feature(#20): this commit introduces an endpoint to revoke a client's audience access

https-richardy · https-richardy · commit ec6459e3753d · 2026-04-20T14:34:52.000-03:00
diff --git a/Applications/Backend/Source/HttpsRichardy.Federation.WebApi/Controllers/ClientsController.cs b/Applications/Backend/Source/HttpsRichardy.Federation.WebApi/Controllers/ClientsController.cs
@@ -159,6 +159,30 @@ public async Task<IActionResult> AssignAudienceAsync([FromRoute] string id, [Fro
 
             { IsFailure: true } when result.Error == ClientErrors.ClientAlreadyHasAudience =>
                 StatusCode(StatusCodes.Status409Conflict, result.Error),
+
+            { IsFailure: true } when result.Error == ClientErrors.InvalidAudienceValue =>
+                StatusCode(StatusCodes.Status400BadRequest, result.Error),
+        };
+    }
+
+    [HttpDelete("{id}/audiences/{audience}")]
+    [Stability(Stability.Stable)]
+    [Authorize(Roles = Permissions.EditClient)]
+    public async Task<IActionResult> RevokeAudienceAsync([FromRoute] string id, [FromRoute] string audience, CancellationToken cancellation)
+    {
+        var request = new RevokeClientAudienceScheme { Id = id, Audience = audience };
+        var result = await dispatcher.DispatchAsync(request, cancellation);
+
+        return result switch
+        {
+            { IsSuccess: true } when result.Data is not null =>
+                StatusCode(StatusCodes.Status200OK, result.Data),
+
+            { IsFailure: true } when result.Error == ClientErrors.ClientDoesNotExist =>
+                StatusCode(StatusCodes.Status404NotFound, result.Error),
+
+            { IsFailure: true } when result.Error == ClientErrors.AudienceNotAssigned =>
+                StatusCode(StatusCodes.Status409Conflict, result.Error)
         };
     }
 }
diff --git a/Applications/Backend/Source/HttpsRichardy.Federation.WebApi/Conventions/ClientsConventions.cs b/Applications/Backend/Source/HttpsRichardy.Federation.WebApi/Conventions/ClientsConventions.cs
@@ -46,4 +46,11 @@ public static void RevokePermissionAsync(string id, string permissionId, Cancell
     [ProducesResponseType(typeof(Error), StatusCodes.Status404NotFound)]
     [ProducesResponseType(typeof(Error), StatusCodes.Status409Conflict)]
     public static void AssignAudienceAsync(string id, AssignClientAudienceScheme request, CancellationToken cancellation) { }
+
+    [ApiConventionNameMatch(ApiConventionNameMatchBehavior.Prefix)]
+    [ProducesResponseType(typeof(IReadOnlyCollection<string>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(Error), StatusCodes.Status400BadRequest)]
+    [ProducesResponseType(typeof(Error), StatusCodes.Status404NotFound)]
+    [ProducesResponseType(typeof(Error), StatusCodes.Status409Conflict)]
+    public static void RevokeAudienceAsync(string id, string audience, CancellationToken cancellation) { }
 }
