fixed issue where incorrect values were passed inside the revocation requests

jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeDeviceFlow.java

@@ -17,12 +17,12 @@ import static net.jami.jams.server.Server.certificateAuthority;
 @Slf4j
 public class RevokeDeviceFlow {
 
-    public static DeviceRevocationResponse revokeDevice(String username, RevocationRequest request){
+    public static DeviceRevocationResponse revokeDevice(String username, String deviceId){
         DeviceRevocationResponse response = new DeviceRevocationResponse();
         try {
             StatementList statementList = new StatementList();
             StatementElement st1 = new StatementElement("owner","=",username,"AND");
-            StatementElement st2 = new StatementElement("deviceId","=",request.getIdentifier().toString(),"");
+            StatementElement st2 = new StatementElement("deviceId","=",deviceId,"");
             statementList.addStatement(st1);
             statementList.addStatement(st2);
             Device device = dataStore.getDeviceDao().getObjects(statementList).get(0);
@@ -30,6 +30,8 @@ public class RevokeDeviceFlow {
                 log.error("Could not find device!");
                 return null;
             }
+            RevocationRequest request = new RevocationRequest();
+            request.setRevocationType(RevocationType.DEVICE);
             request.setIdentifier(device.getCertificate().getSerialNumber());
             certificateAuthority.revokeCertificate(request);
             long statTime = System.currentTimeMillis();

jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeUserFlow.java

@@ -5,6 +5,7 @@ import net.jami.jams.common.dao.StatementElement;
 import net.jami.jams.common.dao.StatementList;
 import net.jami.jams.common.objects.devices.Device;
 import net.jami.jams.common.objects.requests.RevocationRequest;
+import net.jami.jams.common.objects.requests.RevocationType;
 import net.jami.jams.common.objects.responses.DeviceRevocationResponse;
 import net.jami.jams.common.objects.user.User;
 
@@ -14,7 +15,7 @@ import static net.jami.jams.server.Server.dataStore;
 @Slf4j
 public class RevokeUserFlow {
 
-    public static DeviceRevocationResponse revokeUser(String username, RevocationRequest request){
+    public static DeviceRevocationResponse revokeUser(String username){
         DeviceRevocationResponse response = new DeviceRevocationResponse();
         try {
             StatementList statementList = new StatementList();
@@ -25,6 +26,8 @@ public class RevokeUserFlow {
                 log.error("Could not find user!");
                 return null;
             }
+            RevocationRequest request = new RevocationRequest();
+            request.setRevocationType(RevocationType.USER);
             request.setIdentifier(user.getCertificate().getSerialNumber());
             certificateAuthority.revokeCertificate(request);
             long statTime = System.currentTimeMillis();

jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java

@@ -39,9 +39,7 @@ public class UserServlet extends HttpServlet {
     //Revoke a user.
     @Override
     protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        RevocationRequest request = new RevocationRequest();
-        request.setRevocationType(RevocationType.USER);
-        DeviceRevocationResponse devResponse = RevokeUserFlow.revokeUser(req.getParameter("username").toString(), request);
+        DeviceRevocationResponse devResponse = RevokeUserFlow.revokeUser(req.getParameter("username"));
         if(devResponse != null) resp.getOutputStream().write(JsonStream.serialize(devResponse).getBytes());
         else resp.sendError(500,"An exception has occurred while trying to revoke a device!");
     }

jams-server/src/main/java/net/jami/jams/server/servlets/api/auth/device/DeviceServlet.java

@@ -53,10 +53,7 @@ public class DeviceServlet extends HttpServlet {
     @Override
     protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         super.doDelete(req, resp);
-        RevocationRequest request = new RevocationRequest();
-        request.setIdentifier(new BigInteger(req.getAttribute("deviceId").toString()));
-        request.setRevocationType(RevocationType.DEVICE);
-        DeviceRevocationResponse devResponse = RevokeDeviceFlow.revokeDevice(req.getAttribute("username").toString(), request);
+        DeviceRevocationResponse devResponse = RevokeDeviceFlow.revokeDevice(req.getAttribute("username").toString(),req.getParameter("deviceId"));
         if(devResponse != null) resp.getOutputStream().write(JsonStream.serialize(devResponse).getBytes());
         else resp.sendError(500,"An exception has occurred while trying to revoke a device!");
     }