diging · Girik1105 · Jul 16, 2025 · Jul 18, 2025 · Jul 18, 2025 · Jul 23, 2025
diff --git a/vspace/pom.xml b/vspace/pom.xml
@@ -34,6 +34,10 @@
         <email.from></email.from>
         <app.url></app.url>
 
+        <citesphere.api.url></citesphere.api.url>
+        <citesphere.client.id></citesphere.client.id>
+        <citesphere.client.secret></citesphere.client.secret>
+
         <tomcat.deploy.path></tomcat.deploy.path>
         <tomcat.app.name>vspace</tomcat.app.name>
         <tomcat.server.id>TomcatServer</tomcat.server.id>
@@ -219,6 +223,13 @@
             <version>0.15.0</version>
         </dependency>
 
+        <!-- OkHttp for Citesphere API calls -->
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>okhttp</artifactId>
+            <version>4.9.3</version>
+        </dependency>
+
         <!-- https://mvnrepository.com/artifact/org.thymeleaf/thymeleaf-spring5 -->
         <dependency>
             <groupId>org.thymeleaf</groupId>

diff --git a/vspace/src/main/java/edu/asu/diging/vspace/config/SecurityContext.java b/vspace/src/main/java/edu/asu/diging/vspace/config/SecurityContext.java
@@ -51,7 +51,8 @@ protected void configure(HttpSecurity http) throws Exception {
                 .authorizeRequests()
                 // Anyone can access the urls
                 .antMatchers("/", "/exhibit/**", "/api/**", "/resources/**", "/login",
-                        "/logout", "/register", "/reset/**", "/setup/admin", "/404","/preview/**").permitAll()
+                        "/logout", "/register", "/reset/**", "/setup/admin", "/404","/preview/**",
+                        "/staff/citesphere/oauth/**").permitAll()
                 // The rest of the our application is protected.
                 .antMatchers("/users/**", "/admin/**", "/staff/user/**").hasRole("ADMIN")
                 .antMatchers("/staff/**").hasAnyRole("STAFF", "ADMIN")

