[JBIDE-126] Corrected scopes, expires_in_seconds

src/main/java/com/openshift/client/IAuthorization.java

@@ -21,7 +21,8 @@
 public interface IAuthorization extends IOpenShiftResource {
 
 	public static String SCOPE_SESSION = "session";
-	public static String SCOPE_SESSION_READ = "session read";
+	public static String SCOPE_READ = "read";
+	public static String SCOPE_USERINFO = "userinfo";
 	public static int NO_EXPIRES_IN = -1;
 
 	/**

src/main/java/com/openshift/internal/client/AuthorizationResource.java

@@ -62,7 +62,7 @@ public String toString() {
 				+ "id=" + id + ", "
 				+ "note=" + note + ", "
 				+ "scopes=" + scopes + ", "
-				+ "token=" + token
+				+ "token=" + token + ", "
 				+ "expiresIn=" + expiresIn
 				+ "]";
 	}

src/main/java/com/openshift/internal/client/response/OpenShiftJsonDTOFactory.java

@@ -20,7 +20,7 @@
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_DESCRIPTION;
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_DISPLAY_NAME;
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_DOMAIN_ID;
-import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_EXPIRES_IN;
+import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_EXPIRES_IN_SECONDS;
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_FRAMEWORK;
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_GEARS;
 import static com.openshift.internal.client.utils.IOpenShiftJsonConstants.PROPERTY_GEAR_PROFILE;
@@ -161,7 +161,7 @@ private AuthorizationResourceDTO createAuthorization(ModelNode dataNode, Message
         final String note = getAsString(dataNode, PROPERTY_NOTE);
         final String scopes = getAsString(dataNode, PROPERTY_SCOPES);
         final String token = getAsString(dataNode, PROPERTY_TOKEN);
-        final int expiresIn = getAsInteger(dataNode, PROPERTY_EXPIRES_IN);
+        final int expiresIn = getAsInteger(dataNode, PROPERTY_EXPIRES_IN_SECONDS);
         final Map<String, Link> links = createLinks(dataNode.get(PROPERTY_LINKS));
         return new AuthorizationResourceDTO(id, note, scopes, token, expiresIn, links, messages);
      }

src/main/java/com/openshift/internal/client/utils/IOpenShiftJsonConstants.java

@@ -55,7 +55,8 @@ public class IOpenShiftJsonConstants {
 	public static final String PROPERTY_INFO = "info";
 	public static final String PROPERTY_NOTE= "note";
 	public static final String PROPERTY_SCOPES= "scopes";
-    public static final String PROPERTY_EXPIRES_IN= "expires_in";
+	public static final String PROPERTY_EXPIRES_IN= "expires_in";
+	public static final String PROPERTY_EXPIRES_IN_SECONDS= "expires_in_seconds";
 	public static final String PROPERTY_TOKEN= "token";
 	public static final String PROPERTY_INITIAL_GIT_URL = "initial_git_url";
 	public static final String PROPERTY_INTERNAL_PORT = "internal_port";

src/test/java/com/openshift/internal/client/AuthorizationIntegrationTest.java

@@ -14,16 +14,21 @@
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertThat;
+import org.junit.internal.matchers.StringContains;
 
 import java.io.IOException;
 
 import org.junit.Before;
 import org.junit.Test;
+import java.util.List;
 
 import com.openshift.client.IAuthorization;
 import com.openshift.client.IOpenShiftConnection;
 import com.openshift.client.IUser;
 import com.openshift.client.OpenShiftException;
+import com.openshift.client.OpenShiftEndpointException;
+import com.openshift.client.IOpenShiftSSHKey;
 import com.openshift.client.utils.TestConnectionFactory;
 import com.openshift.internal.client.httpclient.HttpClientException;
 
@@ -63,17 +68,17 @@ public void shouldCreateGenericAuthorization() throws Exception {
 	@Test
 	public void shouldCreateAuthorization() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION);
 		assertNotNull(authorization.getToken());
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 
 		// operations
 		IOpenShiftConnection connection =
 				new TestConnectionFactory().getAuthTokenConnection(authorization.getToken());
 		authorization = connection.getUser().getAuthorization();
 
 		// verifications
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 		assertEquals(authorization.getNote(), "my note");
 
 		authorization.destroy();
@@ -82,9 +87,9 @@ public void shouldCreateAuthorization() throws Exception {
 	@Test
 	public void shouldCreateAuthorizationWithExpiration() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ, 600);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION, 600);
 		assertNotNull(authorization.getToken());
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 
 		// operations
 		IOpenShiftConnection connection =
@@ -93,19 +98,20 @@ public void shouldCreateAuthorizationWithExpiration() throws Exception {
 		authorization = connection.getUser().getAuthorization();
 
