Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#194 Fix token storage issue for no email on athlete #193

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.idea/
5 changes: 4 additions & 1 deletion Strava API v3/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,7 @@ local.properties
.target

# TeXlipse plugin
.texlipse
.texlipse

.idea/
*.iml
2 changes: 1 addition & 1 deletion Strava API v3/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -148,5 +148,5 @@
<url>https://github.com/danshannon/javastravav3api</url>
<name>Dan Shannon</name>
</organization>
<version>2.0.0-SNAPSHOT</version>
<version>2.0.1-SNAPSHOT</version>
</project>
9 changes: 7 additions & 2 deletions Strava API v3/src/javastrava-config.properties
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,13 @@ AuthorisationApprovalPrompt.force=force

AuthorisationResponseType.code=code

AuthorisationScope.view_private=view_private
AuthorisationScope.write=write
AuthorisationScope.read=read
AuthorisationScope.read_all=read_all
AuthorisationScope.profile_read_all=profile:read_all
AuthorisationScope.profile_write=profile:write
AuthorisationScope.activity_read=activity:read
AuthorisationScope.activity_read_all=activity:read_all
AuthorisationScope.activity_write=activity:write

StravaActivityType.alpineski=alpineski
StravaActivityType.backcountryski=backcountryski
Expand Down
9 changes: 7 additions & 2 deletions Strava API v3/src/javastrava-messages.properties
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,13 @@
Common.unknown.description=Unknown

# Enum values
AuthorisationScope.view_private.description=Allow viewing of private data
AuthorisationScope.write.description=Allow creation of data
AuthorisationScope.read.description=Allows access to public segments, public routes, public profile data, public posts, public events, club feeds, and leaderboards. This scope matches the old default scope, except it no longer includes access to activities and certain athlete endpoints mentioned below.
AuthorisationScope.read_all.description=Allows access to view private routes, private segments, and private events. This scope matches the old view_private scope, except that it no longer includes access to private activities.
AuthorisationScope.profile_read_all.description=NEW! Allows access to read all profile information even if the user has set their profile visibility to “Followers” or “Only You.”
AuthorisationScope.profile_write.description=NEW! Allows access to update the user’s weight and Functional Threshold Power (FTP), and access to star or unstar segments on their behalf.
AuthorisationScope.activity_read.description=NEW! Allows access to read the user’s activity data for activities that are visible to “Everyone” and “Followers.”
AuthorisationScope.activity_read_all.description=NEW! Allows the same access as activity:read, plus access to read the athlete’s activities that are visible to “Only You.”
AuthorisationScope.activity_write.description=NEW! Allows access to create manual activities and uploads, and access to edit any activities that are visible to the app (based on activity read access level).

RetrofitErrorHandler.rateLimitExceeded=Rate Limit Exceeded
RetrofitErrorHandler.unknownError=Unknown error has occurred
Expand Down
60 changes: 30 additions & 30 deletions Strava API v3/src/javastrava/auth/TokenManager.java
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
package javastrava.auth;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javastrava.auth.model.Token;
import javastrava.auth.ref.AuthorisationScope;
import javastrava.config.Messages;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
* <p>
* Manages the caching of tokens
Expand All @@ -32,9 +32,9 @@ public static TokenManager instance() {
}

/**
* Cached tokens, mapped by username
* Cached tokens, mapped by athlete id
*/
private final Map<String, Token> tokens;
private final Map<Integer, Token> tokens;

/**
* <p>
Expand All @@ -43,7 +43,7 @@ public static TokenManager instance() {
*/
private TokenManager() {
// Initialise as a singleton
this.tokens = new HashMap<String, Token>();
this.tokens = new HashMap<Integer, Token>();
}

/**
Expand All @@ -63,16 +63,16 @@ public void clearTokenCache() {
* of scopes
* </p>
*
* @param username
* The username
* @param athleteId
* The athleteId
* @param requiredScopes
* This list of scopes which must match the scopes of the token
* @return The token with the matching list of scopes, or <code>null</code>
* if there is no such token
*/
public Token retrieveTokenWithExactScope(final String username, final AuthorisationScope... requiredScopes) {
public Token retrieveTokenWithExactScope(final Integer athleteId, final AuthorisationScope... requiredScopes) {
// Get the token from the cache
final Token token = this.tokens.get(username);
final Token token = this.tokens.get(athleteId);

