From 1eaea04f1235f0eb512da110bc12e368f28815c0 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 08:53:26 +0100
Subject: [PATCH 1/7] #68 New response format for `/oauth/verify`

---
 xl_auth/oauth/views.py | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py
index 0a45c693..3b7edb16 100644
--- a/xl_auth/oauth/views.py
+++ b/xl_auth/oauth/views.py
@@ -110,20 +110,14 @@ def verify():
     assert isinstance(user, User)
 
     return jsonify(
-        exp=(time() + 3600) * 1000,
         expires_at=oauth.expires_at.isoformat(),
-        qsh='mumbojumbo',
         user={
-            'username': user.email,
+            'full_name': user.full_name,
             'email': user.email,
-            'authorization': [{'sigel': permission.collection.code,
-                               'code': permission.collection.code,
-                               'cataloger': permission.cataloger,
-                               'registrant': permission.registrant,
-                               'cataloging_admin': permission.cataloging_admin,
-                               'kat': permission.cataloging_admin,
-                               'xlreg': permission.cataloging_admin}
-                              for permission in user.permissions]
+            'permissions': [{'code': permission.collection.code,
+                             'cataloger': permission.cataloger,
+                             'registrant': permission.registrant}
+                            for permission in user.permissions]
         }
     )
 

From 07ddb2f9fe83d7a202b226185e82adc7ed2375a0 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 09:22:19 +0100
Subject: [PATCH 2/7] Bug fix for `expires_at`

---
 xl_auth/oauth/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py
index 3b7edb16..ccc3e595 100644
--- a/xl_auth/oauth/views.py
+++ b/xl_auth/oauth/views.py
@@ -110,7 +110,7 @@ def verify():
     assert isinstance(user, User)
 
     return jsonify(
-        expires_at=oauth.expires_at.isoformat(),
+        expires_at=oauth.access_token.expires_at.isoformat(),
         user={
             'full_name': user.full_name,
             'email': user.email,

From c2ba4469ed6187cb8291ffedc80e87f388456986 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 09:57:06 +0100
Subject: [PATCH 3/7] Fix bug where collections would get the wrong 'active'
 state

---
 xl_auth/commands.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/xl_auth/commands.py b/xl_auth/commands.py
index eea7e92b..65ff27a9 100644
--- a/xl_auth/commands.py
+++ b/xl_auth/commands.py
@@ -246,7 +246,7 @@ def _get_collection_details_from_bibdb(code):
             'friendly_name': friendly_name,
             'code': bibdb_api_data['sigel'],
             'category': category,
-            'active': not bool(bibdb_api_data['sigel_new']),
+            'active': bibdb_api_data['alive'],
             'replaces': bibdb_api_data['sigel_old'],
             'replaced_by': bibdb_api_data['sigel_new']
         }
@@ -445,7 +445,12 @@ def _get_manually_deleted_permissions():
             continue
 
         collection = Collection.query.filter_by(code=details['code']).first()
-        if not collection:
+        if collection:
+            if collection.active != details['active']:
+                collection.active = details['active']
+                collection.save()
+                print('corrected collection %r: active=%s' % (collection.code, collection.active))
+        else:
             collection = Collection.create(**details)
             collection.save()
 

From a5312f2277faeddbe02d14acabbfd4777cb97586 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 09:59:27 +0100
Subject: [PATCH 4/7] #68 Add `end2end/test_oauth:test_verify_response` test
 case

---
 tests/end2end/test_oauth.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tests/end2end/test_oauth.py b/tests/end2end/test_oauth.py
index cf1a6a5e..70f25cf1 100644
--- a/tests/end2end/test_oauth.py
+++ b/tests/end2end/test_oauth.py
@@ -105,3 +105,16 @@ def test_get_access_token(grant, testapp):
     assert res.json_body['access_token'] == token.access_token
     assert res.json_body['refresh_token'] == token.refresh_token
     assert res.json_body['version'] == __version__
+
+
+def test_verify_response(token, testapp):
+    """Get user details and token expiry."""
+
+    res = testapp.get(url_for('oauth.verify'),
+                      headers={'Authorization': str('Bearer ' + token.access_token)})
+
+    assert res.json_body['expires_at'] == token.expires_at.isoformat()
+    assert res.json_body['user']['full_name'] == token.user.full_name
+    assert res.json_body['user']['email'] == token.user.email
+
+    assert len(res.json_body['user']['permissions']) == len(token.user.permissions)

From 4c97228b818c182cdb73b6875fb66a63caff42f3 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 10:02:39 +0100
Subject: [PATCH 5/7] Bump patch version + update changelog

---
 README.rst        | 7 +++++++
 package-lock.json | 2 +-
 package.json      | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/README.rst b/README.rst
index 8940221d..11b0d380 100644
--- a/README.rst
+++ b/README.rst
@@ -183,6 +183,13 @@ DB Models
 Changelog
 =========
 
+v. 0.5.1
+--------
+
+* Update `/oauth/verify` API response format (`#68 <https://github.com/libris/xl_auth/issues/68>`_)
+* Fix bug where collections would read the wrong active/inactive state from bibdb.libris.kb.se
+
+
 v. 0.5.0
 --------
 
diff --git a/package-lock.json b/package-lock.json
index 0291e5da..1c56d202 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "xl_auth",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/package.json b/package.json
index 5693772c..e0871554 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "xl_auth",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "author": "National Library of Sweden",
   "license": "Apache-2.0",
   "description": "OAuth2 authorization for LibrisXL, replacing BibDB counterpart",

From 29ce0ad21512f84d035862addd7eeeec6d99d3e7 Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 10:07:09 +0100
Subject: [PATCH 6/7] Linter error

---
 tests/end2end/test_oauth.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/end2end/test_oauth.py b/tests/end2end/test_oauth.py
index 70f25cf1..dc7f49ce 100644
--- a/tests/end2end/test_oauth.py
+++ b/tests/end2end/test_oauth.py
@@ -109,7 +109,6 @@ def test_get_access_token(grant, testapp):
 
 def test_verify_response(token, testapp):
     """Get user details and token expiry."""
-
     res = testapp.get(url_for('oauth.verify'),
                       headers={'Authorization': str('Bearer ' + token.access_token)})
 

From 0f88b0b68763a666c0efce7415ead23a1e84433f Mon Sep 17 00:00:00 2001
From: Mats Blomdahl <mats.blomdahl@gmail.com>
Date: Thu, 2 Nov 2017 10:08:32 +0100
Subject: [PATCH 7/7] Linter error

---
 xl_auth/oauth/views.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py
index ccc3e595..e6784412 100644
--- a/xl_auth/oauth/views.py
+++ b/xl_auth/oauth/views.py
@@ -4,7 +4,6 @@
 from __future__ import absolute_import, division, print_function, unicode_literals
 
 from datetime import datetime, timedelta
-from time import time
 
 from flask import Blueprint, current_app, jsonify, render_template, request
 from flask_login import current_user, login_required