ApplicationsApi improvements

Author: jmini

gitlab4j-api/src/main/java/org/gitlab4j/api/ApplicationsApi.java

@@ -83,7 +83,9 @@ public Stream<Application> getApplicationsStream() throws GitLabApiException {
      * @param scopes the scopes of the application (api, read_user, sudo, read_repository, openid, profile, email)
      * @return the created Application instance
      * @throws GitLabApiException if any exception occurs
+     * @deprecated use {@link #createApplication(String, String, List, Boolean)} instead
      */
+    @Deprecated
     public Application createApplication(String name, String redirectUri, ApplicationScope[] scopes)
             throws GitLabApiException {
 
@@ -104,9 +106,29 @@ public Application createApplication(String name, String redirectUri, Applicatio
      * @param scopes the scopes of the application (api, read_user, sudo, read_repository, openid, profile, email)
      * @return the created Application instance
      * @throws GitLabApiException if any exception occurs
+     * @deprecated use {@link #createApplication(String, String, List, Boolean)} instead
      */
+    @Deprecated
     public Application createApplication(String name, String redirectUri, List<ApplicationScope> scopes)
             throws GitLabApiException {
+        return createApplication(name, redirectUri, scopes, null);
+    }
+
+    /**
+     * Create an OAUTH Application.
+     *
+     * <pre><code>GitLab Endpoint: POST /api/v4/applications</code></pre>
+     *
+     * @param name the name for the OAUTH Application
+     * @param redirectUri the redirect URI for the OAUTH Application
+     * @param scopes the scopes of the application (api, read_user, sudo, read_repository, openid, profile, email)
+     * @param confidential The application is used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential
+     * @return the created Application instance
+     * @throws GitLabApiException if any exception occurs
+     */
+    public Application createApplication(
+            String name, String redirectUri, List<ApplicationScope> scopes, Boolean confidential)
+            throws GitLabApiException {
 
         if (scopes == null || scopes.isEmpty()) {
             throw new GitLabApiException("scopes cannot be null or empty");
@@ -116,7 +138,8 @@ public Application createApplication(String name, String redirectUri, List<Appli
         GitLabApiForm formData = new GitLabApiForm()
                 .withParam("name", name, true)
                 .withParam("redirect_uri", redirectUri, true)
-                .withParam("scopes", scopesString, true);
+                .withParam("scopes", scopesString, true)
+                .withParam("confidential", confidential);
         Response response = post(Response.Status.CREATED, formData, "applications");
         return (response.readEntity(Application.class));
     }

gitlab4j-models/src/main/java/org/gitlab4j/api/models/Application.java

@@ -9,6 +9,8 @@ public class Application implements Serializable {
     private String applicationId;
     private String applicationName;
     private String callbackUrl;
+    private Boolean confidential;
+    private String secret;
 
     public Long getId() {
         return id;
@@ -41,4 +43,20 @@ public String getCallbackUrl() {
     public void setCallbackUrl(String callbackUrl) {
         this.callbackUrl = callbackUrl;
     }
+
+    public Boolean getConfidential() {
+        return confidential;
+    }
+
+    public void setConfidential(Boolean confidential) {
+        this.confidential = confidential;
+    }
+
+    public String getSecret() {
+        return secret;
+    }
+
+    public void setSecret(String secret) {
+        this.secret = secret;
+    }
 }

gitlab4j-models/src/main/java/org/gitlab4j/models/Constants.java

@@ -829,26 +829,55 @@ public String toString() {
      * Enum for the various Application scope values.
      */
     public enum ApplicationScope {
-
-        /**  Access the authenticated user's API */
+        /** Grants complete read/write access to the API, including all groups and projects, the container registry, the dependency proxy, and the package registry. */
         API,
 
-        /** Read the authenticated user's personal information */
+        /** Grants read access to the API, including all groups and projects, the container registry, and the package registry. */
+        READ_API,
+
+        /** Grants read-only access to your profile through the /user API endpoint, which includes username, public email, and full name. Also grants access to read-only API endpoints under /users. */
         READ_USER,
 
-        /**  Perform API actions as any user in the system */
-        SUDO,
+        /** Grants create access to the runners. */
+        CREATE_RUNNER,
 
-        /** Allows read-access to the repository */
+        /** Grants access to manage the runners. */
+        MANAGE_RUNNER,
+
+        /** Grants permission to perform Kubernetes API calls using the agent for Kubernetes. */
+        K8S_PROXY,
+
+        /** Grants read-only access to repositories on private projects using Git-over-HTTP or the Repository Files API. */
         READ_REPOSITORY,
 
-        /** Authenticate using OpenID Connect */
+        /** Grants read-write access to repositories on private projects using Git-over-HTTP (not using the API). */
+        WRITE_REPOSITORY,
+
+        /** Grants read-only access to GitLab Observability. */
+        READ_OBSERVABILITY,
+
+        /** Grants write access to GitLab Observability. */
+        WRITE_OBSERVABILITY,
+
+        /** Grants access to GitLab Duo related API endpoints. */
+        AI_FEATURES,
+
+        /** Grants permission to perform API actions as any user in the system, when authenticated as an admin user. */
+        SUDO,
+
+        /** Grants permission to perform API actions as an administrator, when Admin Mode is enabled. */
+        ADMIN_MODE,
+
+        /** Grant access to download Service Ping payload via API when authenticated as an admin user. */
+        READ_SERVICE_PING,
+
+        /** Grants permission to authenticate with GitLab using OpenID Connect. Also gives read-only access to the user's profile and group memberships. */
         OPENID,
 
-        /** Allows read-only access to the user's personal information using OpenID Connect */
+        /** Grants read-only access to the user's profile data using OpenID Connect. */
         PROFILE,
 
-        /** Allows read-only access to the user's primary email address using OpenID Connect */
+        /** Grants read-only access to the user's primary email address using OpenID Connect. */
         EMAIL;
 
         private static JacksonJsonEnumHelper<ApplicationScope> enumHelper =

gitlab4j-models/src/test/resources/org/gitlab4j/models/applications.json

@@ -3,6 +3,9 @@
         "id": 1,
         "application_id": "5832fc6e14300a0d962240a8144466eef4ee93ef0d218477e55f11cf12fc3737",
         "application_name": "MyApplication",
-        "callback_url": "http://redirect.uri"
+        "secret": "ee1dd64b6adc89cf7e2c23099301ccc2c61b441064e9324d963c46902a85ec34"
+        "callback_url": "http://redirect.uri",
+        "confidential": true,
+        "secret": "gloas-0f5cf43dab1a677cd9071743947e54468403c53056c15ba5e3724cf2b7ca17a0"
     }
 ]