create new parameter for graph api scope (make graphAPI endpoints customizable #3)

Author: davidcoutadeur

README.md

@@ -28,6 +28,9 @@ The values to configure are:
 
 ##### Connection
 
+  - `connections.pluginConnection.msGraphApiConnectionSettings.authenticationURL`: The base URL used for authentication (default is https://login.microsoftonline.com/)
+  - `connections.pluginConnection.msGraphApiConnectionSettings.usersURL`: The base URL used for operations on users (default is https://graph.microsoft.com)
+  - `connections.pluginConnection.msGraphApiConnectionSettings.scope`: The scope url used during authentication (default is https://graph.microsoft.com/.default)
   - `connections.pluginConnection.msGraphApiConnectionSettings.clientId`: The client id for the application
   - `connections.pluginConnection.msGraphApiConnectionSettings.clientSecret`: The client secret used to connect to the application
   - `connections.pluginConnection.msGraphApiConnectionSettings.tenant`: The  Azure AD  tenant

sample/msgraphapi-to-ldap-advanced/lsc.xml

@@ -24,6 +24,7 @@
             <msgraphapi:msGraphApiConnectionSettings>
                 <msgraphapi:authenticationURL>${MS_GRAPH_API_AUTHENTICATION_URL}</msgraphapi:authenticationURL>
                 <msgraphapi:usersURL>${MS_GRAPH_API_USERS_URL}</msgraphapi:usersURL>
+                <msgraphapi:scope>${MS_GRAPH_API_SCOPE}</msgraphapi:scope>
                 <msgraphapi:clientId>${MS_GRAPH_API_CLIENT_ID}</msgraphapi:clientId>
                 <msgraphapi:clientSecret>${MS_GRAPH_API_CLIENT_SECRET}</msgraphapi:clientSecret>
                 <msgraphapi:tenant>${MS_GRAPH_API_TENANT}</msgraphapi:tenant>

sample/msgraphapi-to-ldap/lsc.xml

@@ -24,6 +24,7 @@
             <msgraphapi:msGraphApiConnectionSettings>
                 <msgraphapi:authenticationURL>${MS_GRAPH_API_AUTHENTICATION_URL}</msgraphapi:authenticationURL>
                 <msgraphapi:usersURL>${MS_GRAPH_API_USERS_URL}</msgraphapi:usersURL>
+                <msgraphapi:scope>${MS_GRAPH_API_SCOPE}</msgraphapi:scope>
                 <msgraphapi:clientId>${MS_GRAPH_API_CLIENT_ID}</msgraphapi:clientId>
                 <msgraphapi:clientSecret>${MS_GRAPH_API_CLIENT_SECRET}</msgraphapi:clientSecret>
                 <msgraphapi:tenant>${MS_GRAPH_API_TENANT}</msgraphapi:tenant>

src/main/java/org/lsc/plugins/connectors/msgraphapi/MsGraphApiAuthentication.java

@@ -54,24 +54,18 @@
 
 public class MsGraphApiAuthentication {
     private static final String DEFAULT_AUTHENTICATION_URL = "https://login.microsoftonline.com/";
-    private static final String DEFAULT_USERS_URL = "https://graph.microsoft.com";
-    private static final String GRAPH_DEFAULT_SCOPE = "/.default";
+    private static final String GRAPH_DEFAULT_SCOPE = "https://graph.microsoft.com/.default";
     private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
 
-    public AuthenticationResponse authenticate(String tenant, String authenticationURL, String usersURL, String clientId, String clientSecret) throws AuthorizationException {
-
+    public AuthenticationResponse authenticate(String tenant, String authenticationURL, String scope, String clientId, String clientSecret) throws AuthorizationException {
         if( authenticationURL == null || authenticationURL.isEmpty() )
         {
             authenticationURL = DEFAULT_AUTHENTICATION_URL;
         }
-
-        String scope;
-        if( usersURL == null || usersURL.isEmpty() )
+        if( scope == null || scope.isEmpty() )
         {
-            usersURL = DEFAULT_USERS_URL;
+            scope = GRAPH_DEFAULT_SCOPE;
         }
-        scope = usersURL.replaceAll("/$", "") + GRAPH_DEFAULT_SCOPE;
-
         WebTarget authTarget = ClientBuilder.newClient()
             .register(JacksonFeature.class)
             .target(authenticationURL)

src/main/java/org/lsc/plugins/connectors/msgraphapi/MsGraphApiUsersSrcService.java

