of scopes which must match the scopes of the token
 	 * @return The token with the matching list of scopes, or <code>null</code>
 	 *         if there is no such token
 	 */
-	public Token retrieveTokenWithExactScope(final String username, final AuthorisationScope... requiredScopes) {
+	public Token retrieveTokenWithExactScope(final Integer athleteId, final AuthorisationScope... requiredScopes) {
 		// Get the token from the cache
-		final Token token = this.tokens.get(username);
+		final Token token = this.tokens.get(athleteId);
 
 		// If there's no such token, or it has no scopes, then return null
 		if ((token == null) || (token.getScopes() == null)) {
@@ -109,19 +109,19 @@ public Token retrieveTokenWithExactScope(final String username, final Authorisat
 	 * of scopes
 	 * </p>
 	 *
-	 * @param username The user to look up for a cached token
+	 * @param athleteId The user to look up for a cached token
 	 * @param scopes The set of scopes the token must have
 	 * @return The matching token from the cache, or <code>null</code> if there is no matching token
 	 */
-	public Token retrieveTokenWithExactScope(final String username, final List<AuthorisationScope> scopes) {
+	public Token retrieveTokenWithExactScope(final Integer athleteId, final List<AuthorisationScope> scopes) {
 		if (scopes == null) {
-			return retrieveTokenWithExactScope(username, new AuthorisationScope[] {});
+			return retrieveTokenWithExactScope(athleteId, new AuthorisationScope[] {});
 		}
 		final AuthorisationScope[] array = new AuthorisationScope[scopes.size()];
 		for (int i = 0; i < scopes.size(); i++) {
 			array[i] = scopes.get(i);
 		}
-		return retrieveTokenWithExactScope(username, array);
+		return retrieveTokenWithExactScope(athleteId, array);
 	}
 
 	/**
@@ -130,16 +130,16 @@ public Token retrieveTokenWithExactScope(final String username, final List<Autho
 	 * scopes.
 	 * </p>
 	 *
-	 * @param username
-	 *            The username
+	 * @param athleteId
+	 *            The athleteId
 	 * @param scopes
 	 *            The list of scopes which are required to be in the token
 	 * @return The token, or <code>null</code> if there is no cached token, or
 	 *         the cached token doesn't have all the required scopes
 	 */
-	public Token retrieveTokenWithScope(final String username, final AuthorisationScope... scopes) {
+	public Token retrieveTokenWithScope(final Integer athleteId, final AuthorisationScope... scopes) {
 		// Get the token from cache
-		final Token token = this.tokens.get(username);
+		final Token token = this.tokens.get(athleteId);
 		AuthorisationScope[] authScopes = scopes;
 
 		// If scopes = null
@@ -168,23 +168,23 @@ public Token retrieveTokenWithScope(final String username, final AuthorisationSc
 	 * scopes.
 	 * </p>
 	 *
-	 * @param username
-	 *            The username
+	 * @param athleteId
+	 *            The athleteId
 	 * @param scopes
 	 *            The list of scopes which are required to be in the token
 	 * @return The token, or <code>null</code> if there is no cached token, or
 	 *         the cached token doesn't have all the required scopes
 	 */
-	public Token retrieveTokenWithScope(final String username, final List<AuthorisationScope> scopes) {
+	public Token retrieveTokenWithScope(final Integer athleteId, final List<AuthorisationScope> scopes) {
 
 		if (scopes == null) {
-			return retrieveTokenWithScope(username, new AuthorisationScope[] {});
+			return retrieveTokenWithScope(athleteId, new AuthorisationScope[] {});
 		}
 		final AuthorisationScope[] array = new AuthorisationScope[scopes.size()];
 		for (int i = 0; i < scopes.size(); i++) {
 			array[i] = scopes.get(i);
 		}
-		return retrieveTokenWithExactScope(username, array);
+		return retrieveTokenWithExactScope(athleteId, array);
 
