From d032f6cd3b716444d56ff335a0b265e8ccba1786 Mon Sep 17 00:00:00 2001 From: pujavs Date: Fri, 15 Nov 2024 13:49:44 +0530 Subject: [PATCH 01/17] fix(config-api): missing scope in spec Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 17 +- .../docs/jans-admin-ui-plugin-swagger.yaml | 436 +++++++++--------- .../configapi/rest/health/ApiHealthCheck.java | 3 +- 3 files changed, 230 insertions(+), 226 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index e86cd588929..eb2ba747d23 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -188,6 +188,9 @@ paths: } "500": description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/config/app-version.readonly /api/v1/acrs: get: tags: @@ -9267,7 +9270,7 @@ components: type: string selected: type: boolean - whitePagesCanView: + userCanEdit: type: boolean adminCanEdit: type: boolean @@ -9275,12 +9278,12 @@ components: type: boolean adminCanView: type: boolean - userCanEdit: - type: boolean userCanAccess: type: boolean adminCanAccess: type: boolean + whitePagesCanView: + type: boolean baseDn: type: string PatchRequest: @@ -11246,14 +11249,14 @@ components: type: boolean internal: type: boolean + locationPath: + type: string locationType: type: string enum: - ldap - db - file - locationPath: - type: string baseDn: type: string ScriptError: @@ -11682,10 +11685,10 @@ components: ttl: type: integer format: int32 - opbrowserState: - type: string persisted: type: boolean + opbrowserState: + type: string SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/plugins/docs/jans-admin-ui-plugin-swagger.yaml b/jans-config-api/plugins/docs/jans-admin-ui-plugin-swagger.yaml index 6be724ff5b7..adae31a4cd4 100644 --- a/jans-config-api/plugins/docs/jans-admin-ui-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/jans-admin-ui-plugin-swagger.yaml @@ -10,19 +10,19 @@ info: url: https://github.com/JanssenProject/jans/blob/main/LICENSE version: 1.0.0 servers: - - url: https://jans.io/ - description: The Jans server +- url: https://jans.io/ + description: The Jans server tags: - - name: Admin UI - Role - - name: Admin UI - Permission - - name: Admin UI - Role-Permissions Mapping - - name: Admin UI - License - - name: Admin UI - Webhooks +- name: Admin UI - Role +- name: Admin UI - Permission +- name: Admin UI - Role-Permissions Mapping +- name: Admin UI - License +- name: Admin UI - Webhooks paths: /admin-ui/adminUIPermissions: get: tags: - - Admin UI - Permission + - Admin UI - Permission summary: Get all admin ui permissions description: Get all admin ui permissions operationId: get-all-adminui-permissions @@ -50,11 +50,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly put: tags: - - Admin UI - Permission + - Admin UI - Permission summary: Edit admin ui permissions description: Edit admin ui permissions operationId: edit-adminui-permission @@ -88,11 +88,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write post: tags: - - Admin UI - Permission + - Admin UI - Permission summary: Add admin ui permissions description: Add admin ui permissions operationId: add-adminui-permission @@ -126,12 +126,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write /admin-ui/adminUIRolePermissionsMapping: get: tags: - - Admin UI - Role-Permissions Mapping + - Admin UI - Role-Permissions Mapping summary: Get all admin ui role-permissions mapping description: Get all admin ui role-permissions mapping operationId: get-all-adminui-role-permissions @@ -159,11 +159,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly put: tags: - - Admin UI - Role-Permissions Mapping + - Admin UI - Role-Permissions Mapping summary: Map permissions to role description: Map permissions to role operationId: map-permissions-to-role @@ -197,11 +197,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write post: tags: - - Admin UI - Role-Permissions Mapping + - Admin UI - Role-Permissions Mapping summary: Add role-permissions mapping description: Add role-permissions mapping operationId: add-role-permissions-mapping @@ -235,12 +235,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write /admin-ui/adminUIRoles: get: tags: - - Admin UI - Role + - Admin UI - Role summary: Get all admin ui roles description: Get all admin ui roles operationId: get-all-adminui-roles @@ -268,11 +268,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly put: tags: - - Admin UI - Role + - Admin UI - Role summary: Edit admin ui role description: Edit admin ui role operationId: edit-adminui-role @@ -306,11 +306,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write post: tags: - - Admin UI - Role + - Admin UI - Role summary: Add admin ui role description: Add admin ui role operationId: add-adminui-role @@ -344,22 +344,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write /admin-ui/adminUIPermissions/{adminUIPermission}: get: tags: - - Admin UI - Permission + - Admin UI - Permission summary: Get admin ui permission by permission-name description: Get admin ui permission by permission-name operationId: get-adminui-permission parameters: - - name: adminUIPermission - in: path - description: Admin UI Permission - required: true - schema: - type: string + - name: adminUIPermission + in: path + description: Admin UI Permission + required: true + schema: + type: string responses: "200": description: Ok @@ -384,21 +384,21 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly delete: tags: - - Admin UI - Permission + - Admin UI - Permission summary: Delete admin ui permission by permission-name description: Delete admin ui permission by permission-name operationId: delete-adminui-permission parameters: - - name: adminUIPermission - in: path - description: Admin UI Permission - required: true - schema: - type: string + - name: adminUIPermission + in: path + description: Admin UI Permission + required: true + schema: + type: string responses: "200": description: Ok @@ -423,22 +423,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete /admin-ui/adminUIRoles/{adminUIRole}: get: tags: - - Admin UI - Role + - Admin UI - Role summary: Get admin ui role details by role-name description: Get admin ui role details by role-name operationId: get-adminui-role parameters: - - name: adminUIRole - in: path - description: Admin UI role - required: true - schema: - type: string + - name: adminUIRole + in: path + description: Admin UI role + required: true + schema: + type: string responses: "200": description: Ok @@ -463,21 +463,21 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly delete: tags: - - Admin UI - Role + - Admin UI - Role summary: Delete admin ui role by role-name description: Delete admin ui role by role-name operationId: delete-adminui-role parameters: - - name: adminUIRole - in: path - description: Admin UI role - required: true - schema: - type: string + - name: adminUIRole + in: path + description: Admin UI role + required: true + schema: + type: string responses: "200": description: Ok @@ -502,12 +502,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete /admin-ui/config: get: tags: - - Admin UI - Configuration + - Admin UI - Configuration summary: Get Admin UI editable configuration description: Get Admin UI editable configuration operationId: get-adminui-conf @@ -535,11 +535,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly put: tags: - - Admin UI - Configuration + - Admin UI - Configuration summary: Edit Admin UI editable configuration description: Edit Admin UI editable configuration operationId: edit-adminui-conf @@ -573,22 +573,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/properties.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/properties.write /admin-ui/adminUIRolePermissionsMapping/{adminUIRole}: get: tags: - - Admin UI - Role-Permissions Mapping + - Admin UI - Role-Permissions Mapping summary: Get admin ui role-permissions mapping by role-name description: Get admin ui role-permissions mapping by role-name operationId: get-adminui-role-permissions parameters: - - name: adminUIRole - in: path - description: Admin UI Role - required: true - schema: - type: string + - name: adminUIRole + in: path + description: Admin UI Role + required: true + schema: + type: string responses: "200": description: Ok @@ -613,21 +613,21 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly delete: tags: - - Admin UI - Role-Permissions Mapping + - Admin UI - Role-Permissions Mapping summary: Remove role-permissions mapping by role-name description: Remove role-permissions mapping by role-name operationId: remove-role-permissions-permission parameters: - - name: adminUIRole - in: path - description: role - required: true - schema: - type: string + - name: adminUIRole + in: path + description: role + required: true + schema: + type: string responses: "200": description: Ok @@ -652,12 +652,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete /admin-ui/license/activate: post: tags: - - Admin UI - License + - Admin UI - License summary: Activate license using license-key description: Activate license using license-key operationId: activate-adminui-license @@ -689,12 +689,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.write /admin-ui/license/details: get: tags: - - Admin UI - License + - Admin UI - License summary: Get admin ui license details description: Get admin ui license details operationId: get-adminui-license @@ -720,12 +720,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly /admin-ui/license/isActive: get: tags: - - Admin UI - License + - Admin UI - License summary: Check if admin-ui license is active description: Check if admin-ui license is active operationId: is-license-active @@ -751,12 +751,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly /admin-ui/license/isConfigValid: get: tags: - - Admin UI - License + - Admin UI - License summary: Is license configuration valid description: Is license configuration valid operationId: check-adminui-license-config @@ -782,12 +782,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly /admin-ui/license/retrieve: get: tags: - - Admin UI - License + - Admin UI - License summary: Retrieve license from SCAN description: Retrieve license from SCAN operationId: retrieve-license @@ -813,12 +813,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly /admin-ui/license/ssa: post: tags: - - Admin UI - License + - Admin UI - License summary: Save SSA in configuration description: Save SSA in configuration operationId: adminui-post-ssa @@ -850,12 +850,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.write /admin-ui/license/trial: get: tags: - - Admin UI - License + - Admin UI - License summary: Generate trial license description: Generate trial license operationId: get-trial-license @@ -881,59 +881,59 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly /admin-ui/webhook: get: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Gets list of webhooks description: Gets list of webhooks operationId: get-all-webhooks parameters: - - name: limit - in: query - description: Search size - max size of the results to return - schema: - type: integer - format: int32 - default: 50 - - name: pattern - in: query - description: Search pattern - schema: - type: string - default: "" - - name: startIndex - in: query - description: The 1-based index of the first query result - schema: - type: integer - format: int32 - default: 0 - - name: sortBy - in: query - description: Attribute whose value will be used to order the returned response - schema: - type: string - default: inum - - name: sortOrder - in: query - description: Order in which the sortBy param is applied. Allowed values are - "ascending" and "descending" - schema: - type: string - default: ascending - - name: fieldValuePair - in: query - description: Field and value pair for seraching - schema: - type: string - default: "" - examples: - Field value example: - description: Field value example - value: "scopeType=spontaneous,defaultScope=true" + - name: limit + in: query + description: Search size - max size of the results to return + schema: + type: integer + format: int32 + default: 50 + - name: pattern + in: query + description: Search pattern + schema: + type: string + default: "" + - name: startIndex + in: query + description: The 1-based index of the first query result + schema: + type: integer + format: int32 + default: 0 + - name: sortBy + in: query + description: Attribute whose value will be used to order the returned response + schema: + type: string + default: inum + - name: sortOrder + in: query + description: Order in which the sortBy param is applied. Allowed values are + "ascending" and "descending" + schema: + type: string + default: ascending + - name: fieldValuePair + in: query + description: Field and value pair for seraching + schema: + type: string + default: "" + examples: + Field value example: + description: Field value example + value: "scopeType=spontaneous,defaultScope=true" responses: "200": description: Ok @@ -994,11 +994,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly put: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Update Webhook description: Update Webhook operationId: put-webhook @@ -1070,11 +1070,11 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write post: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Create Webhook description: Create Webhook operationId: post-webhook @@ -1146,22 +1146,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write /admin-ui/webhook/{webhookId}: delete: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Delete Webhook description: Delete Webhook operationId: delete-Webhook-by-inum parameters: - - name: webhookId - in: path - description: Webhook identifier - required: true - schema: - type: string + - name: webhookId + in: path + description: Webhook identifier + required: true + schema: + type: string responses: "204": description: No Content @@ -1182,12 +1182,12 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete /admin-ui/webhook/features: get: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Gets list of Admin UI features description: Gets list of Admin UI features operationId: get-all-features @@ -1289,22 +1289,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly /admin-ui/webhook/features/{webhookId}: get: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Gets list of Admin UI features mapped to webhookId description: Gets list of Admin UI features mapped to webhookId operationId: get-features-by-webhook-id parameters: - - name: webhookId - in: path - description: Webhook identifier - required: true - schema: - type: string + - name: webhookId + in: path + description: Webhook identifier + required: true + schema: + type: string responses: "200": description: Ok @@ -1338,22 +1338,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly /admin-ui/webhook/{featureId}: get: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Gets