Edit some of the details of OAuth2 clients

3 files changed, 119 insertions, 3 deletions

diff --git a/gn3/auth/authorisation/users/admin/views.py b/gn3/auth/authorisation/users/admin/views.py
index 11152d2..c199b9f 100644
--- a/gn3/auth/authorisation/users/admin/views.py
+++ b/gn3/auth/authorisation/users/admin/views.py
@@ -24,7 +24,8 @@ from gn3.auth.db_utils import with_db_connection
 from gn3.auth.authentication.oauth2.models.oauth2client import (
     save_client,
     OAuth2Client,
-    oauth2_clients)
+    oauth2_clients,
+    client as oauth2_client)
 from gn3.auth.authentication.users import (
     User,
     user_by_id,
@@ -169,3 +170,43 @@ def list_clients():
     return render_template(
         "admin/list-oauth2-clients.html",
         clients=with_db_connection(oauth2_clients))
+
+@admin.route("/view-client/<uuid:client_id>", methods=["GET"])
+@is_admin
+def view_client(client_id: uuid.UUID):
+    """View details of OAuth2 client with given `client_id`."""
+    return render_template(
+        "admin/view-oauth2-client.html",
+        client=with_db_connection(partial(oauth2_client, client_id=client_id)),
+        scope=current_app.config["OAUTH2_SCOPE"])
+
+@admin.route("/edit-client", methods=["POST"])
+@is_admin
+def edit_client():
+    """Edit the details of the given client."""
+    form = request.form
+    the_client = with_db_connection(partial(
+        oauth2_client, client_id=uuid.UUID(form["client_id"])))
+    if the_client.is_nothing():
+        flash("No such client.", "alert-error")
+        return redirect(url_for("oauth2.admin.list_clients"))
+    the_client = the_client.value
+    client_metadata = {
+        **the_client.client_metadata,
+        "default_redirect_uri": form["default_redirect_uri"],
+        "redirect_uris": list(set(
+            [form["default_redirect_uri"]] +
+            form["other_redirect_uris"].split("\r\n"))),
+        "grants": form.getlist("grants[]"),
+        "scope": form.getlist("scope[]")
+    }
+    with_db_connection(partial(save_client, the_client=OAuth2Client(
+        the_client.client_id,
+        the_client.client_secret,
+        the_client.client_id_issued_at,
+        the_client.client_secret_expires_at,
+        client_metadata,
+        the_client.user)))
+    flash("Client updated.", "alert-success")
+    return redirect(url_for("oauth2.admin.view_client",
+                            client_id=the_client.client_id))
diff --git a/gn3/templates/admin/list-oauth2-clients.html b/gn3/templates/admin/list-oauth2-clients.html
index f6bbcb2..02f73d4 100644
--- a/gn3/templates/admin/list-oauth2-clients.html
+++ b/gn3/templates/admin/list-oauth2-clients.html
@@ -8,7 +8,7 @@
 <h1>Genenetwork3: OAuth2 Clients</h1>
 
 <table>
-  <legend>List of registered OAuth2 clients</legend>
+  <caption>List of registered OAuth2 clients</caption>
   <thead>
     <tr>
       <th>Client ID</th>
@@ -27,7 +27,7 @@
       <td>{{client.client_metadata.default_redirect_uri}}</td>
       <td>{{client.user.name}} ({{client.user.email}})</td>
       <td>
-	<a href="#{{client.client_id}}"
+	<a href="{{url_for('oauth2.admin.view_client', client_id=client.client_id)}}"
 	   title"View/Edit client {{client.client_metadata.client_name}}">
 	  View/Edit
 	</a>
diff --git a/gn3/templates/admin/view-oauth2-client.html b/gn3/templates/admin/view-oauth2-client.html
new file mode 100644
index 0000000..d5d4b2b
--- /dev/null
+++ b/gn3/templates/admin/view-oauth2-client.html
@@ -0,0 +1,75 @@
+{%extends "base.html"%}
+
+{%block title%}Genenetwork3: View OAuth2 Client{%endblock%}
+
+{%block content%}
+{{flash_messages()}}
+
+<h1>Genenetwork3: View OAuth2 Client</h1>
+
+{%if client.is_nothing()%}
+<p>No such client</p>
+{%else%}
+{%set client = client.value%}
+<form method="POST" action="{{url_for('oauth2.admin.edit_client')}}">
+  <legend>View/Edit Oauth2 Client</legend>
+  <input type="hidden" name="client_id" value="{{client.client_id}}" />
+  <div>
+    <p><strong>Client ID: <strong> {{client.client_id}}</p>
+    <p><strong>Client Name: <strong> {{client.client_metadata.client_name}}</p>
+  </div>
+  <fieldset>
+    <legend>Scope</legend>
+    {%for scp in scope%}
+    <input name="scope[]" id="chk:{{scp}}" type="checkbox" value="{{scp}}"
+	   {%if scp in client.client_metadata.scope%}
+	   checked="checked"
+	   {%endif%} />
+    <label for="chk:{{scp}}">{{scp}}</label><br />
+    {%endfor%}
+  </fieldset>
+
+  <fieldset>
+    <legend>Redirect URIs</legend>
+    <label for="txt:default-redirect-uri">Default Redirect URI</label>
+    <br />
+    <input type="text" name="default_redirect_uri" id="txt:default-redirect-uri"
+	   value="{{client.client_metadata.default_redirect_uri}}"
+	   required="required">
+    <br /><br />
+
+    <label for="txta:other-redirect-uris">Other Redirect URIs</label>
+    <br />
+    <textarea id="txta:other-redirect-uris"
+	      name="other_redirect_uris"
+	      cols="80" rows="10"
+	      title="Enter one URI per line."
+	      >{{"\r\n".join(client.client_metadata.redirect_uris)}}</textarea>
+  </fieldset>
+
+  <fieldset>
+    <legend>Grants</legend>
+    <input name="grants[]"
+	   type="checkbox"
+	   value="authorization_code"
+	   id="chk:authorization-code"
+	   {%if "authorization_code" in client.client_metadata.grant_types%}
+	   checked="checked"
+	   {%endif%} />
+      <label for="chk:authorization-code">Authorization Code</label>
+      <br /><br />
+
+      <input name="grants[]"
+	     type="checkbox"
+	     value="refresh_token"
+	     id="chk:refresh-token"
+	     {%if "refresh_token" in client.client_metadata.grant_types%}
+	     checked="checked"
+	     {%endif%} />
+      <label for="chk:refresh-token">Refresh Token</label>
+  </fieldset>
+
+  <input type="submit" value="update client" />
+</form>
+{%endif%}
+{%endblock%}