// If there's no such token, or it has no scopes, then return null
if ((token == null) || (token.getScopes() == null)) {
Expand Down Expand Up @@ -109,19 +109,19 @@ public Token retrieveTokenWithExactScope(final String username, final Authorisat
* of scopes
* </p>
*
* @param username The user to look up for a cached token
* @param athleteId The user to look up for a cached token
* @param scopes The set of scopes the token must have
* @return The matching token from the cache, or <code>null</code> if there is no matching token
*/
public Token retrieveTokenWithExactScope(final String username, final List<AuthorisationScope> scopes) {
public Token retrieveTokenWithExactScope(final Integer athleteId, final List<AuthorisationScope> scopes) {
if (scopes == null) {
return retrieveTokenWithExactScope(username, new AuthorisationScope[] {});
return retrieveTokenWithExactScope(athleteId, new AuthorisationScope[] {});
}
final AuthorisationScope[] array = new AuthorisationScope[scopes.size()];
for (int i = 0; i < scopes.size(); i++) {
array[i] = scopes.get(i);
}
return retrieveTokenWithExactScope(username, array);
return retrieveTokenWithExactScope(athleteId, array);
}

/**
Expand All @@ -130,16 +130,16 @@ public Token retrieveTokenWithExactScope(final String username, final List<Autho
* scopes.
* </p>
*
* @param username
* The username
* @param athleteId
* The athleteId
* @param scopes
* The list of scopes which are required to be in the token
* @return The token, or <code>null</code> if there is no cached token, or
* the cached token doesn't have all the required scopes
*/
public Token retrieveTokenWithScope(final String username, final AuthorisationScope... scopes) {
public Token retrieveTokenWithScope(final Integer athleteId, final AuthorisationScope... scopes) {
// Get the token from cache
final Token token = this.tokens.get(username);
final Token token = this.tokens.get(athleteId);
AuthorisationScope[] authScopes = scopes;

// If scopes = null
Expand Down Expand Up @@ -168,23 +168,23 @@ public Token retrieveTokenWithScope(final String username, final AuthorisationSc
* scopes.
* </p>
*
* @param username
* The username
* @param athleteId
* The athleteId
* @param scopes
* The list of scopes which are required to be in the token
* @return The token, or <code>null</code> if there is no cached token, or
* the cached token doesn't have all the required scopes
*/
public Token retrieveTokenWithScope(final String username, final List<AuthorisationScope> scopes) {
public Token retrieveTokenWithScope(final Integer athleteId, final List<AuthorisationScope> scopes) {

if (scopes == null) {
return retrieveTokenWithScope(username, new AuthorisationScope[] {});
return retrieveTokenWithScope(athleteId, new AuthorisationScope[] {});
}
final AuthorisationScope[] array = new AuthorisationScope[scopes.size()];
for (int i = 0; i < scopes.size(); i++) {
array[i] = scopes.get(i);
}
return retrieveTokenWithExactScope(username, array);
return retrieveTokenWithExactScope(athleteId, array);

}

Expand All @@ -208,22 +208,22 @@ public void revokeToken(final Token token) {
* @throws IllegalArgumentException If the token is null, or the athlete contained in it is null or has a null email, or there are no authorisation scopes, then
*/
public void storeToken(final Token token) {
String username = null;
Integer athleteId = null;
if (token == null) {
throw new IllegalArgumentException(Messages.string("TokenManager.0")); //$NON-NLS-1$
}

if (token.getAthlete() == null) {
throw new IllegalArgumentException(Messages.string("TokenManager.1")); //$NON-NLS-1$
}
if (token.getAthlete().getEmail() == null) {
throw new IllegalArgumentException(Messages.string("TokenManager.2")); //$NON-NLS-1$
}
// if (token.getAthlete().getEmail() == null) {
// throw new IllegalArgumentException(Messages.string("TokenManager.2")); //$NON-NLS-1$
// }
if (token.getScopes() == null) {
throw new IllegalArgumentException(Messages.string("TokenManager.3")); //$NON-NLS-1$
}
username = token.getAthlete().getEmail();
this.tokens.put(username, token);
athleteId = token.getAthlete().getId();
this.tokens.put(athleteId, token);
}

}
60 changes: 16 additions & 44 deletions Strava API v3/src/javastrava/auth/model/Token.java
Original file line number Diff line number Diff line change
@@ -1,44 +1,18 @@
package javastrava.auth.model;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;

import javastrava.auth.AuthorisationService;
import javastrava.auth.TokenService;
import javastrava.auth.impl.TokenServiceImpl;
import javastrava.auth.ref.AuthorisationScope;
import javastrava.model.StravaAthlete;
import javastrava.model.StravaEntity;
import javastrava.model.reference.StravaResourceState;
import javastrava.service.ActivityService;
import javastrava.service.AthleteService;
import javastrava.service.ChallengeService;
import javastrava.service.ClubGroupEventService;
import javastrava.service.ClubService;
import javastrava.service.GearService;
import javastrava.service.RouteService;
import javastrava.service.RunningRaceService;
import javastrava.service.SegmentEffortService;
import javastrava.service.SegmentService;
import javastrava.service.StravaService;
import javastrava.service.StreamService;
import javastrava.service.UploadService;
import javastrava.service.WebhookService;
import javastrava.service.impl.ActivityServiceImpl;
import javastrava.service.impl.AthleteServiceImpl;
import javastrava.service.impl.ChallengeServiceImpl;
import javastrava.service.impl.ClubGroupEventServiceImpl;
import javastrava.service.impl.ClubServiceImpl;
import javastrava.service.impl.GearServiceImpl;
import javastrava.service.impl.RouteServiceImpl;
import javastrava.service.impl.RunningRaceServiceImpl;
import javastrava.service.impl.SegmentEffortServiceImpl;
import javastrava.service.impl.SegmentServiceImpl;
import javastrava.service.impl.StravaServiceImpl;
import javastrava.service.impl.StreamServiceImpl;
import javastrava.service.impl.UploadServiceImpl;
import javastrava.service.impl.WebhookServiceImpl;
import javastrava.service.*;
import javastrava.service.impl.*;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;

