diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java index b8c0ecf38d2..c553c42a9d6 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/model/configuration/ApiAppConfiguration.java @@ -3,13 +3,15 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import io.jans.as.model.configuration.Configuration; -import java.util.ArrayList; import java.util.List; @JsonIgnoreProperties(ignoreUnknown = true) public class ApiAppConfiguration implements Configuration { private boolean configOauthEnabled; + private boolean disableLoggerTimer; + private boolean disableAuditLogger; + private boolean assetMgtEnabled; private boolean customAttributeValidationEnabled; private List apiApprovedIssuer; private String apiProtectionType; @@ -40,213 +42,219 @@ public class ApiAppConfiguration implements Configuration { private AuditLogConf auditLogConf; private DataFormatConversionConf dataFormatConversionConf; private List plugins; - + public boolean isConfigOauthEnabled() { return configOauthEnabled; } - + public void setConfigOauthEnabled(boolean configOauthEnabled) { this.configOauthEnabled = configOauthEnabled; } - + + public boolean isDisableLoggerTimer() { + return disableLoggerTimer; + } + + public void setDisableLoggerTimer(boolean disableLoggerTimer) { + this.disableLoggerTimer = disableLoggerTimer; + } + + public boolean isDisableAuditLogger() { + return disableAuditLogger; + } + + public void setDisableAuditLogger(boolean disableAuditLogger) { + this.disableAuditLogger = disableAuditLogger; + } + + public boolean isAssetMgtEnabled() { + return assetMgtEnabled; + } + + public void setAssetMgtEnabled(boolean assetMgtEnabled) { + this.assetMgtEnabled = assetMgtEnabled; + } + public boolean isCustomAttributeValidationEnabled() { return customAttributeValidationEnabled; } - + public void setCustomAttributeValidationEnabled(boolean customAttributeValidationEnabled) { this.customAttributeValidationEnabled = customAttributeValidationEnabled; } - + public List getApiApprovedIssuer() { return apiApprovedIssuer; } - + public void setApiApprovedIssuer(List apiApprovedIssuer) { this.apiApprovedIssuer = apiApprovedIssuer; } - + public String getApiProtectionType() { return apiProtectionType; } - + public void setApiProtectionType(String apiProtectionType) { this.apiProtectionType = apiProtectionType; } - + public String getApiClientId() { return apiClientId; } - + public void setApiClientId(String apiClientId) { this.apiClientId = apiClientId; } - + public String getApiClientPassword() { return apiClientPassword; } - + public void setApiClientPassword(String apiClientPassword) { this.apiClientPassword = apiClientPassword; } - + public boolean isEndpointInjectionEnabled() { return endpointInjectionEnabled; } - + public void setEndpointInjectionEnabled(boolean endpointInjectionEnabled) { this.endpointInjectionEnabled = endpointInjectionEnabled; } - + public String getAuthIssuerUrl() { return authIssuerUrl; } - + public void setAuthIssuerUrl(String authIssuerUrl) { this.authIssuerUrl = authIssuerUrl; } - + public String getAuthOpenidConfigurationUrl() { return authOpenidConfigurationUrl; } - + public void setAuthOpenidConfigurationUrl(String authOpenidConfigurationUrl) { this.authOpenidConfigurationUrl = authOpenidConfigurationUrl; } - + public String getAuthOpenidIntrospectionUrl() { return authOpenidIntrospectionUrl; } - + public void setAuthOpenidIntrospectionUrl(String authOpenidIntrospectionUrl) { this.authOpenidIntrospectionUrl = authOpenidIntrospectionUrl; } - + public String getAuthOpenidTokenUrl() { return authOpenidTokenUrl; } - + public void setAuthOpenidTokenUrl(String authOpenidTokenUrl) { this.authOpenidTokenUrl = authOpenidTokenUrl; } - + public String getAuthOpenidRevokeUrl() { return authOpenidRevokeUrl; } - + public void setAuthOpenidRevokeUrl(String authOpenidRevokeUrl) { this.authOpenidRevokeUrl = authOpenidRevokeUrl; } - + public String getSmallryeHealthRootPath() { return smallryeHealthRootPath; } - + public void setSmallryeHealthRootPath(String smallryeHealthRootPath) { this.smallryeHealthRootPath = smallryeHealthRootPath; } - - public List getCorsConfigurationFilters() { - if (corsConfigurationFilters == null) { - corsConfigurationFilters = new ArrayList<>(); - } - - return corsConfigurationFilters; - } - - public void setCorsConfigurationFilters(List corsConfigurationFilters) { - if (corsConfigurationFilters == null) { - this.corsConfigurationFilters = new ArrayList<>(); - } else { - this.corsConfigurationFilters = new ArrayList<>(); - this.corsConfigurationFilters.addAll(corsConfigurationFilters); - } - } - + public List getExclusiveAuthScopes() { - if (exclusiveAuthScopes == null) { - exclusiveAuthScopes = new ArrayList<>(); - } return exclusiveAuthScopes; } - + public void setExclusiveAuthScopes(List exclusiveAuthScopes) { this.exclusiveAuthScopes = exclusiveAuthScopes; - if (exclusiveAuthScopes == null) { - this.exclusiveAuthScopes = new ArrayList<>(); - } else { - this.exclusiveAuthScopes = new ArrayList<>(); - this.exclusiveAuthScopes.addAll(exclusiveAuthScopes); - } } - + + public List getCorsConfigurationFilters() { + return corsConfigurationFilters; + } + + public void setCorsConfigurationFilters(List corsConfigurationFilters) { + this.corsConfigurationFilters = corsConfigurationFilters; + } + public String getLoggingLevel() { return loggingLevel; } - + public void setLoggingLevel(String loggingLevel) { this.loggingLevel = loggingLevel; } - + public String getLoggingLayout() { return loggingLayout; } - + public void setLoggingLayout(String loggingLayout) { this.loggingLayout = loggingLayout; } - + public String getExternalLoggerConfiguration() { return externalLoggerConfiguration; } - + public void setExternalLoggerConfiguration(String externalLoggerConfiguration) { this.externalLoggerConfiguration = externalLoggerConfiguration; } - + public Boolean getDisableJdkLogger() { return disableJdkLogger; } - + public void setDisableJdkLogger(Boolean disableJdkLogger) { this.disableJdkLogger = disableJdkLogger; } - + public int getMaxCount() { - return this.maxCount; + return maxCount; } - + public void setMaxCount(int maxCount) { this.maxCount = maxCount; } - + public List getUserExclusionAttributes() { return userExclusionAttributes; } - + public void setUserExclusionAttributes(List userExclusionAttributes) { this.userExclusionAttributes = userExclusionAttributes; } - + public List getUserMandatoryAttributes() { return userMandatoryAttributes; } - + public void setUserMandatoryAttributes(List userMandatoryAttributes) { this.userMandatoryAttributes = userMandatoryAttributes; } - + public AgamaConfiguration getAgamaConfiguration() { return agamaConfiguration; } - + public void setAgamaConfiguration(AgamaConfiguration agamaConfiguration) { this.agamaConfiguration = agamaConfiguration; } - + public AuditLogConf getAuditLogConf() { return auditLogConf; } - + public void setAuditLogConf(AuditLogConf auditLogConf) { this.auditLogConf = auditLogConf; } @@ -254,24 +262,26 @@ public void setAuditLogConf(AuditLogConf auditLogConf) { public DataFormatConversionConf getDataFormatConversionConf() { return dataFormatConversionConf; } - + public void setDataFormatConversionConf(DataFormatConversionConf dataFormatConversionConf) { this.dataFormatConversionConf = dataFormatConversionConf; - } - + } + public List getPlugins() { return plugins; } - + public void setPlugins(List plugins) { this.plugins = plugins; } - + @Override public String toString() { - return "ApiAppConfiguration [configOauthEnabled=" + configOauthEnabled + ", customAttributeValidationEnabled=" - + customAttributeValidationEnabled + ", apiApprovedIssuer=" + apiApprovedIssuer + ", apiProtectionType=" - + apiProtectionType + ", apiClientId=" + apiClientId + ", apiClientPassword=" + apiClientPassword + return "ApiAppConfiguration [configOauthEnabled=" + configOauthEnabled + ", disableLoggerTimer=" + + disableLoggerTimer + ", disableAuditLogger=" + disableAuditLogger + ", assetMgtEnabled=" + + assetMgtEnabled + ", customAttributeValidationEnabled=" + customAttributeValidationEnabled + + ", apiApprovedIssuer=" + apiApprovedIssuer + ", apiProtectionType=" + apiProtectionType + + ", apiClientId=" + apiClientId + ", apiClientPassword=" + apiClientPassword + ", endpointInjectionEnabled=" + endpointInjectionEnabled + ", authIssuerUrl=" + authIssuerUrl + ", authOpenidConfigurationUrl=" + authOpenidConfigurationUrl + ", authOpenidIntrospectionUrl=" + authOpenidIntrospectionUrl + ", authOpenidTokenUrl=" + authOpenidTokenUrl + ", authOpenidRevokeUrl=" @@ -284,5 +294,7 @@ public String toString() { + auditLogConf + ", dataFormatConversionConf=" + dataFormatConversionConf + ", plugins=" + plugins + "]"; } + + } diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java index 2824345c4a1..e9a3f0c8110 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java @@ -97,4 +97,9 @@ private ApiAccessConstants() { public static final String APP_VERSION_READ_ACCESS = "https://jans.io/oauth/config/app-version.readonly"; + public static final String JANS_ASSET_READ_ACCESS = "https://jans.io/oauth/jans_asset-read"; + public static final String JANS_ASSET_WRITE_ACCESS = "https://jans.io/oauth/config/jans_asset-write"; + public static final String JANS_ASSET_DELETE_ACCESS = "https://jans.io/oauth/config/jans_asset-delete"; + + } diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java index a4304f6365b..f7c887e04b0 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java @@ -78,6 +78,10 @@ private ApiConstants() {} public static final String STATISTICS = "/stat"; public static final String USER = "/user"; public static final String ORG = "/org"; + public static final String JANS_ASSETS = "/jans-assets"; + public static final String UPLOAD = "/upload"; + public static final String STREAM = "/stream"; + public static final String APP_VERSION = "/app-version"; public static final String SERVER_STAT = "/server-stat"; public static final String USERNAME_PATH = "/{username}"; diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 04280578da9..da822f4c4b5 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -39,6 +39,7 @@ tags: - name: Plugins - name: Configuration – Config API - name: Client Authorization +- name: Jans Assets paths: /api/v1/health/app-version: get: @@ -455,6 +456,388 @@ paths: - https://jans.io/oauth/config/agama.readonly - https://jans.io/oauth/config/agama.write - https://jans.io/oauth/config/read-all + /api/v1/jans-assets/{inum}: + get: + tags: + - Jans Assets + summary: Gets an asset by inum - unique identifier + description: Gets an asset by inum - unique identifier + operationId: get-asset-by-inum + parameters: + - name: inum + in: path + description: Asset Inum + required: true + schema: + type: string + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/PagedResult' + examples: + Response example: + description: Response example + value: | + { + "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", + "selected": false, + "inum": "0b436302-b729-4eb2-b211-335980dcab43", + "displayName": "mermaid-extra.css", + "description": "/opt/jans/jetty/jans-config-api/", + "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansLevel": "1", + "jansRevision": "2", + "jansEnabled": true, + "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" + } + "401": + description: Unauthorized + "404": + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/jans_asset-read + delete: + tags: + - Jans Assets + summary: Delete an asset + description: Delete an asset + operationId: delete-asset + parameters: + - name: inum + in: path + description: Asset identifier + required: true + schema: + type: string + responses: + "204": + description: No Content + "400": + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "401": + description: Unauthorized + "404": + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/config/jans_asset-delete + /api/v1/jans-assets/name/{name}: + get: + tags: + - Jans Assets + summary: Fetch asset by name + description: Fetch asset by name. + operationId: get-asset-by-name + parameters: + - name: name + in: path + description: Asset Name + required: true + schema: + type: string + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/PagedResult' + examples: + Response example: + description: Response example + value: "" + "401": + description: Unauthorized + "404": + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/jans_asset-read + /api/v1/jans-assets: + get: + tags: + - Jans Assets + summary: Gets all Jans assets. + description: Gets all Jans assets. + operationId: get-all-assets + parameters: + - name: limit + in: query + description: Search size - max size of the results to return + schema: + type: integer + format: int32 + default: 50 + - name: pattern + in: query + description: Search pattern + schema: + type: string + default: "" + - name: status + in: query + description: Status of the attribute + schema: + type: string + default: all + - name: startIndex + in: query + description: The 1-based index of the first query result + schema: + type: integer + format: int32 + default: 0 + - name: sortBy + in: query + description: Attribute whose value will be used to order the returned response + schema: + type: string + default: inum + - name: sortOrder + in: query + description: Order in which the sortBy param is applied. Allowed values are + "ascending" and "descending" + schema: + type: string + default: ascending + - name: fieldValuePair + in: query + description: Field and value pair for seraching + schema: + type: string + default: "" + examples: + Field value example: + description: Field value example + value: "adminCanEdit=true,dataType=string" + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/PagedResult' + examples: + Response example: + description: Response example + value: | + { + "start": 0, + "totalEntriesCount": 2, + "entriesCount": 2, + "entries": [ + { + "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", + "selected": false, + "inum": "0b436302-b729-4eb2-b211-335980dcab43", + "displayName": "mermaid-extra.css", + "description": "/opt/jans/jetty/jans-config-api/", + "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansLevel": "1", + "jansRevision": "2", + "jansEnabled": true, + "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" + }, + { + "dn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans", + "selected": false, + "inum": "9d2f39f5-a910-4a03-a888-6f0f1ee03445", + "displayName": "kc-saml-plugin.jar", + "description": "/opt/jans/jetty/jans-config-api/", + "creationDate": "2024-03-14T12:53:00", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansEnabled": true, + "baseDn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans" + } + ] + } + "401": + description: Unauthorized + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/jans_asset-read + /api/v1/jans-assets/upload: + put: + tags: + - Jans Assets + summary: Update existing asset + description: Update existing asset + operationId: put-asset + requestBody: + description: String multipart form. + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/AssetForm' + examples: + Response json example: + description: Response json example + value: "{\n \"dn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ + ,\n \"selected\": false,\n \"inum\": \"ed901270-c0cd-43cf-a683-10795ff66349\"\ + ,\n \"displayName\": \"janssen_dove_icon.png\",\n \"description\"\ + : \"/opt/jans/jetty/jans-auth/custom/static\",\n\t\"jansModuleProperty\"\ + : [\n \"agama\",\n \"img\",\n \"/opt/jans/jetty/jans-auth\"\ + \n ],\n \"jansLevel\": \"1\",\n \"jansRevision\": \"2\"\ + ,\n \"jansEnabled\": true,\n \"baseDn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ + \n}\n" + responses: + "200": + description: Modified Asset + content: + application/json-patch+json: + schema: + $ref: '#/components/schemas/Document' + examples: + Response json example: + description: Response json example + value: "{\n \"dn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ + ,\n \"selected\": false,\n \"inum\": \"ed901270-c0cd-43cf-a683-10795ff66349\"\ + ,\n \"displayName\": \"janssen_dove_icon.png\",\n \"description\"\ + : \"/opt/jans/jetty/jans-auth/custom/static\",\n\t\"jansModuleProperty\"\ + : [\n \"agama\",\n \"img\",\n \"/opt/jans/jetty/jans-auth\"\ + \n ],\n \"jansLevel\": \"1\",\n \"jansRevision\": \"\ + 2\",\n \"jansEnabled\": true,\n \"baseDn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ + \n}\n" + "400": + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "401": + description: Unauthorized + "404": + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/config/jans_asset-write + post: + tags: + - Jans Assets + summary: Upload new asset + description: Upload new asset + operationId: post-new-asset + requestBody: + description: String multipart form. + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/AssetForm' + examples: + Response json example: + description: Response json example + value: "{\n \"displayName\": \"kc-saml-plugin.jar\",\n \"description\"\ + : \"Config api pligin\",\n \"document\":\"\",\n \"jansModuleProperty\"\ + : [\n\t\t\"config-api\",\n\t\t\"jar\",\n\t\t\"/opt/jans/jetty/jans-config-api/custom/lib\"\ + \n\t],\t\n \"jansLevel\": \"1\",\n \"jansRevision\": \"1\"\ + ,\n \"jansEnabled\": true,\n \"jansAlias\": \"\"\n}\n" + responses: + "201": + description: Newly created Asset + content: + application/json-patch+json: + schema: + $ref: '#/components/schemas/Document' + examples: + Response json example: + description: Response json example + value: "{\n \"displayName\": \"kc-saml-plugin.jar\",\n \"\ + description\": \"Config api pligin\",\n \"document\":\"\",\n\ + \ \"jansModuleProperty\": [\n\t\t\"config-api\",\n\t\t\"jar\"\ + ,\n\t\t\"/opt/jans/jetty/jans-config-api/custom/lib\"\n\t],\t\n\ + \ \"jansLevel\": \"1\",\n \"jansRevision\": \"1\",\n \ + \ \"jansEnabled\": true,\n \"jansAlias\": \"\"\n}\n" + "400": + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "401": + description: Unauthorized + "404": + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + "500": + description: InternalServerError + content: + application/json: + schema: + $ref: '#/components/schemas/ApiError' + security: + - oauth2: + - https://jans.io/oauth/config/jans_asset-write /api/v1/attributes: get: tags: @@ -1901,103 +2284,44 @@ paths: value: | { "start": 0, - "totalEntriesCount": 9, - "entriesCount": 9, + "totalEntriesCount": 8, + "entriesCount": 8, "entries": [ { - "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", - "deletable": false, - "clientSecret": "vA2TTjAOTfQY", + "dn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", + "clientSecret": "hm7fKhoxVfsR", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/admin-ui", - "http://localhost:4100" - ], - "responseTypes": [ - "code" + "https://pujavs-definite-dory.gluu.info/.well-known/scim-configuration" ], "grantTypes": [ - "authorization_code", - "refresh_token", "client_credentials" ], - "applicationType": "web", - "clientName": "Jans Config Api Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "applicationType": "native", + "clientName": "SCIM client", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", - "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=C4F7,ou=scopes,o=jans", - "inum=1200.487800,ou=scopes,o=jans", - "inum=1200.9CEE5C,ou=scopes,o=jans", - "inum=1800.FFE5C0,ou=scopes,o=jans", - "inum=1800.472951,ou=scopes,o=jans", - "inum=1800.556F45,ou=scopes,o=jans", - "inum=1800.77FB4F,ou=scopes,o=jans", - "inum=1800.AA8DFE,ou=scopes,o=jans", - "inum=1800.CD5B72,ou=scopes,o=jans", - "inum=1800.CBCF52,ou=scopes,o=jans", - "inum=1800.12284F,ou=scopes,o=jans", - "inum=1800.141B26,ou=scopes,o=jans", - "inum=1800.A018AC,ou=scopes,o=jans", - "inum=1800.6E4456,ou=scopes,o=jans", - "inum=1800.55499D,ou=scopes,o=jans", - "inum=1800.E730AA,ou=scopes,o=jans", - "inum=1800.097318,ou=scopes,o=jans", - "inum=1800.04CF24,ou=scopes,o=jans", - "inum=1800.F963F9,ou=scopes,o=jans", - "inum=1800.31F580,ou=scopes,o=jans", - "inum=1800.E512E3,ou=scopes,o=jans", - "inum=1800.E65DC6,ou=scopes,o=jans", - "inum=1800.3C1F46,ou=scopes,o=jans", - "inum=1800.20D48C,ou=scopes,o=jans", - "inum=1800.4601AA,ou=scopes,o=jans", - "inum=1800.A9B842,ou=scopes,o=jans", - "inum=1800.864485,ou=scopes,o=jans", - "inum=1800.F0B654,ou=scopes,o=jans", - "inum=1800.45F1D7,ou=scopes,o=jans", - "inum=1800.B78FA5,ou=scopes,o=jans", - "inum=1800.E3D7E0,ou=scopes,o=jans", - "inum=1800.E212DC,ou=scopes,o=jans", - "inum=1800.94F80F,ou=scopes,o=jans", - "inum=1800.9F96F3,ou=scopes,o=jans", - "inum=1800.CB50EC,ou=scopes,o=jans", - "inum=1800.1CA946,ou=scopes,o=jans", - "inum=1800.18231E,ou=scopes,o=jans", - "inum=1800.C25D78,ou=scopes,o=jans", - "inum=1800.12B340,ou=scopes,o=jans", - "inum=1800.7A78C3,ou=scopes,o=jans", - "inum=1800.ECB839,ou=scopes,o=jans", - "inum=1800.62579C,ou=scopes,o=jans", - "inum=1800.29B156,ou=scopes,o=jans", - "inum=1800.9DC774,ou=scopes,o=jans", - "inum=1800.71BA21,ou=scopes,o=jans", - "inum=1800.FC35D2,ou=scopes,o=jans", - "inum=1800.F8CA5F,ou=scopes,o=jans", - "inum=1800.D92553,ou=scopes,o=jans", - "inum=1800.08CB80,ou=scopes,o=jans", - "inum=1800.DF434B,ou=scopes,o=jans", - "inum=1800.127954,ou=scopes,o=jans", - "inum=1800.E7CB8C,ou=scopes,o=jans" + "inum=1200.485475,ou=scopes,o=jans", + "inum=1200.EE9755,ou=scopes,o=jans", + "inum=1200.57CC3F,ou=scopes,o=jans", + "inum=1200.57EA2A,ou=scopes,o=jans", + "inum=1200.C5C2EF,ou=scopes,o=jans", + "inum=1200.369E7D,ou=scopes,o=jans", + "inum=1200.472E10,ou=scopes,o=jans", + "inum=1200.D8FE2A,ou=scopes,o=jans", + "inum=1200.0F2F42,ou=scopes,o=jans", + "inum=1200.A9B43A,ou=scopes,o=jans" ], "trustedClient": false, - "persistClientAuthorizations": true, + "persistClientAuthorizations": false, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Config Api Client" - ], - "value": "Jans Config Api Client", - "displayValue": "Jans Config Api Client" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], @@ -2012,102 +2336,154 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "displayName": "SCIM client", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Config Api Client", - "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", - "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" + "baseDn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", + "inum": "1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d" }, { - "dn": "inum=1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b,ou=clients,o=jans", + "dn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", "deletable": false, - "clientSecret": "dpus42KsYjda", + "clientSecret": "d2U1A5Es6uuE", "frontChannelLogoutSessionRequired": false, + "redirectUris": [ + "https://pujavs-definite-dory.gluu.info/admin-ui", + "http://localhost:4100" + ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", - "client_credentials", - "refresh_token" + "refresh_token", + "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=1800.FFE5C0,ou=scopes,o=jans", - "inum=1800.472951,ou=scopes,o=jans", - "inum=1800.556F45,ou=scopes,o=jans", - "inum=1800.77FB4F,ou=scopes,o=jans", - "inum=1800.AA8DFE,ou=scopes,o=jans", - "inum=1800.CD5B72,ou=scopes,o=jans", - "inum=1800.CBCF52,ou=scopes,o=jans", - "inum=1800.12284F,ou=scopes,o=jans", - "inum=1800.141B26,ou=scopes,o=jans", - "inum=1800.A018AC,ou=scopes,o=jans", - "inum=1800.6E4456,ou=scopes,o=jans", - "inum=1800.55499D,ou=scopes,o=jans", - "inum=1800.E730AA,ou=scopes,o=jans", - "inum=1800.097318,ou=scopes,o=jans", - "inum=1800.04CF24,ou=scopes,o=jans", - "inum=1800.F963F9,ou=scopes,o=jans", - "inum=1800.31F580,ou=scopes,o=jans", - "inum=1800.E512E3,ou=scopes,o=jans", - "inum=1800.E65DC6,ou=scopes,o=jans", - "inum=1800.3C1F46,ou=scopes,o=jans", - "inum=1800.20D48C,ou=scopes,o=jans", - "inum=1800.4601AA,ou=scopes,o=jans", - "inum=1800.A9B842,ou=scopes,o=jans", - "inum=1800.864485,ou=scopes,o=jans", - "inum=1800.F0B654,ou=scopes,o=jans", - "inum=1800.45F1D7,ou=scopes,o=jans", - "inum=1800.B78FA5,ou=scopes,o=jans", - "inum=1800.E3D7E0,ou=scopes,o=jans", - "inum=1800.E212DC,ou=scopes,o=jans", - "inum=1800.94F80F,ou=scopes,o=jans", - "inum=1800.9F96F3,ou=scopes,o=jans", - "inum=1800.CB50EC,ou=scopes,o=jans", - "inum=1800.1CA946,ou=scopes,o=jans", - "inum=1800.18231E,ou=scopes,o=jans", - "inum=1800.C25D78,ou=scopes,o=jans", - "inum=1800.12B340,ou=scopes,o=jans", - "inum=1800.7A78C3,ou=scopes,o=jans", - "inum=1800.ECB839,ou=scopes,o=jans", - "inum=1800.62579C,ou=scopes,o=jans", - "inum=1800.29B156,ou=scopes,o=jans", - "inum=1800.9DC774,ou=scopes,o=jans", - "inum=1800.71BA21,ou=scopes,o=jans", - "inum=1800.FC35D2,ou=scopes,o=jans", - "inum=1800.F8CA5F,ou=scopes,o=jans", - "inum=1800.D92553,ou=scopes,o=jans", - "inum=1800.08CB80,ou=scopes,o=jans", - "inum=1800.DF434B,ou=scopes,o=jans", - "inum=1800.127954,ou=scopes,o=jans", - "inum=1800.E7CB8C,ou=scopes,o=jans", - "inum=C4F7,ou=scopes,o=jans" + "inum=C4F7,ou=scopes,o=jans", + "inum=1200.485475,ou=scopes,o=jans", + "inum=1200.EE9755,ou=scopes,o=jans", + "inum=1800.01.1,ou=scopes,o=jans", + "inum=1800.01.2,ou=scopes,o=jans", + "inum=1800.03.1,ou=scopes,o=jans", + "inum=1800.03.2,ou=scopes,o=jans", + "inum=1800.01.3,ou=scopes,o=jans", + "inum=1800.01.4,ou=scopes,o=jans", + "inum=1800.01.5,ou=scopes,o=jans", + "inum=1800.03.3,ou=scopes,o=jans", + "inum=1800.01.6,ou=scopes,o=jans", + "inum=1800.01.7,ou=scopes,o=jans", + "inum=1800.01.8,ou=scopes,o=jans", + "inum=1800.02.1,ou=scopes,o=jans", + "inum=1800.01.9,ou=scopes,o=jans", + "inum=1800.02.2,ou=scopes,o=jans", + "inum=1800.01.10,ou=scopes,o=jans", + "inum=1800.02.3,ou=scopes,o=jans", + "inum=1800.01.11,ou=scopes,o=jans", + "inum=1800.01.12,ou=scopes,o=jans", + "inum=1800.01.13,ou=scopes,o=jans", + "inum=1800.01.14,ou=scopes,o=jans", + "inum=1800.01.15,ou=scopes,o=jans", + "inum=1800.01.16,ou=scopes,o=jans", + "inum=1800.01.17,ou=scopes,o=jans", + "inum=1800.01.18,ou=scopes,o=jans", + "inum=1800.01.19,ou=scopes,o=jans", + "inum=1800.01.20,ou=scopes,o=jans", + "inum=1800.01.21,ou=scopes,o=jans", + "inum=1800.01.22,ou=scopes,o=jans", + "inum=1800.01.23,ou=scopes,o=jans", + "inum=1800.01.24,ou=scopes,o=jans", + "inum=1800.01.25,ou=scopes,o=jans", + "inum=1800.01.26,ou=scopes,o=jans", + "inum=1800.01.27,ou=scopes,o=jans", + "inum=1800.01.28,ou=scopes,o=jans", + "inum=1800.01.29,ou=scopes,o=jans", + "inum=1800.01.30,ou=scopes,o=jans", + "inum=1800.01.31,ou=scopes,o=jans", + "inum=1800.01.32,ou=scopes,o=jans", + "inum=1800.01.33,ou=scopes,o=jans", + "inum=1800.02.4,ou=scopes,o=jans", + "inum=1800.02.5,ou=scopes,o=jans", + "inum=1800.01.34,ou=scopes,o=jans", + "inum=1800.02.6,ou=scopes,o=jans", + "inum=1800.01.35,ou=scopes,o=jans", + "inum=1800.01.36,ou=scopes,o=jans", + "inum=1800.01.37,ou=scopes,o=jans", + "inum=1800.01.38,ou=scopes,o=jans", + "inum=1800.01.39,ou=scopes,o=jans", + "inum=1800.01.40,ou=scopes,o=jans", + "inum=1800.01.41,ou=scopes,o=jans", + "inum=1800.01.42,ou=scopes,o=jans", + "inum=1800.01.43,ou=scopes,o=jans", + "inum=1800.01.44,ou=scopes,o=jans", + "inum=1800.01.45,ou=scopes,o=jans", + "inum=1800.01.46,ou=scopes,o=jans", + "inum=1800.01.47,ou=scopes,o=jans", + "inum=1800.04.1,ou=scopes,o=jans", + "inum=1800.04.2,ou=scopes,o=jans", + "inum=1800.04.12,ou=scopes,o=jans", + "inum=1800.04.13,ou=scopes,o=jans", + "inum=1800.04.3,ou=scopes,o=jans", + "inum=1800.04.14,ou=scopes,o=jans", + "inum=1800.04.4,ou=scopes,o=jans", + "inum=1800.04.5,ou=scopes,o=jans", + "inum=1800.04.6,ou=scopes,o=jans", + "inum=1800.04.7,ou=scopes,o=jans", + "inum=1800.04.8,ou=scopes,o=jans", + "inum=1800.04.9,ou=scopes,o=jans", + "inum=1800.04.10,ou=scopes,o=jans", + "inum=1800.04.11,ou=scopes,o=jans", + "inum=1800.01.49,ou=scopes,o=jans", + "inum=1800.01.50,ou=scopes,o=jans", + "inum=1800.01.51,ou=scopes,o=jans", + "inum=1800.01.52,ou=scopes,o=jans", + "inum=1800.01.53,ou=scopes,o=jans", + "inum=1800.01.54,ou=scopes,o=jans", + "inum=1800.01.55,ou=scopes,o=jans", + "inum=1800.01.56,ou=scopes,o=jans", + "inum=1800.01.57,ou=scopes,o=jans", + "inum=1800.01.58,ou=scopes,o=jans", + "inum=1800.01.59,ou=scopes,o=jans", + "inum=1800.01.60,ou=scopes,o=jans", + "inum=1800.01.61,ou=scopes,o=jans", + "inum=1800.01.62,ou=scopes,o=jans", + "inum=1800.01.63,ou=scopes,o=jans", + "inum=1800.01.64,ou=scopes,o=jans", + "inum=1800.01.65,ou=scopes,o=jans", + "inum=1800.01.66,ou=scopes,o=jans", + "inum=1800.01.67,ou=scopes,o=jans", + "inum=1800.01.067,ou=scopes,o=jans", + "inum=1800.01.68,ou=scopes,o=jans", + "inum=1800.01.69,ou=scopes,o=jans", + "inum=1800.01.70,ou=scopes,o=jans", + "inum=1800.01.71,ou=scopes,o=jans", + "inum=1800.01.72,ou=scopes,o=jans", + "inum=1800.01.73,ou=scopes,o=jans", + "inum=1800.01.74,ou=scopes,o=jans", + "inum=1800.01.75,ou=scopes,o=jans", + "inum=1800.01.76,ou=scopes,o=jans", + "inum=1800.01.77,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Config Api Client" - ], - "value": "Jans Config Api Client", - "displayValue": "Jans Config Api