 	}
 
@@ -208,22 +208,22 @@ public void revokeToken(final Token token) {
 	 * @throws IllegalArgumentException If the token is null, or the athlete contained in it is null or has a null email, or there are no authorisation scopes, then
 	 */
 	public void storeToken(final Token token) {
-		String username = null;
+		Integer athleteId = null;
 		if (token == null) {
 			throw new IllegalArgumentException(Messages.string("TokenManager.0")); //$NON-NLS-1$
 		}
 
 		if (token.getAthlete() == null) {
 			throw new IllegalArgumentException(Messages.string("TokenManager.1")); //$NON-NLS-1$
 		}
-		if (token.getAthlete().getEmail() == null) {
-			throw new IllegalArgumentException(Messages.string("TokenManager.2")); //$NON-NLS-1$
-		}
+//		if (token.getAthlete().getEmail() == null) {
+//			throw new IllegalArgumentException(Messages.string("TokenManager.2")); //$NON-NLS-1$
+//		}
 		if (token.getScopes() == null) {
 			throw new IllegalArgumentException(Messages.string("TokenManager.3")); //$NON-NLS-1$
 		}
-		username = token.getAthlete().getEmail();
-		this.tokens.put(username, token);
+		athleteId = token.getAthlete().getId();
+		this.tokens.put(athleteId, token);
 	}
 
 }
diff --git a/Strava API v3/src/javastrava/auth/model/Token.java b/Strava API v3/src/javastrava/auth/model/Token.java
@@ -1,44 +1,18 @@
 package javastrava.auth.model;
 
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-
 import javastrava.auth.AuthorisationService;
 import javastrava.auth.TokenService;
 import javastrava.auth.impl.TokenServiceImpl;
 import javastrava.auth.ref.AuthorisationScope;
 import javastrava.model.StravaAthlete;
 import javastrava.model.StravaEntity;
 import javastrava.model.reference.StravaResourceState;
-import javastrava.service.ActivityService;
-import javastrava.service.AthleteService;
-import javastrava.service.ChallengeService;
-import javastrava.service.ClubGroupEventService;
-import javastrava.service.ClubService;
-import javastrava.service.GearService;
-import javastrava.service.RouteService;
-import javastrava.service.RunningRaceService;
-import javastrava.service.SegmentEffortService;
-import javastrava.service.SegmentService;
-import javastrava.service.StravaService;
-import javastrava.service.StreamService;
-import javastrava.service.UploadService;
-import javastrava.service.WebhookService;
-import javastrava.service.impl.ActivityServiceImpl;
-import javastrava.service.impl.AthleteServiceImpl;
-import javastrava.service.impl.ChallengeServiceImpl;
-import javastrava.service.impl.ClubGroupEventServiceImpl;
-import javastrava.service.impl.ClubServiceImpl;
-import javastrava.service.impl.GearServiceImpl;
-import javastrava.service.impl.RouteServiceImpl;
-import javastrava.service.impl.RunningRaceServiceImpl;
-import javastrava.service.impl.SegmentEffortServiceImpl;
-import javastrava.service.impl.SegmentServiceImpl;
-import javastrava.service.impl.StravaServiceImpl;
-import javastrava.service.impl.StreamServiceImpl;
-import javastrava.service.impl.UploadServiceImpl;
-import javastrava.service.impl.WebhookServiceImpl;
+import javastrava.service.*;
+import javastrava.service.impl.*;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
 
 /**
  * <p>
@@ -287,27 +261,25 @@ public int hashCode() {
 	 * user)
 	 * </p>
 	 *
-	 * @return <code>true</code> if the token contains the {@link AuthorisationScope#VIEW_PRIVATE}
+	 * @return <code>true</code> if the token contains the {@link AuthorisationScope#PROFILE_READ_ALL} or {@link AuthorisationScope#ACTIVITY_READ_ALL}
 	 */
-	public boolean hasViewPrivate() {
-		if ((this.scopes != null) && this.scopes.contains(AuthorisationScope.VIEW_PRIVATE)) {
-			return true;
-		}
-		return false;
-	}
+    public boolean hasViewPrivate() {
+        return (this.scopes != null)
+                && (this.scopes.contains(AuthorisationScope.PROFILE_READ_ALL)
+                || this.scopes.contains(AuthorisationScope.ACTIVITY_READ_ALL));
+    }
 
