DRYD-169: Password reset request now takes an XML payload rather than form data.

diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
index 8aaf5677ec72cf3e0abdec4102b30667272c135f..38e67812881a82726f48d2e920495891da3f02bf 100644 (file)
--- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
@@ -26,6 +26,7 @@ package org.collectionspace.services.account;
 import org.collectionspace.authentication.AuthN;
 import org.collectionspace.services.account.storage.AccountStorageClient;
 import org.collectionspace.services.account.storage.csidp.TokenStorageClient;
+import org.collectionspace.services.authentication.Passwordreset;
 import org.collectionspace.services.authentication.Token;
 import org.collectionspace.services.authorization.AccountPermission;
 import org.collectionspace.services.authorization.AccountRole;
@@ -234,10 +235,7 @@ public class AccountResource extends SecurityResourceBase {
      */
     @POST
     @Path(PROCESS_PASSWORD_RESET_PATH)
-    @Consumes("application/x-www-form-urlencoded")
-    synchronized public Response processPasswordReset(@Context UriInfo ui, 
-               @FormParam("token") String tokenId,
-               @FormParam("password") String base64EncodedPassword) throws UnsupportedEncodingException, DocumentNotFoundException {
+    synchronized public Response processPasswordReset(Passwordreset passwordreset, @Context UriInfo ui) throws UnsupportedEncodingException, DocumentNotFoundException {
        Response response = null;
 
        //
@@ -249,12 +247,14 @@ public class AccountResource extends SecurityResourceBase {
         //
         // Get the 'token' and 'password' params
         //
+        String tokenId = passwordreset.getToken();
         if (tokenId == null || tokenId.trim().isEmpty()) {
                response = Response.status(Response.Status.BAD_REQUEST).entity(
                                "The query parameter 'token' is missing or contains no value.").type("text/plain").build();
                return response;
         }
 
+        String base64EncodedPassword = passwordreset.getPassword();
         if (base64EncodedPassword == null || base64EncodedPassword.trim().isEmpty()) {
                response = Response.status(Response.Status.BAD_REQUEST).entity(
                                "The query parameter 'password' is missing or contains no value.").type("text/plain").build();

diff --git a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
index d8e0347198961da1f234aebf7faebe6fa4e28385..3ead8c19282917b2f9c077edbeba160ff4cc6db5 100644 (file)
--- a/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
+++ b/services/authentication/jaxb/src/main/resources/authentication_identity_provider.xsd
@@ -89,6 +89,24 @@
         </xs:complexType>
     </xs:element>
     
+    <!-- Non-persistent JaxB object for password reset POST requsts -->
+    <xs:element name="passwordreset">
+           <xs:complexType>
+               <xs:annotation>
+                   <xs:appinfo>
+                       <hj:ignored/>
+                   </xs:appinfo>
+               </xs:annotation>
+               <xs:sequence>
+                   <xs:annotation>
+                       <xs:documentation>The payload for a password reset request</xs:documentation>
+                   </xs:annotation>
+                               <xs:element name="token" type="xs:string"/>
+                               <xs:element name="password" type="xs:string"/>
+               </xs:sequence>
+           </xs:complexType>
+       </xs:element>
+    
     <xs:element name="token">
         <xs:complexType>
             <xs:annotation>