Is there any plan to support Compressed XML or other data format (http://www.w3.org/XML/EXI/#Efficient_XML) to support fast data transfer and efficient way to consume by client.

datacustodian base URl in token enhancer is injected though properties. Hence it needs to be provided in application during build time. Can this be used from application information corresponds to data-custodian.

Issue was originally reported in OpenESPI-Common-java, but only applies to OpenESPI-DataCustodian-java. Therefore it has been moved to here for tracking.

In some applications, an administrative dashboard and interface are desirable for the DataCustodian.

the datacustodian pom.xml references the wrong common version

Putting the Retail Customer API back into the API doc and validate in the implementation

Spring Framework 4.0 replaced XML based configuration files with Java Configuration files. This enhancement brings the OpenESPI-DataCustodian-java repository up-to-date with the current Spring Framework configuration technology

File: ResourceValidationFilter
== equal operator is used to compare two Long object. This will not use value to compare.

A way for either the third party or the data custodian to revoke an authorization.

(ref: RFC 7009)

If the registration_access_token is used when accessing the /espi/1_1/resource/ApplicationInformation API an ArrayIndexOutOfBounds exception is generated at line 394 of the ResourceValidationFilter class.

The current API definition contains:

    @RequestMapping(value = Routes.DATA_CUSTODIAN_MANAGE, method = RequestMethod.GET, produces = "text/text")

The acceptable HTTP Content-type values for "text" are "text/plain" or "text/html" which the Swagger UI enforces. The current value of "text/text" should be "text/plain".

The current OpenESPI-DataCustodian-java repository contains dependency and references to the Postgres Database, but this database interface has never been implemented.

1. Update/PUT --- there is no validation which attribute TP can update. Current merge implementation merge all attributes, so it may override existing data.
2. Delete -Can TP delete applicationinformation record. Does this mean delete all authorization?

Adapt the code base to use java configuration rather then XML data files now in use.

to be able to POST an IntervalBlock

Spring Framework 4.0.6 was released on July 8, 2014

On DELETE rest request to authorization API, I am getting below error.
[s~londonhydro-espi-dev/api:1.378271493630962243].: org.springframework.orm.jpa.JpaSystemException: org.hibernate.exception.ConstraintViolationException: could not execute statement; nested exception is javax.persistence.PersistenceException: org.hibernate.exception.ConstraintViolationException: could not execute statement

Also, could not delete authorization record using direct delete FROM datacustodian.authorizations where id=1000000027 as subscription is linked it.

To be able to remove an applicationInformation and all of it's associated authorizations

(ref: RFC 7009)

Implement refresh token support in DC. A request for a fresh access-token or refresh-token should result in an update to the OAuth token store, as well as, the corresponding Authorization object.

Many elements of the ESPI data structures are code list enumerations where the data content is an integer that corresponds to a textual name and a description. Internationalization of this data facilitates agile adaptation of GUIs to local needs.

The RetailCustomerController.java (in the datacustodian.web.package) contains the patterns:

DATA_CUSTODIAN_RETAIL_CUSTOMER_INDEX
DATA_CUSTODIAN_RETAIL_CUSTOMER_FORM
DATA_CUSTODIAN_RETAIL_CUSTOMER_CREATE
DATA_CUSTODIAN_RETAIL_CUSTOMER_SHOW

These controllers provide the basis for RetailCustomer(Account) management.

Start with a clean system. Sign in to the third party and authorize allan access to the first data custodian using the first scopestring.

sign out of the third party.
sign in to the third party as charles and authorize charles access to the first data custodian using the first scopestring.

Only one authorization/subscription is created and there is no suthorization that referes to charles' retailCustomerId.

Charles is not being assigned an authorization.access_token.

There are fields in the authorizations and subscriptions table rows that contain NULL. These should be completed at time of row creation to have suitable contents and/or any residual NULL entries well documented as to why they are not being initialized.

Reference section 2.2 of the Authorization.docx https://s3-us-west-2.amazonaws.com/technical.greenbuttonalliance.org/OpenADE/Shared+Documents/Testing+and+Certification/GreenButtonTestPlan/ReferenceMaterial/GreenButtonAuthorization.docx

1. Go to https://services.greenbuttondata.org/DataCustodian
2. Login as grace
3. open a new browser tab (from the same browser used in steps 1&2)
4. enter any of the RESTful API patterns in the browser address line and hit return

You will be presented with the XML of the requested ESPI resource.

Rather I think I should get back:

(NOTE: that no access token is contained in the browser request).

GET /DataCustodian/espi/1_1/resource/Batch/Subscription/{subscriptionId}/UsagePoint/{usagePointId} should return the complete UsagePoint structure along with contained objects according to the API. The current implementation returns a 404 not available error.

A GET /DataCustodian/espi/1_1/resource/Batch/Subscription/5 successfully returns subscription including UsagePoint 1.

I recommend you change the background color (currently #fff1ff) to #ffffff.

The pink is tough. especially with the green. White seems safe, especially since most of the sites you link to from that page use white.

This appears to be set in the body and hero elements in bootstrap.css

ElectricPowerUsageSummary and ElectricPowerQualitySummary APIs obtain a 400 Bad Request when accessed using a client_credential based access token

Currently, GET http://localhost:8080/DataCustodian/espi/1_1/resource/ReadServiceStatus HTTP/1.1 returns:

    <feed xmlns="http://www.w3.org/2005/Atom" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <id>a45758af-dd6f-4b84-9373-a7f1050a0153</id>
    <title>Service Status</title>
    <description>Service Status:</description>
    <updated>2014-06-04T16:16:26Z</updated>
    </feed>

The ESPI standard describes only the data structure. To emit an instance of this as XML:

    <?xml version="1.0" encoding="UTF-8"?>
    <ServiceStatus xmlns="http://naesb.org/espi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://naesb.org/espi espiDerived.xsd">
    <currentStatus>1</currentStatus>
    </ServiceStatus>

I think we should move to the Schema compliant version.

Design structure to facilitate skinning of application.

The authorizationPeriod and publishedPeriod must:

1. be supported correctly in the authorization class -> they be initialized from values obtained from the scope string(s).
2. must also be used properly in the exportFilter class -> publishedPeriod must be used in conjunction with publishedMin and publishedMax (and all) within the export process
3. the authorization (and associated access_tokens) must be disallowed or destroyed when the authorizationPeriod expires (possibly using RFC 7009).

The EspiTokenEnhancer routine causes a ClassCastException when it invokes the createSubscription(authentication) method

Drive the DataCustodian .war file documentation. Focus on:

1 - Controllers
2 - Restful API - (As defined in API documentation)
3 - UX flow

The POM file contains profiles that are no longer available. These should be removed to simplify the POM file.

The current REST APIs will NOT work for client_credentials based access tokens, as they assume ALL authorization records contain valid SubscriptionId values. This affects the following Web API REST controllers:

 IntervalBlockRESTController
 ElectricPowerQualitySummaryRESTController
 RetailCustomerRESTController
 MeterReadingRESTController
 ElectricPowerUsageSummaryRESTController
 UsagePointRESTController

Using:

I am raising this for further discussion on this.

Currently, as part of specification usage data though data subscription service can be controlled by published-min/published-max and updated-min/updated-max. There will be some third party who is interested on Interval Block/Reading data based on usage time. Basically, they need data from date to this data irrespective when last correction happen or when it first published though green button channel (usage time always would be less than published time... could vary one hour to days to several days.)

Support SFTP in DC for Bulk retrieval. If the dataCustodianBulkRequestURI in ApplicationInformation is set to sftp://..... the DC must support a retrieval of the bulk data via SFT GETALL method.

The DC will notify the TP when data is available using the sftp:// URL.

Reset of the Repository to a known state. The suggested API is:

POST https://services.greenbuttondata.org/DataCustodian/manage?command=resetDataCustodianDB

A new issue specifically for this RESTful api has been entered.

The initial values of the authorization period and published period need to be extracted from the scope string at the time of access authorization.

Hello,

(Beginner here)

I am trying to follow the brief instructions on the readme.

1. I cloned OpenESPI-Common-java, built it and after skipping the tests, installed it
2. I cloned OpenESPI-DataCustodian-java and run "mvn tomcat7:run". This fails with:

[ERROR] COMPILATION ERROR : 
[INFO] -------------------------------------------------------------
[ERROR] /mnt2/images/openespi/OpenESPI-DataCustodian-java/src/main/java/org/energyos/espi/datacustodian/oauth/EspiTokenEnhancer.java:[56,56] error: cannot find symbol
[INFO] 1 error

There is no mention of the missing symbol, even when supplying -e -X to the mvn command as is suggested.

What am I missing?

Thanks,

-K.

I see role in sql script ROLE_TP_REGISTRATION. But in resource validation it is used as ROLE_REGISTRATION

support of multiple authorizations to same third-party for different usage point. Currently, during second authorization to another usage points returns previous authorization details instead of creating new authorization. As the Oauth scope string same for both cases, spring ouath layer returning the existing valid authorization details.

The profiles for ec2 and heroku have been removed from the POM file, but the database population resource files in the /src/main/resources/db directory still exist.

Populate all fields in the ApplicationInformation table reflecting the contents of GreenButtonAuthorization.docx Appendix D.1

The ReadMe instructions say the following: git clone https://github.com/energyos/OpenESPI-DataCustodian.git

This should be corrected to say "git clone https://github.com/energyos/OpenESPI-DataCustodian-Java.git".

There is a need to have individual sandbox's supported

Attempting to access the DELETE /espi/1_1/resource/ApplicationInformation/{applicationInformationId} API using the registration_access_token returns a SC of 400.

Run SOAPUI script Run TestCase EstablishTwoSubscriptions which adds two subscriptions for "third_party". There are now 6 authorizations -- 4 for the data custodian admin, third party admin, registration admin, upload admin, and two for the two authorizations.

The API says that the Third Party, using it's client_access_token, should be able to retrieve all authorizations for that TP. It currently returns all (6) authorizations. It should return only those related to the requesting ThirdParty (4 in this case -- the two subscriptions for alan and charles, and, the authorizations reflecting it's client-access-token and registration-access-token).