 	/**
 	 * <p>
 	 * Validates that the token has write access (according to the scopes that it was granted on creation at least; it is quite possible that permissions have subsequently been revoked by the user)
 	 * </p>
 	 *
-	 * @return <code>true</code> if the token contains the {@link AuthorisationScope#WRITE}
+	 * @return <code>true</code> if the token contains the {@link AuthorisationScope#PROFILE_WRITE} or {@link AuthorisationScope#ACTIVITY_WRITE}
 	 */
 	public boolean hasWriteAccess() {
-		if ((this.scopes != null) && this.scopes.contains(AuthorisationScope.WRITE)) {
-			return true;
-		}
-		return false;
+        return (this.scopes != null)
+                && (this.scopes.contains(AuthorisationScope.PROFILE_WRITE)
+                || this.scopes.contains(AuthorisationScope.ACTIVITY_WRITE));
 	}
 
 	/**

diff --git a/Strava API v3/src/javastrava/auth/ref/AuthorisationScope.java b/Strava API v3/src/javastrava/auth/ref/AuthorisationScope.java
@@ -12,24 +12,23 @@
  * @author Dan Shannon
  */
 public enum AuthorisationScope {
-	/**
-	 * <p>
-	 * This authorisation scope allows the Strava API to return data from within the authenticated user's privacy zones
-	 * </p>
-	 */
-	VIEW_PRIVATE(StravaConfig.string("AuthorisationScope.view_private"), Messages.string("AuthorisationScope.view_private.description")),  //$NON-NLS-1$ //$NON-NLS-2$
-	/**
-	 * <p>
-	 * This authorisation scope allows the Strava API to write data - that is to update athlete details, activity details, and to make comments and give kudos to other riders' activities
-	 * </p>
-	 */
-	WRITE(StravaConfig.string("AuthorisationScope.write"), Messages.string("AuthorisationScope.write.description")),  //$NON-NLS-1$ //$NON-NLS-2$
-	/**
-	 * <p>
-	 * Should never occur but may if the Strava API behaviour has changed
-	 * </p>
-	 */
-	UNKNOWN(StravaConfig.string("Common.unknown"), Messages.string("Common.unknown.description")); //$NON-NLS-1$ //$NON-NLS-2$
+
+	READ(StravaConfig.string("AuthorisationScope.read"), Messages.string("AuthorisationScope.read.description")),
+
+	READ_ALL(StravaConfig.string("AuthorisationScope.read_all"), Messages.string("AuthorisationScope.read_all.description")),
+
+	PROFILE_READ_ALL(StravaConfig.string("AuthorisationScope.profile_read_all"), Messages.string("AuthorisationScope.profile_read_all.description")),
+
+	PROFILE_WRITE(StravaConfig.string("AuthorisationScope.profile_write"), Messages.string("AuthorisationScope.profile_write.description")),
+
+	ACTIVITY_READ(StravaConfig.string("AuthorisationScope.activity_read"), Messages.string("AuthorisationScope.activity_read.description")),
+
+	ACTIVITY_READ_ALL(StravaConfig.string("AuthorisationScope.activity_read_all"), Messages.string("AuthorisationScope.activity_read_all.description")),
+
+	ACTIVITY_WRITE(StravaConfig.string("AuthorisationScope.activity_write"), Messages.string("AuthorisationScope.activity_write.description")),
+
+	UNKNOWN(StravaConfig.string("Common.unknown"), Messages.string("Common.unknown.description"));
+
 	/**
 	 * <p>
 	 * Used when deserialising JSON returned by the Strava API