Client" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], @@ -2122,88 +2498,26 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, - "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", - "baseDn": "inum=1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b,ou=clients,o=jans", - "inum": "1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b" - }, - { - "dn": "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans", - "clientSecret": "3r2aX1TUEEyX", - "frontChannelLogoutSessionRequired": false, - "redirectUris": [ - "https://jans.server2/.well-known/scim-configuration" - ], - "grantTypes": [ - "client_credentials" - ], - "applicationType": "native", - "clientName": "SCIM client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "pairwise", - "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=1200.487800,ou=scopes,o=jans", - "inum=1200.9CEE5C,ou=scopes,o=jans", - "inum=1200.B6AE14,ou=scopes,o=jans", - "inum=1200.2F4765,ou=scopes,o=jans", - "inum=1200.5BFEE9,ou=scopes,o=jans", - "inum=1200.E05ED3,ou=scopes,o=jans", - "inum=1200.37F617,ou=scopes,o=jans", - "inum=1200.585BE3,ou=scopes,o=jans", - "inum=1200.CFB1B5,ou=scopes,o=jans", - "inum=1200.B29D76,ou=scopes,o=jans" + "allAuthenticationMethods": [ + "client_secret_basic" ], - "trustedClient": false, - "persistClientAuthorizations": false, - "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "SCIM client" - ], - "value": "SCIM client", - "displayValue": "SCIM client" - } - ], - "customObjectClasses": [ - "top" - ], - "rptAsJwt": false, - "accessTokenAsJwt": false, - "accessTokenSigningAlg": "RS256", - "disabled": false, - "attributes": { - "runIntrospectionScriptBeforeJwtCreation": false, - "keepClientAuthorizationAfterExpiration": false, - "allowSpontaneousScopes": false, - "backchannelLogoutSessionRequired": false, - "parLifetime": 600, - "requirePar": false, - "jansDefaultPromptLogin": false - }, - "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", - "displayName": "SCIM client", - "baseDn": "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans", - "inum": "1201.1d010784-b5bf-4813-8f49-cfea00f50498" + "baseDn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", + "inum": "1800.bc140317-7ee2-42a1-8b9e-c653c9a68927" }, { - "dn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", + "dn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", "deletable": false, - "clientSecret": "M7plxxzCRxDN", + "clientSecret": "RyF17ubsbdTb", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/admin", + "https://pujavs-definite-dory.gluu.info/admin", "http://localhost:4100" ], "responseTypes": [ @@ -2216,126 +2530,100 @@ paths: "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", - "clientName": "Jans Role Based Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "clientName": "Jans TUI Client", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", - "https://jans.server2/admin" + "https://pujavs-definite-dory.gluu.info/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", - "inum=F0C4,ou=scopes,o=jans" - ], - "trustedClient": false, - "persistClientAuthorizations": true, - "includeClaimsInIdToken": false, - "accessTokenLifetime": 2592000, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Role Based Client" - ], - "value": "Jans Role Based Client", - "displayValue": "Jans Role Based Client" - } + "inum=F0C4,ou=scopes,o=jans", + "inum=B9D2-D6E5,ou=scopes,o=jans" ], + "trustedClient": true, + "persistClientAuthorizations": true, + "includeClaimsInIdToken": false, + "accessTokenLifetime": 2592000, + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, - "accessTokenAsJwt": true, + "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { - "runIntrospectionScriptBeforeJwtCreation": true, + "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, - "backchannelLogoutSessionRequired": false, - "introspectionScripts": [ - "inum=A44E-4F3D,ou=scripts,o=jans" + "updateTokenScriptDns": [ + "inum=2D3E.5A04,ou=scripts,o=jans" ], + "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "displayName": "Jans TUI Client", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Role Based Client", - "baseDn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", - "inum": "2000.7810d591-69d3-458c-9309-4268085fe71c" + "baseDn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", + "inum": "2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f" }, { - "dn": "inum=FF81-2D39,ou=clients,o=jans", - "clientSecret": "FF81-2D39-jans", + "dn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", + "deletable": false, + "clientSecret": "oruB9zGAzlEs", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/jans-auth-rp/home.htm", - "https://client.example.com/cb", - "https://client.example.com/cb1", - "https://client.example.com/cb2" - ], - "claimRedirectUris": [ - "https://jans.server2/jans-auth/restv1/uma/gather_claims" - ], - "responseTypes": [ - "token", - "code", - "id_token" + "https://pujavs-definite-dory.gluu.info/admin-ui", + "http://localhost:4100" ], "grantTypes": [ "authorization_code", - "implicit", - "refresh_token", - "client_credentials" + "client_credentials", + "password", + "refresh_token" ], "applicationType": "web", - "clientName": "Jans Test Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "Jans SCIM Client for SAML", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=F0C4,ou=scopes,o=jans", - "inum=10B2,ou=scopes,o=jans", - "inum=764C,ou=scopes,o=jans", - "inum=43F1,ou=scopes,o=jans", - "inum=341A,ou=scopes,o=jans", - "inum=6D99,ou=scopes,o=jans" + "inum=F0C4,ou=scopes,o=jans" ], - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Client (don't remove)" - ], - "value": "Jans Test Client (don't remove)", - "displayValue": "Jans Test Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -2344,66 +2632,54 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "Jans SCIM Client for SAML", + "displayName": "Jans SCIM Client for SAML", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Client (don't remove)", - "baseDn": "inum=FF81-2D39,ou=clients,o=jans", - "inum": "FF81-2D39" + "baseDn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", + "inum": "2100.45b8d476-f4a7-4351-a936-d49623aedf85" }, { - "dn": "inum=AB77-1A2B,ou=clients,o=jans", - "clientSecret": "AB77-1A2B-jans", + "dn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", + "deletable": false, + "clientSecret": "0m3XirLDM4u4", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://client.example.com/cb" - ], - "claimRedirectUris": [ - "https://jans.server2/jans-auth/restv1/uma/gather_claims" + "https://pujavs-definite-dory.gluu.info/kc/realms/jans/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ "code", - "id_token" + "token" ], "grantTypes": [ - "authorization_code", - "implicit", - "refresh_token", - "client_credentials" + "authorization_code" ], "applicationType": "web", - "clientName": "Jans Test Resource Server Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_saml_openid", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=6D99,ou=scopes,o=jans", - "inum=7D90,ou=scopes,o=jans" - ], - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Resource Server Client (don't remove)" - ], - "value": "Jans Test Resource Server Client (don't remove)", - "displayValue": "Jans Test Resource Server Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -2412,59 +2688,53 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "Keycloak OpenID client used for SAML authentication", + "displayName": "kc_saml_openid", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Resource Server Client (don't remove)", - "baseDn": "inum=AB77-1A2B,ou=clients,o=jans", - "inum": "AB77-1A2B" + "baseDn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", + "inum": "2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7" }, { - "dn": "inum=3E20,ou=clients,o=jans", - "clientSecret": "3E20-jans", + "dn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", + "deletable": false, + "clientSecret": "hFZN4udFr6am", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://client.example.com/cb" + "https://pujavs-definite-dory.gluu.info/kc/realms/jans/dev/null" ], "responseTypes": [ - "code", - "id_token" + "token" ], "grantTypes": [ - "authorization_code", - "implicit", - "refresh_token", "client_credentials" ], "applicationType": "web", - "clientName": "Jans Test Requesting Party Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_scheduler_api", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Requesting Party Client (don't remove)" - ], - "value": "Jans Test Requesting Party Client (don't remove)", - "displayValue": "Jans Test Requesting Party Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -2473,62 +2743,54 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "keycloak scheduler openid client used to obtain API keys to invoke the config-api", + "displayName": "kc_scheduler_api", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Requesting Party Client (don't remove)", - "baseDn": "inum=3E20,ou=clients,o=jans", - "inum": "3E20" + "baseDn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", + "inum": "2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146" }, { - "dn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", + "dn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", "deletable": false, - "clientSecret": "be8af842-28c7-4894-b942-15df1325bc9b", + "clientSecret": "A4bnhfJ6qynt", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://abc,com" + "https://pujavs-definite-dory.gluu.info/kc/realms/master/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ - "code" + "code", + "token" ], "grantTypes": [ - "refresh_token", "authorization_code" ], "applicationType": "web", - "clientName": "test1234", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_master_auth", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", + "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=764C,ou=scopes,o=jans", - "inum=43F1,ou=scopes,o=jans", - "inum=C17A,ou=scopes,o=jans" - ], "trustedClient": false, - "persistClientAuthorizations": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "test1234" - ], - "value": "test1234", - "displayValue": "test1234" - } - ], + "customAttributes": [], "customObjectClasses": [ - "top", - "jansClntCustomAttributes" + "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -2537,64 +2799,69 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "backchannelUserCodeParameter": false, - "description": "test1234", - "tokenBindingSupported": false, + "description": "keycloak master realm client used to authenticate administrators", + "displayName": "kc_master_auth", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "test1234", - "baseDn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", - "inum": "b3c1d295-42e5-425e-b021-7b2fd3206437" + "baseDn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", + "inum": "2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f" }, { - "dn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", + "dn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", "deletable": false, - "clientSecret": "745950bb-4e07-4d3b-ae7d-82d03ee070cd", + "clientSecret": "4MfT17z8Bt1O", + "frontChannelLogoutUri": "https://pujavs-definite-dory.gluu.info/jans-casa/autologout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://abc,com" + "https://pujavs-definite-dory.gluu.info/jans-casa" ], "responseTypes": [ "code" ], "grantTypes": [ + "authorization_code", "refresh_token", - "authorization_code" + "client_credentials" ], "applicationType": "web", - "clientName": "test12345", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "Client for Casa", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", + "idTokenSignedResponseAlg": "RS256", + "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", + "postLogoutRedirectUris": [ + "https://pujavs-definite-dory.gluu.info/jans-casa/bye.zul" + ], "scopes": [ - "inum=764C,ou=scopes,o=jans", + "inum=F0C4,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", - "inum=C17A,ou=scopes,o=jans" + "inum=10B2,ou=scopes,o=jans", + "inum=341A,ou=scopes,o=jans", + "inum=3000.01.1,ou=scopes,o=jans", + "inum=3000.01.2,ou=scopes,o=jans", + "inum=3000.01.3,ou=scopes,o=jans" ], - "trustedClient": false, - "persistClientAuthorizations": false, + "trustedClient": true, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "test12345" - ], - "value": "test12345", - "displayValue": "test12345" - } - ], + "customAttributes": [], "customObjectClasses": [ - "top", - "jansClntCustomAttributes" + "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -2603,15 +2870,17 @@ paths: "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "backchannelUserCodeParameter": false, - "description": "test12345", - "tokenBindingSupported": false, + "displayName": "Client for Casa", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "test12345", - "baseDn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", - "inum": "1bb91a73-6899-440f-ac27-c04429671522" + "baseDn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", + "inum": "3000.6a724dcb-2dd1-47be-9fcd-981b83556965" } ] } @@ -7783,6 +8052,58 @@ components: type: array items: type: object + ApiError: + type: object + properties: + code: + type: string + message: + type: string + description: + type: string + AssetForm: + required: + - assetFile + - document + type: object + properties: + document: + $ref: '#/components/schemas/Document' + assetFile: + type: string + format: binary + Document: + type: object + properties: + dn: + type: string + inum: + type: string + displayName: + type: string + description: + type: string + document: + type: string + creationDate: + type: string + format: date-time + jansModuleProperty: + type: array + items: + type: string + jansLevel: + type: string + jansRevision: + type: string + jansEnabled: + type: boolean + jansAlias: + type: string + selected: + type: boolean + baseDn: + type: string AttributeValidation: type: object properties: @@ -7896,19 +8217,19 @@ components: type: string selected: type: boolean - whitePagesCanView: - type: boolean userCanEdit: type: boolean - adminCanEdit: + adminCanView: type: boolean userCanView: type: boolean - adminCanView: + adminCanEdit: + type: boolean + userCanAccess: type: boolean adminCanAccess: type: boolean - userCanAccess: + whitePagesCanView: type: boolean baseDn: type: string @@ -8728,6 +9049,8 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' + fapi: + type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -8737,8 +9060,6 @@ components: - code - token - id_token - fapi: - type: boolean AuthenticationFilter: required: - baseDn @@ -9532,6 +9853,12 @@ components: properties: configOauthEnabled: type: boolean + disableLoggerTimer: + type: boolean + disableAuditLogger: + type: boolean + assetMgtEnabled: + type: boolean customAttributeValidationEnabled: type: boolean apiApprovedIssuer: @@ -10355,3 +10682,6 @@ components: configuration properties https://jans.io/oauth/client/authorizations.readonly: View ClientAuthorizations https://jans.io/oauth/client/authorizations.delete: Revoke ClientAuthorizations + https://jans.io/oauth/jans_asset-read: View Jans Assets + https://jans.io/oauth/config/jans_asset-write: Manage Jans Assets + https://jans.io/oauth/config/jans_asset-delete: Delete Jans Assets diff --git a/jans-config-api/profiles/default/config-api-test.properties b/jans-config-api/profiles/default/config-api-test.properties index 79c46750a28..990186180fc 100644 --- a/jans-config-api/profiles/default/config-api-test.properties +++ b/jans-config-api/profiles/default/config-api-test.properties @@ -1,7 +1,7 @@ # The URL of your Jans installation test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/jans-ui.jans.io/test.properties b/jans-config-api/profiles/jans-ui.jans.io/test.properties index 97f3924e65f..02eac4024bf 100644 --- a/jans-config-api/profiles/jans-ui.jans.io/test.properties +++ b/jans-config-api/profiles/jans-ui.jans.io/test.properties @@ -1,4 +1,4 @@ -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete # Test env Setting token.endpoint=https://jans-ui.jans.io/jans-auth/restv1/token diff --git a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties index d5d20550091..077b80ded60 100644 --- a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties +++ b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties @@ -1,6 +1,6 @@ test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/local/test.properties b/jans-config-api/profiles/local/test.properties index 8adb514efb9..7ab22911b30 100644 --- a/jans-config-api/profiles/local/test.properties +++ b/jans-config-api/profiles/local/test.properties @@ -1,5 +1,5 @@ #LOCAL -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete # jans.server token.endpoint=https://jans.server3/jans-auth/restv1/token diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/configuration/AppInitializer.java b/jans-config-api/server/src/main/java/io/jans/configapi/configuration/AppInitializer.java index 79e34862acf..8d56bcd90dc 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/configuration/AppInitializer.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/configuration/AppInitializer.java @@ -7,6 +7,7 @@ package io.jans.configapi.configuration; import io.jans.as.common.service.common.ApplicationFactory; +import io.jans.configapi.model.configuration.ApiAppConfiguration; import io.jans.configapi.security.api.ApiProtectionService; import io.jans.configapi.security.service.AuthorizationService; import io.jans.configapi.security.service.OpenIdAuthorizationService; @@ -23,10 +24,8 @@ import io.jans.service.custom.script.CustomScriptManager; import io.jans.service.timer.QuartzSchedulerManager; import io.jans.util.StringHelper; -import org.jboss.resteasy.plugins.server.servlet.ResteasyContextParameters; -import org.slf4j.Logger; -import java.util.ArrayList; +import java.util.ArrayList; import java.util.List; import jakarta.enterprise.context.ApplicationScoped; @@ -43,6 +42,9 @@ import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.jboss.resteasy.plugins.providers.RegisterBuiltin; import org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider; +import org.jboss.resteasy.plugins.server.servlet.ResteasyContextParameters; + +import org.slf4j.Logger; @ApplicationScoped @Named("appInitializer") @@ -96,7 +98,8 @@ public void onStart(@Observes @Initialized(ApplicationScoped.class) Object init) this.configurationFactory.create(); persistenceEntryManagerInstance.get(); this.createAuthorizationService(); - log.info("Initialized ApiAppConfiguration:{}", this.configurationFactory.getApiAppConfiguration()); + ApiAppConfiguration apiAppConfiguration = this.configurationFactory.getApiAppConfiguration(); + log.info("Initialized ApiAppConfiguration:{}", apiAppConfiguration); // Initialize python interpreter pythonService @@ -112,7 +115,10 @@ public void onStart(@Observes @Initialized(ApplicationScoped.class) Object init) configurationFactory.initTimer(); // Schedule timer tasks - loggerService.initTimer(true); + if(!apiAppConfiguration.isDisableLoggerTimer()) { + log.debug("LoggerService timer enabled!"); + loggerService.initTimer(true); + } log.info("============== APPLICATION IS UP AND RUNNING ==================="); } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java b/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java index efb4706d399..a65089d2418 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/interceptor/AuditLogInterceptor.java @@ -8,6 +8,7 @@ import io.jans.configapi.core.interceptor.RequestAuditInterceptor; import io.jans.configapi.core.rest.BaseResource; +import io.jans.configapi.model.configuration.ApiAppConfiguration; import io.jans.configapi.model.configuration.AuditLogConf; import io.jans.configapi.util.AuthUtil; @@ -41,14 +42,22 @@ public class AuditLogInterceptor { @Inject AuthUtil authUtil; + + @Inject + ApiAppConfiguration apiAppConfiguration; @SuppressWarnings({ "all" }) @AroundInvoke public Object aroundReadFrom(InvocationContext context) throws Exception { try { - LOG.debug("Audit Log Interceptor - context:{}, AUDIT_LOG:{}", context, AUDIT_LOG); + LOG.debug("Audit Log Interceptor - context:{}, AUDIT_LOG:{}, apiAppConfiguration.isDisableAuditLogger():{}", context, AUDIT_LOG, apiAppConfiguration.isDisableAuditLogger()); + if(apiAppConfiguration.isDisableAuditLogger()) { + LOG.debug("Audit is disabled by disableAuditLogger config."); + return context.proceed(); + } + HttpServletRequest request = ((BaseResource) context.getTarget()).getHttpRequest(); HttpHeaders httpHeaders = ((BaseResource) context.getTarget()).getHttpHeaders(); UriInfo uriInfo = ((BaseResource) context.getTarget()).getUriInfo(); diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java index 74d0b66038c..88d48f9733c 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java @@ -7,6 +7,7 @@ package io.jans.configapi.rest; import io.jans.configapi.core.rest.BaseApiApplication; +import io.jans.configapi.model.configuration.ApiAppConfiguration; import io.jans.configapi.rest.resource.auth.*; import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.rest.health.ApiHealthCheck; @@ -20,8 +21,10 @@ import java.util.HashSet; import java.util.Set; +import jakarta.inject.Inject; import jakarta.ws.rs.ApplicationPath; +import org.slf4j.Logger; /** * @author Mougang T.Gasmyr * @@ -47,7 +50,8 @@ @Tag(name = "Statistics - User"), @Tag(name = "Health - Check"), @Tag(name = "Server Stats"), @Tag(name = "Auth - Session Management"), @Tag(name = "Organization Configuration"), @Tag(name = "Auth Server Health - Check"), @Tag(name = "Plugins"), - @Tag(name = "Configuration – Config API"), @Tag(name = "Client Authorization")}, + @Tag(name = "Configuration – Config API"), @Tag(name = "Client Authorization"), + @Tag(name = "Jans Assets")}, servers = { @Server(url = "https://jans.local.io", description = "The Jans server") }) @@ -105,11 +109,21 @@ @OAuthScope(name = ApiAccessConstants.CONFIG_READ_ACCESS, description = "View Config-API related configuration properties"), @OAuthScope(name = ApiAccessConstants.CONFIG_WRITE_ACCESS, description = "Manage Config-API related configuration properties"), @OAuthScope(name = ApiAccessConstants.CLIENT_AUTHORIZATIONS_READ_ACCESS, description = "View ClientAuthorizations"), - @OAuthScope(name = ApiAccessConstants.CLIENT_AUTHORIZATIONS_DELETE_ACCESS, description = "Revoke ClientAuthorizations") } + @OAuthScope(name = ApiAccessConstants.CLIENT_AUTHORIZATIONS_DELETE_ACCESS, description = "Revoke ClientAuthorizations"), + @OAuthScope(name = ApiAccessConstants.JANS_ASSET_READ_ACCESS, description = "View Jans Assets"), + @OAuthScope(name = ApiAccessConstants.JANS_ASSET_WRITE_ACCESS, description = "Manage Jans Assets"), + @OAuthScope(name = ApiAccessConstants.JANS_ASSET_DELETE_ACCESS, description = "Delete Jans Assets"), + } ))) public class ApiApplication extends BaseApiApplication { + @Inject + Logger log; + + @Inject + private ApiAppConfiguration appConfiguration; + @Override public Set> getClasses() { HashSet> classes = new HashSet<>(); @@ -142,6 +156,11 @@ public Set> getClasses() { classes.add(PluginResource.class); classes.add(ConfigApiResource.class); classes.add(ClientAuthResource.class); + + log.info("appConfiguration:{}",appConfiguration ); + if(appConfiguration!=null && appConfiguration.isAssetMgtEnabled()) { + classes.add(AssetResource.class); + } return classes; } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/form/AssetForm.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/form/AssetForm.java new file mode 100644 index 00000000000..6a945b26c7b --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/form/AssetForm.java @@ -0,0 +1,61 @@ +/* +] * Janssen Project software is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. + * + * Copyright (c) 2020, Janssen Project + */ + +package io.jans.configapi.rest.form; + +import io.jans.service.document.store.service.Document; + +import java.io.Serializable; + +import jakarta.validation.constraints.NotNull; +import jakarta.validation.Valid; + + +import java.io.InputStream; + +import org.jboss.resteasy.annotations.providers.multipart.PartType; +import jakarta.ws.rs.FormParam; +import jakarta.ws.rs.core.MediaType; +import io.swagger.v3.oas.annotations.media.Schema; + +public class AssetForm implements Serializable { + + private static final long serialVersionUID = 1L; + + @NotNull + @Valid + @FormParam("document") + @PartType(MediaType.APPLICATION_JSON) + private Document document; + + @NotNull + @FormParam("assetFile") + @PartType(MediaType.APPLICATION_OCTET_STREAM) + @Schema(implementation = String.class, format="binary") + private InputStream assetFile; + + public Document getDocument() { + return document; + } + + public void setDocument(Document document) { + this.document = document; + } + + public InputStream getAssetFile() { + return assetFile; + } + + public void setAssetFile(InputStream assetFile) { + this.assetFile = assetFile; + } + + @Override + public String toString() { + return "AssetForm [document=" + document + ", assetFile=" + assetFile + "]"; + } + +} diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java index 691362d4377..acfabd62716 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/health/ApiHealthCheck.java @@ -55,7 +55,7 @@ public class ApiHealthCheck { @ApiResponse(responseCode = "500", description = "InternalServerError") }) @GET public Response getHealthResponse() { - logger.debug("Api Health Check - Entry"); + logger.debug("Api Health Check - /health/"); HealthStatus healthStatus = new HealthStatus(); healthStatus.setStatus("UP"); @@ -96,7 +96,7 @@ public Response getHealthResponse() { @GET @Path(ApiConstants.LIVE) public Response getLivenessResponse() { - logger.debug("ApiHealthCheck::getLivenessResponse() - Entry"); + logger.info("ApiHealthCheck::/health/live"); Status liveness = new Status(); liveness.setName("jans-config-api liveness"); liveness.setStatus("UP"); @@ -113,7 +113,7 @@ public Response getLivenessResponse() { @GET @Path(ApiConstants.READY) public Response getReadinessResponse() { - logger.debug("ApiHealthCheck::getReadinessResponse() - Entry"); + logger.info("ApiHealthCheck::/health/ready"); // readiness Status readiness = new Status(); readiness.setName("jans-config-api readiness"); diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java new file mode 100644 index 00000000000..79c9c17d7a4 --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/AssetResource.java @@ -0,0 +1,346 @@ +/* + * Janssen Project software is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. + * + * Copyright (c) 2020, Janssen Project + */ + +package io.jans.configapi.rest.resource.auth; + +import io.jans.configapi.service.auth.AssetService; +import io.jans.configapi.core.model.ApiError; +import io.jans.configapi.core.rest.ProtectedApi; +import io.jans.configapi.rest.form.AssetForm; + +import io.jans.configapi.util.ApiAccessConstants; +import io.jans.configapi.util.ApiConstants; +import io.jans.configapi.util.AttributeNames; +import io.jans.model.JansAttribute; +import io.jans.model.SearchRequest; +import io.jans.orm.model.PagedResult; +import io.jans.service.document.store.service.Document; + +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import io.swagger.v3.oas.annotations.parameters.RequestBody; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.ExampleObject; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.responses.ApiResponse; +import io.swagger.v3.oas.annotations.responses.ApiResponses; +import io.swagger.v3.oas.annotations.security.*; + +import jakarta.inject.Inject; +import jakarta.validation.constraints.NotNull; +import jakarta.ws.rs.*; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; + +import static io.jans.as.model.util.Util.escapeLog; + +import java.io.InputStream; +import java.util.List; +import java.util.stream.*; + +import org.slf4j.Logger; +import org.jboss.resteasy.annotations.providers.multipart.MultipartForm; + +import io.swagger.v3.oas.annotations.Hidden; + +@Path(ApiConstants.JANS_ASSETS) +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +public class AssetResource extends ConfigBaseResource { + + private static final String APPLICATION_ERROR = "APPLICATION_ERROR"; + private static final String NOT_FOUND_ERROR = "NOT_FOUND_ERROR"; + private static final String ASSET_DATA = "Asset Data"; + private static final String ASSET_DATA_FORM = "Asset Data From"; + private static final String ASSET_NAME_CONFLICT = "NAME_CONFLICT"; + private static final String ASSET_NAME_CONFLICT_MSG = "Asset with same name %s already exists!"; + private static final String ASSET_NOT_FOUND = "Asset identified by %s not found!"; + private static final String ASSET_INUM = "Asset Identifier Inum"; + private static final String RESOURCE_NULL = "RESOURCE_NULL"; + private static final String RESOURCE_NULL_MSG = "%s is null"; + + @Inject + Logger log; + + @Inject + AssetService assetService; + + @Operation(summary = "Gets all Jans assets.", description = "Gets all Jans assets.", operationId = "get-all-assets", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/assets/get-all-asset.