list of Admin UI Webhooks mapped to featureId description: Gets list of Admin UI Webhooks mapped to featureId operationId: get-webhooks-by-feature-id parameters: - - name: featureId - in: path - description: Feature identifier - required: true - schema: - type: string + - name: featureId + in: path + description: Feature identifier + required: true + schema: + type: string responses: "200": description: Ok @@ -1409,22 +1409,22 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly /admin-ui/webhook/trigger/{featureId}: post: tags: - - Admin UI - Webhooks + - Admin UI - Webhooks summary: Trigger webhooks mapped to featureId description: Trigger webhooks mapped to featureId operationId: trigger-webhook parameters: - - name: featureId - in: path - description: Admin UI feature identifier - required: true - schema: - type: string + - name: featureId + in: path + description: Admin UI feature identifier + required: true + schema: + type: string requestBody: description: Webhook object content: @@ -1487,8 +1487,8 @@ paths: schema: $ref: '#/components/schemas/GenericResponse' security: - - oauth2: - - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly + - oauth2: + - https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly components: schemas: AdminPermission: @@ -1635,8 +1635,8 @@ components: type: string WebhookEntry: required: - - displayName - - url + - displayName + - url type: object properties: dn: @@ -1696,11 +1696,11 @@ components: scopeType: type: string enum: - - openid - - dynamic - - uma - - spontaneous - - oauth + - openid + - dynamic + - uma + - spontaneous + - oauth claims: type: array items: @@ -1724,10 +1724,10 @@ components: creatorType: type: string enum: - - none - - client - - user - - auto + - none + - client + - user + - auto creationDate: type: string format: date-time @@ -1783,7 +1783,7 @@ components: type: object ShortCodeRequest: required: - - webhookId + - webhookId type: object properties: webhookId: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java index 58d8db17c74..625f1dba4b5 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java @@ -165,7 +165,8 @@ public Response getApplicationVersion(@Parameter(description = "artifact name fo } @Operation(summary = "Fetch service status", description = "Fetch service status", operationId = "get-service-status", tags = { - "Health - Check" }) + "Health - Check" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.APP_VERSION_READ_ACCESS })) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Map.class), examples = @ExampleObject(name = "Response json example", value = "example/health/service-status.json"))), @ApiResponse(responseCode = "500", description = "InternalServerError") }) From cb5c3c375faff23b56f4276b6f60f022024e4611 Mon Sep 17 00:00:00 2001 From: pujavs Date: Fri, 15 Nov 2024 15:21:08 +0530 Subject: [PATCH 02/17] fix(config-api): missing scope in spec Signed-off-by: pujavs --- .../configapi/util/ApiAccessConstants.java | 1 + .../docs/jans-config-api-swagger.yaml | 17 +++++++------- .../plugins/docs/kc-saml-plugin-swagger.yaml | 2 +- .../plugin/saml/rest/IdpResource.java | 2 +- .../default/config-api-test.properties | 2 +- .../profiles/jans-ui.jans.io/test.properties | 2 +- .../test.properties | 2 +- .../profiles/local/test.properties | 2 +- .../jans/configapi/rest/ApiApplication.java | 3 ++- .../configapi/rest/health/ApiHealthCheck.java | 4 ++-- .../rest/resource/auth/SessionResource.java | 2 +- .../main/resources/config-api-rs-protect.json | 23 +++++++++++++++++++ 12 files changed, 44 insertions(+), 18 deletions(-) diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java index 1b68e71d69e..b21942b2a09 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java @@ -97,6 +97,7 @@ private ApiAccessConstants() { public static final String CLIENT_AUTHORIZATIONS_DELETE_ACCESS = "https://jans.io/oauth/client/authorizations.delete"; public static final String APP_VERSION_READ_ACCESS = "https://jans.io/oauth/config/app-version.readonly"; + public static final String APP_DATA_READ_ACCESS = "https://jans.io/oauth/config/data.readonly"; public static final String JANS_ASSET_READ_ACCESS = "https://jans.io/oauth/config/jans_asset-read"; public static final String JANS_ASSET_WRITE_ACCESS = "https://jans.io/oauth/config/jans_asset-write"; diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index eb2ba747d23..41e209bdf96 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -190,7 +190,7 @@ paths: description: InternalServerError security: - oauth2: - - https://jans.io/oauth/config/app-version.readonly + - https://jans.io/oauth/config/data.readonly /api/v1/acrs: get: tags: @@ -7844,7 +7844,7 @@ paths: examples: Field value example: description: Field value example - value: "applicationType=web,persistClientAuthorizations=true" + value: "userDn=d5552516-4436-4908-ab36-3e9725246304,expirationDate>2025-09-25,expirationDate<2026-10-15" responses: "200": description: Ok @@ -9270,18 +9270,18 @@ components: type: string selected: type: boolean + userCanView: + type: boolean userCanEdit: type: boolean adminCanEdit: type: boolean - userCanView: - type: boolean adminCanView: type: boolean - userCanAccess: - type: boolean adminCanAccess: type: boolean + userCanAccess: + type: boolean whitePagesCanView: type: boolean baseDn: @@ -10131,6 +10131,8 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' + fapi: + type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -10140,8 +10142,6 @@ components: - code - token - id_token - fapi: - type: boolean AuthenticationFilter: required: - baseDn @@ -12007,3 +12007,4 @@ components: https://jans.io/oauth/config/token.readonly: View Token details https://jans.io/oauth/config/token.write: Manage Token details https://jans.io/oauth/config/token.delete: Delete Token details + https://jans.io/oauth/config/data.readonly: View Config-API related data diff --git a/jans-config-api/plugins/docs/kc-saml-plugin-swagger.yaml b/jans-config-api/plugins/docs/kc-saml-plugin-swagger.yaml index 275dd70d830..847e773bd11 100644 --- a/jans-config-api/plugins/docs/kc-saml-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/kc-saml-plugin-swagger.yaml @@ -342,7 +342,7 @@ paths: examples: Field value example: description: Field value example - value: "applicationType=web,persistClientAuthorizations=true" + value: "displayName=saml-idp,realm=jans" responses: "200": description: Ok diff --git a/jans-config-api/plugins/kc-saml-plugin/src/main/java/io/jans/configapi/plugin/saml/rest/IdpResource.java b/jans-config-api/plugins/kc-saml-plugin/src/main/java/io/jans/configapi/plugin/saml/rest/IdpResource.java index 3d0394a09a2..93eb9e69ae1 100644 --- a/jans-config-api/plugins/kc-saml-plugin/src/main/java/io/jans/configapi/plugin/saml/rest/IdpResource.java +++ b/jans-config-api/plugins/kc-saml-plugin/src/main/java/io/jans/configapi/plugin/saml/rest/IdpResource.java @@ -84,7 +84,7 @@ public Response getAllSamlIdentityProvider( @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, @Parameter(description = "Attribute whose value will be used to order the returned response") @DefaultValue(ApiConstants.INUM) @QueryParam(value = ApiConstants.SORT_BY) String sortBy, @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder, - @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "applicationType=web,persistClientAuthorizations=true")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) + @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "displayName=saml-idp,realm=jans")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) { if (log.isDebugEnabled()) { log.debug( diff --git a/jans-config-api/profiles/default/config-api-test.properties b/jans-config-api/profiles/default/config-api-test.properties index 15557297376..c4f684339b9 100644 --- a/jans-config-api/profiles/default/config-api-test.properties +++ b/jans-config-api/profiles/default/config-api-test.properties @@ -1,7 +1,7 @@ # The URL of your Jans installation test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/jans-ui.jans.io/test.properties b/jans-config-api/profiles/jans-ui.jans.io/test.properties index 4c8e8e5b093..9ac9ed9ff96 100644 --- a/jans-config-api/profiles/jans-ui.jans.io/test.properties +++ b/jans-config-api/profiles/jans-ui.jans.io/test.properties @@ -1,4 +1,4 @@ -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly # Test env Setting token.endpoint=https://jans-ui.jans.io/jans-auth/restv1/token diff --git a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties index 641b24c002c..6b28bb32e87 100644 --- a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties +++ b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties @@ -1,6 +1,6 @@ test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/local/test.properties b/jans-config-api/profiles/local/test.properties index f3160ab4272..8a79e78803f 100644 --- a/jans-config-api/profiles/local/test.properties +++ b/jans-config-api/profiles/local/test.properties @@ -1,5 +1,5 @@ #LOCAL -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly # jans.server token.endpoint=https://jans.server3/jans-auth/restv1/token diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java index b358176178c..9b09e824d6c 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java @@ -117,7 +117,8 @@ @OAuthScope(name = ApiAccessConstants.JANS_ASSET_DELETE_ACCESS, description = "Delete Jans Assets"), @OAuthScope(name = ApiAccessConstants.TOKEN_READ_ACCESS, description = "View Token details"), @OAuthScope(name = ApiAccessConstants.TOKEN_WRITE_ACCESS, description = "Manage Token details"), - @OAuthScope(name = ApiAccessConstants.TOKEN_DELETE_ACCESS, description = "Delete Token details") + @OAuthScope(name = ApiAccessConstants.TOKEN_DELETE_ACCESS, description = "Delete Token details"), + @OAuthScope(name = ApiAccessConstants.APP_DATA_READ_ACCESS, description = "View Config-API related data") } ))) diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java index 625f1dba4b5..427936b4882 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java @@ -166,12 +166,12 @@ public Response getApplicationVersion(@Parameter(description = "artifact name fo @Operation(summary = "Fetch service status", description = "Fetch service status", operationId = "get-service-status", tags = { "Health - Check" }, security = @SecurityRequirement(name = "oauth2", scopes = { - ApiAccessConstants.APP_VERSION_READ_ACCESS })) + ApiAccessConstants.APP_DATA_READ_ACCESS })) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Map.class), examples = @ExampleObject(name = "Response json example", value = "example/health/service-status.json"))), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @GET - @ProtectedApi(scopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }, groupScopes = {}, superScopes = {}) + @ProtectedApi(scopes = { ApiAccessConstants.APP_DATA_READ_ACCESS }, groupScopes = {}, superScopes = {ApiAccessConstants.SUPER_ADMIN_READ_ACCESS}) @Path(ApiConstants.SERVICE_STATUS_PATH) public Response getServiceStatus( @Parameter(description = "Service name to check status") @DefaultValue(ApiConstants.ALL) @QueryParam(value = ApiConstants.JANS_SERVICE_NAME) String service) { diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java index f00012b955a..0185baf5248 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java @@ -87,7 +87,7 @@ public Response searchSessionEntries( @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, @Parameter(description = "Attribute whose value will be used to order the returned response") @DefaultValue(ApiConstants.JANSID) @QueryParam(value = ApiConstants.SORT_BY) String sortBy, @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder, - @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "applicationType=web,persistClientAuthorizations=true")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) { + @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "userDn=d5552516-4436-4908-ab36-3e9725246304,expirationDate>2025-09-25,expirationDate<2026-10-15")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) { if (logger.isInfoEnabled()) { logger.info( "Session serach param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}, fieldValuePair:{}", diff --git a/jans-config-api/server/src/main/resources/config-api-rs-protect.json b/jans-config-api/server/src/main/resources/config-api-rs-protect.json index 3676e7897a1..c60f237e62e 100644 --- a/jans-config-api/server/src/main/resources/config-api-rs-protect.json +++ b/jans-config-api/server/src/main/resources/config-api-rs-protect.json @@ -2850,6 +2850,29 @@ } ] }, + { + "path": "/jans-config-api/api/v1/health/service-status", + "conditions": [ + { + "httpMethods": [ + "GET" + ], + "scopes": [ + { + "inum": "1800.01.90", + "name": "https://jans.io/oauth/config/data.readonly" + } + ], + "groupScopes": [], + "superScopes": [ + { + "inum": "1800.03.1", + "name": "https://jans.io/oauth/config/read-all" + } + ] + } + ] + }, { "path": "/jans-config-api/kc-link/kcLinkConfig", "conditions": [ From de1a91bd9d4b8ac0e085c57da7b4c46f58d61d38 Mon Sep 17 00:00:00 2001 From: pujavs Date: Mon, 18 Nov 2024 14:16:46 +0530 Subject: [PATCH 03/17] feat(Config-api): sync with main Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 41e209bdf96..6acf911474e 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9270,19 +9270,19 @@ components: type: string selected: type: boolean + whitePagesCanView: + type: boolean + adminCanEdit: + type: boolean userCanView: type: boolean userCanEdit: type: boolean - adminCanEdit: - type: boolean adminCanView: type: boolean - adminCanAccess: - type: boolean userCanAccess: type: boolean - whitePagesCanView: + adminCanAccess: type: boolean baseDn: type: string @@ -11249,14 +11249,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: @@ -11685,10 +11685,10 @@ components: ttl: type: integer format: int32 - persisted: - type: boolean opbrowserState: type: string + persisted: + type: boolean SessionIdAccessMap: type: object properties: From e4f641a66fa2c5cc5e97894525c34ac560c7d66a Mon Sep 17 00:00:00 2001 From: pujavs Date: Wed, 20 Nov 2024 13:49:47 +0530 Subject: [PATCH 04/17] feat(config-api): server app status Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 18 +++++++++--------- .../configapi/rest/health/ApiHealthCheck.java | 4 ++-- .../resource/auth/CustomScriptResource.java | 5 +++-- .../service/status/StatusCheckerTimer.java | 6 +++--- 4 files changed, 17 insertions(+), 16 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 41e209bdf96..aa0617ec367 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -171,7 +171,7 @@ paths: content: application/json: schema: - type: string + $ref: '#/components/schemas/JsonNode' examples: Response json example: description: Response json example @@ -9270,13 +9270,13 @@ components: type: string selected: type: boolean - userCanView: - type: boolean - userCanEdit: + adminCanView: type: boolean adminCanEdit: type: boolean - adminCanView: + userCanView: + type: boolean + userCanEdit: type: boolean adminCanAccess: type: boolean @@ -11249,14 +11249,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: @@ -11685,10 +11685,10 @@ components: ttl: type: integer format: int32 - persisted: - type: boolean opbrowserState: type: string + persisted: + type: boolean SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java index 427936b4882..84288edb07a 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java @@ -168,7 +168,7 @@ public Response getApplicationVersion(@Parameter(description = "artifact name fo "Health - Check" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.APP_DATA_READ_ACCESS })) @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Map.class), examples = @ExampleObject(name = "Response json example", value = "example/health/service-status.json"))), + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = JsonNode.class), examples = @ExampleObject(name = "Response json example", value = "example/health/service-status.json"))), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @GET @ProtectedApi(scopes = { ApiAccessConstants.APP_DATA_READ_ACCESS }, groupScopes = {}, superScopes = {ApiAccessConstants.SUPER_ADMIN_READ_ACCESS}) @@ -179,7 +179,7 @@ public Response getServiceStatus( logger.info("Fetch ServiceStatus info - service:{}", escapeLog(service)); } - Map serviceStatus = statusCheckerTimer.getServiceStatus(service); + JsonNode serviceStatus = statusCheckerTimer.getServiceStatus(service); logger.debug("serviceStatus:{}", serviceStatus); return Response.ok(serviceStatus).build(); } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/CustomScriptResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/CustomScriptResource.java index c20062ebb5d..3c97d470a8a 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/CustomScriptResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/CustomScriptResource.java @@ -480,7 +480,7 @@ private void removeAuthenticationMethod() { private CustomScript updateFileTypeCustomScript(CustomScript customScript) { logger.info("Handling CustomScript if location type is File - customScript:{}", customScript); - // Handling for File type customScript + // Note File type customScript is intended only for dev if (customScript == null) { return customScript; } @@ -491,10 +491,11 @@ private CustomScript updateFileTypeCustomScript(CustomScript customScript) { if (StringUtils.isNotBlank(customScript.getLocationPath())) { fileName = fileName + FilenameUtils.getName(customScript.getLocationPath()); customScript.setLocationPath(fileName); + customScript.setScript(null); } } - logger.info("Handling CustomScript if location type is File - customScript.getLocationType().getValue():{}, customScript.getLocationPath():{}", customScript.getLocationType().getValue(), customScript.getLocationPath()); + logger.info("\n\n Handling CustomScript if location type is File - customScript.getLocationType().getValue():{}, customScript.getLocationPath():{}", customScript.getLocationType().getValue(), customScript.getLocationPath()); return customScript; } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index 8647908ba25..545255e743b 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -212,12 +212,12 @@ public JsonNode getAppVersionData(String artifact) { return appVersion; } - public Map getServiceStatus(String serviceName) { + public JsonNode getServiceStatus(String serviceName) { if (log.isInfoEnabled()) { log.info("Getting status for serviceName:{}", escapeLog(serviceName)); } - Map serviceStatus = null; + JsonNode serviceStatus = null; ObjectMapper mapper = new ObjectMapper(); if (!isLinux()) { return serviceStatus; @@ -242,7 +242,7 @@ public Map getServiceStatus(String serviceName) { log.info("resultOutput:{}", resultOutput); if (StringUtils.isNotBlank(resultOutput)) { - serviceStatus = mapper.readValue(resultOutput, Map.class); + serviceStatus = mapper.readValue(resultOutput, JsonNode.class); } } catch (UnsupportedEncodingException uex) { From ca630c8b87e23b3c5a626b52d1e0f0423c30db1e Mon Sep 17 00:00:00 2001 From: pujavs Date: Wed, 20 Nov 2024 14:10:59 +0530 Subject: [PATCH 05/17] feat(config-api): server app status Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 27 ++++++++++++------- .../plugins/docs/user-mgt-plugin-swagger.yaml | 4 +-- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index aa0617ec367..59cddc5bb67 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -4615,6 +4615,7 @@ paths: - uma_rpt_policy - uma_rpt_claims - uma_claims_gathering + - access_evaluation - consent_gathering - dynamic_scope - spontaneous_scope @@ -9268,21 +9269,21 @@ components: $ref: '#/components/schemas/AttributeValidation' tooltip: type: string - selected: - type: boolean - adminCanView: + whitePagesCanView: type: boolean - adminCanEdit: + selected: type: boolean userCanView: type: boolean userCanEdit: type: boolean - adminCanAccess: + adminCanView: + type: boolean + adminCanEdit: type: boolean userCanAccess: type: boolean - whitePagesCanView: + adminCanAccess: type: boolean baseDn: type: string @@ -9366,6 +9367,10 @@ components: type: string mtlsDeviceAuthzEndpoint: type: string + accessEvaluationAllowBasicClientAuthorization: + type: boolean + accessEvaluationScriptName: + type: string requireRequestObjectEncryption: type: boolean requirePkce: @@ -10097,6 +10102,7 @@ components: - METRIC - STAT - PAR + - ACCESS_EVALUATION - SSA httpLoggingEnabled: type: boolean @@ -10908,10 +10914,10 @@ components: type: array items: type: object - value: - type: object displayValue: type: string + value: + type: object LocalizedString: type: object properties: @@ -11201,6 +11207,7 @@ components: - uma_rpt_policy - uma_rpt_claims - uma_claims_gathering + - access_evaluation - consent_gathering - dynamic_scope - spontaneous_scope @@ -11685,10 +11692,10 @@ components: ttl: type: integer format: int32 - opbrowserState: - type: string persisted: type: boolean + opbrowserState: + type: string SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml index a23d9c4e828..9113a738b01 100644 --- a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml @@ -863,10 +863,10 @@ components: type: array items: type: object - value: - type: object displayValue: type: string + value: + type: object CustomUser: type: object properties: From bb7c3ad0f45c7fe8b62580066382299ab001d751 Mon Sep 17 00:00:00 2001 From: pujavs Date: Mon, 2 Dec 2024 22:23:37 +0530 Subject: [PATCH 06/17] feat(config-api): agama repo endpoin -wip Signed-off-by: pujavs --- .../configuration/ApiAppConfiguration.java | 64 ++++++++--- .../configapi/util/ApiAccessConstants.java | 4 + .../io/jans/configapi/util/ApiConstants.java | 1 + .../docs/jans-config-api-swagger.yaml | 64 +++++++++-- .../plugins/docs/user-mgt-plugin-swagger.yaml | 4 +- .../default/config-api-test.properties | 2 +- .../profiles/jans-ui.jans.io/test.properties | 2 +- .../test.properties | 2 +- .../profiles/local/test.properties | 2 +- .../jans/configapi/rest/ApiApplication.java | 1 + .../rest/resource/auth/AgamaRepoResource.java | 104 ++++++++++++++++++ .../security/client/AuthClientFactory.java | 30 ++++- .../service/auth/AgamaRepoService.java | 52 +++++++++ .../main/resources/config-api-rs-protect.json | 28 +++++ .../jans-config-api/dynamic-conf.json | 3 + 15 files changed, 330 insertions(+), 33 deletions(-) create mode 100644 jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java create mode 100644 jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java index 4753bb6f285..a1f37fbd419 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java @@ -58,6 +58,15 @@ public class ApiAppConfiguration implements Configuration { @Schema(description = "Jans URL of the OpenID Connect Provider's OAuth 2.0 Revoke Token Endpoint.") private String authOpenidRevokeUrl; + @Schema(description = "Agama project prefix.") + private String agamaProjectPrefix; + + @Schema(description = "Agama project repository URL.") + private String agamaRepositoryURL; + + @Schema(description = "Agama project repository URL for latest URL.") + private String agamaLatestRepositoryURL; + @Schema(description = "List of oAuth scope that can be validity for an access tokens only by underlying Jans Auth server.") private List exclusiveAuthScopes; @@ -231,6 +240,30 @@ public void setAuthOpenidRevokeUrl(String authOpenidRevokeUrl) { this.authOpenidRevokeUrl = authOpenidRevokeUrl; } + public String getAgamaProjectPrefix() { + return agamaProjectPrefix; + } + + public void setAgamaProjectPrefix(String agamaProjectPrefix) { + this.agamaProjectPrefix = agamaProjectPrefix; + } + + public String getAgamaRepositoryURL() { + return agamaRepositoryURL; + } + + public void setAgamaRepositoryURL(String agamaRepositoryURL) { + this.agamaRepositoryURL = agamaRepositoryURL; + } + + public String getAgamaLatestRepositoryURL() { + return agamaLatestRepositoryURL; + } + + public void setAgamaLatestRepositoryURL(String agamaLatestRepositoryURL) { + this.agamaLatestRepositoryURL = agamaLatestRepositoryURL; + } + public List getExclusiveAuthScopes() { return exclusiveAuthScopes; } @@ -285,7 +318,7 @@ public int getMaxCount() { public void setMaxCount(int maxCount) { this.maxCount = maxCount; - if(this.maxCount<=0) { + if (this.maxCount <= 0) { this.maxCount = ApiConstants.DEFAULT_MAX_COUNT; } } @@ -360,18 +393,19 @@ public String toString() { + ", disableLoggerTimer=" + disableLoggerTimer + ", disableAuditLogger=" + disableAuditLogger + ", customAttributeValidationEnabled=" + customAttributeValidationEnabled + ", acrValidationEnabled=" + acrValidationEnabled + ", apiApprovedIssuer=" + apiApprovedIssuer + ", apiProtectionType=" - + apiProtectionType + ", apiClientId=" + apiClientId - + ", endpointInjectionEnabled=" + endpointInjectionEnabled + ", authIssuerUrl=" + authIssuerUrl - + ", authOpenidConfigurationUrl=" + authOpenidConfigurationUrl + ", authOpenidIntrospectionUrl=" - + authOpenidIntrospectionUrl + ", authOpenidTokenUrl=" + authOpenidTokenUrl + ", authOpenidRevokeUrl=" - + authOpenidRevokeUrl + ", exclusiveAuthScopes=" + exclusiveAuthScopes + ", corsConfigurationFilters=" - + corsConfigurationFilters + ", loggingLevel=" + loggingLevel + ", loggingLayout=" + loggingLayout - + ", externalLoggerConfiguration=" + externalLoggerConfiguration + ", disableJdkLogger=" - + disableJdkLogger + ", maxCount=" + maxCount + ", acrExclusionList=" + acrExclusionList - + ", userExclusionAttributes=" + userExclusionAttributes + ", userMandatoryAttributes=" - + userMandatoryAttributes + ", agamaConfiguration=" + agamaConfiguration + ", auditLogConf=" - + auditLogConf + ", dataFormatConversionConf=" + dataFormatConversionConf + ", plugins=" + plugins - + ", assetMgtConfiguration=" + assetMgtConfiguration + "]"; - } - + + apiProtectionType + ", apiClientId=" + apiClientId + ", endpointInjectionEnabled=" + + endpointInjectionEnabled + ", authIssuerUrl=" + authIssuerUrl + ", authOpenidConfigurationUrl=" + + authOpenidConfigurationUrl + ", authOpenidIntrospectionUrl=" + authOpenidIntrospectionUrl + + ", authOpenidTokenUrl=" + authOpenidTokenUrl + ", authOpenidRevokeUrl=" + authOpenidRevokeUrl + + ", agamaProjectPrefix=" + agamaProjectPrefix + ", agamaRepositoryURL=" + agamaRepositoryURL + + ", agamaLatestRepositoryURL=" + agamaLatestRepositoryURL + ", exclusiveAuthScopes=" + + exclusiveAuthScopes + ", corsConfigurationFilters=" + corsConfigurationFilters + ", loggingLevel=" + + loggingLevel + ", loggingLayout=" + loggingLayout + ", externalLoggerConfiguration=" + + externalLoggerConfiguration + ", disableJdkLogger=" + disableJdkLogger + ", maxCount=" + maxCount + + ", acrExclusionList=" + acrExclusionList + ", userExclusionAttributes=" + userExclusionAttributes + + ", userMandatoryAttributes=" + userMandatoryAttributes + ", agamaConfiguration=" + agamaConfiguration + + ", auditLogConf=" + auditLogConf + ", dataFormatConversionConf=" + dataFormatConversionConf + + ", plugins=" + plugins + ", assetMgtConfiguration=" + assetMgtConfiguration + "]"; + } + } diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java index b21942b2a09..3287da5add7 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java @@ -69,6 +69,10 @@ private ApiAccessConstants() { public static final String AGAMA_READ_ACCESS = "https://jans.io/oauth/config/agama.readonly"; public static final String AGAMA_WRITE_ACCESS = "https://jans.io/oauth/config/agama.write"; public static final String AGAMA_DELETE_ACCESS = "https://jans.io/oauth/config/agama.delete"; + + public static final String AGAMA_REPO_READ_ACCESS = "https://jans.io/oauth/config/agama-repo.readonly"; + public static final String AGAMA_REPO_WRITE_ACCESS = "https://jans.io/oauth/config/agama-repo.write"; + public static final String JANS_AUTH_SESSION_READ_ACCESS = "https://jans.io/oauth/jans-auth-server/session.readonly"; public static final String JANS_AUTH_SESSION_DELETE_ACCESS = "https://jans.io/oauth/jans-auth-server/session.delete"; diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java index 20226b21cb4..e3b8011d92e 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java @@ -101,6 +101,7 @@ private ApiConstants() {} public static final String USERDN_PATH = "/{userDn}"; public static final String AGAMA = "/agama"; public static final String AGAMA_DEPLOYMENTS = "/agama-deployment"; + public static final String AGAMA_REPO = "/agama-repo"; public static final String QNAME_PATH = "{qname}"; public static final String ENABLED = "enabled"; public static final String QNAME = "qname"; diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 9dc96231226..675579d3fea 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -497,6 +497,37 @@ paths: security: - oauth2: - https://jans.io/oauth/config/agama.readonly + /api/v1/agama-repo: + get: + tags: + - Agama + summary: Gets all agama repositories. + description: Gets all agama repositories. + operationId: get-agama-repositories + responses: + "200": + description: Agama repositories + content: + application/json: + schema: + $ref: '#/components/schemas/JsonNode' + examples: + Response json example: + description: Response json example + value: "" + "204": + description: No Content + "401": + description: Unauthorized + "404": + description: Not Found + "500": + description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/config/agama-repo.readonly + - https://jans.io/oauth/config/agama-repo.write + - https://jans.io/oauth/config/read-all /api/v1/agama/syntax-check/{qname}: post: tags: @@ -9271,19 +9302,19 @@ components: type: string selected: type: boolean - adminCanAccess: - type: boolean adminCanView: type: boolean adminCanEdit: type: boolean - userCanAccess: + userCanEdit: type: boolean userCanView: type: boolean - whitePagesCanView: + adminCanAccess: type: boolean - userCanEdit: + userCanAccess: + type: boolean + whitePagesCanView: type: boolean baseDn: type: string @@ -9820,6 +9851,8 @@ components: type: string shareSubjectIdBetweenClientsWithSameSectorId: type: boolean + useOpenidSubAttributeValueForPairwiseLocalAccountId: + type: boolean webKeysStorage: type: string enum: @@ -10137,8 +10170,6 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' - fapi: - type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -10148,6 +10179,8 @@ components: - code - token - id_token + fapi: + type: boolean AuthenticationFilter: required: - baseDn @@ -10914,10 +10947,10 @@ components: type: array items: type: object - displayValue: - type: string value: type: object + displayValue: + type: string LocalizedString: type: object properties: @@ -11000,6 +11033,15 @@ components: type: string description: Jans URL of the OpenID Connect Provider's OAuth 2.0 Revoke Token Endpoint. + agamaProjectPrefix: + type: string + description: Agama project prefix. + agamaRepositoryURL: + type: string + description: Agama project repository URL. + agamaLatestRepositoryURL: + type: string + description: Agama project repository URL for latest URL. exclusiveAuthScopes: type: array description: List of oAuth scope that can be validity for an access tokens @@ -11256,14 +11298,14 @@ components: type: boolean internal: type: boolean + locationPath: + type: string locationType: type: string enum: - ldap - db - file - locationPath: - type: string baseDn: type: string ScriptError: diff --git a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml index 9113a738b01..a23d9c4e828 100644 --- a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml @@ -863,10 +863,10 @@ components: type: array items: type: object - displayValue: - type: string value: type: object + displayValue: + type: string CustomUser: type: object properties: diff --git a/jans-config-api/profiles/default/config-api-test.properties b/jans-config-api/profiles/default/config-api-test.properties index c4f684339b9..f36b9533c7f 100644 --- a/jans-config-api/profiles/default/config-api-test.properties +++ b/jans-config-api/profiles/default/config-api-test.properties @@ -1,7 +1,7 @@ # The URL of your Jans installation test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly https://jans.io/oauth/config/agama-repo.readonly https://jans.io/oauth/config/agama-repo.write token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/jans-ui.jans.io/test.properties b/jans-config-api/profiles/jans-ui.jans.io/test.properties index 9ac9ed9ff96..17eda339d8e 100644 --- a/jans-config-api/profiles/jans-ui.jans.io/test.properties +++ b/jans-config-api/profiles/jans-ui.jans.io/test.properties @@ -1,4 +1,4 @@ -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly https://jans.io/oauth/config/agama-repo.readonly https://jans.io/oauth/config/agama-repo.write # Test env Setting token.endpoint=https://jans-ui.jans.io/jans-auth/restv1/token diff --git a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties index 6b28bb32e87..ae285adb178 100644 --- a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties +++ b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties @@ -1,6 +1,6 @@ test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly https://jans.io/oauth/config/agama-repo.readonly https://jans.io/oauth/config/agama-repo.write token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/local/test.properties b/jans-config-api/profiles/local/test.properties index 8a79e78803f..b8acda48604 100644 --- a/jans-config-api/profiles/local/test.properties +++ b/jans-config-api/profiles/local/test.properties @@ -1,5 +1,5 @@ #LOCAL -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/data.readonly https://jans.io/oauth/config/agama-repo.readonly https://jans.io/oauth/config/agama-repo.write # jans.server token.endpoint=https://jans.server3/jans-auth/restv1/token diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java index 9b09e824d6c..dcf49353f4d 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java @@ -163,6 +163,7 @@ public Set> getClasses() { classes.add(ConfigApiResource.class); classes.add(ClientAuthResource.class); classes.add(TokenResource.class); + classes.add(AgamaRepoResource.class); log.info("appConfiguration:{}",appConfiguration ); if(appConfiguration!=null && appConfiguration.getAssetMgtConfiguration()!=null && appConfiguration.getAssetMgtConfiguration().isAssetMgtEnabled()) { diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java new file mode 100644 index 00000000000..b9d593da06c --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -0,0 +1,104 @@ +/* + * Janssen Project software is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. + * + * Copyright (c) 2020, Janssen Project + */ + +package io.jans.configapi.rest.resource.auth; + +import com.fasterxml.jackson.databind.JsonNode; + + +import io.jans.configapi.core.rest.ProtectedApi; +import io.jans.configapi.model.configuration.ApiAppConfiguration; +import io.jans.configapi.service.auth.AgamaRepoService; +import io.jans.configapi.service.auth.ConfigurationService; +import io.jans.configapi.util.ApiAccessConstants; +import io.jans.configapi.util.ApiConstants; +import io.jans.orm.model.PagedResult; + +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.ExampleObject; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.responses.ApiResponse; +import io.swagger.v3.oas.annotations.responses.ApiResponses; +import io.swagger.v3.oas.annotations.security.*; + +import static io.jans.as.model.util.Util.escapeLog; + + +import jakarta.inject.Inject; +import jakarta.validation.constraints.NotNull; +import jakarta.ws.rs.*; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; + +import org.slf4j.Logger; + +/** + * @author Puja Sharma + */ +@Path(ApiConstants.AGAMA_REPO) +@Consumes(MediaType.APPLICATION_JSON) +@Produces(MediaType.APPLICATION_JSON) +public class AgamaRepoResource extends ConfigBaseResource { + + private class AgamaRepoPagedResult extends PagedResult { + }; + + @Inject + Logger log; + + @Inject + private ApiAppConfiguration appConfiguration; + + @Inject + ConfigurationService configurationService; + + @Inject + AgamaRepoService agamaRepoService; + + @Operation(summary = "Gets all agama repositories.", description = "Gets all agama repositories.", operationId = "get-agama-repositories", tags = { + "Agama" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.AGAMA_REPO_READ_ACCESS, ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS, + ApiAccessConstants.SUPER_ADMIN_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Agama repositories", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = JsonNode.class), examples = @ExampleObject(name = "Response json example", value = "example/agama/agama-repo-get.json"))), + @ApiResponse(responseCode = "204", description = "No Content"), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { + ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Produces(MediaType.APPLICATION_JSON) + public Response getAllAgamaRepositories() { + return Response.ok(agamaRepoService.getAllAgamaRepositories()).build(); + } + + @Operation(summary = "Gets Agama project latest release.", description = "Gets Agama project latest release.", operationId = "get-agama-project-latest-release", tags = { + "Agama" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.AGAMA_REPO_READ_ACCESS, ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS, + ApiAccessConstants.SUPER_ADMIN_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Agama project latest release info", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = JsonNode.class), examples = @ExampleObject(name = "Response json example", value = "example/agama/agama-prj-repo-get.json"))), + @ApiResponse(responseCode = "204", description = "No Content"), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { + ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Produces(MediaType.APPLICATION_JSON) + public Response getAgamaProjectLatestRelease( + @Parameter(description = "Agama Projetc Rrepository Name") @PathParam(ApiConstants.NAME) @NotNull String repositoryName) { + + if (logger.isInfoEnabled()) { + logger.info("Custom Script to be fetched based on type - repositoryName:{} ", escapeLog(repositoryName)); + } + return Response.ok(agamaRepoService.getAgamaProjectLatestRepository(repositoryName)).build(); + } + +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java index e94091e1010..9edd2f65635 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java @@ -17,6 +17,7 @@ import io.jans.as.client.RevokeSessionRequest; import io.jans.as.client.TokenRequest; import io.jans.as.client.TokenResponse; +import io.jans.configapi.core.util.Jackson; import io.jans.as.client.service.IntrospectionService; import io.jans.as.model.common.GrantType; import io.jans.as.model.common.IntrospectionResponse; @@ -24,7 +25,6 @@ import static io.jans.as.model.jwk.JWKParameter.JSON_WEB_KEY_SET; -import io.jans.configapi.core.util.Jackson; import org.apache.commons.lang3.StringUtils; import org.json.JSONObject; @@ -35,6 +35,8 @@ import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.MultivaluedHashMap; import jakarta.ws.rs.core.Response; + +import java.util.List; import org.eclipse.microprofile.rest.client.annotation.RegisterProvider; import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget; import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine; @@ -88,6 +90,32 @@ public static JsonNode getHealthCheckResponse(String url) { } return null; } + + public static JsonNode getAllAgamaRepositories(String url) { + log.info("Get Agama Repositories - , url:{} ", url); + Builder clientRequest = getClientBuilder(url); + clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); + Response healthResponse = clientRequest.get(); + if (healthResponse.getStatus() == 200) { + JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); + log.trace("Agama Repositories response is - jsonNode:{}", jsonNode); + return jsonNode; + } + return null; + } + + public static JsonNode getAgamaProjectLatestRelease(String url) { + log.info("Get Agama Project Latest Release - , url:{} ", url); + Builder clientRequest = getClientBuilder(url); + clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); + Response healthResponse = clientRequest.get(); + if (healthResponse.getStatus() == 200) { + JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); + log.trace("Agama Agama Project Latest Release response is - jsonNode:{}", jsonNode); + return jsonNode; + } + return null; + } public static TokenResponse requestAccessToken(final String tokenUrl, final String clientId, final String clientSecret, final String scope) { diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java new file mode 100644 index 00000000000..87a9c244f88 --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -0,0 +1,52 @@ +package io.jans.configapi.service.auth; + +import com.fasterxml.jackson.databind.JsonNode; + +import io.jans.configapi.model.configuration.ApiAppConfiguration; +import io.jans.configapi.security.client.AuthClientFactory; + +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; +import org.slf4j.Logger; + +@ApplicationScoped +public class AgamaRepoService { + + @Inject + private Logger logger; + + @Inject + private ApiAppConfiguration appConfiguration; + + @Inject + AuthClientFactory authClientFactory; + + public JsonNode getAllAgamaRepositories() { + return AuthClientFactory.getAllAgamaRepositories(getAgamaFormatedRepositoryURL()); + } + + public JsonNode getAgamaProjectLatestRepository(String projectName) { + return AuthClientFactory.getAgamaProjectLatestRelease(getAgamaProjectFormatedRepositoryURL(projectName)); + } + + public String getAgamaFormatedRepositoryURL() { + return String.format(getAgamaRepositoryURL(), getAgamaProjectPrefix()); + } + + public String getAgamaProjectFormatedRepositoryURL(String projectName) { + return String.format(getAgamaLatestRepositoryURL(), projectName); + } + + public String getAgamaProjectPrefix() { + return this.appConfiguration.getAgamaProjectPrefix(); + } + + public String getAgamaRepositoryURL() { + return this.appConfiguration.getAgamaRepositoryURL(); + } + + public String getAgamaLatestRepositoryURL() { + return this.appConfiguration.getAgamaLatestRepositoryURL(); + } + +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/config-api-rs-protect.json b/jans-config-api/server/src/main/resources/config-api-rs-protect.json index c60f237e62e..71e6189a377 100644 --- a/jans-config-api/server/src/main/resources/config-api-rs-protect.json +++ b/jans-config-api/server/src/main/resources/config-api-rs-protect.json @@ -3290,6 +3290,34 @@ ] } ] + }, + { + "path": "/jans-config-api/api/v1/agama-repo", + "conditions": [ + { + "httpMethods": [ + "GET" + ], + "scopes": [ + { + "inum": "1800.01.91", + "name": "https://jans.io/oauth/config/agama-repo.readonly" + } + ], + "groupScopes": [ + { + "inum": "1800.01.92", + "name": "https://jans.io/oauth/config/agama-repo.write" + } + ], + "superScopes": [ + { + "inum": "1800.03.1", + "name": "https://jans.io/oauth/config/read-all" + } + ] + } + ] } ] } \ No newline at end of file diff --git a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json index 22919ca6e8a..36a8baebfa9 100644 --- a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json +++ b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json @@ -15,6 +15,9 @@ "authOpenidIntrospectionUrl": "${introspectionEndpoint}", "authOpenidTokenUrl": "${tokenEndpoint}", "authOpenidRevokeUrl": "${tokenRevocationEndpoint}", + "agamaProjectPrefix": "agama-", + "agamaRepositoryURL": "https://github.com/orgs/GluuFederation/repositories?q=%s", + "agamaLatestRepositoryURL": "https://api.github.com/repos/GluuFederation/%s/releases/latest", "disableJdkLogger": true, "loggingLevel": "INFO", "loggingLayout": "text", From c89db59b4417ed669037e9ac4f768681c0ae85c7 Mon Sep 17 00:00:00 2001 From: pujavs Date: Thu, 5 Dec 2024 15:34:12 +0530 Subject: [PATCH 07/17] feat(config-api): sync with main Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 14 +++---- .../rest/resource/auth/AgamaRepoResource.java | 2 +- .../security/client/AuthClientFactory.java | 38 ++++++++++++------- .../service/auth/AgamaRepoService.java | 2 +- .../service/status/StatusCheckerTimer.java | 1 + 5 files changed, 34 insertions(+), 23 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 675579d3fea..40083cb3a65 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9302,19 +9302,19 @@ components: type: string selected: type: boolean + whitePagesCanView: + type: boolean + userCanView: + type: boolean adminCanView: type: boolean adminCanEdit: type: boolean userCanEdit: type: boolean - userCanView: - type: boolean - adminCanAccess: - type: boolean userCanAccess: type: boolean - whitePagesCanView: + adminCanAccess: type: boolean baseDn: type: string @@ -11298,14 +11298,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java index b9d593da06c..a2dcae352a3 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -74,7 +74,7 @@ private class AgamaRepoPagedResult extends PagedResult { @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) @Produces(MediaType.APPLICATION_JSON) - public Response getAllAgamaRepositories() { + public Response getAllAgamaRepositories() throws Exception { return Response.ok(agamaRepoService.getAllAgamaRepositories()).build(); } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java index 9edd2f65635..facb75a0022 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java @@ -81,7 +81,7 @@ public static JsonNode getStatResponse(String url, String token, String month, S public static JsonNode getHealthCheckResponse(String url) { log.debug("HealthCheck - , url:{} ", url); Builder clientRequest = getClientBuilder(url); - clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); + clientRequest.header(CONTENT_TYPE, MediaType.TEXT_HTML); Response healthResponse = clientRequest.get(); if (healthResponse.getStatus() == 200) { JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); @@ -91,27 +91,37 @@ public static JsonNode getHealthCheckResponse(String url) { return null; } - public static JsonNode getAllAgamaRepositories(String url) { - log.info("Get Agama Repositories - , url:{} ", url); + public static JsonNode getAllAgamaRepositories(String url) throws Exception{ + log.error("\n\n\n TEXT_HTML Get Agama Repositories - url:{} ", url); Builder clientRequest = getClientBuilder(url); - clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); - Response healthResponse = clientRequest.get(); - if (healthResponse.getStatus() == 200) { - JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); - log.trace("Agama Repositories response is - jsonNode:{}", jsonNode); - return jsonNode; + clientRequest.header(CONTENT_TYPE, MediaType.TEXT_HTML); + Response response = clientRequest.get(); + + log.error("\n\n\n Get Agama Repositories - response:{}, response.getHeaders():{}, response.getMediaType():{}, response.getMetadata():{}, response.getEntity():{}, response.getEntity().getClass():{} ", response, response.getHeaders(), response.getMediaType(),response.getMetadata() , response.getEntity(), response.getEntity().getClass()); + if (response.getStatus() == 200) { + String jsonString = response.readEntity(String.class); + log.error("Agama Repositories response is - jsonString:{}", jsonString); + JsonNode jsonNode = Jackson.asJsonNode(jsonString); + log.error("Agama Repositories response is - jsonNode:{}", jsonNode); + List repoJsonNode = jsonNode.findParents("repositories"); + log.error("Agama Repositories response is - repoJsonNode:{}", repoJsonNode); + log.error("Agama Repositories response is - repoJsonNode:{}", repoJsonNode); + + return null; } return null; } public static JsonNode getAgamaProjectLatestRelease(String url) { - log.info("Get Agama Project Latest Release - , url:{} ", url); + log.error("\n\n\n Get Agama Project Latest Release - url:{} ", url); Builder clientRequest = getClientBuilder(url); clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); - Response healthResponse = clientRequest.get(); - if (healthResponse.getStatus() == 200) { - JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); - log.trace("Agama Agama Project Latest Release response is - jsonNode:{}", jsonNode); + Response response = clientRequest.get(); + + log.error("\n\n\n Get Project Latest Release - response:{}, response.getEntity():{}, , response.getEntity().getClass():{} ", response, response.getEntity(), response.getEntity().getClass()); + if (response.getStatus() == 200) { + JsonNode jsonNode = response.readEntity(JsonNode.class); + log.error("Agama Agama Project Latest Release response is - jsonNode:{}", jsonNode); return jsonNode; } return null; diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java index 87a9c244f88..40eeff5963f 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -21,7 +21,7 @@ public class AgamaRepoService { @Inject AuthClientFactory authClientFactory; - public JsonNode getAllAgamaRepositories() { + public JsonNode getAllAgamaRepositories() throws Exception{ return AuthClientFactory.getAllAgamaRepositories(getAgamaFormatedRepositoryURL()); } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index 346cfa15229..aa96a91283f 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -54,6 +54,7 @@ public class StatusCheckerTimer { public static final String PROGRAM_FACTER = "facter"; public static final String PROGRAM_SHOW_VERSION = "/opt/jans/printVersion.py"; public static final String SERVICE_STATUS = "/opt/jans/bin/jans_services_status.py"; + public static final String GET_AGAMA_LAB_PROJECTS = "/opt/jans/bin/get_agama_lab_projects.py"; @Inject private Logger log; From eefd8424bd9c068571d9186f619198b3cd8c2912 Mon Sep 17 00:00:00 2001 From: pujavs Date: Thu, 5 Dec 2024 18:32:57 +0530 Subject: [PATCH 08/17] feat(config-api): agama rep endpoint Signed-off-by: pujavs --- .../configuration/ApiAppConfiguration.java | 64 +++++-------------- .../docs/jans-config-api-swagger.yaml | 21 ++---- .../security/client/AuthClientFactory.java | 42 +----------- .../service/auth/AgamaRepoService.java | 38 ++--------- .../service/status/StatusCheckerTimer.java | 41 ++++++++++++ .../jans-config-api/dynamic-conf.json | 3 - 6 files changed, 71 insertions(+), 138 deletions(-) diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java index a1f37fbd419..4753bb6f285 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java @@ -58,15 +58,6 @@ public class ApiAppConfiguration implements Configuration { @Schema(description = "Jans URL of the OpenID Connect Provider's OAuth 2.0 Revoke Token Endpoint.") private String authOpenidRevokeUrl; - @Schema(description = "Agama project prefix.") - private String agamaProjectPrefix; - - @Schema(description = "Agama project repository URL.") - private String agamaRepositoryURL; - - @Schema(description = "Agama project repository URL for latest URL.") - private String agamaLatestRepositoryURL; - @Schema(description = "List of oAuth scope that can be validity for an access tokens only by underlying Jans Auth server.") private List exclusiveAuthScopes; @@ -240,30 +231,6 @@ public void setAuthOpenidRevokeUrl(String authOpenidRevokeUrl) { this.authOpenidRevokeUrl = authOpenidRevokeUrl; } - public String getAgamaProjectPrefix() { - return agamaProjectPrefix; - } - - public void setAgamaProjectPrefix(String agamaProjectPrefix) { - this.agamaProjectPrefix = agamaProjectPrefix; - } - - public String getAgamaRepositoryURL() { - return agamaRepositoryURL; - } - - public void setAgamaRepositoryURL(String agamaRepositoryURL) { - this.agamaRepositoryURL = agamaRepositoryURL; - } - - public String getAgamaLatestRepositoryURL() { - return agamaLatestRepositoryURL; - } - - public void setAgamaLatestRepositoryURL(String agamaLatestRepositoryURL) { - this.agamaLatestRepositoryURL = agamaLatestRepositoryURL; - } - public List getExclusiveAuthScopes() { return exclusiveAuthScopes; } @@ -318,7 +285,7 @@ public int getMaxCount() { public void setMaxCount(int maxCount) { this.maxCount = maxCount; - if (this.maxCount <= 0) { + if(this.maxCount<=0) { this.maxCount = ApiConstants.DEFAULT_MAX_COUNT; } } @@ -393,19 +360,18 @@ public String toString() { + ", disableLoggerTimer=" + disableLoggerTimer + ", disableAuditLogger=" + disableAuditLogger + ", customAttributeValidationEnabled=" + customAttributeValidationEnabled + ", acrValidationEnabled=" + acrValidationEnabled + ", apiApprovedIssuer=" + apiApprovedIssuer + ", apiProtectionType=" - + apiProtectionType + ", apiClientId=" + apiClientId + ", endpointInjectionEnabled=" - + endpointInjectionEnabled + ", authIssuerUrl=" + authIssuerUrl + ", authOpenidConfigurationUrl=" - + authOpenidConfigurationUrl + ", authOpenidIntrospectionUrl=" + authOpenidIntrospectionUrl - + ", authOpenidTokenUrl=" + authOpenidTokenUrl + ", authOpenidRevokeUrl=" + authOpenidRevokeUrl - + ", agamaProjectPrefix=" + agamaProjectPrefix + ", agamaRepositoryURL=" + agamaRepositoryURL - + ", agamaLatestRepositoryURL=" + agamaLatestRepositoryURL + ", exclusiveAuthScopes=" - + exclusiveAuthScopes + ", corsConfigurationFilters=" + corsConfigurationFilters + ", loggingLevel=" - + loggingLevel + ", loggingLayout=" + loggingLayout + ", externalLoggerConfiguration=" - + externalLoggerConfiguration + ", disableJdkLogger=" + disableJdkLogger + ", maxCount=" + maxCount - + ", acrExclusionList=" + acrExclusionList + ", userExclusionAttributes=" + userExclusionAttributes - + ", userMandatoryAttributes=" + userMandatoryAttributes + ", agamaConfiguration=" + agamaConfiguration - + ", auditLogConf=" + auditLogConf + ", dataFormatConversionConf=" + dataFormatConversionConf - + ", plugins=" + plugins + ", assetMgtConfiguration=" + assetMgtConfiguration + "]"; - } - + + apiProtectionType + ", apiClientId=" + apiClientId + + ", endpointInjectionEnabled=" + endpointInjectionEnabled + ", authIssuerUrl=" + authIssuerUrl + + ", authOpenidConfigurationUrl=" + authOpenidConfigurationUrl + ", authOpenidIntrospectionUrl=" + + authOpenidIntrospectionUrl + ", authOpenidTokenUrl=" + authOpenidTokenUrl + ", authOpenidRevokeUrl=" + + authOpenidRevokeUrl + ", exclusiveAuthScopes=" + exclusiveAuthScopes + ", corsConfigurationFilters=" + + corsConfigurationFilters + ", loggingLevel=" + loggingLevel + ", loggingLayout=" + loggingLayout + + ", externalLoggerConfiguration=" + externalLoggerConfiguration + ", disableJdkLogger=" + + disableJdkLogger + ", maxCount=" + maxCount + ", acrExclusionList=" + acrExclusionList + + ", userExclusionAttributes=" + userExclusionAttributes + ", userMandatoryAttributes=" + + userMandatoryAttributes + ", agamaConfiguration=" + agamaConfiguration + ", auditLogConf=" + + auditLogConf + ", dataFormatConversionConf=" + dataFormatConversionConf + ", plugins=" + plugins + + ", assetMgtConfiguration=" + assetMgtConfiguration + "]"; + } + } diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 40083cb3a65..af71dc27840 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9304,17 +9304,17 @@ components: type: boolean whitePagesCanView: type: boolean - userCanView: + adminCanAccess: type: boolean - adminCanView: + userCanAccess: type: boolean adminCanEdit: type: boolean userCanEdit: type: boolean - userCanAccess: + userCanView: type: boolean - adminCanAccess: + adminCanView: type: boolean baseDn: type: string @@ -11033,15 +11033,6 @@ components: type: string description: Jans URL of the OpenID Connect Provider's OAuth 2.0 Revoke Token Endpoint. - agamaProjectPrefix: - type: string - description: Agama project prefix. - agamaRepositoryURL: - type: string - description: Agama project repository URL. - agamaLatestRepositoryURL: - type: string - description: Agama project repository URL for latest URL. exclusiveAuthScopes: type: array description: List of oAuth scope that can be validity for an access tokens @@ -11298,14 +11289,14 @@ components: type: boolean internal: type: boolean + locationPath: + type: string locationType: type: string enum: - ldap - db - file - locationPath: - type: string baseDn: type: string ScriptError: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java index facb75a0022..e94091e1010 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/security/client/AuthClientFactory.java @@ -17,7 +17,6 @@ import io.jans.as.client.RevokeSessionRequest; import io.jans.as.client.TokenRequest; import io.jans.as.client.TokenResponse; -import io.jans.configapi.core.util.Jackson; import io.jans.as.client.service.IntrospectionService; import io.jans.as.model.common.GrantType; import io.jans.as.model.common.IntrospectionResponse; @@ -25,6 +24,7 @@ import static io.jans.as.model.jwk.JWKParameter.JSON_WEB_KEY_SET; +import io.jans.configapi.core.util.Jackson; import org.apache.commons.lang3.StringUtils; import org.json.JSONObject; @@ -35,8 +35,6 @@ import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.MultivaluedHashMap; import jakarta.ws.rs.core.Response; - -import java.util.List; import org.eclipse.microprofile.rest.client.annotation.RegisterProvider; import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget; import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine; @@ -81,7 +79,7 @@ public static JsonNode getStatResponse(String url, String token, String month, S public static JsonNode getHealthCheckResponse(String url) { log.debug("HealthCheck - , url:{} ", url); Builder clientRequest = getClientBuilder(url); - clientRequest.header(CONTENT_TYPE, MediaType.TEXT_HTML); + clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); Response healthResponse = clientRequest.get(); if (healthResponse.getStatus() == 200) { JsonNode jsonNode = healthResponse.readEntity(JsonNode.class); @@ -90,42 +88,6 @@ public static JsonNode getHealthCheckResponse(String url) { } return null; } - - public static JsonNode getAllAgamaRepositories(String url) throws Exception{ - log.error("\n\n\n TEXT_HTML Get Agama Repositories - url:{} ", url); - Builder clientRequest = getClientBuilder(url); - clientRequest.header(CONTENT_TYPE, MediaType.TEXT_HTML); - Response response = clientRequest.get(); - - log.error("\n\n\n Get Agama Repositories - response:{}, response.getHeaders():{}, response.getMediaType():{}, response.getMetadata():{}, response.getEntity():{}, response.getEntity().getClass():{} ", response, response.getHeaders(), response.getMediaType(),response.getMetadata() , response.getEntity(), response.getEntity().getClass()); - if (response.getStatus() == 200) { - String jsonString = response.readEntity(String.class); - log.error("Agama Repositories response is - jsonString:{}", jsonString); - JsonNode jsonNode = Jackson.asJsonNode(jsonString); - log.error("Agama Repositories response is - jsonNode:{}", jsonNode); - List repoJsonNode = jsonNode.findParents("repositories"); - log.error("Agama Repositories response is - repoJsonNode:{}", repoJsonNode); - log.error("Agama Repositories response is - repoJsonNode:{}", repoJsonNode); - - return null; - } - return null; - } - - public static JsonNode getAgamaProjectLatestRelease(String url) { - log.error("\n\n\n Get Agama Project Latest Release - url:{} ", url); - Builder clientRequest = getClientBuilder(url); - clientRequest.header(CONTENT_TYPE, MediaType.APPLICATION_JSON); - Response response = clientRequest.get(); - - log.error("\n\n\n Get Project Latest Release - response:{}, response.getEntity():{}, , response.getEntity().getClass():{} ", response, response.getEntity(), response.getEntity().getClass()); - if (response.getStatus() == 200) { - JsonNode jsonNode = response.readEntity(JsonNode.class); - log.error("Agama Agama Project Latest Release response is - jsonNode:{}", jsonNode); - return