Bug 1510653 - API method for returning users profile information when…

… given a valid oauth2 access token
mozilla-bteam · Nov 28, 2018 · 926889f · 926889f
1 parent 9b8238f
commit 926889f
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 34 deletions.
diff --git a/Bugzilla/Quantum.pm b/Bugzilla/Quantum.pm
@@ -24,6 +24,7 @@ use Bugzilla::Quantum::CGI;
 use Bugzilla::Quantum::OAuth2 qw(oauth2);
 use Bugzilla::Quantum::SES;
 use Bugzilla::Quantum::Home;
+use Bugzilla::Quantum::API;
 use Bugzilla::Quantum::Static;
 use Mojo::Loader qw( find_modules );
 use Module::Runtime qw( require_module );
@@ -139,6 +140,8 @@ sub setup_routes {
   $r->any('/login')->to('CGI#index_cgi' => {'GoAheadAndLogIn' => '1'});
   $r->any('/:new_bug' => [new_bug => qr{new[-_]bug}])->to('CGI#new_bug_cgi');
 
+  $r->get('/api/user/profile')->to('API#user_profile');
+
   my $ses_auth = $r->under(
     '/ses' => sub {
       my ($c) = @_;

diff --git a/Bugzilla/Quantum/API.pm b/Bugzilla/Quantum/API.pm
@@ -0,0 +1,32 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# This Source Code Form is "Incompatible With Secondary Licenses", as
+# defined by the Mozilla Public License, v. 2.0.
+
+package Bugzilla::Quantum::API;
+use 5.10.1;
+use Mojo::Base qw( Mojolicious::Controller );
+
+sub user_profile {
+  my ($self) = @_;
+
+  my $user = $self->bugzilla->oauth('user:read');
+  if ($user && $user->id) {
+    $self->render(
+      json => {
+        id     => $user->id,
+        name   => $user->name,
+        login  => $user->login,
+        nick   => $user->nick,
+        groups => [map { $_->name } @{$user->groups}],
+      }
+    );
+  }
+  else {
+    $self->render( status => 401, text => 'Unauthorized');
+  }
+}
+
+1;
diff --git a/t/mojo-oauth2.t b/t/mojo-oauth2.t
@@ -121,14 +121,13 @@ my $access_data = $t->tx->res->json;
 # Using the access token (bearer) we are able to authenticate for an API call.
 
 # 1. Access API unauthenticated and should generate a login_required error
-$t->get_ok('/oauth/whoami')->status_is(401)
-  ->json_is('/error' => 'login_required');
+$t->get_ok('/api/user/profile')->status_is(401);
 
 # 2. Passing a Bearer header containing the access token, the server should
 # allow us to get data about our user
-$t->get_ok('/oauth/whoami' =>
+$t->get_ok('/api/user/profile' =>
     {Authorization => 'Bearer ' . $access_data->{access_token}})
-  ->status_is(200)->json_is('/name' => $oauth_login);
+  ->status_is(200)->json_is('/login' => $oauth_login);
 
 done_testing;
 
@@ -144,34 +143,5 @@ sub _setup_routes {
       return;
     }
   );
-
-  # API call for testing oauth authentication
-  $r->get(
-    '/oauth/whoami' => sub {
-      my $c = shift;
-
-      my $user = $c->bugzilla->oauth('user:read');
-
-      if ($user && $user->id) {
-        $c->render(
-          status => 200,
-          json   => {
-            id       => $user->id,
-            name     => $user->login,
-            realname => $user->name
-          }
-        );
-      }
-      else {
-        $c->render(
-          status => 401,
-          json   => {
-            error => 'login_required',
-            error_description =>
-              'You must log in before using this part of Bugzilla.'
-          }
-        );
-      }
-    }
-  );
 }
+