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_READ_ACCESS }, groupScopes = { + ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + public Response getAssets( + @Parameter(description = "Search size - max size of the results to return") @DefaultValue(ApiConstants.DEFAULT_LIST_SIZE) @QueryParam(value = ApiConstants.LIMIT) int limit, + @Parameter(description = "Search pattern") @DefaultValue("") @QueryParam(value = ApiConstants.PATTERN) String pattern, + @Parameter(description = "Status of the attribute") @DefaultValue(ApiConstants.ALL) @QueryParam(value = ApiConstants.STATUS) String status, + @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, + @Parameter(description = "Attribute whose value will be used to order the returned response") @DefaultValue(ApiConstants.INUM) @QueryParam(value = ApiConstants.SORT_BY) String sortBy, + @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder, + @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "adminCanEdit=true,dataType=string")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) + throws Exception { + if (logger.isInfoEnabled()) { + logger.info( + "Search Asset filters with limit:{}, pattern:{}, status:{}, startIndex:{}, sortBy:{}, sortOrder:{}, fieldValuePair:{}", + escapeLog(limit), escapeLog(pattern), escapeLog(status), escapeLog(startIndex), escapeLog(sortBy), + escapeLog(sortOrder), escapeLog(fieldValuePair)); + } + SearchRequest searchReq = createSearchRequest(assetService.getDnForAsset(null), pattern, sortBy, sortOrder, + startIndex, limit, null, null, this.getMaxCount(), fieldValuePair, JansAttribute.class); + return Response.ok(doSearch(searchReq, status)).build(); + } + + @Operation(summary = "Gets an asset by inum - unique identifier", description = "Gets an asset by inum - unique identifier", operationId = "get-asset-by-inum", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/assets/get-asset-by-inum.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_READ_ACCESS }, groupScopes = { + ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Path(ApiConstants.INUM_PATH) + public Response getAssetByInum( + @Parameter(description = "Asset Inum") @PathParam(ApiConstants.INUM) @NotNull String inum) + throws Exception { + if (logger.isInfoEnabled()) { + logger.info("Search Asset with inum:{}", escapeLog(inum)); + } + + Document asset = assetService.getAssetByInum(inum); + if (asset == null) { + log.error("No asset found with the inum:{}", inum); + throwNotFoundException(NOT_FOUND_ERROR, String.format(ASSET_NOT_FOUND, inum)); + } + logger.info("Asset fetched based on inum:{} is:{}", inum, asset); + return Response.ok(asset).build(); + } + + @Operation(summary = "Fetch asset by name", description = "Fetch asset by name.", operationId = "get-asset-by-name", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/assets/get-asset-by-name.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_READ_ACCESS }, groupScopes = { + ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Path(ApiConstants.NAME + ApiConstants.NAME_PARAM_PATH) + public Response getAssetByName( + @Parameter(description = "Asset Name") @PathParam(ApiConstants.NAME) @NotNull String name) + throws Exception { + if (logger.isInfoEnabled()) { + logger.info("Search Asset with name:{}", escapeLog(name)); + } + + List assets = assetService.getAssetByName(name); + if (assets == null) { + log.error("No asset found with the name:{}", name); + throwNotFoundException(NOT_FOUND_ERROR, String.format(ASSET_NOT_FOUND, name)); + } + logger.info("Asset fetched based on name:{} are:{}", name, assets); + return Response.ok(assets).build(); + } + + @Hidden + @Operation(summary = "Fetch asset stream by name.", description = "Fetch asset stream by name.", operationId = "get-asset-stream-by-name", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/assets/get-asset-by-name.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @GET + @Path(ApiConstants.STREAM + ApiConstants.NAME_PARAM_PATH) + @Produces(MediaType.APPLICATION_OCTET_STREAM) + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }) + public Response getAssetStreamByName( + @Parameter(description = "Asset Name") @PathParam(ApiConstants.NAME) @NotNull String name) { + + log.info("Fetch asset stream identified by name:{} ", name); + InputStream assetStream = null; + try { + assetStream = assetService.readAssetStream(name); + log.debug(" Fetched assetStream:{} ", assetStream); + } catch (Exception ex) { + log.error("Application Error while reading asset stream is - status:{}", ex.getMessage()); + throwInternalServerException(APPLICATION_ERROR, ex.getMessage()); + } + return Response.status(Response.Status.OK).entity(assetStream).build(); + } + + @Operation(summary = "Upload new asset", description = "Upload new asset", operationId = "post-new-asset", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_WRITE_ACCESS })) + @RequestBody(description = "String multipart form.", content = @Content(mediaType = MediaType.MULTIPART_FORM_DATA, schema = @Schema(implementation = AssetForm.class), examples = @ExampleObject(name = "Response json example", value = "example/assets/post-asset.json"))) + @ApiResponses(value = { + @ApiResponse(responseCode = "201", description = "Newly created Asset", content = @Content(mediaType = MediaType.APPLICATION_JSON_PATCH_JSON, schema = @Schema(implementation = Document.class), examples = @ExampleObject(name = "Response json example", value = "example/assets/post-asset.json"))), + @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @Consumes(MediaType.MULTIPART_FORM_DATA) + @POST + @Path(ApiConstants.UPLOAD) + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }) + public Response uploadAsset(@MultipartForm AssetForm assetForm) throws Exception { + if (log.isInfoEnabled()) { + log.info("Create Asset details assetForm:{}", assetForm); + } + + // validation + checkResourceNotNull(assetForm, ASSET_DATA_FORM); + Document asset = assetForm.getDocument(); + log.info(" Create asset:{} ", asset); + checkResourceNotNull(asset, ASSET_DATA); + checkNotNull(asset.getDisplayName(), AttributeNames.DISPLAY_NAME); + + // check if asset with same name already exists + List assets = assetService.getAssetByName(asset.getDisplayName()); + if (assets != null && !assets.isEmpty()) { + asset.setInum(assets.get(0).getInum()); + asset.setBaseDn(assets.get(0).getBaseDn()); + } + + InputStream assetStream = assetForm.getAssetFile(); + log.info("New assetStream:{} ", assetStream); + + if (assetStream == null || assetStream.available() <= 0) { + log.error("No asset file provided"); + throwBadRequestException(RESOURCE_NULL, String.format(RESOURCE_NULL_MSG, "Asset File")); + } + + // save asset + try { + asset = assetService.saveAsset(asset, assetStream); + log.debug("Saved asset:{} ", asset); + } catch (Exception ex) { + log.error("Application Error while creating asset is - status:{}", ex.getMessage()); + throwInternalServerException(APPLICATION_ERROR, ex.getMessage()); + } + + log.info("Create IdentityProvider - asset:{}", asset); + return Response.status(Response.Status.CREATED).entity(asset).build(); + } + + @Operation(summary = "Update existing asset", description = "Update existing asset", operationId = "put-asset", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_WRITE_ACCESS })) + @RequestBody(description = "String multipart form.", content = @Content(mediaType = MediaType.MULTIPART_FORM_DATA, schema = @Schema(implementation = AssetForm.class), examples = @ExampleObject(name = "Response json example", value = "example/assets/put-asset.json"))) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Modified Asset", content = @Content(mediaType = MediaType.APPLICATION_JSON_PATCH_JSON, schema = @Schema(implementation = Document.class), examples = @ExampleObject(name = "Response json example", value = "example/assets/put-asset.json"))), + @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @Consumes(MediaType.MULTIPART_FORM_DATA) + @PUT + @Path(ApiConstants.UPLOAD) + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_WRITE_ACCESS }) + public Response updateAsset(@MultipartForm AssetForm assetForm) throws Exception { + if (log.isInfoEnabled()) { + log.info("Update Asset details assetForm:{}", assetForm); + } + + // validation + checkResourceNotNull(assetForm, ASSET_DATA_FORM); + Document asset = assetForm.getDocument(); + final String inum = asset.getInum(); + log.debug(" Create asset:{} ", asset); + checkResourceNotNull(asset, ASSET_DATA); + checkResourceNotNull(inum, ASSET_INUM); + checkNotNull(asset.getDisplayName(), AttributeNames.DISPLAY_NAME); + + // check if asset with same name already exists + List assets = assetService.getAssetByName(asset.getDisplayName()); + log.info( + "Check if asset with inum different then:{} but with same name exists - asset.getDisplayName():{}, assets:{}", + inum, asset.getDisplayName(), assets); + if (assets != null && !assets.isEmpty()) { + List list = assets.stream().filter(e -> !e.getInum().equalsIgnoreCase(inum)) + .collect(Collectors.toList()); + logger.info("Other asset with same name:{} are list:{}", asset.getDisplayName(), list); + if (list != null && !list.isEmpty()) { + log.error("Another asset with same name:{}", asset.getDisplayName()); + throwBadRequestException(ASSET_NAME_CONFLICT, + String.format(ASSET_NAME_CONFLICT_MSG, asset.getDisplayName())); + } + } + + InputStream assetFile = assetForm.getAssetFile(); + log.debug(" Update asset assetFile:{} ", assetFile); + + // update asset + try { + asset = assetService.saveAsset(asset, assetFile); + log.debug(" Updated asset:{} ", asset); + } catch (Exception ex) { + log.error("Application Error while updated asset is:{}", ex.getMessage()); + throwInternalServerException(APPLICATION_ERROR, ex.getMessage()); + } + + log.info("Updated asset:{}", asset); + return Response.status(Response.Status.OK).entity(asset).build(); + } + + @Operation(summary = "Delete an asset", description = "Delete an asset", operationId = "delete-asset", tags = { + "Jans Assets" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_ASSET_DELETE_ACCESS })) + @ApiResponses(value = { @ApiResponse(responseCode = "204", description = "No Content"), + @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))), + @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))) }) + @DELETE + @Path(ApiConstants.INUM_PATH) + @ProtectedApi(scopes = { ApiAccessConstants.JANS_ASSET_DELETE_ACCESS }) + public Response deleteAsset( + @Parameter(description = "Asset identifier") @PathParam(ApiConstants.INUM) @NotNull String inum) { + if (log.isInfoEnabled()) { + log.info("Delete an Asset identified inum:{}", inum); + } + try { + boolean status = assetService.removeAsset(inum); + log.debug(" Delete asset status:{} ", status); + } catch (Exception ex) { + log.error("Error while asset deletion is:{}", ex.getMessage()); + if (ex instanceof NotFoundException) { + throwNotFoundException(NOT_FOUND_ERROR, ex.getMessage()); + } + throwInternalServerException(APPLICATION_ERROR, ex.getMessage()); + } + return Response.noContent().build(); + + } + + private PagedResult doSearch(SearchRequest searchReq, String status) throws Exception { + + logger.debug("Asset search params - searchReq:{} , status:{} ", searchReq, status); + + PagedResult pagedResult = assetService.searchAsset(searchReq, status); + + logger.debug("PagedResult - pagedResult:{}", pagedResult); + if (pagedResult != null) { + logger.debug( + "Asset fetched - pagedResult.getTotalEntriesCount():{}, pagedResult.getEntriesCount():{}, pagedResult.getEntries():{}", + pagedResult.getTotalEntriesCount(), pagedResult.getEntriesCount(), pagedResult.getEntries()); + } + + logger.debug("Asset pagedResult:{} ", pagedResult); + return pagedResult; + } + +} diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java new file mode 100644 index 00000000000..0f518d201eb --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java @@ -0,0 +1,367 @@ +/* + * Janssen Project software is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. + * + * Copyright (c) 2020, Janssen Project + */ + +package io.jans.configapi.service.auth; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import io.jans.as.common.service.common.ApplicationFactory; +import io.jans.as.common.util.AttributeConstants; +import io.jans.configapi.util.ApiConstants; +import io.jans.configapi.util.AuthUtil; +import io.jans.model.SearchRequest; +import io.jans.orm.model.PagedResult; +import io.jans.orm.model.SortOrder; +import io.jans.orm.search.filter.Filter; +import io.jans.orm.PersistenceEntryManager; +import io.jans.service.document.store.provider.DBDocumentStoreProvider; +import io.jans.service.document.store.service.DBDocumentService; +import io.jans.service.document.store.service.Document; +import io.jans.util.exception.InvalidAttributeException; +import io.jans.util.exception.InvalidConfigurationException; +import io.jans.service.document.store.service.DocumentStoreService; +import io.jans.service.document.store.service.LocalDocumentStoreService; + +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.StandardCharsets; + +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; +import jakarta.inject.Named; +import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.WebApplicationException; +import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; + +@ApplicationScoped +public class AssetService { + + @Inject + Logger log; + + @Inject + @Named(ApplicationFactory.PERSISTENCE_ENTRY_MANAGER_NAME) + PersistenceEntryManager persistenceEntryManager; + + @Inject + AuthUtil authUtil; + + @Inject + DocumentStoreService documentStoreService; + + @Inject + DBDocumentStoreProvider dBDocumentStoreProvider; + + @Inject + DBDocumentService dbDocumentService; + + @Inject + private LocalDocumentStoreService localDocumentStoreService; + + public String getDnForAsset(String inum) throws Exception { + return dbDocumentService.getDnForDocument(inum); + } + + public PagedResult searchAsset(SearchRequest searchRequest, String status) throws Exception { + log.info("Search asset with searchRequest:{}, status:{}", searchRequest, status); + + Filter activeFilter = null; + if (ApiConstants.ACTIVE.equalsIgnoreCase(status)) { + activeFilter = Filter.createEqualityFilter("jansEnabled", true); + } else