jsonNode; - } - return null; - } public static TokenResponse requestAccessToken(final String tokenUrl, final String clientId, final String clientSecret, final String scope) { diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java index 40eeff5963f..c8fcf890e5e 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -2,8 +2,7 @@ import com.fasterxml.jackson.databind.JsonNode; -import io.jans.configapi.model.configuration.ApiAppConfiguration; -import io.jans.configapi.security.client.AuthClientFactory; +import io.jans.configapi.service.status.StatusCheckerTimer; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; @@ -16,37 +15,14 @@ public class AgamaRepoService { private Logger logger; @Inject - private ApiAppConfiguration appConfiguration; + private StatusCheckerTimer statusCheckerTimer; - @Inject - AuthClientFactory authClientFactory; - - public JsonNode getAllAgamaRepositories() throws Exception{ - return AuthClientFactory.getAllAgamaRepositories(getAgamaFormatedRepositoryURL()); - } - - public JsonNode getAgamaProjectLatestRepository(String projectName) { - return AuthClientFactory.getAgamaProjectLatestRelease(getAgamaProjectFormatedRepositoryURL(projectName)); + public JsonNode getAllAgamaRepositories() throws Exception { + return statusCheckerTimer.getAllAgamaRepositories(); } - - public String getAgamaFormatedRepositoryURL() { - return String.format(getAgamaRepositoryURL(), getAgamaProjectPrefix()); - } - - public String getAgamaProjectFormatedRepositoryURL(String projectName) { - return String.format(getAgamaLatestRepositoryURL(), projectName); - } - - public String getAgamaProjectPrefix() { - return this.appConfiguration.getAgamaProjectPrefix(); - } - - public String getAgamaRepositoryURL() { - return this.appConfiguration.getAgamaRepositoryURL(); - } - - public String getAgamaLatestRepositoryURL() { - return this.appConfiguration.getAgamaLatestRepositoryURL(); + + public JsonNode getAgamaProjectLatestRepository(String repositoryName) { + return statusCheckerTimer.getAllAgamaRepositories(); } } \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index aa96a91283f..46bf6777102 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -256,6 +256,47 @@ public JsonNode getServiceStatus(String serviceName) { log.debug("Service Status data - serviceStatus:{}", serviceStatus); return serviceStatus; } + + public JsonNode getAllAgamaRepositories() { + if (log.isInfoEnabled()) { + log.debug("Getting All Agama Lab Projects"); + } + + JsonNode appVersion = null; + if (!isLinux()) { + return appVersion; + } + + CommandLine commandLine = new CommandLine(PROGRAM_SHOW_VERSION); + + commandLine.addArgument("--json"); + log.error("Getting Agama Lab Projects version for commandLine:{}", commandLine); + + String resultOutput; + try (ByteArrayOutputStream bos = new ByteArrayOutputStream(4096);) { + + boolean result = ProcessHelper.executeProgram(commandLine, false, 0, bos); + if (!result) { + return appVersion; + } + + resultOutput = new String(bos.toByteArray(), UTF_8); + log.error("resultOutput:{}", resultOutput); + + if(StringUtils.isNotBlank(resultOutput)) { + appVersion = Jackson.asJsonNode(resultOutput); + } + + } catch (UnsupportedEncodingException uex) { + log.error("Failed to parse program {} output", PROGRAM_SHOW_VERSION, uex); + return appVersion; + } catch (Exception ex) { + log.error("Failed to execute program {} output", PROGRAM_SHOW_VERSION, ex); + return appVersion; + } + log.debug("Server application version - appVersion:{}", appVersion); + return appVersion; + } private void printDirectory() { log.debug("printDirectory"); diff --git a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json index 36a8baebfa9..22919ca6e8a 100644 --- a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json +++ b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json @@ -15,9 +15,6 @@ "authOpenidIntrospectionUrl": "${introspectionEndpoint}", "authOpenidTokenUrl": "${tokenEndpoint}", "authOpenidRevokeUrl": "${tokenRevocationEndpoint}", - "agamaProjectPrefix": "agama-", - "agamaRepositoryURL": "https://github.com/orgs/GluuFederation/repositories?q=%s", - "agamaLatestRepositoryURL": "https://api.github.com/repos/GluuFederation/%s/releases/latest", "disableJdkLogger": true, "loggingLevel": "INFO", "loggingLayout": "text", From eea70497f69813439b6ac4f3143e829680fd1ca5 Mon Sep 17 00:00:00 2001 From: pujavs Date: Mon, 9 Dec 2024 12:02:26 +0530 Subject: [PATCH 09/17] feat(config-api): agama endpoint wip Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 22 ++++++------- .../rest/resource/auth/AgamaRepoResource.java | 5 --- .../service/auth/AgamaRepoService.java | 8 ++--- .../service/status/StatusCheckerTimer.java | 31 ++++++++++--------- 4 files changed, 32 insertions(+), 34 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index af71dc27840..84dcddf8408 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9302,19 +9302,19 @@ components: type: string selected: type: boolean - whitePagesCanView: - type: boolean - adminCanAccess: + adminCanEdit: type: boolean - userCanAccess: + adminCanView: type: boolean - adminCanEdit: + userCanView: type: boolean userCanEdit: type: boolean - userCanView: + userCanAccess: type: boolean - adminCanView: + adminCanAccess: + type: boolean + whitePagesCanView: type: boolean baseDn: type: string @@ -10170,6 +10170,8 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' + fapi: + type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -10179,8 +10181,6 @@ components: - code - token - id_token - fapi: - type: boolean AuthenticationFilter: required: - baseDn @@ -11289,14 +11289,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java index a2dcae352a3..0765eded57c 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -8,14 +8,12 @@ import com.fasterxml.jackson.databind.JsonNode; - import io.jans.configapi.core.rest.ProtectedApi; import io.jans.configapi.model.configuration.ApiAppConfiguration; import io.jans.configapi.service.auth.AgamaRepoService; import io.jans.configapi.service.auth.ConfigurationService; import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; -import io.jans.orm.model.PagedResult; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; @@ -45,9 +43,6 @@ @Produces(MediaType.APPLICATION_JSON) public class AgamaRepoResource extends ConfigBaseResource { - private class AgamaRepoPagedResult extends PagedResult { - }; - @Inject Logger log; diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java index c8fcf890e5e..b4c6655474a 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -17,12 +17,12 @@ public class AgamaRepoService { @Inject private StatusCheckerTimer statusCheckerTimer; - public JsonNode getAllAgamaRepositories() throws Exception { + public JsonNode getAllAgamaRepositories() { return statusCheckerTimer.getAllAgamaRepositories(); } - - public JsonNode getAgamaProjectLatestRepository(String repositoryName) { + + public JsonNode getAgamaProjectLatestRepository(String repositoryName) { return statusCheckerTimer.getAllAgamaRepositories(); } - + } \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index 46bf6777102..925f9eeb441 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -30,7 +30,6 @@ import java.io.ByteArrayOutputStream; import java.io.UnsupportedEncodingException; import java.util.Date; -import java.util.Map; import java.util.concurrent.atomic.AtomicBoolean; import jakarta.annotation.PostConstruct; @@ -55,7 +54,11 @@ public class StatusCheckerTimer { public static final String PROGRAM_SHOW_VERSION = "/opt/jans/printVersion.py"; public static final String SERVICE_STATUS = "/opt/jans/bin/jans_services_status.py"; public static final String GET_AGAMA_LAB_PROJECTS = "/opt/jans/bin/get_agama_lab_projects.py"; - + private static final String JSON_ARG = "--json"; + private static final String PROG_EXEC_MSG = "Failed to execute program {} output"; + private static final String PROG_PARSE_MSG = "Failed to parse program {} output"; + private static final String RESULT_OUTPUT = "resultOutput:{}"; + @Inject private Logger log; @@ -161,7 +164,7 @@ private FacterData getFacterData() { resultOutput = new String(bos.toByteArray(), UTF_8); facterData = mapper.readValue(resultOutput, FacterData.class); } catch (UnsupportedEncodingException uex) { - log.error("Failed to parse program {} output", PROGRAM_FACTER, uex); + log.error(PROG_PARSE_MSG, PROGRAM_FACTER, uex); return facterData; } catch (Exception ex) { log.error("Failed to execute program {} output:{}", PROGRAM_FACTER, ex); @@ -184,7 +187,7 @@ public JsonNode getAppVersionData(String artifact) { if(StringUtils.isNotBlank(artifact) && !artifact.equalsIgnoreCase(ApiConstants.ALL)) { commandLine.addArgument("-artifact="+artifact); } - commandLine.addArgument("--json"); + commandLine.addArgument(JSON_ARG); log.debug("Getting application version for commandLine:{}", commandLine); String resultOutput; @@ -196,17 +199,17 @@ public JsonNode getAppVersionData(String artifact) { } resultOutput = new String(bos.toByteArray(), UTF_8); - log.debug("resultOutput:{}", resultOutput); + log.debug(RESULT_OUTPUT, resultOutput); if(StringUtils.isNotBlank(resultOutput)) { appVersion = Jackson.asJsonNode(resultOutput); } } catch (UnsupportedEncodingException uex) { - log.debug("Failed to parse program {} output", PROGRAM_SHOW_VERSION, uex); + log.debug(PROG_PARSE_MSG, PROGRAM_SHOW_VERSION, uex); return appVersion; } catch (Exception ex) { - log.error("Failed to execute program {} output", PROGRAM_SHOW_VERSION, ex); + log.error(PROG_EXEC_MSG, PROGRAM_SHOW_VERSION, ex); return appVersion; } log.debug("Server application version - appVersion:{}", appVersion); @@ -228,7 +231,7 @@ public JsonNode getServiceStatus(String serviceName) { if (StringUtils.isNotBlank(serviceName) && !serviceName.equalsIgnoreCase(ApiConstants.ALL)) { commandLine.addArgument(" " + serviceName); } - commandLine.addArgument("--json"); + commandLine.addArgument(JSON_ARG); log.debug("Getting service status for commandLine:{}", commandLine); String resultOutput; @@ -240,7 +243,7 @@ public JsonNode getServiceStatus(String serviceName) { } resultOutput = new String(bos.toByteArray(), UTF_8); - log.info("resultOutput:{}", resultOutput); + log.info(RESULT_OUTPUT, resultOutput); if (StringUtils.isNotBlank(resultOutput)) { serviceStatus = mapper.readValue(resultOutput, JsonNode.class); @@ -269,7 +272,7 @@ public JsonNode getAllAgamaRepositories() { CommandLine commandLine = new CommandLine(PROGRAM_SHOW_VERSION); - commandLine.addArgument("--json"); + commandLine.addArgument(JSON_ARG); log.error("Getting Agama Lab Projects version for commandLine:{}", commandLine); String resultOutput; @@ -281,17 +284,17 @@ public JsonNode getAllAgamaRepositories() { } resultOutput = new String(bos.toByteArray(), UTF_8); - log.error("resultOutput:{}", resultOutput); + log.error(RESULT_OUTPUT, resultOutput); if(StringUtils.isNotBlank(resultOutput)) { appVersion = Jackson.asJsonNode(resultOutput); } } catch (UnsupportedEncodingException uex) { - log.error("Failed to parse program {} output", PROGRAM_SHOW_VERSION, uex); + log.error(PROG_PARSE_MSG, PROGRAM_SHOW_VERSION, uex); return appVersion; } catch (Exception ex) { - log.error("Failed to execute program {} output", PROGRAM_SHOW_VERSION, ex); + log.error(PROG_EXEC_MSG, PROGRAM_SHOW_VERSION, ex); return appVersion; } log.debug("Server application version - appVersion:{}", appVersion); @@ -319,7 +322,7 @@ private void printDirectory() { log.debug("Failed to parse Directory program {} output", "Directory", uex); return; } catch (Exception ex) { - log.error("Failed to execute program {} output", PROGRAM_SHOW_VERSION, ex); + log.error(PROG_EXEC_MSG, PROGRAM_SHOW_VERSION, ex); } log.debug(" Server Directory:{}", resultOutput); } From a0c35d497f692b4f609085c4995652694c934003 Mon Sep 17 00:00:00 2001 From: pujavs Date: Mon, 9 Dec 2024 21:17:39 +0530 Subject: [PATCH 10/17] feat(config-api): implemenetd agama repo endpoint and fixed user pwd validation for patch Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 17 +++++++++++------ .../service/webhook/WebhookService.java | 2 +- .../plugin/mgt/rest/UserResource.java | 18 +++++++++++++----- .../plugin/mgt/service/UserMgmtService.java | 3 +++ .../rest/resource/auth/AgamaRepoResource.java | 2 ++ .../service/status/StatusCheckerTimer.java | 2 +- 6 files changed, 31 insertions(+), 13 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 84dcddf8408..1b324f5bd70 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -4647,6 +4647,7 @@ paths: - uma_rpt_claims - uma_claims_gathering - access_evaluation + - access_evaluation_discovery - consent_gathering - dynamic_scope - spontaneous_scope @@ -9300,8 +9301,6 @@ components: $ref: '#/components/schemas/AttributeValidation' tooltip: type: string - selected: - type: boolean adminCanEdit: type: boolean adminCanView: @@ -9316,6 +9315,8 @@ components: type: boolean whitePagesCanView: type: boolean + selected: + type: boolean baseDn: type: string PatchRequest: @@ -9402,6 +9403,9 @@ components: type: boolean accessEvaluationScriptName: type: string + accessEvaluationDiscoveryCacheLifetimeInMinutes: + type: integer + format: int32 requireRequestObjectEncryption: type: boolean requirePkce: @@ -11241,6 +11245,7 @@ components: - uma_rpt_claims - uma_claims_gathering - access_evaluation + - access_evaluation_discovery - consent_gathering - dynamic_scope - spontaneous_scope @@ -11289,14 +11294,14 @@ components: type: boolean internal: type: boolean + locationPath: + type: string locationType: type: string enum: - ldap - db - file - locationPath: - type: string baseDn: type: string ScriptError: @@ -11725,10 +11730,10 @@ components: ttl: type: integer format: int32 - opbrowserState: - type: string persisted: type: boolean + opbrowserState: + type: string SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/webhook/WebhookService.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/webhook/WebhookService.java index 81d3867a1e4..f0b719adf18 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/webhook/WebhookService.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/webhook/WebhookService.java @@ -25,7 +25,7 @@ import org.slf4j.Logger; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.MapUtils; -import javax.validation.Valid; +import jakarta.validation.Valid; import java.util.*; import java.util.concurrent.