Closed Mehrn0ush closed 4 days ago
Current Status Endpoints Implemented:
Update Endpoint (/update): Enables updates to specific fields of a client’s registration, including client_name, redirect_uris, grant_types, response_types, and software_statement. Delete Endpoint (/delete): Allows for dynamic client deletion, with appropriate authorization checks. Authorization Check (RBAC):
Both endpoints perform an RBAC check to ensure the client or user has the necessary "admin" role. Mock rbac_check functions are currently in place, which should eventually be replaced with a production-grade RBAC mechanism. Testing:
Comprehensive tests have been implemented for both endpoints, covering scenarios such as unauthorized access, non-existent client updates, and deletion, as well as successful cases. JWT-based authentication is used in tests, especially for the deletion endpoint, which ensures that only clients with admin privileges can delete registrations.
Description: Expand the dynamic client registration to support client deletion and client updates. This will allow clients or administrators to remove or modify existing client registrations dynamically.
Tasks:
Skill Level: Intermediate File Location: src/endpoints/register.rs, src/storage/client.rs