From 80aef6a4aa747a7ea3306e4b9890ff9a31deb731 Mon Sep 17 00:00:00 2001
From: Martin Vogel <martin.vogel@sinc.de>
Date: Wed, 8 Jun 2022 09:16:20 +0200
Subject: [PATCH] #414 Change scope to vararg since there can be multiple scope
 for one client configuration

---
 api/src/main/java/fitconnect/api/Sender.java              | 4 ++--
 api/src/main/java/fitconnect/api/auth/OAuthService.java   | 2 +-
 .../src/main/java/fitconnect/client/FitCoAuthService.java | 8 +++++---
 .../src/main/java/fitconnect/client/SubmissionSender.java | 2 +-
 4 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/api/src/main/java/fitconnect/api/Sender.java b/api/src/main/java/fitconnect/api/Sender.java
index eda9265e6..c5d1061b0 100644
--- a/api/src/main/java/fitconnect/api/Sender.java
+++ b/api/src/main/java/fitconnect/api/Sender.java
@@ -17,10 +17,10 @@ public interface Sender {
      *
      * @param clientId - a unique identifier within the FIT-Co platform environment
      * @param clientSecret - a secret that is only known by the application and the OAuth server
-     * @param scope - OAuth scope that determines if a submission is accepted by the client
+     * @param scope - OAuth scope(s) that determines if a submission is accepted by the client
      * @return {@link OAuthToken} that holds the access-token
      */
-    OAuthToken retrieveAuthenticationToken(final String clientId, final String clientSecret, String scope);
+    OAuthToken retrieveAuthenticationToken(final String clientId, final String clientSecret, String... scope);
 
     // TODO
     ValidationResult validateCertificateChain(byte[] chain);
diff --git a/api/src/main/java/fitconnect/api/auth/OAuthService.java b/api/src/main/java/fitconnect/api/auth/OAuthService.java
index 9738968d3..738969c92 100644
--- a/api/src/main/java/fitconnect/api/auth/OAuthService.java
+++ b/api/src/main/java/fitconnect/api/auth/OAuthService.java
@@ -4,5 +4,5 @@ import java.util.Optional;
 
 public interface OAuthService {
 
-    Optional<OAuthToken> authenticate(String clientId, String clientSecret, String scope);
+    Optional<OAuthToken> authenticate(String clientId, String clientSecret, String... scope);
 }
diff --git a/client/src/main/java/fitconnect/client/FitCoAuthService.java b/client/src/main/java/fitconnect/client/FitCoAuthService.java
index 68bf6a05d..3e6167041 100644
--- a/client/src/main/java/fitconnect/client/FitCoAuthService.java
+++ b/client/src/main/java/fitconnect/client/FitCoAuthService.java
@@ -10,6 +10,7 @@ import java.net.URI;
 import java.net.http.HttpClient;
 import java.net.http.HttpRequest;
 import java.net.http.HttpResponse;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Optional;
 import java.util.logging.Level;
@@ -31,7 +32,7 @@ public class FitCoAuthService implements OAuthService {
     }
 
     @Override
-    public Optional<OAuthToken> authenticate(String clientId, String clientSecret, String scope) {
+    public Optional<OAuthToken> authenticate(String clientId, String clientSecret, String... scope) {
         final String requestBody = buildRequestBody(clientId, clientSecret, scope);
         try {
             return Optional.of(performTokenRequest(requestBody));
@@ -41,14 +42,15 @@ public class FitCoAuthService implements OAuthService {
         }
     }
 
-    private String buildRequestBody(String clientId, String clientSecret, String scope) {
+    private String buildRequestBody(String clientId, String clientSecret, String... scope) {
         var data = new HashMap<String, String>() {{
             put("grant_type", "client_credentials");
             put("client_id", clientId);
             put("client_secret", clientSecret);
-            put("scope", scope);
         }};
 
+        Arrays.stream(scope).forEach(s -> data.put("scope", s));
+
         return data.entrySet()
                 .stream()
                 .map(e -> e.getKey() + "=" + e.getValue())
diff --git a/client/src/main/java/fitconnect/client/SubmissionSender.java b/client/src/main/java/fitconnect/client/SubmissionSender.java
index eccc5df15..178b92b3a 100644
--- a/client/src/main/java/fitconnect/client/SubmissionSender.java
+++ b/client/src/main/java/fitconnect/client/SubmissionSender.java
@@ -18,7 +18,7 @@ public class SubmissionSender implements Sender {
     }
 
     @Override
-    public OAuthToken retrieveAuthenticationToken(String clientId, String clientSecret, String scope) {
+    public OAuthToken retrieveAuthenticationToken(String clientId, String clientSecret, String... scope) {
         return authService.authenticate(clientId, clientSecret, scope).orElseThrow();
     }
 
-- 
GitLab