/**
* <p>
Expand Down Expand Up @@ -287,27 +261,25 @@ public int hashCode() {
* user)
* </p>
*
* @return <code>true</code> if the token contains the {@link AuthorisationScope#VIEW_PRIVATE}
* @return <code>true</code> if the token contains the {@link AuthorisationScope#PROFILE_READ_ALL} or {@link AuthorisationScope#ACTIVITY_READ_ALL}
*/
public boolean hasViewPrivate() {
if ((this.scopes != null) && this.scopes.contains(AuthorisationScope.VIEW_PRIVATE)) {
return true;
}
return false;
}
public boolean hasViewPrivate() {
return (this.scopes != null)
&& (this.scopes.contains(AuthorisationScope.PROFILE_READ_ALL)
|| this.scopes.contains(AuthorisationScope.ACTIVITY_READ_ALL));
}

/**
* <p>
* Validates that the token has write access (according to the scopes that it was granted on creation at least; it is quite possible that permissions have subsequently been revoked by the user)
* </p>
*
* @return <code>true</code> if the token contains the {@link AuthorisationScope#WRITE}
* @return <code>true</code> if the token contains the {@link AuthorisationScope#PROFILE_WRITE} or {@link AuthorisationScope#ACTIVITY_WRITE}
*/
public boolean hasWriteAccess() {
if ((this.scopes != null) && this.scopes.contains(AuthorisationScope.WRITE)) {
return true;
}
return false;
return (this.scopes != null)
&& (this.scopes.contains(AuthorisationScope.PROFILE_WRITE)
|| this.scopes.contains(AuthorisationScope.ACTIVITY_WRITE));
}

/**
Expand Down
35 changes: 17 additions & 18 deletions Strava API v3/src/javastrava/auth/ref/AuthorisationScope.java
Original file line number Diff line number Diff line change
Expand Up @@ -12,24 +12,23 @@
* @author Dan Shannon
*/
public enum AuthorisationScope {
/**
* <p>
* This authorisation scope allows the Strava API to return data from within the authenticated user's privacy zones
* </p>
*/
VIEW_PRIVATE(StravaConfig.string("AuthorisationScope.view_private"), Messages.string("AuthorisationScope.view_private.description")), //$NON-NLS-1$ //$NON-NLS-2$
/**
* <p>
* This authorisation scope allows the Strava API to write data - that is to update athlete details, activity details, and to make comments and give kudos to other riders' activities
* </p>
*/
WRITE(StravaConfig.string("AuthorisationScope.write"), Messages.string("AuthorisationScope.write.description")), //$NON-NLS-1$ //$NON-NLS-2$
/**
* <p>
* Should never occur but may if the Strava API behaviour has changed
* </p>
*/
UNKNOWN(StravaConfig.string("Common.unknown"), Messages.string("Common.unknown.description")); //$NON-NLS-1$ //$NON-NLS-2$

READ(StravaConfig.string("AuthorisationScope.read"), Messages.string("AuthorisationScope.read.description")),

READ_ALL(StravaConfig.string("AuthorisationScope.read_all"), Messages.string("AuthorisationScope.read_all.description")),

PROFILE_READ_ALL(StravaConfig.string("AuthorisationScope.profile_read_all"), Messages.string("AuthorisationScope.profile_read_all.description")),

PROFILE_WRITE(StravaConfig.string("AuthorisationScope.profile_write"), Messages.string("AuthorisationScope.profile_write.description")),

ACTIVITY_READ(StravaConfig.string("AuthorisationScope.activity_read"), Messages.string("AuthorisationScope.activity_read.description")),

ACTIVITY_READ_ALL(StravaConfig.string("AuthorisationScope.activity_read_all"), Messages.string("AuthorisationScope.activity_read_all.description")),

ACTIVITY_WRITE(StravaConfig.string("AuthorisationScope.activity_write"), Messages.string("AuthorisationScope.activity_write.description")),

UNKNOWN(StravaConfig.string("Common.unknown"), Messages.string("Common.unknown.description"));

/**
* <p>
* Used when deserialising JSON returned by the Strava API
Expand Down