if (ApiConstants.INACTIVE.equalsIgnoreCase(status)) { + activeFilter = Filter.createEqualityFilter("jansEnabled", false); + } + log.info("Search asset activeFilter:{}", activeFilter); + + Filter searchFilter = null; + List filters = new ArrayList<>(); + if (searchRequest.getFilterAssertionValue() != null && !searchRequest.getFilterAssertionValue().isEmpty()) { + + for (String assertionValue : searchRequest.getFilterAssertionValue()) { + String[] targetArray = new String[] { assertionValue }; + Filter displayNameFilter = Filter.createSubstringFilter(AttributeConstants.DISPLAY_NAME, null, + targetArray, null); + Filter descriptionFilter = Filter.createSubstringFilter(AttributeConstants.DESCRIPTION, null, + targetArray, null); + Filter aliasFilter = Filter.createSubstringFilter("jansAlias", null, targetArray, null); + Filter inumFilter = Filter.createSubstringFilter(AttributeConstants.INUM, null, targetArray, null); + filters.add(Filter.createORFilter(displayNameFilter, descriptionFilter, aliasFilter, inumFilter)); + } + searchFilter = Filter.createORFilter(filters); + } + + log.info("Asset pattern searchFilter:{}", searchFilter); + List fieldValueFilters = new ArrayList<>(); + if (searchRequest.getFieldValueMap() != null && !searchRequest.getFieldValueMap().isEmpty()) { + for (Map.Entry entry : searchRequest.getFieldValueMap().entrySet()) { + Filter dataFilter = Filter.createEqualityFilter(entry.getKey(), entry.getValue()); + log.trace("asset dataFilter:{}", dataFilter); + fieldValueFilters.add(Filter.createANDFilter(dataFilter)); + } + searchFilter = Filter.createANDFilter(Filter.createORFilter(filters), + Filter.createANDFilter(fieldValueFilters)); + } + + log.debug("Asset pattern and field searchFilter:{}", searchFilter); + + if (activeFilter != null) { + searchFilter = Filter.createANDFilter(searchFilter, activeFilter); + } + + log.info("Asset final searchFilter:{}", searchFilter); + + return persistenceEntryManager.findPagedEntries(getDnForAsset(null), Document.class, searchFilter, null, + searchRequest.getSortBy(), SortOrder.getByValue(searchRequest.getSortOrder()), + searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getMaxCount()); + + } + + public Document getAssetByInum(String inum) throws Exception { + log.info("Get asset by inum:{}", inum); + Document asset = dbDocumentService.getDocumentByInum(inum); + log.info("Asset by inum:{} is asset:{}", inum, asset); + return asset; + } + + public List getAssetByName(String name) throws Exception { + log.info("Get asset by name:{}", name); + Filter nameFilter = Filter.createEqualityFilter(AttributeConstants.DISPLAY_NAME, name); + List documents = persistenceEntryManager.findEntries(getDnForAsset(null), Document.class, nameFilter); + log.info("Asset by name:{} are documents:{}", name, documents); + return documents; + } + + public Document saveAsset(Document asset, InputStream documentStream) throws Exception { + log.info("Save new asset - asset:{}, documentStream:{}", asset, documentStream); + + if (asset == null) { + throw new InvalidAttributeException("Asset object is null!!!"); + } + + if (documentStream == null) { + throw new InvalidAttributeException(" Document data stream object is null!!!"); + } + + ByteArrayOutputStream bos = getByteArrayOutputStream(documentStream); + log.trace("Asset ByteArrayOutputStream :{}", bos); + + // update asset revision + updateRevision(asset); + + // save asset in DB store + if (StringUtils.isBlank(asset.getInum())) { + log.info("As inum is blank create new asset :{}", asset); + saveNewAsset(asset, getInputStream(bos)); + } else { + log.info("Inum is not blank hence update existing asset :{}", asset); + asset = updateAsset(asset, getInputStream(bos)); + } + log.debug("Saved asset is :{}", asset); + + // copy asset on jans-server + String result = copyAssetOnServer(asset, getInputStream(bos)); + log.info("Result of asset saved on server :{}", result); + + // Get final asset + Listassets = this.getAssetByName(asset.getDisplayName()); + if(assets==null) { + throw new WebApplicationException(" Error while saving asset"); + } + asset = assets.get(0); + log.info("\n * Asset saved :{}", asset); + return asset; + } + + public boolean removeAsset(String inum) throws Exception { + log.info("Remove asset - inum:{}", inum); + + Document asset = this.getAssetByInum(inum); + log.info("asset{} identified by inum:{}", asset, inum); + + if (asset == null) { + throw new NotFoundException("Cannot find asset identified by - " + inum); + } + + // remove asset from DB store + dbDocumentService.removeDocument(asset); + log.info("Deleted asset identified by inum {}", inum); + + // remove asset from server + boolean status = deleteAssetFromServer(asset); + log.info("Status on deleting asset from server is:{}", status); + if(!status) { + log.error("Could not remove asset from server identified by inum:{}",inum); + throw new WebApplicationException("Could not delete asset identified by inum - "+inum); + } + + return status; + } + + public InputStream readAssetStream(String assetName) throws Exception { + log.info("Read asset stream from server - assetName:{}", assetName); + String filePath = null; + + if (StringUtils.isBlank(assetName)) { + throw new InvalidConfigurationException("Asset name is null!"); + } + + List assets = this.getAssetByName(assetName); + log.info("assets{} identified by assetName:{}", assets, assetName); + + if (assets == null || assets.isEmpty()) { + throw new NotFoundException("Cannot find asset identified by - " + assetName); + } + + Document asset = assets.get(0); + String assetPath = asset.getDescription(); + filePath = assetPath + File.separator + assetName; + log.info("documentStoreService:{}, filePath:{}, localDocumentStoreService:{} ", documentStoreService, filePath, + localDocumentStoreService); + + InputStream stream = dBDocumentStoreProvider.readDocumentAsStream(filePath); + log.info("Read asset stream:{}", stream); + + return stream; + + } + + private Document updateAsset(Document asset, InputStream documentStream) throws Exception { + log.info("Update new asset - asset:{}, documentStream:{}", asset, documentStream); + if (asset == null) { + throw new InvalidAttributeException(" Asset object is null!!!"); + } + + if (documentStream == null) { + throw new InvalidAttributeException(" Asset data stream object is null!!!"); + } + + String documentContent = new String(documentStream.readAllBytes(), StandardCharsets.UTF_8); + asset.setDocument(documentContent); + dbDocumentService.updateDocument(asset); + + // Get final asset + asset = dbDocumentService.getDocumentByInum(asset.getInum()); + + log.info("\n * Successfully updated asset:{}", asset); + return asset; + } + + private boolean deleteAssetFromServer(Document asset) { + log.info("Delete asset - asset:{}", asset); + boolean deleteStatus = false; + if (asset == null) { + return deleteStatus; + } + + String path = asset.getDescription(); + String fileName = asset.getDisplayName(); + String documentStoreModuleName = fileName; + log.info("path:{}, fileName:{}, documentStoreModuleName:{}", path, fileName, documentStoreModuleName); + + if (StringUtils.isBlank(path)) { + throw new InvalidConfigurationException("Path to delete the asset is null!"); + } + + if (StringUtils.isBlank(fileName)) { + throw new InvalidConfigurationException("Name of asset to be deleted is null!"); + } + + if (documentStoreService == null) { + throw new InvalidConfigurationException("document Store Service is null!"); + } + + String filePath = path + File.separator + fileName; + log.info("documentStoreService:{}, localDocumentStoreService:{}, filePath:{} ", documentStoreService, + localDocumentStoreService, filePath); + deleteStatus = documentStoreService.removeDocument(filePath); + log.info("Asset deletion status:{}", deleteStatus); + return deleteStatus; + } + + private Document updateRevision(Document asset) { + log.info("Update asset revision - asset:{}", asset); + try { + if (asset == null) { + return asset; + } + + String revision = asset.getJansRevision(); + log.debug(" Current asset revision is:{}", revision); + int intRevision = 1; + if (revision != null && revision.trim().length() > 0) { + intRevision = Integer.parseInt(revision); + intRevision = intRevision + 1; + } + revision = String.valueOf(intRevision); + asset.setJansRevision(revision); + log.info("Updated asset revision - asset:{}", asset); + } catch (Exception ex) { + log.error("Exception while updating asset revision is - ", ex); + return asset; + } + return asset; + } + + private Document saveNewAsset(Document asset, InputStream stream) { + log.info("Saving new asset in DB DocumentStore - asset:{}, stream:{}", asset, stream); + String path = dBDocumentStoreProvider.saveDocumentStream(asset.getDisplayName(), asset.getDescription(), stream, + asset.getJansModuleProperty()); + log.info("Successfully stored asset - Path of saved new asset is :{}", path); + return asset; + } + + private String copyAssetOnServer(Document asset, InputStream stream) { + log.info("Copy asset on server - asset:{}, stream:{}", asset, stream); + String result = null; + + if (asset == null) { + throw new InvalidConfigurationException("Asset is null!"); + } + + if (stream == null) { + throw new InvalidConfigurationException("Asset stream is null!"); + } + + String path = asset.getDescription(); + String fileName = asset.getDisplayName(); + String documentStoreModuleName = fileName; + log.info("path:{}, fileName:{}, documentStoreModuleName:{}", path, fileName, documentStoreModuleName); + + if (StringUtils.isBlank(path)) { + throw new InvalidConfigurationException("Path to copy the asset is null!"); + } + + if (StringUtils.isBlank(fileName)) { + throw new InvalidConfigurationException("Asset name is null!"); + } + + String filePath = path + File.separator + fileName; + log.info("documentStoreService:{}, filePath:{}, localDocumentStoreService:{} ", documentStoreService, filePath, + localDocumentStoreService); + result = documentStoreService.saveDocumentStream(filePath, null, stream, List.of(documentStoreModuleName)); + log.info("Asset saving result:{}", result); + + InputStream newFile = documentStoreService.readDocumentAsStream(filePath); + log.info("Reading asset file newFile:{}", newFile); + + return result; + + } + + private ByteArrayOutputStream getByteArrayOutputStream(InputStream input) throws IOException { + return authUtil.getByteArrayOutputStream(input); + } + + private InputStream getInputStream(ByteArrayOutputStream bos) { + return authUtil.getInputStream(bos); + } + +} diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ConfigurationService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ConfigurationService.java index 4088be33070..befe4e502a4 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ConfigurationService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ConfigurationService.java @@ -13,17 +13,24 @@ import io.jans.configapi.configuration.ConfigurationFactory; import io.jans.configapi.model.status.StatsData; import io.jans.orm.PersistenceEntryManager; +import io.jans.service.document.store.conf.DocumentStoreConfiguration; import io.jans.util.StringHelper; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import jakarta.inject.Named; +import jakarta.ws.rs.WebApplicationException; + +import org.slf4j.Logger; /** * @author Yuriy Zabrovarnyy */ @ApplicationScoped public class ConfigurationService { + + @Inject + Logger logger; @Inject @Named(ApplicationFactory.PERSISTENCE_ENTRY_MANAGER_NAME) @@ -60,6 +67,41 @@ public GluuConfiguration findGluuConfiguration() { } return persistenceManager.find(GluuConfiguration.class, configurationDn); } + + public DocumentStoreConfiguration getDocumentStoreConfiguration() { + GluuConfiguration gluuConfiguration = this.findGluuConfiguration(); + logger.info("gluuConfiguration:{}",gluuConfiguration); + DocumentStoreConfiguration documentStoreConfiguration = null; + if(gluuConfiguration == null) { + throw new WebApplicationException("Cannot fetch DocumentStoreConfiguration as GluuConfiguration is null! "); + } + + documentStoreConfiguration = gluuConfiguration.getDocumentStoreConfiguration(); + logger.info("Fetched documentStoreConfiguration:{}",documentStoreConfiguration); + return documentStoreConfiguration; + } + + public DocumentStoreConfiguration updateDocumentStoreConfiguration(DocumentStoreConfiguration documentStoreConfiguration) { + logger.info("documentStoreConfiguration:{}",documentStoreConfiguration); + if(documentStoreConfiguration == null) { + return documentStoreConfiguration; + } + + GluuConfiguration gluuConfiguration = findGluuConfiguration(); + logger.info("gluuConfiguration:{}",gluuConfiguration); + + if(gluuConfiguration==null) { + throw new WebApplicationException("Cannot update DocumentStoreConfiguration as GluuConfiguration is null! "); + } + + gluuConfiguration.setDocumentStoreConfiguration(documentStoreConfiguration); + merge(gluuConfiguration); + + documentStoreConfiguration = gluuConfiguration.getDocumentStoreConfiguration(); + logger.info("Updated documentStoreConfiguration:{}",documentStoreConfiguration); + return documentStoreConfiguration; + } + public String getPersistenceType() { return configurationFactory.getBaseConfiguration().getString("persistence.type"); diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java b/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java index 9abcec216da..3585af4f5e8 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java @@ -28,6 +28,7 @@ import java.text.ParseException; import java.text.SimpleDateFormat; import java.lang.reflect.Field; +import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; @@ -467,5 +468,17 @@ public ByteArrayOutputStream getByteArrayOutputStream(InputStream input) throws return baos; } + public InputStream getInputStream(ByteArrayOutputStream output) { + log.debug("Get InputStream for output:{}", output); + InputStream input = null; + if (output == null) { + return input; + } + + input = new ByteArrayInputStream(output.toByteArray()); + log.debug("From ByteArrayOutputStream InputStream is:{}", input); + return input; + } + } diff --git a/jans-config-api/server/src/main/resources/config-api-rs-protect.json b/jans-config-api/server/src/main/resources/config-api-rs-protect.json index 06a1c680b8b..b81ffe068e8 100644 --- a/jans-config-api/server/src/main/resources/config-api-rs-protect.json +++ b/jans-config-api/server/src/main/resources/config-api-rs-protect.json @@ -2873,6 +2873,70 @@ ] } ] + }, + { + "path": "/jans-config-api/api/v1/jans-assets", + "conditions": [ + { + "httpMethods": [ + "GET" + ], + "scopes": [ + { + "inum": "1800.01.75", + "name": "https://jans.io/oauth/jans_asset-read" + } + ], + "groupScopes": [ + { + "inum": "1800.01.76", + "name": "https://jans.io/oauth/config/jans_asset-write" + } + ], + "superScopes": [ + { + "inum": "1800.03.1", + "name": "https://jans.io/oauth/config/read-all" + } + ] + }, + { + "httpMethods": [ + "PUT" + ], + "scopes": [ + { + "inum": "1800.01.76", + "name": "https://jans.io/oauth/config/jans_asset-write" + } + ], + "groupScopes": [], + "superScopes": [ + { + "inum": "1800.03.2", + "name": "https://jans.io/oauth/config/write-all" + } + ] + }, + { + "httpMethods": [ + "DELETE" + ], + "scopes": [ + { + "inum": "1800.01.77", + "name": "https://jans.io/oauth/config/jans_asset-delete" + } + ], + "groupScopes": [], + "superScopes": [ + { + "inum": "1800.03.2", + "name": "https://jans.io/oauth/config/write-all" + } + ] + } + ] } ] } \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/assets/get-all-asset.json b/jans-config-api/server/src/main/resources/example/assets/get-all-asset.json new file mode 100644 index 00000000000..8cd42460411 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/assets/get-all-asset.json @@ -0,0 +1,39 @@ +{ + "start": 0, + "totalEntriesCount": 2, + "entriesCount": 2, + "entries": [ + { + "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", + "selected": false, + "inum": "0b436302-b729-4eb2-b211-335980dcab43", + "displayName": "mermaid-extra.css", + "description": "/opt/jans/jetty/jans-config-api/", + "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansLevel": "1", + "jansRevision": "2", + "jansEnabled": true, + "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" + }, + { + "dn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans", + "selected": false, + "inum": "9d2f39f5-a910-4a03-a888-6f0f1ee03445", + "displayName": "kc-saml-plugin.jar", + "description": "/opt/jans/jetty/jans-config-api/", + "creationDate": "2024-03-14T12:53:00", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansEnabled": true, + "baseDn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans" + } + ] +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/assets/get-asset-by-inum.json b/jans-config-api/server/src/main/resources/example/assets/get-asset-by-inum.json new file mode 100644 index 00000000000..d3cc8b6a542 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/assets/get-asset-by-inum.json @@ -0,0 +1,17 @@ +{ + "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", + "selected": false, + "inum": "0b436302-b729-4eb2-b211-335980dcab43", + "displayName": "mermaid-extra.css", + "description": "/opt/jans/jetty/jans-config-api/", + "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansLevel": "1", + "jansRevision": "2", + "jansEnabled": true, + "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/assets/post-asset.json b/jans-config-api/server/src/main/resources/example/assets/post-asset.json new file mode 100644 index 00000000000..ce9ec613e75 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/assets/post-asset.json @@ -0,0 +1,14 @@ +{ + "displayName": "kc-saml-plugin.jar", + "description": "Config api pligin", + "document":"", + "jansModuleProperty": [ + "config-api", + "jar", + "/opt/jans/jetty/jans-config-api/custom/lib" + ], + "jansLevel": "1", + "jansRevision": "1", + "jansEnabled": true, + "jansAlias": "" +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/assets/put-asset.json b/jans-config-api/server/src/main/resources/example/assets/put-asset.json new file mode 100644 index 00000000000..df51971b359 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/assets/put-asset.json @@ -0,0 +1,16 @@ +{ + "dn": "inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans", + "selected": false, + "inum": "ed901270-c0cd-43cf-a683-10795ff66349", + "displayName": "janssen_dove_icon.png", + "description": "/opt/jans/jetty/jans-auth/custom/static", + "jansModuleProperty": [ + "agama", + "img", + "/opt/jans/jetty/jans-auth" + ], + "jansLevel": "1", + "jansRevision": "2", + "jansEnabled": true, + "baseDn": "inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans" +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/openid-clients/clients/openid-clients-get-all.json b/jans-config-api/server/src/main/resources/example/openid-clients/clients/openid-clients-get-all.json index 52d1df2640e..b312dadd18c 100644 --- a/jans-config-api/server/src/main/resources/example/openid-clients/clients/openid-clients-get-all.json +++ b/jans-config-api/server/src/main/resources/example/openid-clients/clients/openid-clients-get-all.json @@ -1,102 +1,43 @@ { "start": 0, - "totalEntriesCount": 9, - "entriesCount": 9, + "totalEntriesCount": 8, + "entriesCount": 8, "entries": [ { - "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", - "deletable": false, - "clientSecret": "vA2TTjAOTfQY", + "dn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", + "clientSecret": "hm7fKhoxVfsR", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/admin-ui", - "http://localhost:4100" - ], - "responseTypes": [ - "code" + "https://pujavs-definite-dory.gluu.info/.well-known/scim-configuration" ], "grantTypes": [ - "authorization_code", - "refresh_token", "client_credentials" ], - "applicationType": "web", - "clientName": "Jans Config Api Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "applicationType": "native", + "clientName": "SCIM client", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", - "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=C4F7,ou=scopes,o=jans", - "inum=1200.487800,ou=scopes,o=jans", - "inum=1200.9CEE5C,ou=scopes,o=jans", - "inum=1800.FFE5C0,ou=scopes,o=jans", - "inum=1800.472951,ou=scopes,o=jans", - "inum=1800.556F45,ou=scopes,o=jans", - "inum=1800.77FB4F,ou=scopes,o=jans", - "inum=1800.AA8DFE,ou=scopes,o=jans", - "inum=1800.CD5B72,ou=scopes,o=jans", - "inum=1800.CBCF52,ou=scopes,o=jans", - "inum=1800.12284F,ou=scopes,o=jans", - "inum=1800.141B26,ou=scopes,o=jans", - "inum=1800.A018AC,ou=scopes,o=jans", - "inum=1800.6E4456,ou=scopes,o=jans", - "inum=1800.55499D,ou=scopes,o=jans", - "inum=1800.E730AA,ou=scopes,o=jans", - "inum=1800.097318,ou=scopes,o=jans", - "inum=1800.04CF24,ou=scopes,o=jans", - "inum=1800.F963F9,ou=scopes,o=jans", - "inum=1800.31F580,ou=scopes,o=jans", - "inum=1800.E512E3,ou=scopes,o=jans", - "inum=1800.E65DC6,ou=scopes,o=jans", - "inum=1800.3C1F46,ou=scopes,o=jans", - "inum=1800.20D48C,ou=scopes,o=jans", - "inum=1800.4601AA,ou=scopes,o=jans", - "inum=1800.A9B842,ou=scopes,o=jans", - "inum=1800.864485,ou=scopes,o=jans", - "inum=1800.F0B654,ou=scopes,o=jans", - "inum=1800.45F1D7,ou=scopes,o=jans", - "inum=1800.B78FA5,ou=scopes,o=jans", - "inum=1800.E3D7E0,ou=scopes,o=jans", - "inum=1800.E212DC,ou=scopes,o=jans", - "inum=1800.94F80F,ou=scopes,o=jans", - "inum=1800.9F96F3,ou=scopes,o=jans", - "inum=1800.CB50EC,ou=scopes,o=jans", - "inum=1800.1CA946,ou=scopes,o=jans", - "inum=1800.18231E,ou=scopes,o=jans", - "inum=1800.C25D78,ou=scopes,o=jans", - "inum=1800.12B340,ou=scopes,o=jans", - "inum=1800.7A78C3,ou=scopes,o=jans", - "inum=1800.ECB839,ou=scopes,o=jans", - "inum=1800.62579C,ou=scopes,o=jans", - "inum=1800.29B156,ou=scopes,o=jans", - "inum=1800.9DC774,ou=scopes,o=jans", - "inum=1800.71BA21,ou=scopes,o=jans", - "inum=1800.FC35D2,ou=scopes,o=jans", - "inum=1800.F8CA5F,ou=scopes,o=jans", - "inum=1800.D92553,ou=scopes,o=jans", - "inum=1800.08CB80,ou=scopes,o=jans", - "inum=1800.DF434B,ou=scopes,o=jans", - "inum=1800.127954,ou=scopes,o=jans", - "inum=1800.E7CB8C,ou=scopes,o=jans" + "inum=1200.485475,ou=scopes,o=jans", + "inum=1200.EE9755,ou=scopes,o=jans", + "inum=1200.57CC3F,ou=scopes,o=jans", + "inum=1200.57EA2A,ou=scopes,o=jans", + "inum=1200.C5C2EF,ou=scopes,o=jans", + "inum=1200.369E7D,ou=scopes,o=jans", + "inum=1200.472E10,ou=scopes,o=jans", + "inum=1200.D8FE2A,ou=scopes,o=jans", + "inum=1200.0F2F42,ou=scopes,o=jans", + "inum=1200.A9B43A,ou=scopes,o=jans" ], "trustedClient": false, - "persistClientAuthorizations": true, + "persistClientAuthorizations": false, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Config Api Client" - ], - "value": "Jans Config Api Client", - "displayValue": "Jans Config Api Client" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], @@ -111,102 +52,154 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "displayName": "SCIM client", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Config Api Client", - "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", - "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" + "baseDn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", + "inum": "1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d" }, { - "dn": "inum=1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b,ou=clients,o=jans", + "dn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", "deletable": false, - "clientSecret": "dpus42KsYjda", + "clientSecret": "d2U1A5Es6uuE", "frontChannelLogoutSessionRequired": false, + "redirectUris": [ + "https://pujavs-definite-dory.gluu.info/admin-ui", + "http://localhost:4100" + ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", - "client_credentials", - "refresh_token" + "refresh_token", + "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=1800.FFE5C0,ou=scopes,o=jans", - "inum=1800.472951,ou=scopes,o=jans", - "inum=1800.556F45,ou=scopes,o=jans", - "inum=1800.77FB4F,ou=scopes,o=jans", - "inum=1800.AA8DFE,ou=scopes,o=jans", - "inum=1800.CD5B72,ou=scopes,o=jans", - "inum=1800.CBCF52,ou=scopes,o=jans", - "inum=1800.12284F,ou=scopes,o=jans", - "inum=1800.141B26,ou=scopes,o=jans", - "inum=1800.A018AC,ou=scopes,o=jans", - "inum=1800.6E4456,ou=scopes,o=jans", - "inum=1800.55499D,ou=scopes,o=jans", - "inum=1800.E730AA,ou=scopes,o=jans", - "inum=1800.097318,ou=scopes,o=jans", - "inum=1800.04CF24,ou=scopes,o=jans", - "inum=1800.F963F9,ou=scopes,o=jans", - "inum=1800.31F580,ou=scopes,o=jans", - "inum=1800.E512E3,ou=scopes,o=jans", - "inum=1800.E65DC6,ou=scopes,o=jans", - "inum=1800.3C1F46,ou=scopes,o=jans", - "inum=1800.20D48C,ou=scopes,o=jans", - "inum=1800.4601AA,ou=scopes,o=jans", - "inum=1800.A9B842,ou=scopes,o=jans", - "inum=1800.864485,ou=scopes,o=jans", - "inum=1800.F0B654,ou=scopes,o=jans", - "inum=1800.45F1D7,ou=scopes,o=jans", - "inum=1800.B78FA5,ou=scopes,o=jans", - "inum=1800.E3D7E0,ou=scopes,o=jans", - "inum=1800.E212DC,ou=scopes,o=jans", - "inum=1800.94F80F,ou=scopes,o=jans", - "inum=1800.9F96F3,ou=scopes,o=jans", - "inum=1800.CB50EC,ou=scopes,o=jans", - "inum=1800.1CA946,ou=scopes,o=jans", - "inum=1800.18231E,ou=scopes,o=jans", - "inum=1800.C25D78,ou=scopes,o=jans", - "inum=1800.12B340,ou=scopes,o=jans", - "inum=1800.7A78C3,ou=scopes,o=jans", - "inum=1800.ECB839,ou=scopes,o=jans", - "inum=1800.62579C,ou=scopes,o=jans", - "inum=1800.29B156,ou=scopes,o=jans", - "inum=1800.9DC774,ou=scopes,o=jans", - "inum=1800.71BA21,ou=scopes,o=jans", - "inum=1800.FC35D2,ou=scopes,o=jans", - "inum=1800.F8CA5F,ou=scopes,o=jans", - "inum=1800.D92553,ou=scopes,o=jans", - "inum=1800.08CB80,ou=scopes,o=jans", - "inum=1800.DF434B,ou=scopes,o=jans", - "inum=1800.127954,ou=scopes,o=jans", - "inum=1800.E7CB8C,ou=scopes,o=jans", - "inum=C4F7,ou=scopes,o=jans" + "inum=C4F7,ou=scopes,o=jans", + "inum=1200.485475,ou=scopes,o=jans", + "inum=1200.EE9755,ou=scopes,o=jans", + "inum=1800.01.1,ou=scopes,o=jans", + "inum=1800.01.2,ou=scopes,o=jans", + "inum=1800.03.1,ou=scopes,o=jans", + "inum=1800.03.2,ou=scopes,o=jans", + "inum=1800.01.3,ou=scopes,o=jans", + "inum=1800.01.4,ou=scopes,o=jans", + "inum=1800.01.5,ou=scopes,o=jans", + "inum=1800.03.3,ou=scopes,o=jans", + "inum=1800.01.6,ou=scopes,o=jans", + "inum=1800.01.7,ou=scopes,o=jans", + "inum=1800.01.8,ou=scopes,o=jans", + "inum=1800.02.1,ou=scopes,o=jans", + "inum=1800.01.9,ou=scopes,o=jans", + "inum=1800.02.2,ou=scopes,o=jans", + "inum=1800.01.10,ou=scopes,o=jans", + "inum=1800.02.3,ou=scopes,o=jans", + "inum=1800.01.11,ou=scopes,o=jans", + "inum=1800.01.12,ou=scopes,o=jans", + "inum=1800.01.13,ou=scopes,o=jans", + "inum=1800.01.14,ou=scopes,o=jans", + "inum=1800.01.15,ou=scopes,o=jans", + "inum=1800.01.16,ou=scopes,o=jans", + "inum=1800.01.17,ou=scopes,o=jans", + "inum=1800.01.18,ou=scopes,o=jans", + "inum=1800.01.19,ou=scopes,o=jans", + "inum=1800.01.20,ou=scopes,o=jans", + "inum=1800.01.21,ou=scopes,o=jans", + "inum=1800.01.22,ou=scopes,o=jans", + "inum=1800.01.23,ou=scopes,o=jans", + "inum=1800.01.24,ou=scopes,o=jans", + "inum=1800.01.25,ou=scopes,o=jans", + "inum=1800.01.26,ou=scopes,o=jans", + "inum=1800.01.27,ou=scopes,o=jans", + "inum=1800.01.28,ou=scopes,o=jans", + "inum=1800.01.29,ou=scopes,o=jans", + "inum=1800.01.30,ou=scopes,o=jans", + "inum=1800.01.31,ou=scopes,o=jans", + "inum=1800.01.32,ou=scopes,o=jans", + "inum=1800.01.33,ou=scopes,o=jans", + "inum=1800.02.4,ou=scopes,o=jans", + "inum=1800.02.5,ou=scopes,o=jans", + "inum=1800.01.34,ou=scopes,o=jans", + "inum=1800.02.6,ou=scopes,o=jans", + "inum=1800.01.35,ou=scopes,o=jans", + "inum=1800.01.36,ou=scopes,o=jans", + "inum=1800.01.37,ou=scopes,o=jans", + "inum=1800.01.38,ou=scopes,o=jans", + "inum=1800.01.39,ou=scopes,o=jans", + "inum=1800.01.40,ou=scopes,o=jans", + "inum=1800.01.41,ou=scopes,o=jans", + "inum=1800.01.42,ou=scopes,o=jans", + "inum=1800.01.43,ou=scopes,o=jans", + "inum=1800.01.44,ou=scopes,o=jans", + "inum=1800.01.45,ou=scopes,o=jans", + "inum=1800.01.46,ou=scopes,o=jans", + "inum=1800.01.47,ou=scopes,o=jans", + "inum=1800.04.1,ou=scopes,o=jans", + "inum=1800.04.2,ou=scopes,o=jans", + "inum=1800.04.12,ou=scopes,o=jans", + "inum=1800.04.13,ou=scopes,o=jans", + "inum=1800.04.3,ou=scopes,o=jans", + "inum=1800.04.14,ou=scopes,o=jans", + "inum=1800.04.4,ou=scopes,o=jans", + "inum=1800.04.5,ou=scopes,o=jans", + "inum=1800.04.6,ou=scopes,o=jans", + "inum=1800.04.7,ou=scopes,o=jans", + "inum=1800.04.8,ou=scopes,o=jans", + "inum=1800.04.9,ou=scopes,o=jans", + "inum=1800.04.10,ou=scopes,o=jans", + "inum=1800.04.11,ou=scopes,o=jans", + "inum=1800.01.49,ou=scopes,o=jans", + "inum=1800.01.50,ou=scopes,o=jans", + "inum=1800.01.51,ou=scopes,o=jans", + "inum=1800.01.52,ou=scopes,o=jans", + "inum=1800.01.53,ou=scopes,o=jans", + "inum=1800.01.54,ou=scopes,o=jans", + "inum=1800.01.55,ou=scopes,o=jans", + "inum=1800.01.56,ou=scopes,o=jans", + "inum=1800.01.57,ou=scopes,o=jans", + "inum=1800.01.58,ou=scopes,o=jans", + "inum=1800.01.59,ou=scopes,o=jans", + "inum=1800.01.60,ou=scopes,o=jans", + "inum=1800.01.61,ou=scopes,o=jans", + "inum=1800.01.62,ou=scopes,o=jans", + "inum=1800.01.63,ou=scopes,o=jans", + "inum=1800.01.64,ou=scopes,o=jans", + "inum=1800.01.65,ou=scopes,o=jans", + "inum=1800.01.66,ou=scopes,o=jans", + "inum=1800.01.67,ou=scopes,o=jans", + "inum=1800.01.067,ou=scopes,o=jans", + "inum=1800.01.68,ou=scopes,o=jans", + "inum=1800.01.69,ou=scopes,o=jans", + "inum=1800.01.70,ou=scopes,o=jans", + "inum=1800.01.71,ou=scopes,o=jans", + "inum=1800.01.72,ou=scopes,o=jans", + "inum=1800.01.73,ou=scopes,o=jans", + "inum=1800.01.74,ou=scopes,o=jans", + "inum=1800.01.75,ou=scopes,o=jans", + "inum=1800.01.76,ou=scopes,o=jans", + "inum=1800.01.77,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Config