4 files changed, 175 insertions, 0 deletions
diff --git a/api4/oauth.go b/api4/oauth.go
index 593d405db..c3b64b608 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -18,6 +18,7 @@ func InitOAuth() {
 	l4g.Debug(utils.T("api.oauth.init.debug"))
 
 	BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(createOAuthApp)).Methods("POST")
+	BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(updateOAuthApp)).Methods("PUT")
 	BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(getOAuthApps)).Methods("GET")
 	BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(getOAuthApp)).Methods("GET")
 	BaseRoutes.OAuthApp.Handle("/info", ApiSessionRequired(getOAuthAppInfo)).Methods("GET")
@@ -74,6 +75,47 @@ func createOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(rapp.ToJson()))
 }
 
+func updateOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireAppId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) {
+		c.SetPermissionError(model.PERMISSION_MANAGE_OAUTH)
+		return
+	}
+
+	oauthApp := model.OAuthAppFromJson(r.Body)
+	if oauthApp == nil {
+		c.SetInvalidParam("oauth_app")
+		return
+	}
+
+	c.LogAudit("attempt")
+
+	oldOauthApp, err := c.App.GetOAuthApp(c.Params.AppId)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	if c.Session.UserId != oauthApp.CreatorId && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) {
+		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH)
+		return
+	}
+
+	updatedOauthApp, err := c.App.UpdateOauthApp(oldOauthApp, oauthApp)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	c.LogAudit("success")
+
+	w.Write([]byte(updatedOauthApp.ToJson()))
+}
+
 func getOAuthApps(c *Context, w http.ResponseWriter, r *http.Request) {
 	if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) {
 		c.Err = model.NewAppError("getOAuthApps", "api.command.admin_only.app_error", nil, "", http.StatusForbidden)
diff --git a/api4/oauth_test.go b/api4/oauth_test.go
index d25e4f934..33ed1ac55 100644
--- a/api4/oauth_test.go
+++ b/api4/oauth_test.go
@@ -81,6 +81,112 @@ func TestCreateOAuthApp(t *testing.T) {
 	CheckNotImplementedStatus(t, resp)
 }
 
