feat; OPA related config updates (#7173)

* feat: deploy lock-service as custom library

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat: policy downloader

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat: policy downloader

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat: add apache config

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* Revert "feat: add apache config"

This reverts commit 5ae8869.

* feat: policy downloader

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat: add message scopes

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat: publish message API

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

---------

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Signed-off-by: Mustafa Baser <mbaser@mail.com>

jans-auth-server/server/pom.xml

@@ -392,11 +392,13 @@
         </dependency>
 
 		<!-- lock -->
+		<!--
         <dependency>
             <groupId>io.jans</groupId>
             <artifactId>jans-lock-service</artifactId>
             <version>${project.version}</version>
         </dependency>
+		-->
 
 		<!-- Weld -->
 		<dependency>

jans-auth-server/server/src/main/java/io/jans/as/server/service/net/HttpService2.java

@@ -7,329 +7,15 @@
 package io.jans.as.server.service.net;
 
 
-import java.io.File;
-import java.io.IOException;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-import java.nio.charset.Charset;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import javax.net.ssl.SSLContext;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.http.Header;
-import org.apache.http.HttpEntity;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpResponse;
-import org.apache.http.HttpStatus;
-import org.apache.http.client.ClientProtocolException;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.config.CookieSpecs;
-import org.apache.http.client.config.RequestConfig;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.client.methods.HttpPost;
-import org.apache.http.conn.routing.HttpRoutePlanner;
-import org.apache.http.conn.ssl.NoopHostnameVerifier;
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.entity.ContentType;
-import org.apache.http.entity.StringEntity;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.impl.conn.DefaultProxyRoutePlanner;
-import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
-import org.apache.http.ssl.SSLContexts;
-import org.apache.http.ssl.TrustStrategy;
-import org.apache.http.util.EntityUtils;
-import org.slf4j.Logger;
-
-import io.jans.as.server.model.net.HttpServiceResponse;
-import io.jans.util.StringHelper;
-import io.jans.util.Util;
-import jakarta.annotation.PostConstruct;
+import io.jans.service.net.BaseHttpService;
 import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.inject.Inject;
-import jakarta.servlet.http.HttpServletRequest;
 
