Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(jans-auth-server): Token Status List support (#8620)
* chore(jans-auth-server): renamed OXAUTH_UMA_TICKET -> UMA_TICKET Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): Token Status List support #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): corrected requestContext and azd decoding #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): added token status list endpoint and status claim with index. #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): new cluster beans and services Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): added head index to list #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): move beans to core model Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): add index range to TokenPool Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): added application/statuslist+json support #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): add methods to allocate/release TokenPool Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): fix TokenPool sort Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): implement method to get nextIndex for token Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): implement method to get nextIndex for token Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): instead of using token list status use expiration date Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * fix(jans-auth-server): fixed index during list joins and npe on nextIndex. #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): populate statusListIndex in access and id tokens #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): add ClusterNode services Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): add node base dn Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): added status list update on revoke #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix after merge Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): add schema for new entries Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): fix allocate Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): fix cluster nodes expiration Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): added status list as jwt support #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): Deprecate TokenPoolStatus Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): implement updateWithLock for concurent lock on revoke Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): use updateWithLock during status update index #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): update status list on token revoke in separate thread #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): renamed TokenPool -> StatusTokenPool, TokenPoolService -> StatusTokenPoolService #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): removed token head index (we are using status token pools instead) #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): added status list to swagger #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): added ou=node,o=jans to config #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): throw configuration exception if node baseDn is missed #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): set status_list feature flag enabled by default #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): fixed node allocation #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): corrected bug in getClusterNodeLast #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): keep lockKey static and save in jansNode after locking #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): different fixes for cluster node management #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): fixed allocation of status index pools #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * chore(jans-auth-server): added more logs for status index pool allocation #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth): igore timezone when DB is PostgresSQL Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth): fetch all node entries if DB is LDAP Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> * feat(jans-auth-server): added status list client #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): fixed pool allocation #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * chore(jans-auth-server): renamed endpoint /token_status_list -> /status_list #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-orm): resovle bean property name with AttributeName #8773 * chore(jans-auth-server): renamed token_status_list -> status_list #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * chore(jans-auth-server): token statuses VALID - 0, INVALID - 1 #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * chore(jans-auth-server): moved status list to model for re-using #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): added batch index update and fixed concurrent update issue #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): use new index update method in existing revoke code #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * fix(jans-auth-server): fixed status pool index joining #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * chore(jans-auth-server): code improvements #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * test(jans-auth-server): added full integration test for status list #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * test(jans-auth-server): added test for CN case #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * feat(jans-auth-server): mark indexes which we are about to re-use as VALID #8562 Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * code re-format Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> * docs(config-api): regenerating config swagger api Signed-off-by: pujavs <pujas.works@gmail.com> --------- Signed-off-by: YuriyZ <yzabrovarniy@gmail.com> Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> Signed-off-by: pujavs <pujas.works@gmail.com> Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com> Co-authored-by: pujavs <pujas.works@gmail.com> Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
- Loading branch information