+func TestUpdateOAuthApp(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	AdminClient := th.SystemAdminClient
+
+	enableOAuth := utils.Cfg.ServiceSettings.EnableOAuthServiceProvider
+	adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth
+		*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly
+	}()
+	utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	oapp := &model.OAuthApp{
+		Name:         "oapp",
+		IsTrusted:    false,
+		IconURL:      "https://nowhere.com/img",
+		Homepage:     "https://nowhere.com",
+		Description:  "test", 
+		CallbackUrls: []string{"https://callback.com"},
+	}
+
+	oapp, _ = AdminClient.CreateOAuthApp(oapp)
+
+	oapp.Name = "oapp_update"
+	oapp.IsTrusted = true
+	oapp.IconURL = "https://nowhere.com/img_update"
+	oapp.Homepage = "https://nowhere_update.com"
+	oapp.Description = "test_update"
+	oapp.CallbackUrls = []string{"https://callback_update.com","https://another_callback.com"}
+
+	updatedApp, resp := AdminClient.UpdateOAuthApp(oapp)
+	CheckNoError(t, resp)
+
+	if updatedApp.Id != oapp.Id {
+		t.Fatal("Id should have not updated")
+	}
+
+	if updatedApp.CreatorId != oapp.CreatorId {
+		t.Fatal("CreatorId should have not updated")
+	}
+
+	if updatedApp.CreateAt != oapp.CreateAt {
+		t.Fatal("CreateAt should have not updated")
+	}
+
+	if updatedApp.UpdateAt == oapp.UpdateAt {
+		t.Fatal("UpdateAt should have updated")
+	}
+
+	if updatedApp.ClientSecret != oapp.ClientSecret {
+		t.Fatal("ClientSecret should have not updated")
+	}
+
+	if updatedApp.Name != oapp.Name {
+		t.Fatal("Name should have updated")
+	}
+
+	if updatedApp.Description != oapp.Description {
+		t.Fatal("Description should have updated")
+	}
+
+	if updatedApp.IconURL != oapp.IconURL {
+		t.Fatal("IconURL should have updated")
+	}
+
+	if len(updatedApp.CallbackUrls) == len(oapp.CallbackUrls) {
+		for i, callbackUrl := range updatedApp.CallbackUrls {
+			if callbackUrl != oapp.CallbackUrls[i] {
+				t.Fatal("Description should have updated")
+			} 
+		}
+	}
+
+	if updatedApp.Homepage != oapp.Homepage {
+		t.Fatal("Homepage should have updated")
+	}
+
+	if updatedApp.IsTrusted != oapp.IsTrusted {
+		t.Fatal("IsTrusted should have updated")
+	}
+
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+	utils.SetDefaultRolesBasedOnConfig()
+	_, resp = Client.UpdateOAuthApp(oapp)
+	CheckForbiddenStatus(t, resp)
+
+	oapp.Id = "zhk9d1ggatrqz236c7h87im7bc"
+	_, resp = AdminClient.UpdateOAuthApp(oapp)
+	CheckNotFoundStatus(t, resp)
+
+	utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false
+	_, resp = AdminClient.UpdateOAuthApp(oapp)
+	CheckNotImplementedStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.UpdateOAuthApp(oapp)
+	CheckUnauthorizedStatus(t, resp)
+
+	oapp.Id = "junk"
+	_, resp = AdminClient.UpdateOAuthApp(oapp)
+	CheckBadRequestStatus(t, resp)
+}
+
 func TestGetOAuthApps(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer TearDown()
diff --git a/app/oauth.go b/app/oauth.go
index a0fcfd609..2b45409a6 100644
--- a/app/oauth.go
+++ b/app/oauth.go
@@ -53,6 +53,23 @@ func (a *App) GetOAuthApp(appId string) (*model.OAuthApp, *model.AppError) {
 	}
 }
 
+func (a *App) UpdateOauthApp(oldApp, updatedApp *model.OAuthApp) (*model.OAuthApp, *model.AppError) {
+	if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
+		return nil, model.NewAppError("UpdateOauthApp", "api.oauth.allow_oauth.turn_off.app_error", nil, "", http.StatusNotImplemented)
+	}
+
+	updatedApp.Id = oldApp.Id
+	updatedApp.CreatorId = oldApp.CreatorId
+	updatedApp.CreateAt = oldApp.CreateAt
+	updatedApp.ClientSecret = oldApp.ClientSecret
+
+	if result := <-a.Srv.Store.OAuth().UpdateApp(updatedApp); result.Err != nil {
+		return nil, result.Err
+	} else {
+		return result.Data.([2]*model.OAuthApp)[0], nil
+	}
+}
+
 func (a *App) DeleteOAuthApp(appId string) *model.AppError {
 	if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
 		return model.NewAppError("DeleteOAuthApp", "api.oauth.allow_oauth.turn_off.app_error", nil, "", http.StatusNotImplemented)
diff --git a/model/client4.go b/model/client4.go
index 44c4cf6c9..42e89fd9c 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -2631,6 +2631,16 @@ func (c *Client4) CreateOAuthApp(app *OAuthApp) (*OAuthApp, *Response) {
 	}
 }
 
+// UpdateOAuthApp
+func (c *Client4) UpdateOAuthApp(app *OAuthApp) (*OAuthApp, *Response) {
+	if r, err := c.DoApiPut(c.GetOAuthAppRoute(app.Id), app.ToJson()); err != nil {
+		return nil, BuildErrorResponse(r, err)
+	} else {
+		defer closeBody(r)
+		return OAuthAppFromJson(r.Body), BuildResponse(r)
+	}
+}
+
 // GetOAuthApps gets a page of registered OAuth 2.0 client applications with Mattermost acting as an OAuth 2.0 service provider.
 func (c *Client4) GetOAuthApps(page, perPage int) ([]*OAuthApp, *Response) {
 	query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)