 /**
  * Provides operations with http/https requests
  *
  * @author Yuriy Movchan Date: 04/10/2023
  */
 @ApplicationScoped
-public class HttpService2 implements Serializable {
-
-	private static final long serialVersionUID = -2398422090669045605L;
-
-	@Inject
-	private Logger log;
-
-	private Base64 base64;
-
-	private PoolingHttpClientConnectionManager connectionManager;
-
-	@PostConstruct
-	public void init() {
-        connectionManager = new PoolingHttpClientConnectionManager();
-        connectionManager.setMaxTotal(200); // Increase max total connection to 200
-        connectionManager.setDefaultMaxPerRoute(50); // Increase default max connection per route to 50
-
-        this.base64 = new Base64();
-	}
-
-	public CloseableHttpClient getHttpsClientTrustAll() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
-	    SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
-	    SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext, 
-	      NoopHostnameVerifier.INSTANCE);
-
-	    return HttpClients.custom().setSSLSocketFactory(sslConSocFactory)
-				.setDefaultRequestConfig(RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build())
-				.setConnectionManager(connectionManager).build();
-	}
-
-	public CloseableHttpClient getHttpsClient() {
-    	return getHttpsClient(RequestConfig.custom().build());
-	}
-
-	public CloseableHttpClient getHttpsClient(RequestConfig requestConfig) {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	return HttpClients.custom()
-				.setDefaultRequestConfig(RequestConfig.copy(requestConfig).setCookieSpec(CookieSpecs.STANDARD).build())
-				.setConnectionManager(connectionManager).build();
-	}
-
-	public CloseableHttpClient getHttpsClient(HttpRoutePlanner routerPlanner) {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	return getHttpsClient(RequestConfig.custom().build(), routerPlanner);
-	}
-
-	public CloseableHttpClient getHttpsClient(RequestConfig requestConfig, HttpRoutePlanner routerPlanner) {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	return HttpClients.custom()
-				.setDefaultRequestConfig(RequestConfig.copy(requestConfig).setCookieSpec(CookieSpecs.STANDARD).build())
-				.setConnectionManager(connectionManager).setRoutePlanner(routerPlanner).build();
-	}
-
-	public CloseableHttpClient getHttpsClient(String trustStoreType, String trustStorePath, String trustStorePassword) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new File(trustStorePath), trustStorePassword.toCharArray()).build();
-	    SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext);
-
-	    return HttpClients.custom().setSSLSocketFactory(sslConSocFactory)
-				.setDefaultRequestConfig(RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build())
-				.setConnectionManager(connectionManager).build();
-	}
-
-	public CloseableHttpClient getHttpsClient(String trustStoreType, String trustStorePath, String trustStorePassword,
-			String keyStoreType, String keyStorePath, String keyStorePassword) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
-    	log.trace("Connection manager stats: {}", connectionManager.getTotalStats());
-
-    	SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new File(trustStorePath), trustStorePassword.toCharArray())
-				.loadKeyMaterial(new File(keyStorePath), keyStorePassword.toCharArray(), keyStorePassword.toCharArray()).build();
-	    SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext);
-
-	    return HttpClients.custom().setSSLSocketFactory(sslConSocFactory)
-				.setDefaultRequestConfig(RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build())
-				.setConnectionManager(connectionManager).build();
-	}
-
-	public HttpServiceResponse executePost(HttpClient httpClient, String uri, String authData, Map<String, String> headers, String postData, ContentType contentType) {
-        HttpPost httpPost = new HttpPost(uri);
-        if (StringHelper.isNotEmpty(authData)) {
-        	httpPost.setHeader("Authorization", "Basic " + authData);
-        }
-
-        if (headers != null) {
-        	for (Entry<String, String> headerEntry : headers.entrySet()) {
-            	httpPost.setHeader(headerEntry.getKey(), headerEntry.getValue());
-        	}
-        }
-
-        StringEntity stringEntity = new StringEntity(postData, contentType);
-		httpPost.setEntity(stringEntity);
-
-        try {
-        	HttpResponse httpResponse = httpClient.execute(httpPost);
-
-        	return new HttpServiceResponse(httpPost, httpResponse);
-		} catch (IOException ex) {
-	    	log.error("Failed to execute post request", ex);
-		}
-
-        return null;
-	}
-
-	public HttpServiceResponse executePost(HttpClient httpClient, String uri, String authData, Map<String, String> headers, String postData) {
-		return executePost(httpClient, uri, authData, headers, postData, null);
-	}
-
-	public HttpServiceResponse executePost(HttpClient httpClient, String uri, String authData, String postData, ContentType contentType) {
-        return executePost(httpClient, uri, authData, null, postData, contentType);
-	}
-
-	public String encodeBase64(String value) {
-		try {
-			return new String(base64.encode((value).getBytes(Util.UTF8)), Util.UTF8);
-		} catch (UnsupportedEncodingException ex) {
-	    	log.error("Failed to convert '{}' to base64", value, ex);
-		}
-
-		return null;
-	}
-
-	public String encodeUrl(String value) {
-		try {
-			return URLEncoder.encode(value, Util.UTF8);
-		} catch (UnsupportedEncodingException ex) {
-	    	log.error("Failed to encode url '{}'", value, ex);
-		}
-
-		return null;
-	}
-
-	public HttpServiceResponse executeGet(HttpClient httpClient, String requestUri, Map<String, String> headers) {
-		HttpGet httpGet = new HttpGet(requestUri);
-
-        if (headers != null) {
-        	for (Entry<String, String> headerEntry : headers.entrySet()) {
-        		httpGet.setHeader(headerEntry.getKey(), headerEntry.getValue());
-        	}
-        }
-
-		try {
-			HttpResponse httpResponse = httpClient.execute(httpGet);
-
-			return new HttpServiceResponse(httpGet, httpResponse);
-		} catch (IOException ex) {
-	    	log.error("Failed to execute get request", ex);
-		}
-
-		return null;
-	}
-
-	public HttpServiceResponse executeGet(HttpClient httpClient, String requestUri) throws ClientProtocolException, IOException {
-		return executeGet(httpClient, requestUri, null);
-	}
-
-	public byte[] getResponseContent(HttpResponse httpResponse) throws IOException {
-		if ((httpResponse == null) || !isResponseStastusCodeOk(httpResponse)) {
-        	return null;
-        }
-
-        HttpEntity entity = httpResponse.getEntity();
-		byte[] responseBytes = new byte[0];
-		if (entity != null) {
-			responseBytes = EntityUtils.toByteArray(entity);
-		}
-
-    	// Consume response content
-		if (entity != null) {
-			EntityUtils.consume(entity);
-		}
-
-    	return responseBytes;
-	}
-
-	public void consume(HttpResponse httpResponse) throws IOException {
-		if ((httpResponse == null) || !isResponseStastusCodeOk(httpResponse)) {
-        	return;
-        }
-
-    	// Consume response content
-        HttpEntity entity = httpResponse.getEntity();
-		if (entity != null) {
-			EntityUtils.consume(entity);
-		}
-	}
-
-	public String convertEntityToString(byte[] responseBytes) {
-		if (responseBytes == null) {
-			return null;
-		}
-
-		return new String(responseBytes);
-	}
-
-	public String convertEntityToString(byte[] responseBytes, Charset charset) {
-		if (responseBytes == null) {
-			return null;
-		}
-
-		return new String(responseBytes, charset);
-	}
-
-	public String convertEntityToString(byte[] responseBytes, String charsetName) throws UnsupportedEncodingException {
-		if (responseBytes == null) {
-			return null;
-		}
-
-		return new String(responseBytes, charsetName);
-	}
-
-	public boolean isResponseStastusCodeOk(HttpResponse httpResponse) {
-		int responseStastusCode = httpResponse.getStatusLine().getStatusCode();
-		if ((responseStastusCode == HttpStatus.SC_OK) || (responseStastusCode == HttpStatus.SC_CREATED) || (responseStastusCode == HttpStatus.SC_ACCEPTED)
-				|| (responseStastusCode == HttpStatus.SC_NON_AUTHORITATIVE_INFORMATION) || (responseStastusCode == HttpStatus.SC_NO_CONTENT) || (responseStastusCode == HttpStatus.SC_RESET_CONTENT)
-				|| (responseStastusCode == HttpStatus.SC_PARTIAL_CONTENT) || (responseStastusCode == HttpStatus.SC_MULTI_STATUS)) {
-			return true;
-		}
-
-		return false;
-	}
-
-	public boolean isResponseStatusCodeOk(HttpResponse httpResponse) {
-		return isResponseStastusCodeOk(httpResponse); 
-	}
-
-	public boolean isContentTypeXml(HttpResponse httpResponse) {
-		Header contentType = httpResponse.getEntity().getContentType();
-		if (contentType == null) {
-			return false;
-		}
-
-		String contentTypeValue = contentType.getValue();
-		if (StringHelper.equals(contentTypeValue, ContentType.APPLICATION_XML.getMimeType()) || StringHelper.equals(contentTypeValue, ContentType.TEXT_XML.getMimeType())) {
-			return true;
-		}
-
-		return false;
-	}
-
-	public String constructServerUrl(final HttpServletRequest request) {
-    	int serverPort = request.getServerPort();
-
-    	String redirectUrl;
-    	if ((serverPort == 80) || (serverPort == 443)) {
-    		redirectUrl = String.format("%s://%s%s", request.getScheme(), request.getServerName(), request.getContextPath());
-    	} else {
-    		redirectUrl = String.format("%s://%s:%s%s", request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath());
-    	}
-
-    	return redirectUrl.toLowerCase();
-    }
-
-	public HttpRoutePlanner buildDefaultRoutePlanner(final String hostname, final int port, final String scheme) {
-		//Creating an HttpHost object for proxy
-		HttpHost proxyHost = new HttpHost(hostname, port, scheme); 
-
-    	return new DefaultProxyRoutePlanner(proxyHost);
-    }
-
-	public HttpRoutePlanner buildDefaultRoutePlanner(final String proxy) {
-		return buildDefaultRoutePlanner(proxy, -1, null);
-    }
+public class HttpService2 extends BaseHttpService {
 
