Merge pull request #63 from onewelcome/add-post-endpoint

Add POST /resources API endpoint

Author: osvso

.circleci/config.yml

@@ -1,7 +1,7 @@
 version: 2.1
 
 orbs:
-  onegini-build: onegini/onegini-build@2
+  onegini-build: onegini/onegini-build@3
 
 .dev-context-and-executor: &dev-context-and-executor
   context: dev-context

src/main/java/com/onegini/examples/resourcegateway/web/ResourcesController.java

@@ -4,16 +4,9 @@
 import static com.onegini.examples.resourcegateway.service.ScopeValidationService.SCOPE_READ;
 import static com.onegini.examples.resourcegateway.service.ScopeValidationService.SCOPE_WRITE;
 import static org.springframework.http.HttpHeaders.AUTHORIZATION;
+import static org.springframework.http.HttpHeaders.CONTENT_TYPE;
 import static org.springframework.http.HttpStatus.OK;
 
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.ModelAttribute;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
 import com.onegini.examples.resourcegateway.model.ApplicationDetails;
 import com.onegini.examples.resourcegateway.model.DecoratedUser;
 import com.onegini.examples.resourcegateway.model.DeviceList;
@@ -29,6 +22,19 @@
 import com.onegini.examples.resourcegateway.util.DecoratedUserIdBuilder;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
 
 @Slf4j
 @RestController
@@ -52,18 +58,21 @@ public ResponseEntity<DeviceList> getDevices(@RequestHeader(name = AUTHORIZATION
   }
 
   @GetMapping(value = "/application-details")
-  public ResponseEntity<ApplicationDetails> getApplicationDetails(@RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader) {
+  public ResponseEntity<ApplicationDetails> getApplicationDetails(
+      @RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader) {
     final TokenIntrospectionResult tokenIntrospectionResult = getTokenIntrospectionResultFromHeader(authorizationHeader);
     validateScopeAndTokenType(tokenIntrospectionResult, SCOPE_APPLICATION_DETAILS);
 
-    final ApplicationDetails applicationDetails = new ApplicationDetails(tokenIntrospectionResult.getAppIdentifier(), tokenIntrospectionResult.getAppPlatform(),
-        tokenIntrospectionResult.getAppVersion());
+    final ApplicationDetails applicationDetails =
+        new ApplicationDetails(tokenIntrospectionResult.getAppIdentifier(), tokenIntrospectionResult.getAppPlatform(),
+            tokenIntrospectionResult.getAppVersion());
 
     return new ResponseEntity<>(applicationDetails, OK);
   }
 
   @GetMapping(value = "/user-id-decorated")
-  public ResponseEntity<DecoratedUser> getDecoratedUserId(@RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader) {
+  public ResponseEntity<DecoratedUser> getDecoratedUserId(
+      @RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader) {
     final TokenIntrospectionResult tokenIntrospectionResult = getTokenIntrospectionResultFromHeader(authorizationHeader);
 
     tokenTypeValidationService.validateImplicitAuthenticationToken(tokenIntrospectionResult.getAmr());
@@ -76,8 +85,9 @@ public ResponseEntity<DecoratedUser> getDecoratedUserId(@RequestHeader(name = AU
   }
 
   @PostMapping(value = "/file-upload")
-  public ResponseEntity<MultipartResponse> fileUpload(@RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader,
-                                                      @ModelAttribute final FormDataWithFiles formDataWithFiles) {
+  public ResponseEntity<MultipartResponse> fileUpload(
+      @RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader,
+      @ModelAttribute final FormDataWithFiles formDataWithFiles) {
     final TokenIntrospectionResult tokenIntrospectionResult = getTokenIntrospectionResultFromHeader(authorizationHeader);
     validateScopeAndTokenType(tokenIntrospectionResult, SCOPE_WRITE);
 
@@ -86,6 +96,25 @@ public ResponseEntity<MultipartResponse> fileUpload(@RequestHeader(name = AUTHOR
     return new ResponseEntity<>(multipartResponse, OK);
   }
 
+  @PostMapping
+  public void postResource(@RequestHeader(name = AUTHORIZATION, required = false) final String authorizationHeader,
+                           final HttpServletRequest request, final HttpServletResponse response) throws IOException {
+    final TokenIntrospectionResult tokenIntrospectionResult = getTokenIntrospectionResultFromHeader(authorizationHeader);
+    validateScopeAndTokenType(tokenIntrospectionResult, SCOPE_WRITE);
+    response.setStatus(HttpServletResponse.SC_CREATED);
+    response.setHeader(CONTENT_TYPE, request.getHeader(CONTENT_TYPE));
+
+    byte[] buffer = new byte[1024];
+    try (
+        InputStream input = request.getInputStream();
+        OutputStream output = response.getOutputStream()) {
+      for (int length = 0; (length = input.read(buffer)) > 0; ) {
+        output.write(buffer, 0, length);
+      }
+    }
+    response.flushBuffer();
+  }
+
   private void validateScopeAndTokenType(final TokenIntrospectionResult tokenIntrospectionResult, final String requiredScope) {
     scopeValidationService.validateScopeGranted(tokenIntrospectionResult.getScope(), requiredScope);
     tokenTypeValidationService.validateNoImplicitAuthenticationToken(tokenIntrospectionResult.getAmr());