diff --git a/vspace/src/main/java/edu/asu/diging/vspace/core/exception/CitesphereTokenException.java b/vspace/src/main/java/edu/asu/diging/vspace/core/exception/CitesphereTokenException.java
@@ -0,0 +1,43 @@
+package edu.asu.diging.vspace.core.exception;
+
+/**
+ * Exception thrown when there are issues with Citesphere authentication tokens
+ */
+public class CitesphereTokenException extends Exception {
+
+    private static final long serialVersionUID = 1L;
+    private final int statusCode;
+    private final boolean isTokenExpired;
+
+    public CitesphereTokenException(String message) {
+        super(message);
+        this.statusCode = 0;
+        this.isTokenExpired = false;
+    }
+
+    public CitesphereTokenException(String message, int statusCode) {
+        super(message);
+        this.statusCode = statusCode;
+        this.isTokenExpired = (statusCode == 401 || statusCode == 403);
+    }
+
+    public CitesphereTokenException(String message, Throwable cause) {
+        super(message, cause);
+        this.statusCode = 0;
+        this.isTokenExpired = false;
+    }
+
+    public CitesphereTokenException(String message, int statusCode, boolean isTokenExpired) {
+        super(message);
+        this.statusCode = statusCode;
+        this.isTokenExpired = isTokenExpired;
+    }
+
+    public int getStatusCode() {
+        return statusCode;
+    }
+
+    public boolean isTokenExpired() {
+        return isTokenExpired;
+    }
+}
diff --git a/vspace/src/main/java/edu/asu/diging/vspace/core/services/CitesphereAuthToken.java b/vspace/src/main/java/edu/asu/diging/vspace/core/services/CitesphereAuthToken.java
@@ -0,0 +1,115 @@
+package edu.asu.diging.vspace.core.services;
+
+import java.util.Map;
+
+/**
+ * Authentication token object for Citesphere API
+ */
+public class CitesphereAuthToken {
+
+    private String authType;
+    private Map<String, String> headers;
+    private String accessToken;
+    private String refreshToken;
+    private String username;
+    private String password;
+    private long tokenExpiryTime;
+
+    /**
+     * Constructor for OAuth authentication
+     * @param accessToken OAuth access token
+     */
+    public CitesphereAuthToken(String accessToken) {
+        this.authType = "oauth";
+        this.accessToken = accessToken;
+    }
+
+    /**
+     * Constructor for OAuth authentication with refresh token
+     * @param accessToken OAuth access token
+     * @param refreshToken OAuth refresh token
+     * @param expiryTime Token expiry time in milliseconds
+     */
+    public CitesphereAuthToken(String accessToken, String refreshToken, long expiryTime) {
+        this.authType = "oauth";
+        this.accessToken = accessToken;
+        this.refreshToken = refreshToken;
+        this.tokenExpiryTime = expiryTime;
+    }
+
+    /**
+     * Constructor for Basic authentication
+     * @param username Username
+     * @param password Password
+     */
+    public CitesphereAuthToken(String username, String password) {
+        this.authType = "basic";
+        this.username = username;
+        this.password = password;
+    }
+
+    // Getters and setters
+    public String getAuthType() {
+        return authType;
+    }
+
+    public void setAuthType(String authType) {
+        this.authType = authType;
+    }
+
+    public Map<String, String> getHeaders() {
+        return headers;
+    }
+
+    public void setHeaders(Map<String, String> headers) {
+        this.headers = headers;
+    }
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+    public void setRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
+
+    public long getTokenExpiryTime() {
+        return tokenExpiryTime;
+    }
+
+    public void setTokenExpiryTime(long tokenExpiryTime) {
+        this.tokenExpiryTime = tokenExpiryTime;
+    }
+
+    /**
+     * Check if the access token is expired
+     * @return true if token is expired, false otherwise
+     */
+    public boolean isTokenExpired() {
+        return tokenExpiryTime > 0 && System.currentTimeMillis() > tokenExpiryTime;
+    }
+}
diff --git a/vspace/src/main/java/edu/asu/diging/vspace/core/services/ICitesphereManager.java b/vspace/src/main/java/edu/asu/diging/vspace/core/services/ICitesphereManager.java
@@ -0,0 +1,118 @@
+package edu.asu.diging.vspace.core.services;
+
+import java.util.Map;
+import edu.asu.diging.vspace.core.exception.CitesphereTokenException;
+
+/**
+ * Service interface for Citesphere API operations
+ */
+public interface ICitesphereManager {
+
+    /**
+     * Get user information
+     * @return User data as Map
+     */
+    Map<String, Object> getUser();
+
+    /**
+     * Check test endpoint
+     * @return Test response as Map
+     */
+    Map<String, Object> checkTest();
+
+    /**
+     * Check access for a document
+     * @param documentId Document ID to check access for
+     * @return Access check response as Map
+     */
+    Map<String, Object> checkAccess(String documentId);
+
+    /**
+     * Get data by endpoint
+     * @param endpoint API endpoint path
+     * @return Data response as Map
+     */
+    Map<String, Object> getDataByEndpoint(String endpoint);
+
+    /**
+     * Get all groups
+     * @return Groups data as Map
+     */
+    Map<String, Object> getGroups();
+
+    /**
+     * Get group information
+     * @param groupId Group ID
+     * @return Group information as Map
+     */
+    Map<String, Object> getGroupInfo(String groupId);
+
+    /**
+     * Get group items
+     * @param zoteroGroupId Zotero group ID
+     * @return Group items as Map
+     */
+    Map<String, Object> getGroupItems(String zoteroGroupId);
+
+    /**
+     * Get collections
+     * @param zoteroGroupId Zotero group ID
+     * @return Collections as Map
+     */
+    Map<String, Object> getCollections(String zoteroGroupId);
+
+    /**
+     * Get collection items
+     * @param zoteroGroupId Zotero group ID
+     * @param collectionId Collection ID
+     * @param pageNumber Page number (optional, defaults to 0)
+     * @return Collection items as Map
+     */
+    Map<String, Object> getCollectionItems(String zoteroGroupId, String collectionId, int pageNumber);
+
+    /**
+     * Get collection items (overloaded method without page number)
+     * @param zoteroGroupId Zotero group ID
+     * @param collectionId Collection ID
+     * @return Collection items as Map
+     */
+    Map<String, Object> getCollectionItems(String zoteroGroupId, String collectionId);
+
+    /**
+     * Get item information
+     * @param zoteroGroupId Zotero group ID
+     * @param itemId Item ID
+     * @return Item information as Map
+     */
+    Map<String, Object> getItemInfo(String zoteroGroupId, String itemId);
+
+    /**
+     * Get collections by collection ID
+     * @param zoteroGroupId Zotero group ID
+     * @param collectionId Collection ID
+     * @return Collections as Map
+     */
+    Map<String, Object> getCollectionsByCollectionId(String zoteroGroupId, String collectionId);
+
+    /**
+     * Add item to group
+     * @param groupId Group ID
+     * @param data Item data
+     * @param filePath Path to file to upload
+     * @return Response from API
+     */
+    Object addItem(String groupId, Map<String, Object> data, String filePath);
+
+    /**
+     * Refresh the access token using refresh token
+     * @return New CitesphereAuthToken with refreshed access token
+     * @throws CitesphereTokenException if refresh fails
+     */
+    CitesphereAuthToken refreshToken() throws CitesphereTokenException;
+
+    /**
+     * Validate if current token is still valid
+     * @return true if token is valid, false otherwise
+     */
+    boolean isTokenValid();
+}