 }

jans-auth-server/server/src/test/java/io/jans/as/server/ws/rs/ClientInfoRestWebServiceEmbeddedTest.java

@@ -317,7 +317,7 @@ public void requestClientInfoStep2PasswordFlow(final String clientInfoPath) thro
             assertTrue(jsonObj.has("jansAppType"), "Unexpected result: oxAuthAppType not found");
             assertTrue(jsonObj.has("jansIdTknSignedRespAlg"),
                     "Unexpected result: oxAuthIdTokenSignedResponseAlg not found");
-            assertTrue(jsonObj.has("jansRedirectURI"), "Unexpected result: oxAuthRedirectURI not found");
+            assertTrue(jsonObj.has("jansRedirectURI"), "Unexpected result: jansRedirectURI not found");
             assertTrue(jsonObj.has("jansScope"), "Unexpected result: oxAuthScope not found");
         } catch (JSONException e) {
             e.printStackTrace();

jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java

@@ -123,6 +123,7 @@ public Set<Class<?>> getClasses() {
         classes.add(AcrsResource.class);
         classes.add(AttributesResource.class);
         classes.add(CacheConfigurationResource.class);
+        classes.add(MessageConfigurationResource.class);
         classes.add(ClientsResource.class);
         classes.add(AuthConfigResource.class);
         classes.add(ConfigSmtpResource.class);