*; import java.util.stream.Collectors; diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java index 7cf502d0fb4..9bc73612488 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java @@ -278,8 +278,10 @@ public Response patchUser( logger.info("User:{} to be patched with :{}, removeNonLDAPAttributes:{} ", escapeLog(inum), escapeLog(userPatchRequest), removeNonLDAPAttributes); } - // check if user exists - User existingUser = userMgmtSrv.getUserBasedOnInum(inum); + CustomUser customUser = null; + try { + // check if user exists + User existingUser = userMgmtSrv.getUserBasedOnInum(inum); // parse birthdate if present userMgmtSrv.parseBirthDateAttribute(existingUser); @@ -294,9 +296,15 @@ public Response patchUser( existingUser = excludeUserAttributes(existingUser); // get custom user - CustomUser customUser = getCustomUser(existingUser, removeNonLDAPAttributes); + customUser = getCustomUser(existingUser, removeNonLDAPAttributes); logger.info("patched customUser:{}", customUser); - + } catch (InvalidAttributeException iae) { + logger.error("InvalidAttributeException while updating user is:{}, cause:{}", iae, iae.getCause()); + throwBadRequestException("USER_PATCH_ERROR", iae.getMessage()); + } catch (Exception ex) { + logger.error("Exception while pactching user is:{}, cause:{}", ex, ex.getCause()); + throwInternalServerException(ex); + } return Response.ok(customUser).build(); } @@ -557,7 +565,7 @@ private User setUserCustomAttributes(CustomUser customUser, User user) { private User ignoreCustomAttributes(User user, boolean removeNonLDAPAttributes) { logger.info( - "** validate User CustomObjectClasses - User user:{}, removeNonLDAPAttributes:{}, user.getCustomObjectClasses():{}, userMgmtSrv.getPersistenceType():{}, userMgmtSrv.isLDAP():?{}", + "\n\n ** validate User CustomObjectClasses - User user:{}, removeNonLDAPAttributes:{}, user.getCustomObjectClasses():{}, userMgmtSrv.getPersistenceType():{}, userMgmtSrv.isLDAP():?{}", user, removeNonLDAPAttributes, user.getCustomObjectClasses(), userMgmtSrv.getPersistenceType(), userMgmtSrv.isLDAP()); diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java index a2b7d03fe78..b56e6d98f9d 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java @@ -245,6 +245,9 @@ private User updateCustomAttributes(User user, List custo return user; } + //validate custom attribute validation + validateAttributes(user.getCustomAttributes()); + for (CustomObjectAttribute attribute : customAttributes) { CustomObjectAttribute existingAttribute = userService.getCustomAttribute(user, attribute.getName()); logger.debug("Existing CustomAttributes with existingAttribute:{} ", existingAttribute); diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java index 0765eded57c..8de406c2d93 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -15,6 +15,7 @@ import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; +import io.swagger.v3.oas.annotations.Hidden; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.media.Content; @@ -73,6 +74,7 @@ public Response getAllAgamaRepositories() throws Exception { return Response.ok(agamaRepoService.getAllAgamaRepositories()).build(); } + @Hidden @Operation(summary = "Gets Agama project latest release.", description = "Gets Agama project latest release.", operationId = "get-agama-project-latest-release", tags = { "Agama" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS, ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS, diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index 925f9eeb441..bbf7cc76817 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -270,7 +270,7 @@ public JsonNode getAllAgamaRepositories() { return appVersion; } - CommandLine commandLine = new CommandLine(PROGRAM_SHOW_VERSION); + CommandLine commandLine = new CommandLine(GET_AGAMA_LAB_PROJECTS); commandLine.addArgument(JSON_ARG); log.error("Getting Agama Lab Projects version for commandLine:{}", commandLine); From 138a0b3a11109c3f7256b92b1d24dce2b10c5734 Mon Sep 17 00:00:00 2001 From: pujavs Date: Mon, 9 Dec 2024 21:29:30 +0530 Subject: [PATCH 11/17] feat(config-api): implemenetd agama repo endpoint and fixed user pwd validation for patch Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 12 +++---- .../plugin/mgt/rest/UserResource.java | 4 +-- .../rest/resource/auth/AgamaRepoResource.java | 35 ++----------------- .../service/auth/AgamaRepoService.java | 4 --- .../service/status/StatusCheckerTimer.java | 2 +- 5 files changed, 12 insertions(+), 45 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 1b324f5bd70..c143c6532b2 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9301,12 +9301,14 @@ components: $ref: '#/components/schemas/AttributeValidation' tooltip: type: string - adminCanEdit: + selected: type: boolean - adminCanView: + adminCanEdit: type: boolean userCanView: type: boolean + adminCanView: + type: boolean userCanEdit: type: boolean userCanAccess: @@ -9315,8 +9317,6 @@ components: type: boolean whitePagesCanView: type: boolean - selected: - type: boolean baseDn: type: string PatchRequest: @@ -11294,14 +11294,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java index 9bc73612488..d048f57551b 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java @@ -407,7 +407,7 @@ private void validateUser(User user, boolean isUpdate) throws ApiApplicationExce } } - private String validateUserName(User user, boolean isUpdate) throws ApiApplicationException { + private String validateUserName(User user, boolean isUpdate) { logger.info(USER_PLACEHOLDER, " isUpdate:{}", user, isUpdate); String msg = null; @@ -439,7 +439,7 @@ private String validateUserName(User user, boolean isUpdate) throws ApiApplicati return msg; } - private String validateUserEmail(User user, boolean isUpdate) throws ApiApplicationException { + private String validateUserEmail(User user, boolean isUpdate) { logger.info(USER_PLACEHOLDER, " isUpdate:{}", user, isUpdate); String msg = null; diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java index 8de406c2d93..f5b46ba582a 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -15,9 +15,7 @@ import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; -import io.swagger.v3.oas.annotations.Hidden; import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.ExampleObject; import io.swagger.v3.oas.annotations.media.Schema; @@ -25,11 +23,8 @@ import io.swagger.v3.oas.annotations.responses.ApiResponses; import io.swagger.v3.oas.annotations.security.*; -import static io.jans.as.model.util.Util.escapeLog; - - import jakarta.inject.Inject; -import jakarta.validation.constraints.NotNull; + import jakarta.ws.rs.*; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; @@ -70,32 +65,8 @@ public class AgamaRepoResource extends ConfigBaseResource { @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) @Produces(MediaType.APPLICATION_JSON) - public Response getAllAgamaRepositories() throws Exception { + public Response getAllAgamaRepositories() { return Response.ok(agamaRepoService.getAllAgamaRepositories()).build(); } - - @Hidden - @Operation(summary = "Gets Agama project latest release.", description = "Gets Agama project latest release.", operationId = "get-agama-project-latest-release", tags = { - "Agama" }, security = @SecurityRequirement(name = "oauth2", scopes = { - ApiAccessConstants.AGAMA_REPO_READ_ACCESS, ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS, - ApiAccessConstants.SUPER_ADMIN_READ_ACCESS })) - @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Agama project latest release info", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = JsonNode.class), examples = @ExampleObject(name = "Response json example", value = "example/agama/agama-prj-repo-get.json"))), - @ApiResponse(responseCode = "204", description = "No Content"), - @ApiResponse(responseCode = "401", description = "Unauthorized"), - @ApiResponse(responseCode = "404", description = "Not Found"), - @ApiResponse(responseCode = "500", description = "InternalServerError") }) - @GET - @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { - ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) - @Produces(MediaType.APPLICATION_JSON) - public Response getAgamaProjectLatestRelease( - @Parameter(description = "Agama Projetc Rrepository Name") @PathParam(ApiConstants.NAME) @NotNull String repositoryName) { - - if (logger.isInfoEnabled()) { - logger.info("Custom Script to be fetched based on type - repositoryName:{} ", escapeLog(repositoryName)); - } - return Response.ok(agamaRepoService.getAgamaProjectLatestRepository(repositoryName)).build(); - } - + } \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java index b4c6655474a..6bec8c06226 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -20,9 +20,5 @@ public class AgamaRepoService { public JsonNode getAllAgamaRepositories() { return statusCheckerTimer.getAllAgamaRepositories(); } - - public JsonNode getAgamaProjectLatestRepository(String repositoryName) { - return statusCheckerTimer.getAllAgamaRepositories(); - } } \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java index bbf7cc76817..a191f9863bc 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/status/StatusCheckerTimer.java @@ -301,7 +301,7 @@ public JsonNode getAllAgamaRepositories() { return appVersion; } - private void printDirectory() { + public void printDirectory() { log.debug("printDirectory"); if (!isLinux()) { From 390fcd4d8cdfab00c9c939564536c476f199a7fe Mon Sep 17 00:00:00 2001 From: pujavs Date: Wed, 11 Dec 2024 21:11:34 +0530 Subject: [PATCH 12/17] fix(Config-api): user password patch fix Signed-off-by: pujavs --- jans-config-api/docs/jans-config-api-swagger.yaml | 8 ++++---- .../configapi/plugin/mgt/service/UserMgmtService.java | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index c143c6532b2..e20a8f666fb 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9303,20 +9303,20 @@ components: type: string selected: type: boolean + whitePagesCanView: + type: boolean adminCanEdit: type: boolean userCanView: type: boolean - adminCanView: - type: boolean userCanEdit: type: boolean + adminCanView: + type: boolean userCanAccess: type: boolean adminCanAccess: type: boolean - whitePagesCanView: - type: boolean baseDn: type: string PatchRequest: diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java index b56e6d98f9d..e0cd058907d 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java @@ -246,7 +246,7 @@ private User updateCustomAttributes(User user, List custo } //validate custom attribute validation - validateAttributes(user.getCustomAttributes()); + validateAttributes(customAttributes); for (CustomObjectAttribute attribute : customAttributes) { CustomObjectAttribute existingAttribute = userService.getCustomAttribute(user, attribute.getName()); From df6cd30640786d221853591078a53ebe4b4a6a28 Mon Sep 17 00:00:00 2001 From: pujavs Date: Tue, 17 Dec 2024 14:23:18 +0530 Subject: [PATCH 13/17] fix(config-api): user credentials in plain text Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 11 ++++-- .../plugins/docs/fido2-plugin-swagger.yaml | 38 +++++++++++++++---- .../plugin/mgt/model/user/CustomUser.java | 6 +-- .../plugin/mgt/service/UserMgmtService.java | 29 +++++--------- 4 files changed, 49 insertions(+), 35 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index e20a8f666fb..b9a946e068a 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9303,13 +9303,11 @@ components: type: string selected: type: boolean - whitePagesCanView: - type: boolean - adminCanEdit: + userCanEdit: type: boolean userCanView: type: boolean - userCanEdit: + adminCanEdit: type: boolean adminCanView: type: boolean @@ -9317,6 +9315,8 @@ components: type: boolean adminCanAccess: type: boolean + whitePagesCanView: + type: boolean baseDn: type: string PatchRequest: @@ -9692,6 +9692,9 @@ components: accessTokenLifetime: type: integer format: int32 + userInfoLifetime: + type: integer + format: int32 cleanServiceInterval: type: integer format: int32 diff --git a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml index d5b5360939b..0859f6b93a1 100644 --- a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml @@ -564,6 +564,8 @@ components: type: boolean sessionIdPersistInCache: type: boolean + oldU2fMigrationEnabled: + type: boolean errorReasonEnabled: type: boolean fido2Configuration: @@ -581,7 +583,7 @@ components: type: string checkU2fAttestations: type: boolean - debugUserAutoEnrollment: + userAutoEnrollment: type: boolean unfinishedRequestExpiration: type: integer @@ -591,17 +593,17 @@ components: format: int32 serverMetadataFolder: type: string - enabledFidoAlgorithms: + requestedCredentialTypes: type: array items: type: string - rp: + requestedParties: type: array items: $ref: '#/components/schemas/RequestedParty' metadataUrlsProvider: type: string - disableMetadataService: + skipDownloadMdsEnabled: type: boolean skipValidateMdsInAttestationEnabled: type: boolean @@ -675,15 +677,15 @@ components: type: string username: type: string - domain: + origin: type: string userId: type: string challenge: type: string - attenstationRequest: + attestationRequest: type: string - attenstationResponse: + attestationResponse: type: string uncompressedECPoint: type: string @@ -706,8 +708,28 @@ components: signatureAlgorithm: type: integer format: int32 - applicationId: + rpId: type: string + backupStateFlag: + type: boolean + backupEligibilityFlag: + type: boolean + attestedCredentialDataFlag: + type: boolean + extensionDataFlag: + type: boolean + userVerifiedFlag: + type: boolean + userPresentFlag: + type: boolean + authentictatorAttachment: + type: string + credId: + type: string + transports: + type: array + items: + type: string Fido2RegistrationEntry: type: object properties: diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java index acd48c390d6..10a0c11b407 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/CustomUser.java @@ -59,10 +59,8 @@ public void setUserPassword(String userPassword) { @Override public String toString() { return "CustomUser [inum=" + inum + ", mail=" + mail + ", displayName=" + displayName - + ", givenName=" + givenName + ", userPassword=" + userPassword + "]"; + + ", givenName=" + givenName + "]"; } - - - + } diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java index e0cd058907d..77951d7bbbe 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java @@ -239,24 +239,23 @@ public User getUserBasedOnInum(String inum) { } private User updateCustomAttributes(User user, List customAttributes) { - logger.info("Custom Attributes to update for - user:{}, customAttributes:{} ", user, customAttributes); + logger.info("Custom Attributes to update for - user:{} ", user); if (customAttributes == null || customAttributes.isEmpty()) { return user; } - //validate custom attribute validation validateAttributes(customAttributes); for (CustomObjectAttribute attribute : customAttributes) { CustomObjectAttribute existingAttribute = userService.getCustomAttribute(user, attribute.getName()); - logger.debug("Existing CustomAttributes with existingAttribute:{} ", existingAttribute); + logger.debug("Existing CustomAttributes with existingAttribute.getName():{} ", existingAttribute.getName()); // add if (existingAttribute == null) { boolean result = userService.addUserAttribute(user, attribute.getName(), attribute.getValues(), attribute.isMultiValued()); - logger.debug("Result