Fixes #249: Clean up MeResponse

Author: Vincent Wilms

openapi.json

@@ -1365,6 +1365,42 @@
         }
       }
     },
+    "/api/v1/users/tokens": {
+      "get": {
+        "tags": [
+          "Users"
+        ],
+        "summary": "Gets all personal access tokens.",
+        "operationId": "Users_GetTokens",
+        "parameters": [
+          {
+            "name": "userId",
+            "in": "query",
+            "description": "The optional user identifier. If not specified, the current user will be used.",
+            "schema": {
+              "type": "string",
+              "nullable": true
+            },
+            "x-position": 1
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "additionalProperties": {
+                    "$ref": "#/components/schemas/PersonalAccessToken"
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/api/v1/users/tokens/create": {
       "post": {
         "tags": [
@@ -1686,42 +1722,6 @@
         }
       }
     },
-    "/api/v1/users/{userId}/tokens": {
-      "get": {
-        "tags": [
-          "Users"
-        ],
-        "summary": "Gets all personal access tokens.",
-        "operationId": "Users_GetTokens",
-        "parameters": [
-          {
-            "name": "userId",
-            "in": "path",
-            "required": true,
-            "description": "The identifier of the user.",
-            "schema": {
-              "type": "string"
-            },
-            "x-position": 1
-          }
-        ],
-        "responses": {
-          "200": {
-            "description": "",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "type": "object",
-                  "additionalProperties": {
-                    "$ref": "#/components/schemas/PersonalAccessToken"
-                  }
-                }
-              }
-            }
-          }
-        }
-      }
-    },
     "/api/v1/writers/descriptions": {
       "get": {
         "tags": [
@@ -2280,23 +2280,31 @@
             "type": "string",
             "description": "The user id."
           },
-          "userName": {
+          "user": {
+            "description": "The user.",
+            "oneOf": [
+              {
+                "$ref": "#/components/schemas/NexusUser"
+              }
+            ]
+          }
+        }
+      },
+      "NexusUser": {
+        "type": "object",
+        "description": "Represents a user.",
+        "additionalProperties": false,
+        "properties": {
+          "name": {
             "type": "string",
             "description": "The user name."
           },
           "claims": {
-            "type": "object",
-            "description": "A map of claims.",
-            "additionalProperties": {
+            "type": "array",
+            "description": "The list of claims.",
+            "items": {
               "$ref": "#/components/schemas/NexusClaim"
             }
-          },
-          "personalAccessTokens": {
-            "type": "object",
-            "description": "A list of personal access tokens.",
-            "additionalProperties": {
-              "$ref": "#/components/schemas/PersonalAccessToken"
-            }
           }
         }
       },
@@ -2352,17 +2360,6 @@
             "description": "The claim value."
           }
         }
-      },
-      "NexusUser": {
-        "type": "object",
-        "description": "Represents a user.",
-        "additionalProperties": false,
-        "properties": {
-          "name": {
-            "type": "string",
-            "description": "The user name."
-          }
-        }
       }
     }
   }

src/Nexus.UI/Components/UserSettingsView.razor

@@ -382,7 +382,7 @@ MaxWidth="MaxWidth.Medium">
 
         try
         {
-            _accessTokenMap = (await Client.V1.Users.GetMeAsync()).PersonalAccessTokens;
+            _accessTokenMap = await Client.V1.Users.GetTokensAsync();
         }
         catch (Exception ex)
         {
@@ -452,7 +452,7 @@ MaxWidth="MaxWidth.Medium">
             _newAccessTokenIsAdmin = false;
             _newAccessTokenClaims.Clear();
             _newAccessTokenClaims.Add(new ClaimData(default, default));
-            _accessTokenMap = (await Client.V1.Users.GetMeAsync()).PersonalAccessTokens;
+            _accessTokenMap = await Client.V1.Users.GetTokensAsync();
         }
         catch (Exception ex)
         {
@@ -468,7 +468,7 @@ MaxWidth="MaxWidth.Medium">
         try
         {
             await Client.V1.Users.DeleteTokenAsync(id, CancellationToken.None);
-            _accessTokenMap = (await Client.V1.Users.GetMeAsync()).PersonalAccessTokens;
+            _accessTokenMap = await Client.V1.Users.GetTokensAsync();
         }
         catch (Exception ex)
         {

src/Nexus.UI/Core/NexusDemoClient.cs

@@ -3,6 +3,7 @@
 
 using System.Net;
 using System.Runtime.InteropServices;
+using System.Security.Claims;
 using System.Text.Json;
 using Nexus.Api;
 using Nexus.Api.V1;
@@ -461,20 +462,18 @@ public Task<MeResponse> GetMeAsync(CancellationToken cancellationToken = default
     {
         var meResponse = new MeResponse(
             UserId: "test@nexus",
-            UserName: "Star Lord",
-            Claims: new Dictionary<string, NexusClaim>(),
-            PersonalAccessTokens: new Dictionary<string, PersonalAccessToken>()
+            new NexusUser("Star Lord", Enumerable.Empty<NexusClaim>().ToList())
         );
 
         return Task.FromResult(meResponse);
     }
 
-    public IReadOnlyDictionary<string, PersonalAccessToken> GetTokens(string userId)
+    public IReadOnlyDictionary<string, PersonalAccessToken> GetTokens(string? userId)
     {
         throw new NotImplementedException();
     }
 
-    public Task<IReadOnlyDictionary<string, PersonalAccessToken>> GetTokensAsync(string userId, CancellationToken cancellationToken = default)
+    public Task<IReadOnlyDictionary<string, PersonalAccessToken>> GetTokensAsync(string? userId, CancellationToken cancellationToken = default)
     {
         throw new NotImplementedException();
     }

src/Nexus.UI/Services/NexusAuthenticationStateProvider.cs

@@ -28,8 +28,8 @@ public override async Task<AuthenticationState> GetAuthenticationStateAsync()
             var meResponse = await _client.V1.Users.GetMeAsync();
 
             List<Claim> claims = [
-                new(NAME_CLAIM, meResponse.UserName),
-                .. meResponse.Claims.Select(x => new Claim(x.Value.Type, x.Value.Value))
+                new(NAME_CLAIM, meResponse.User.Name),
+                .. meResponse.User.Claims.Select(x => new Claim(x.Type, x.Value))
             ];
 
             identity = new ClaimsIdentity(

src/Nexus/API/v1/UsersController.cs

@@ -39,6 +39,7 @@ ITokenService tokenService
     // GET      /api/users/me
     // GET      /api/users/reauthenticate
     // GET      /api/users/accept-license?catalogId=X
+    // GET      /api/users/tokens
     // POST     /api/users/tokens/create
     // DELETE   /api/users/tokens/{tokenId}
 
@@ -51,8 +52,6 @@ ITokenService tokenService
     // POST     /api/users/{userId}/claims
     // DELETE   /api/users/claims/{claimId}
 
-    // GET      /api/users/{userId}/tokens
-
     private readonly IDBService _dbService = dBService;
 
     private readonly ITokenService _tokenService = tokenService;
@@ -126,27 +125,9 @@ public async Task<ActionResult<MeResponse>> GetMeAsync()
         if (user is null)
             return NotFound($"Could not find user {userId}.");
 
-        var translatedClaimsMap = user.Claims
-            .ToDictionary(entry => entry.Id, entry => new NexusClaim(
-                id: default,
-                type: entry.Type,
-                value: entry.Value
-            ));
-
-        var tokenMap = await _tokenService.GetAllAsync(userId);
-
-        var translatedTokenMap = tokenMap
-            .ToDictionary(entry => entry.Value.Id, entry => new PersonalAccessToken(
-                entry.Value.Description,
-                entry.Value.Expires,
-                entry.Value.Claims
-            ));
-
         return new MeResponse(
             user.Id,
-            user.Name,
-            translatedClaimsMap,
-            translatedTokenMap
+            user
         );
     }
 
@@ -192,6 +173,41 @@ .. Enum.GetNames<NexusClaims>(),
         return Redirect("/");
     }
 
+    /// <summary>
+    /// Gets all personal access tokens.
+    /// </summary>
+    /// <param name="userId">The optional user identifier. If not specified, the current user will be used.</param>
+    [Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)]
+    [HttpGet("tokens")]
+    public async Task<ActionResult<IReadOnlyDictionary<Guid, PersonalAccessToken>>> GetTokensAsync(
+        [FromQuery] string? userId = default
+    )
+    {
+        if (TryAuthenticate(userId, out var actualUserId, out var response))
+        {
+            var user = await _dbService.FindUserAsync(actualUserId);
+
+            if (user is null)
+                return NotFound($"Could not find user {userId}.");
+
+            var tokenMap = await _tokenService.GetAllAsync(actualUserId);
+
+            var translatedTokenMap = tokenMap
+                .ToDictionary(entry => entry.Value.Id, entry => new PersonalAccessToken(
+                    entry.Value.Description,
+                    entry.Value.Expires,
+                    entry.Value.Claims
+                ));
+
+            return translatedTokenMap;
+        }
+
+        else
+        {
+            return response;
+        }
+    }
+
     /// <summary>
     /// Creates a personal access token.
     /// </summary>
@@ -402,32 +418,6 @@ public async Task<ActionResult> DeleteClaimAsync(
         return Ok();
     }
 
-    /// <summary>
-    /// Gets all personal access tokens.
-    /// </summary>
-    /// <param name="userId">The identifier of the user.</param>
-    [Authorize(Policy = NexusPolicies.RequireAdmin)]
-    [HttpGet("{userId}/tokens")]
-    public async Task<ActionResult<IReadOnlyDictionary<Guid, PersonalAccessToken>>> GetTokensAsync(
-        string userId)
-    {
-        var user = await _dbService.FindUserAsync(userId);
-
-        if (user is null)
-            return NotFound($"Could not find user {userId}.");
-
-        var tokenMap = await _tokenService.GetAllAsync(userId);
-
-        var translatedTokenMap = tokenMap
-            .ToDictionary(entry => entry.Value.Id, entry => new PersonalAccessToken(
-                entry.Value.Description,
-                entry.Value.Expires,
-                entry.Value.Claims
-            ));
-
-        return translatedTokenMap;
-    }
-
     private bool TryAuthenticate(
         string? requestedId,
         out string userId,

src/Nexus/Core/Models_Public_v1.cs

@@ -25,13 +25,10 @@ public class NexusUser(
     /// </summary>
     public string Name { get; set; } = name;
 
-#pragma warning disable CS1591
-
-    [JsonIgnore]
+    /// <summary>
+    /// The list of claims.
+    /// </summary>
     public List<NexusClaim> Claims { get; set; } = [];
-
-#pragma warning restore CS1591
-
 }
 
 /// <summary>
@@ -254,12 +251,8 @@ public record JobStatus(
 /// A me response.
 /// </summary>
 /// <param name="UserId">The user id.</param>
-/// <param name="UserName">The user name.</param>
-/// <param name="Claims">A map of claims.</param>
-/// <param name="PersonalAccessTokens">A list of personal access tokens.</param>
+/// <param name="User">The user.</param>
 public record MeResponse(
     string UserId,
-    string UserName,
-    IReadOnlyDictionary<Guid, NexusClaim> Claims,
-    IReadOnlyDictionary<Guid, PersonalAccessToken> PersonalAccessTokens
+    NexusUser User
 );