@@ -101,7 +101,7 @@ public MsGraphApiUsersSrcService(TaskType task) throws LscServiceConfigurationEx
             settings = (MsGraphApiConnectionSettings) pluginConnectionType.getAny().get(0);
 
             String token = new MsGraphApiAuthentication()
-                .authenticate(settings.getTenant(), settings.getAuthenticationURL(), settings.getUsersURL(), settings.getClientId(), settings.getClientSecret())
+                .authenticate(settings.getTenant(), settings.getAuthenticationURL(), settings.getScope(), settings.getClientId(), settings.getClientSecret())
                 .getAccessToken();
 
             dao = new MsGraphApiDao(token, settings, service);

src/main/java/org/lsc/plugins/connectors/msgraphapi/generated/MsGraphApiConnectionSettings.java

@@ -27,6 +27,7 @@
  *       <sequence>
  *         <element name="authenticationURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
  *         <element name="usersURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ *         <element name="scope" type="{http://www.w3.org/2001/XMLSchema}string"/>
  *         <element name="clientId" type="{http://www.w3.org/2001/XMLSchema}string"/>
  *         <element name="clientSecret" type="{http://www.w3.org/2001/XMLSchema}string"/>
  *         <element name="tenant" type="{http://www.w3.org/2001/XMLSchema}string"/>
@@ -42,6 +43,7 @@
 @XmlType(name = "", propOrder = {
     "authenticationURL",
     "usersURL",
+    "scope",
     "clientId",
     "clientSecret",
     "tenant"
@@ -54,6 +56,8 @@ public class MsGraphApiConnectionSettings {
     @XmlElement(namespace = "http://lsc-project.org/XSD/lsc-microsoft-graph-api-plugin-1.0.xsd", required = true)
     protected String usersURL;
     @XmlElement(namespace = "http://lsc-project.org/XSD/lsc-microsoft-graph-api-plugin-1.0.xsd", required = true)
+    protected String scope;
+    @XmlElement(namespace = "http://lsc-project.org/XSD/lsc-microsoft-graph-api-plugin-1.0.xsd", required = true)
     protected String clientId;
     @XmlElement(namespace = "http://lsc-project.org/XSD/lsc-microsoft-graph-api-plugin-1.0.xsd", required = true)
     protected String clientSecret;
@@ -108,6 +112,30 @@ public void setUsersURL(String value) {
         this.usersURL = value;
     }
 
+    /**
+     * Gets the value of the scope property.
+     * 
+     * @return
+     *     possible object is
+     *     {@link String }
+     *     
+     */
+    public String getScope() {
+        return scope;
+    }
+
+    /**
+     * Sets the value of the scope property.
+     * 
+     * @param value
+     *     allowed object is
+     *     {@link String }
+     *     
+     */
+    public void setScope(String value) {
+        this.scope = value;
+    }
+
     /**
      * Gets the value of the clientId property.
      * 

src/main/resources/schemas/lsc-microsoft-graph-api-plugin-1.0.xsd

@@ -11,6 +11,7 @@
 			<xsd:sequence>
 				<xsd:element name="authenticationURL" type="xsd:string" />
 				<xsd:element name="usersURL" type="xsd:string" />
+				<xsd:element name="scope" type="xsd:string" />
 				<xsd:element name="clientId" type="xsd:string" />
 				<xsd:element name="clientSecret" type="xsd:string" />
 				<xsd:element name="tenant" type="xsd:string" />

src/test/java/org/lsc/plugins/connectors/msgraphapi/MsGraphApiAuthenticationTest.java

@@ -60,7 +60,7 @@ class MsGraphApiAuthenticationTest {
     private final static String CLIENT_SECRET = System.getenv("TEST_MS_GRAPH_API_CLIENT_SECRET");
     private final static String TENANT = System.getenv("TEST_MS_GRAPH_API_TENANT");
     private final static String AUTHENTICATION_URL = System.getenv("TEST_MS_GRAPH_API_AUTHENTICATION_URL");
-    private final static String USERS_URL = System.getenv("TEST_MS_GRAPH_API_USERS_URL");
+    private final static String SCOPE = System.getenv("TEST_MS_GRAPH_API_SCOPE");
 
     private final MsGraphApiAuthentication msGraphApiAuthentication;
 
@@ -77,24 +77,24 @@ static void setup() {
 
     @Test
     void shouldObtainValidAccessToken() throws AuthorizationException {
-        AuthenticationResponse response = msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, USERS_URL, CLIENT_ID, CLIENT_SECRET);
+        AuthenticationResponse response = msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, SCOPE, CLIENT_ID, CLIENT_SECRET);
         assertThat(response.getAccessToken()).isNotBlank();
         assertThatCode(() -> JWT.decode(response.getAccessToken())).doesNotThrowAnyException();
     }
 
     @Test
     void shouldThrowIfInvalidTenant() {
-        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate("NOT_A_TENANT", AUTHENTICATION_URL, USERS_URL, CLIENT_ID, CLIENT_SECRET)).isInstanceOf(AuthorizationException.class);
+        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate("NOT_A_TENANT", AUTHENTICATION_URL, SCOPE, CLIENT_ID, CLIENT_SECRET)).isInstanceOf(AuthorizationException.class);
     }
 
     @Test
     void shouldThrowIfInvalidClientId() {
-        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, USERS_URL, "NOT_A_CLIENT_ID", CLIENT_SECRET)).isInstanceOf(AuthorizationException.class);
+        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, SCOPE, "NOT_A_CLIENT_ID", CLIENT_SECRET)).isInstanceOf(AuthorizationException.class);
     }
 
     @Test
     void shouldThrowIfInvalidClientSecret() {
-        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, USERS_URL, CLIENT_ID, "NOT_A_SECRET")).isInstanceOf(AuthorizationException.class);
+        assertThatThrownBy(() -> msGraphApiAuthentication.authenticate(TENANT, AUTHENTICATION_URL, SCOPE, CLIENT_ID, "NOT_A_SECRET")).isInstanceOf(AuthorizationException.class);
     }
 
 }

src/test/java/org/lsc/plugins/connectors/msgraphapi/MsGraphApiUsersServiceTest.java

@@ -88,9 +88,11 @@ static void setup() throws AuthorizationException {
         String tenant = System.getenv("TEST_MS_GRAPH_API_TENANT");
         String authenticationURL = System.getenv("TEST_MS_GRAPH_API_AUTHENTICATION_URL");
         String usersURL = System.getenv("TEST_MS_GRAPH_API_USERS_URL");
+        String scope = System.getenv("TEST_MS_GRAPH_API_SCOPE");
 
         assumeTrue(StringUtils.isNotBlank(authenticationURL));
         assumeTrue(StringUtils.isNotBlank(usersURL));
+        assumeTrue(StringUtils.isNotBlank(scope));
         assumeTrue(StringUtils.isNotBlank(clientId));
         assumeTrue(StringUtils.isNotBlank(clientSecret));
         assumeTrue(StringUtils.isNotBlank(tenant));
@@ -108,6 +110,7 @@ static void setup() throws AuthorizationException {
         when(connectionSettings.getClientSecret()).thenReturn(clientSecret);
         when(connectionSettings.getTenant()).thenReturn(tenant);
         when(connectionSettings.getAuthenticationURL()).thenReturn(authenticationURL);
+        when(connectionSettings.getScope()).thenReturn(scope);
         when(connectionSettings.getUsersURL()).thenReturn(usersURL);
         when(task.getBean()).thenReturn("org.lsc.beans.SimpleBean");
         when(task.getPluginSourceService()).thenReturn(pluginSourceService);