of adding CustomAttributes attribute:{} , result:{} ", attribute, result); + logger.debug("Result of adding CustomAttributes attribute.getName():{} , result:{} ", attribute.getName(), result); } // remove attribute else if (attribute.getValue() == null || attribute.getValues() == null) { @@ -268,9 +267,6 @@ else if (attribute.getValue() == null || attribute.getValues() == null) { existingAttribute.setMultiValued(attribute.isMultiValued()); existingAttribute.setValues(attribute.getValues()); } - // Final attribute - logger.info("Finally user CustomAttributes user.getCustomAttributes:{} ", user.getCustomAttributes()); - } return user; @@ -442,8 +438,7 @@ public String getPersistenceType() { } public User addUser(User user, boolean active) { - logger.info("\n Creating user:{}, user.getCustomAttributes():{}, active:{}", user, user.getCustomAttributes(), - active); + logger.info("\n Creating user:{}, active:{}", user, active); user = userService.addUser(user, active); logger.info("New user:{}\n", user); // remove inactive claims @@ -459,7 +454,7 @@ public User addUser(User user, boolean active) { } public User updateUser(User user) { - logger.info("\n Updating user:{}, user.getCustomAttributes():{}", user, user.getCustomAttributes()); + logger.info("\n Updating user:{}", user); user = userService.updateUser(user); logger.info("Updated user:{} \n", user); // remove inactive claims @@ -481,7 +476,6 @@ public List verifyCustomAttributes(List users) { } for (User user : users) { List customAttributes = user.getCustomAttributes(); - logger.debug("customAttributes: {}", customAttributes); // remove inactive attributes removeInActiveCustomAttribute(customAttributes); } @@ -489,7 +483,7 @@ public List verifyCustomAttributes(List users) { } public List removeInActiveCustomAttribute(List customAttributes) { - logger.info("User customAttributes: {}", customAttributes); + if (customAttributes == null || customAttributes.isEmpty()) { return customAttributes; } @@ -525,7 +519,6 @@ private String getDnForAttribute(String inum) { } public void validateAttributes(List customAttributes) { - logger.info("\n **** Validate customAttributes: {}", customAttributes); if (customAttributes == null || customAttributes.isEmpty()) { return; } @@ -559,8 +552,8 @@ public void validateAttributes(List customAttributes) { private String validateCustomAttributes(CustomObjectAttribute customObjectAttribute, AttributeValidation attributeValidation) { - logger.info("Validate customObjectAttribute:{}, attributeValidation:{}", customObjectAttribute, - attributeValidation); + logger.info("Validate attributeValidation:{}", attributeValidation); + StringBuilder sb = new StringBuilder(); if (customObjectAttribute == null || attributeValidation == null) { return sb.toString(); @@ -568,9 +561,7 @@ private String validateCustomAttributes(CustomObjectAttribute customObjectAttrib String attributeName = customObjectAttribute.getName(); try { - String attributeValue = String.valueOf(customObjectAttribute.getValue()); - logger.info("Validate attributeName:{}, attributeValue:{}", attributeName, attributeValue); if (StringUtils.isBlank(attributeValue)) { return sb.toString(); @@ -579,8 +570,8 @@ private String validateCustomAttributes(CustomObjectAttribute customObjectAttrib Integer maxValue = attributeValidation.getMaxLength(); String regexpValue = attributeValidation.getRegexp(); logger.info( - "Validate attributeValue:{}, attributeValue.length():{}, attributeValidation.getMinLength():{}, attributeValidation.getMaxLength():{}, attributeValidation.getRegexp():{}", - attributeValue, attributeValue.length(), attributeValidation.getMinLength(), + "Validate attributeValue.length():{}, attributeValidation.getMinLength():{}, attributeValidation.getMaxLength():{}, attributeValidation.getRegexp():{}", + attributeValue.length(), attributeValidation.getMinLength(), attributeValidation.getMaxLength(), attributeValidation.getRegexp()); // minvalue Validation From 3b34408a39bfb2ba3218a692527c4b489229ef9a Mon Sep 17 00:00:00 2001 From: pujavs Date: Tue, 17 Dec 2024 17:56:02 +0530 Subject: [PATCH 14/17] fix(config-api): user password being displayed as clear text Signed-off-by: pujavs --- jans-config-api/docs/jans-config-api-swagger.yaml | 14 +++++++------- .../plugin/mgt/service/UserMgmtService.java | 3 +-- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index b9a946e068a..bfc042bc635 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9303,19 +9303,19 @@ components: type: string selected: type: boolean - userCanEdit: + userCanAccess: type: boolean - userCanView: + adminCanAccess: type: boolean - adminCanEdit: + whitePagesCanView: type: boolean - adminCanView: + userCanView: type: boolean - userCanAccess: + adminCanView: type: boolean - adminCanAccess: + adminCanEdit: type: boolean - whitePagesCanView: + userCanEdit: type: boolean baseDn: type: string diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java index 77951d7bbbe..406c8101670 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserMgmtService.java @@ -524,8 +524,7 @@ public void validateAttributes(List customAttributes) { } StringBuilder sb = new StringBuilder(); for (CustomObjectAttribute customObjectAttribute : customAttributes) { - logger.info("customObjectAttribute:{}, customObjectAttribute.getName():{}", customObjectAttribute, - customObjectAttribute.getName()); + logger.info("customObjectAttribute.getName():{}", customObjectAttribute.getName()); JansAttribute attribute = attributeService.getAttributeByName(customObjectAttribute.getName()); AttributeValidation validation = null; if (attribute != null) { From 0b8c85e12d8408477b0fa18f1e0da65e5af06f9b Mon Sep 17 00:00:00 2001 From: pujavs Date: Tue, 17 Dec 2024 19:08:27 +0530 Subject: [PATCH 15/17] fix(config-api): user password being displayed as clear text Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 16 ++++++++-------- .../plugin/mgt/model/user/UserPatchRequest.java | 2 +- .../interceptor/AuditLogInterceptor.java | 5 ++++- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index bfc042bc635..53ae67f689c 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9303,19 +9303,19 @@ components: type: string selected: type: boolean - userCanAccess: - type: boolean - adminCanAccess: - type: boolean whitePagesCanView: type: boolean + adminCanView: + type: boolean userCanView: type: boolean - adminCanView: + userCanEdit: type: boolean adminCanEdit: type: boolean - userCanEdit: + adminCanAccess: + type: boolean + userCanAccess: type: boolean baseDn: type: string @@ -11733,10 +11733,10 @@ components: ttl: type: integer format: int32 - persisted: - type: boolean opbrowserState: type: string + persisted: + type: boolean SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/UserPatchRequest.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/UserPatchRequest.java index adcde5126e7..68a0a047515 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/UserPatchRequest.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/model/user/UserPatchRequest.java @@ -34,6 +34,6 @@ public void setCustomAttributes(List customAttributes) { @Override public String toString() { - return "UserPatchRequest [jsonPatchString=" + jsonPatchString + ", customAttributes=" + customAttributes + "]"; + return "UserPatchRequest [jsonPatchString=" + jsonPatchString + "]"; } } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java b/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java index a65089d2418..06b91fefb93 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java @@ -112,7 +112,10 @@ private void processRequest(InvocationContext context, AuditLogConf auditLogConf clazz.isPrimitive()); Object obj = ctxParameters[i]; - AUDIT_LOG.info("RequestReaderInterceptor final - obj - obj:{} ", obj); + if (obj != null && (!obj.toString().toUpperCase().contains("PASSWORD") + || !obj.toString().toUpperCase().contains("SECRET"))) { + AUDIT_LOG.info("RequestReaderInterceptor final - obj - obj:{} ", obj); + } } } From 0e94c4dfaa35c9be2bf229582087e4112a817457 Mon Sep 17 00:00:00 2001 From: pujavs Date: Thu, 19 Dec 2024 21:56:21 +0530 Subject: [PATCH 16/17] feat(config-api): agama download Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 40 +++++++++++++++++-- .../rest/resource/auth/AgamaRepoResource.java | 31 +++++++++++++- .../service/auth/AgamaRepoService.java | 25 +++++++++++- 3 files changed, 90 insertions(+), 6 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 53ae67f689c..1a6f065e741 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -497,6 +497,40 @@ paths: security: - oauth2: - https://jans.io/oauth/config/agama.readonly + /api/v1/agama-repo/download: + get: + tags: + - Agama + summary: Download agama project. + description: Download agama project. + operationId: get-agama-project + parameters: + - name: downloadLink + in: query + description: Agama project download Link + schema: + type: string + responses: + "200": + description: Agama project + content: + application/json: + schema: + type: string + format: binary + "204": + description: No Content + "401": + description: Unauthorized + "404": + description: Not Found + "500": + description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/config/agama-repo.readonly + - https://jans.io/oauth/config/agama-repo.write + - https://jans.io/oauth/config/read-all /api/v1/agama-repo: get: tags: @@ -9303,7 +9337,7 @@ components: type: string selected: type: boolean - whitePagesCanView: + adminCanEdit: type: boolean adminCanView: type: boolean @@ -9311,11 +9345,11 @@ components: type: boolean userCanEdit: type: boolean - adminCanEdit: + userCanAccess: type: boolean adminCanAccess: type: boolean - userCanAccess: + whitePagesCanView: type: boolean baseDn: type: string diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java index f5b46ba582a..05f281c53e8 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AgamaRepoResource.java @@ -16,6 +16,7 @@ import io.jans.configapi.util.ApiConstants; import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.ExampleObject; import io.swagger.v3.oas.annotations.media.Schema; @@ -23,8 +24,10 @@ import io.swagger.v3.oas.annotations.responses.ApiResponses; import io.swagger.v3.oas.annotations.security.*; -import jakarta.inject.Inject; +import static io.jans.as.model.util.Util.escapeLog; +import java.io.IOException; +import jakarta.inject.Inject; import jakarta.ws.rs.*; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; @@ -68,5 +71,29 @@ public class AgamaRepoResource extends ConfigBaseResource { public Response getAllAgamaRepositories() { return Response.ok(agamaRepoService.getAllAgamaRepositories()).build(); } - + + @Operation(summary = "Download agama project.", description = "Download agama project.", operationId = "get-agama-project", tags = { + "Agama" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.AGAMA_REPO_READ_ACCESS, ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS, + ApiAccessConstants.SUPER_ADMIN_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Agama project", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = String.class, format = "binary"))), + @ApiResponse(responseCode = "204", description = "No Content"), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.AGAMA_REPO_READ_ACCESS }, groupScopes = { + ApiAccessConstants.AGAMA_REPO_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Produces(MediaType.APPLICATION_JSON) + @Path("/download") + public Response getAgamaProject( + @Parameter(description = "Agama project download Link") @QueryParam(value = "downloadLink") String downloadLink) + throws IOException { + if (logger.isInfoEnabled()) { + logger.info(" Agama Project File downloadLink :{}", escapeLog(downloadLink)); + } + return Response.ok(agamaRepoService.getAgamaProject(downloadLink)).build(); + } + } \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java index 6bec8c06226..8bb5cd5ec6b 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AgamaRepoService.java @@ -2,10 +2,21 @@ import com.fasterxml.jackson.databind.JsonNode; +import io.jans.as.model.util.Util; import io.jans.configapi.service.status.StatusCheckerTimer; +import io.jans.util.exception.InvalidAttributeException; +import static io.jans.as.model.util.Util.escapeLog; + +import java.io.IOException; +import java.net.URLDecoder; +import java.net.URL; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; + +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.io.IOUtils; import org.slf4j.Logger; @ApplicationScoped @@ -20,5 +31,17 @@ public class AgamaRepoService { public JsonNode getAllAgamaRepositories() { return statusCheckerTimer.getAllAgamaRepositories(); } - + + public byte[] getAgamaProject(String downloadLink) throws IOException { + if (logger.isInfoEnabled()) { + logger.info("Fetch Agama Project File from :{}", escapeLog(downloadLink)); + } + if (StringUtils.isBlank(downloadLink)) { + throw new InvalidAttributeException("Agama Project url is null!!!"); + } + String url = URLDecoder.decode(downloadLink, Util.UTF8_STRING_ENCODING); + logger.info("Decoded Agama Project url :{}", url); + return Base64.encodeBase64(IOUtils.toByteArray((new URL(url)).openStream()), true); + } + } \ No newline at end of file From 32e0a25dbacd66d98bab6e8592fa3830a3d90d9f Mon Sep 17 00:00:00 2001 From: pujavs Date: Thu, 19 Dec 2024 22:00:55 +0530 Subject: [PATCH 17/17] feat(config-api): agama download Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 20 +++++++++---------- .../plugins/docs/user-mgt-plugin-swagger.yaml | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 1a6f065e741..c1a1c82474a 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -9337,7 +9337,11 @@ components: type: string selected: type: boolean - adminCanEdit: + whitePagesCanView: + type: boolean + adminCanAccess: + type: boolean + userCanAccess: type: boolean adminCanView: type: boolean @@ -9345,11 +9349,7 @@ components: type: boolean userCanEdit: type: boolean - userCanAccess: - type: boolean - adminCanAccess: - type: boolean - whitePagesCanView: + adminCanEdit: type: boolean baseDn: type: string @@ -10988,10 +10988,10 @@ components: type: array items: type: object - value: - type: object displayValue: type: string + value: + type: object LocalizedString: type: object properties: @@ -11767,10 +11767,10 @@ components: ttl: type: integer format: int32 - opbrowserState: - type: string persisted: type: boolean + opbrowserState: + type: string SessionIdAccessMap: type: object properties: diff --git a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml index a23d9c4e828..9113a738b01 100644 --- a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml @@ -863,10 +863,10 @@ components: type: array items: type: object - value: - type: object displayValue: type: string + value: + type: object CustomUser: type: object properties: