[#44841] rework of api endpoints

- added representer for oauth client credentials and oauth applications

app/models/oauth_credentials_representer.rb

@@ -1,3 +0,0 @@
-class OAuthCredentialsRepresenter
-
-end

docs/api/apiv3/components/schemas/oauth_application_read_model.yml

@@ -0,0 +1,53 @@
+# Schema: OAuthApplicationReadModel
+---
+type: object
+required:
+  - id
+  - _type
+  - clientId
+  - confidential
+properties:
+  id:
+    type: integer
+    minimum: 1
+  _type:
+    type: string
+    enum:
+      - OauthClientCredentials
+  clientId:
+    type: string
+    description: OAuth 2 client id
+  clientSecret:
+    type: string
+    description: OAuth 2 client secret
+  confidential:
+    type: boolean
+    description: true, if OAuth 2 credentials are confidential, false, if no secret is stored
+  createdAt:
+    type: string
+    format: date-time
+    description: The time the OAuth 2 Application was created at
+  updatedAt:
+    type: string
+    format: date-time
+    description: The time the OAuth 2 Application was last updated
+  scopes:
+    type: array
+    description: An array of the scopes of the OAuth 2 Application
+    items:
+      type: string
+  _links:
+    type: object
+    required:
+      - owner
+      - redirectUri
+    properties:
+      owner:
+      integration:
+      redirectUri:
+
+example:
+  id: 1337
+  _type: OauthClientCredentials
+  clientId: O5h6WObhMg1Z8IcLHRE3_LMh4jJYmmca2V6OTFSv8DA
+  confidential: true

docs/api/apiv3/components/schemas/oauth_client_credentials_read_model.yml

@@ -1,4 +1,4 @@
-# Schema: OauthCredentialsReadModel
+# Schema: OAuthClientCredentialsReadModel
 ---
 type: object
 required:
@@ -13,7 +13,7 @@ properties:
   _type:
     type: string
     enum:
-      - OauthCredentials
+      - OauthClientCredentials
   clientId:
     type: string
     description: OAuth 2 client id
@@ -23,6 +23,6 @@ properties:
 
 example:
   id: 1337
-  _type: OauthCredentials
+  _type: OauthClientCredentials
   clientId: O5h6WObhMg1Z8IcLHRE3_LMh4jJYmmca2V6OTFSv8DA
   confidential: true

docs/api/apiv3/components/schemas/oauth_client_credentials_write_model.yml

@@ -1,4 +1,4 @@
-# Schema: OauthCredentialsWriteModel
+# Schema: OAuthClientCredentialsWriteModel
 ---
 type: object
 required:

docs/api/apiv3/components/schemas/storage_read_model.yml

@@ -28,10 +28,13 @@ properties:
   _embedded:
     type: object
     required:
-      - oauthCredentials
+      - oauthApplication
+      - oauthClientCredentials
     properties:
-      oauthCredentials:
-        $ref: './oauth_credentials_read_model.yml'
+      oauthApplication:
+        $ref: './oauth_client_credentials_read_model.yml'
+      oauthClientCredentials:
+        $ref: './oauth_client_credentials_read_model.yml'
   _links:
     type: object
     required:
@@ -93,7 +96,18 @@ properties:
               - urn:openproject-org:api:v3:storages:authorization:FailedAuthorization
               
               **Resource**: N/A
-      oauthCredentials:
+      oauthApplication:
+        allOf:
+          - $ref: './link.yml'
+          - description: |-
+              The OAuth 2 provider application linked to the storage.
+
+              # Conditions
+
+              - User has role `admin`
+
+              **Resource**: OAuthApplication
+      oauthClientCredentials:
         allOf:
           - $ref: './link.yml'
           - description: |-
@@ -103,7 +117,7 @@ properties:
 
               - User has role `admin`
 
-              **Resource**: OauthCredentials
+              **Resource**: OAuthClientCredentials
 example:
   id: 1337
   _type: Storage
@@ -127,5 +141,8 @@ example:
     authorize:
       href: https://nextcloud.deathstar.rocks/authorize/
       title: Authorize
-    oauthCredentials:
+    oauthApplication:
+      href: /api/v3/oauth_credentials/42
+      title: It's no moon (Nextcloud)
+    oauthClientCredentials:
       href: /api/v3/oauth_credentials/42

docs/api/apiv3/openapi-spec.yml

@@ -361,8 +361,8 @@ paths:
     "$ref": "./paths/storage.yml"
   "/api/v3/storages/{id}/files":
     "$ref": "./paths/storage_files.yml"
-  "/api/v3/storages/{id}/oauth_credentials":
-    "$ref": "./paths/storage_oauth_credentials.yml"
+  "/api/v3/storages/{id}/oauth_client_credentials":
+    "$ref": "./paths/storage_oauth_client_credentials.yml"
   "/api/v3/time_entries":
     "$ref": "./paths/time_entries.yml"
   "/api/v3/time_entries/{id}/form":
@@ -658,10 +658,10 @@ components:
       "$ref": "./components/schemas/notification_settings_model.yml"
     Offset_based_pagination:
       "$ref": "./components/schemas/offset_based_pagination.yml"
-    OauthCredentialsReadModel:
-      "$ref": "./components/schemas/oauth_credentials_read_model.yml"
-    OauthCredentialsWriteModel:
-      "$ref": "./components/schemas/oauth_credentials_write_model.yml"
+    OauthClientCredentialsReadModel:
+      "$ref": "./components/schemas/oauth_client_credentials_read_model.yml"
+    OauthClientCredentialsWriteModel:
+      "$ref": "./components/schemas/oauth_client_credentials_write_model.yml"
     Plain_Text:
       "$ref": "./components/schemas/plain_text.yml"
     Plain_TextModel:

docs/api/apiv3/paths/storage_oauth_client_credentials.yml

@@ -1,7 +1,7 @@
-# /api/v3/storages/{id}/oauth_credentials
+# /api/v3/storages/{id}/oauth_client_credentials
 ---
 post:
-  summary: Creates an oauth credentials object for a storage.
+  summary: Creates an oauth client credentials object for a storage.
   operationId: create_storage_oauth_credentials
   tags:
     - File links
@@ -20,14 +20,14 @@ post:
     content:
       application/json:
         schema:
-          $ref: '../components/schemas/oauth_credentials_write_model.yml'
+          $ref: '../components/schemas/oauth_client_credentials_write_model.yml'
   responses:
     '201':
       description: Created
       content:
         application/hal+json:
           schema:
-            $ref: '../components/schemas/oauth_credentials_read_model.yml'
+            $ref: '../components/schemas/storage_read_model.yml'
     '403':
       content:
         application/hal+json:

lib/api/v3/oauth/oauth_applications_representer.rb

@@ -31,9 +31,11 @@ module API::V3::OAuth
     include API::Decorators::LinkedResource
     include API::Decorators::DateProperty
 
+    self_link
+
     property :id
 
-    property :uid, as: :client_id
+    property :uid, as: :clientId
 
     property :confidential
 
@@ -65,7 +67,7 @@ module API::V3::OAuth
       }
     end
 
-    link :redirect_uri do
+    link :redirectUri do
       {
         href: represented.redirect_uri
       }

lib/api/v3/oauth/oauth_client_credentials_representer.rb

@@ -30,6 +30,8 @@ module API::V3::OAuth
   class OAuthClientCredentialsRepresenter < ::API::Decorators::Single
     include API::Decorators::LinkedResource
 
+    self_link title: false
+
     property :id
 
     property :client_id

lib/api/v3/utilities/path_helper.rb

@@ -283,6 +283,10 @@ module API
             alias :issue_priority :priority
           end
 
+          show :oauth_application
+
+          show :oauth_client_credentials
+
           resources :project
 
           show :project_status

modules/storages/lib/api/v3/oauth_client/oauth_client_credentials_api.rb

@@ -26,8 +26,8 @@
 # See COPYRIGHT and LICENSE files for more details.
 #++
 
-module API::V3::OAuthCredentials
-  class OAuthCredentialsAPI < ::API::OpenProjectAPI
+module API::V3::OAuthClient
+  class OAuthClientCredentialsAPI < ::API::OpenProjectAPI
     resources :oauth_credentials do
       post &::API::V3::Utilities::Endpoints::Create
               .new(model: ::OAuthClient,

modules/storages/lib/api/v3/storages/oauth_credentials_representer.rb

@@ -1,43 +0,0 @@
-#-- copyright
-# OpenProject is an open source project management software.
-# Copyright (C) 2012-2022 the OpenProject GmbH
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License version 3.
-#
-# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
-# Copyright (C) 2006-2013 Jean-Philippe Lang
-# Copyright (C) 2010-2013 the ChiliProject Team
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-#
-# See COPYRIGHT and LICENSE files for more details.
-#++
-
-module API::V3::Storages
-  class OAuthCredentialsRepresenter < ::API::Decorators::Single
-    property :uid, as: :clientId
-
-    property :plaintext_secret, as: :clientSecret
-
-    def _type
-      'OauthCredentials'
-    end
-
-    link :self do
-      { href: "#{::API::V3::URN_PREFIX}storages:oauth_credentials:no_link_provided" }
-    end
-  end
-end

modules/storages/lib/api/v3/storages/storage_representer.rb

@@ -127,10 +127,10 @@ module API::V3::Storages
     end
 
     associated_resource :oauth_application,
+                        skip_render: ->(*) { !current_user.admin? },
                         getter: ->(*) {
                           ::API::V3::OAuth::OAuthApplicationsRepresenter.create(@oauth_application, current_user:)
                         },
-                        # representer: ::API::V3::OAuth::OAuthApplicationsRepresenter,
                         link: ->(*) {
                           {
                             href: "/api/v3/oauth_applications/#{@oauth_application.id}",
@@ -138,6 +138,16 @@ module API::V3::Storages
                           }
                         }
 
+    associated_resource :oauth_client,
+                        as: :oauthClientCredentials,
+                        skip_render: ->(*) { !current_user.admin? || represented.oauth_client.blank? },
+                        representer: ::API::V3::OAuth::OAuthClientCredentialsRepresenter,
+                        link: ->(*) {
+                          return { href: nil } if represented.oauth_client.blank?
+
+                          { href: "/api/v3/oauth_client_credentials/#{represented.oauth_client.id}" }
+                        }
+
     def _type
       'Storage'
     end

modules/storages/lib/api/v3/storages/storages_api.rb

@@ -61,12 +61,12 @@ class API::V3::Storages::StoragesAPI < ::API::OpenProjectAPI
       # route.
       get &::API::V3::Utilities::Endpoints::Show.new(model: ::Storages::Storage).mount
 
-      put &::API::V3::Utilities::Endpoints::Update.new(model: ::Storages::Storage).mount
+      patch &::API::V3::Utilities::Endpoints::Update.new(model: ::Storages::Storage).mount
 
       delete &::API::V3::Utilities::Endpoints::Delete.new(model: ::Storages::Storage).mount
 
       mount API::V3::StorageFiles::StorageFilesAPI
-      mount API::V3::OAuthCredentials::OAuthCredentialsAPI
+      mount API::V3::OAuthClient::OAuthClientCredentialsAPI
     end
   end
 end