fix(jans-auth-server): dynamic client registration managment delete e…

…vent #1206
JanssenProject · Apr 18, 2022 · 911e54b · 911e54b
1 parent 90f77c3
commit 911e54b
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 3 deletions.
diff --git a/...-server/server/src/main/java/io/jans/as/server/register/ws/rs/RegisterRestWebService.java b/...-server/server/src/main/java/io/jans/as/server/register/ws/rs/RegisterRestWebService.java
@@ -108,5 +108,6 @@ Response requestClientRead(
     Response delete(
             @QueryParam("client_id") String clientId,
             @HeaderParam("Authorization") String authorization,
+            @Context HttpServletRequest httpRequest,
             @Context SecurityContext securityContext);
 }
diff --git a/...ver/server/src/main/java/io/jans/as/server/register/ws/rs/RegisterRestWebServiceImpl.java b/...ver/server/src/main/java/io/jans/as/server/register/ws/rs/RegisterRestWebServiceImpl.java
@@ -67,7 +67,7 @@ public Response requestClientRead(String clientId, String authorization, HttpSer
     }
 
     @Override
-    public Response delete(String clientId, String authorization, SecurityContext securityContext) {
-        return registerDeleteAction.delete(clientId, authorization, securityContext);
+    public Response delete(String clientId, String authorization, HttpServletRequest httpRequest,  SecurityContext securityContext) {
+        return registerDeleteAction.delete(clientId, authorization, httpRequest, securityContext);
     }
 }
diff --git a/...er/server/src/main/java/io/jans/as/server/register/ws/rs/action/RegisterDeleteAction.java b/...er/server/src/main/java/io/jans/as/server/register/ws/rs/action/RegisterDeleteAction.java
@@ -12,6 +12,9 @@
 import io.jans.as.model.configuration.AppConfiguration;
 import io.jans.as.model.error.ErrorResponseFactory;
 import io.jans.as.model.register.RegisterErrorResponseType;
+import io.jans.as.server.audit.ApplicationAuditLogger;
+import io.jans.as.server.model.audit.Action;
+import io.jans.as.server.model.audit.OAuth2AuditLog;
 import io.jans.as.server.model.registration.RegisterParamsValidator;
 import io.jans.as.server.register.ws.rs.RegisterValidator;
 import io.jans.as.server.service.ClientService;
@@ -22,6 +25,7 @@
 import javax.ejb.Stateless;
 import javax.inject.Inject;
 import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
@@ -56,7 +60,13 @@ public class RegisterDeleteAction {
     @Inject
     private RegisterValidator registerValidator;
 
-    public Response delete(String clientId, String authorization, SecurityContext securityContext) {
+    @Inject
+    private ApplicationAuditLogger applicationAuditLogger;
+
+    public Response delete(String clientId, String authorization, HttpServletRequest httpRequest, SecurityContext securityContext) {
+        OAuth2AuditLog auditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_DELETE);
+        auditLog.setClientId(clientId);
+
         try {
             errorResponseFactory.validateComponentEnabled(ComponentType.REGISTRATION);
             String accessToken = tokenService.getToken(authorization);
@@ -78,6 +88,7 @@ public Response delete(String clientId, String authorization, SecurityContext se
             }
 
             clientService.remove(client);
+            auditLog.setSuccess(true);
 
             return Response
                     .status(Response.Status.NO_CONTENT)
@@ -91,6 +102,8 @@ public Response delete(String clientId, String authorization, SecurityContext se
         } catch (Exception e) {
             log.error(e.getMessage(), e);
             throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, RegisterErrorResponseType.INVALID_CLIENT_METADATA, "Failed to process request.");
+        } finally {
+            applicationAuditLogger.sendMessage(auditLog);
         }
     }
 }