 		// verifications
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 		assertEquals(authorization.getNote(), "my note");
-		assertEquals(authorization.getExpiresIn(), 600);
+    		//check for time remaining on the token now
+    		assertTrue((authorization.getExpiresIn() <= 600));
 
 		authorization.destroy();
 	}
 
 	@Test
 	public void shouldReplaceExistingAuthorization() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ, 600);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_READ, 600);
 		assertNotNull(authorization.getToken());
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_READ);
 
 		// operations
 		user.createAuthorization("new note", IAuthorization.SCOPE_SESSION);
@@ -122,4 +128,71 @@ public void shouldReplaceExistingAuthorization() throws Exception {
 		authorization.destroy();
 		newAuthorization.destroy();
 	}
+
+    @Test
+    public void shouldCheckReadPermissions() throws Exception {
+        // pre-conditions
+        IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_READ, 600);
+        assertNotNull(authorization.getToken());
+        assertEquals(authorization.getScopes(), IAuthorization.SCOPE_READ);
+
+        try {
+        //read scope should not be allowed to create new authorizations
+        IOpenShiftConnection connection = 
+                new TestConnectionFactory().getAuthTokenConnection(authorization.getToken());
+        connection.getUser().createAuthorization("shouldn't be allowed", IAuthorization.SCOPE_SESSION, 600);
+        //should never get here 
+        assertTrue(false);
+        } catch (OpenShiftEndpointException ex){
+            assertThat(ex.getMessage(), StringContains.containsString("This action is not allowed with your current authorization"));
+        }
+	//clean up
+	authorization.destroy();
+
+    }
+
+    @Test
+    public void shouldCheckUserInfoPermissions() throws Exception {
+        // pre-conditions
+        IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_USERINFO, 600);
+        assertNotNull(authorization.getToken());
+        assertEquals(authorization.getScopes(), IAuthorization.SCOPE_USERINFO);
+
+        try {
+            //userinfo scope should not be allowed to obtain SSH keys
+            IOpenShiftConnection connection =
+                    new TestConnectionFactory().getAuthTokenConnection(authorization.getToken());
+            List<IOpenShiftSSHKey> sshKeyList=connection.getUser().getSSHKeys();
+            //should never get here 
+            assertTrue(false);
+        } catch (OpenShiftEndpointException ex){
+            assertThat(ex.getMessage(), StringContains.containsString("This action is not allowed with your current authorization"));
+        }
+	//clean up
+	authorization.destroy();
+
+    }
+
+    @Test
+    public void shouldCheckTokenExpiration() throws Exception {
+        // pre-conditions
+        IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION, 3);
+        assertNotNull(authorization.getToken());
+        assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
+        //sleep for 5 seconds
+        Thread.sleep(5000);
+
+        try {
+            //an expired token should fail getting user info
+            IOpenShiftConnection connection =
+                    new TestConnectionFactory().getAuthTokenConnection(authorization.getToken());
+            connection.getUser();
+            //should never get here 
+            assertTrue(false);
+        } catch (OpenShiftEndpointException ex){
+            assertThat(ex.getMessage(), StringContains.containsString("Your credentials are not authorized to access"));
+        }
+	//clean up
+	authorization.destroy();
+    }
 }

src/test/java/com/openshift/internal/client/AuthorizationTest.java

@@ -66,7 +66,7 @@ public void shouldCreateGenericAuthorization() throws Exception {
 	@Test
 	public void shouldCreateAuthorization() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION);
 		assertNotNull(authorization.getToken());
 
 		// operations
@@ -75,7 +75,7 @@ public void shouldCreateAuthorization() throws Exception {
 		authorization = connection.getUser().getAuthorization();
 
 		// verifications
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 		assertEquals(authorization.getNote(), "my note");
 
 		authorization.destroy();
@@ -84,7 +84,7 @@ public void shouldCreateAuthorization() throws Exception {
 	@Test
 	public void shouldCreateAuthorizationWithExpiration() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ, 600);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION, 600);
 		assertNotNull(authorization.getToken());
 
 		// operations
@@ -93,7 +93,7 @@ public void shouldCreateAuthorizationWithExpiration() throws Exception {
 		authorization = connection.getUser().getAuthorization();
 
 		// verifications
-		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION_READ);
+		assertEquals(authorization.getScopes(), IAuthorization.SCOPE_SESSION);
 		assertEquals(authorization.getNote(), "my note");
 
 		authorization.destroy();
@@ -102,7 +102,7 @@ public void shouldCreateAuthorizationWithExpiration() throws Exception {
 	@Test
 	public void shouldDestroyAuthorization() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ, 600);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_READ, 600);
 		assertNotNull(authorization.getToken());
 
 		// operations
@@ -119,7 +119,7 @@ public void shouldDestroyAuthorization() throws Exception {
 	@Test
 	public void shouldCreateNewAuthorization() throws Exception {
 		// pre-conditions
-		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_SESSION_READ, 600);
+		IAuthorization authorization = user.createAuthorization("my note", IAuthorization.SCOPE_READ, 600);
 		assertNotNull(authorization.getToken());
 
 		// operations