Api Client" - ], - "value": "Jans Config Api Client", - "displayValue": "Jans Config Api Client" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], @@ -221,88 +214,26 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, - "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", - "baseDn": "inum=1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b,ou=clients,o=jans", - "inum": "1802.db19d013-bb63-42c4-8ce9-79a4aa58aa7b" - }, - { - "dn": "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans", - "clientSecret": "3r2aX1TUEEyX", - "frontChannelLogoutSessionRequired": false, - "redirectUris": [ - "https://jans.server2/.well-known/scim-configuration" - ], - "grantTypes": [ - "client_credentials" - ], - "applicationType": "native", - "clientName": "SCIM client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "pairwise", - "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=1200.487800,ou=scopes,o=jans", - "inum=1200.9CEE5C,ou=scopes,o=jans", - "inum=1200.B6AE14,ou=scopes,o=jans", - "inum=1200.2F4765,ou=scopes,o=jans", - "inum=1200.5BFEE9,ou=scopes,o=jans", - "inum=1200.E05ED3,ou=scopes,o=jans", - "inum=1200.37F617,ou=scopes,o=jans", - "inum=1200.585BE3,ou=scopes,o=jans", - "inum=1200.CFB1B5,ou=scopes,o=jans", - "inum=1200.B29D76,ou=scopes,o=jans" - ], - "trustedClient": false, - "persistClientAuthorizations": false, - "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "SCIM client" - ], - "value": "SCIM client", - "displayValue": "SCIM client" - } + "allAuthenticationMethods": [ + "client_secret_basic" ], - "customObjectClasses": [ - "top" - ], - "rptAsJwt": false, - "accessTokenAsJwt": false, - "accessTokenSigningAlg": "RS256", - "disabled": false, - "attributes": { - "runIntrospectionScriptBeforeJwtCreation": false, - "keepClientAuthorizationAfterExpiration": false, - "allowSpontaneousScopes": false, - "backchannelLogoutSessionRequired": false, - "parLifetime": 600, - "requirePar": false, - "jansDefaultPromptLogin": false - }, - "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", - "displayName": "SCIM client", - "baseDn": "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans", - "inum": "1201.1d010784-b5bf-4813-8f49-cfea00f50498" + "baseDn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", + "inum": "1800.bc140317-7ee2-42a1-8b9e-c653c9a68927" }, { - "dn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", + "dn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", "deletable": false, - "clientSecret": "M7plxxzCRxDN", + "clientSecret": "RyF17ubsbdTb", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/admin", + "https://pujavs-definite-dory.gluu.info/admin", "http://localhost:4100" ], "responseTypes": [ @@ -315,126 +246,100 @@ "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", - "clientName": "Jans Role Based Client", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", + "clientName": "Jans TUI Client", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", - "https://jans.server2/admin" + "https://pujavs-definite-dory.gluu.info/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", - "inum=F0C4,ou=scopes,o=jans" + "inum=F0C4,ou=scopes,o=jans", + "inum=B9D2-D6E5,ou=scopes,o=jans" ], - "trustedClient": false, + "trustedClient": true, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "accessTokenLifetime": 2592000, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Role Based Client" - ], - "value": "Jans Role Based Client", - "displayValue": "Jans Role Based Client" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, - "accessTokenAsJwt": true, + "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { - "runIntrospectionScriptBeforeJwtCreation": true, + "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, - "backchannelLogoutSessionRequired": false, - "introspectionScripts": [ - "inum=A44E-4F3D,ou=scripts,o=jans" + "updateTokenScriptDns": [ + "inum=2D3E.5A04,ou=scripts,o=jans" ], + "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "displayName": "Jans TUI Client", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Role Based Client", - "baseDn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", - "inum": "2000.7810d591-69d3-458c-9309-4268085fe71c" + "baseDn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", + "inum": "2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f" }, { - "dn": "inum=FF81-2D39,ou=clients,o=jans", - "clientSecret": "FF81-2D39-jans", + "dn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", + "deletable": false, + "clientSecret": "oruB9zGAzlEs", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://jans.server2/jans-auth-rp/home.htm", - "https://client.example.com/cb", - "https://client.example.com/cb1", - "https://client.example.com/cb2" - ], - "claimRedirectUris": [ - "https://jans.server2/jans-auth/restv1/uma/gather_claims" - ], - "responseTypes": [ - "token", - "code", - "id_token" + "https://pujavs-definite-dory.gluu.info/admin-ui", + "http://localhost:4100" ], "grantTypes": [ "authorization_code", - "implicit", - "refresh_token", - "client_credentials" + "client_credentials", + "password", + "refresh_token" ], "applicationType": "web", - "clientName": "Jans Test Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "Jans SCIM Client for SAML", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ - "inum=F0C4,ou=scopes,o=jans", - "inum=10B2,ou=scopes,o=jans", - "inum=764C,ou=scopes,o=jans", - "inum=43F1,ou=scopes,o=jans", - "inum=341A,ou=scopes,o=jans", - "inum=6D99,ou=scopes,o=jans" + "inum=F0C4,ou=scopes,o=jans" ], - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Client (don't remove)" - ], - "value": "Jans Test Client (don't remove)", - "displayValue": "Jans Test Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -443,66 +348,54 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "Jans SCIM Client for SAML", + "displayName": "Jans SCIM Client for SAML", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Client (don't remove)", - "baseDn": "inum=FF81-2D39,ou=clients,o=jans", - "inum": "FF81-2D39" + "baseDn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", + "inum": "2100.45b8d476-f4a7-4351-a936-d49623aedf85" }, { - "dn": "inum=AB77-1A2B,ou=clients,o=jans", - "clientSecret": "AB77-1A2B-jans", + "dn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", + "deletable": false, + "clientSecret": "0m3XirLDM4u4", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://client.example.com/cb" - ], - "claimRedirectUris": [ - "https://jans.server2/jans-auth/restv1/uma/gather_claims" + "https://pujavs-definite-dory.gluu.info/kc/realms/jans/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ "code", - "id_token" + "token" ], "grantTypes": [ - "authorization_code", - "implicit", - "refresh_token", - "client_credentials" + "authorization_code" ], "applicationType": "web", - "clientName": "Jans Test Resource Server Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_saml_openid", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=6D99,ou=scopes,o=jans", - "inum=7D90,ou=scopes,o=jans" - ], - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Resource Server Client (don't remove)" - ], - "value": "Jans Test Resource Server Client (don't remove)", - "displayValue": "Jans Test Resource Server Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -511,59 +404,53 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "Keycloak OpenID client used for SAML authentication", + "displayName": "kc_saml_openid", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Resource Server Client (don't remove)", - "baseDn": "inum=AB77-1A2B,ou=clients,o=jans", - "inum": "AB77-1A2B" + "baseDn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", + "inum": "2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7" }, { - "dn": "inum=3E20,ou=clients,o=jans", - "clientSecret": "3E20-jans", + "dn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", + "deletable": false, + "clientSecret": "hFZN4udFr6am", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://client.example.com/cb" + "https://pujavs-definite-dory.gluu.info/kc/realms/jans/dev/null" ], "responseTypes": [ - "code", - "id_token" + "token" ], "grantTypes": [ - "authorization_code", - "implicit", - "refresh_token", "client_credentials" ], "applicationType": "web", - "clientName": "Jans Test Requesting Party Client (don't remove)", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_scheduler_api", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "trustedClient": true, - "persistClientAuthorizations": false, + "trustedClient": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "Jans Test Requesting Party Client (don't remove)" - ], - "value": "Jans Test Requesting Party Client (don't remove)", - "displayValue": "Jans Test Requesting Party Client (don't remove)" - } - ], + "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -572,62 +459,54 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "tokenBindingSupported": false, + "description": "keycloak scheduler openid client used to obtain API keys to invoke the config-api", + "displayName": "kc_scheduler_api", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "Jans Test Requesting Party Client (don't remove)", - "baseDn": "inum=3E20,ou=clients,o=jans", - "inum": "3E20" + "baseDn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", + "inum": "2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146" }, { - "dn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", + "dn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", "deletable": false, - "clientSecret": "be8af842-28c7-4894-b942-15df1325bc9b", + "clientSecret": "A4bnhfJ6qynt", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://abc,com" + "https://pujavs-definite-dory.gluu.info/kc/realms/master/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ - "code" + "code", + "token" ], "grantTypes": [ - "refresh_token", "authorization_code" ], "applicationType": "web", - "clientName": "test1234", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "kc_master_auth", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", + "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", - "scopes": [ - "inum=764C,ou=scopes,o=jans", - "inum=43F1,ou=scopes,o=jans", - "inum=C17A,ou=scopes,o=jans" - ], "trustedClient": false, - "persistClientAuthorizations": false, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "test1234" - ], - "value": "test1234", - "displayValue": "test1234" - } - ], + "customAttributes": [], "customObjectClasses": [ - "top", - "jansClntCustomAttributes" + "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -636,64 +515,69 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "backchannelUserCodeParameter": false, - "description": "test1234", - "tokenBindingSupported": false, + "description": "keycloak master realm client used to authenticate administrators", + "displayName": "kc_master_auth", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "test1234", - "baseDn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", - "inum": "b3c1d295-42e5-425e-b021-7b2fd3206437" + "baseDn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", + "inum": "2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f" }, { - "dn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", + "dn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", "deletable": false, - "clientSecret": "745950bb-4e07-4d3b-ae7d-82d03ee070cd", + "clientSecret": "4MfT17z8Bt1O", + "frontChannelLogoutUri": "https://pujavs-definite-dory.gluu.info/jans-casa/autologout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ - "https://abc,com" + "https://pujavs-definite-dory.gluu.info/jans-casa" ], "responseTypes": [ "code" ], "grantTypes": [ + "authorization_code", "refresh_token", - "authorization_code" + "client_credentials" ], "applicationType": "web", - "clientName": "test12345", - "logoUri": "", - "clientUri": "", - "policyUri": "", - "tosUri": "", - "subjectType": "public", + "clientName": "Client for Casa", + "clientNameLocalized": {}, + "logoUriLocalized": {}, + "clientUriLocalized": {}, + "policyUriLocalized": {}, + "tosUriLocalized": {}, + "subjectType": "pairwise", + "idTokenSignedResponseAlg": "RS256", + "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", + "postLogoutRedirectUris": [ + "https://pujavs-definite-dory.gluu.info/jans-casa/bye.zul" + ], "scopes": [ - "inum=764C,ou=scopes,o=jans", + "inum=F0C4,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", - "inum=C17A,ou=scopes,o=jans" + "inum=10B2,ou=scopes,o=jans", + "inum=341A,ou=scopes,o=jans", + "inum=3000.01.1,ou=scopes,o=jans", + "inum=3000.01.2,ou=scopes,o=jans", + "inum=3000.01.3,ou=scopes,o=jans" ], - "trustedClient": false, - "persistClientAuthorizations": false, + "trustedClient": true, + "persistClientAuthorizations": true, "includeClaimsInIdToken": false, - "customAttributes": [ - { - "name": "displayName", - "multiValued": false, - "values": [ - "test12345" - ], - "value": "test12345", - "displayValue": "test12345" - } - ], + "customAttributes": [], "customObjectClasses": [ - "top", - "jansClntCustomAttributes" + "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, + "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, @@ -702,15 +586,17 @@ "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, - "jansDefaultPromptLogin": false + "dpopBoundAccessToken": false, + "jansDefaultPromptLogin": false, + "minimumAcrLevel": -1 }, - "backchannelUserCodeParameter": false, - "description": "test12345", - "tokenBindingSupported": false, + "displayName": "Client for Casa", + "allAuthenticationMethods": [ + "client_secret_basic" + ], "authenticationMethod": "client_secret_basic", - "displayName": "test12345", - "baseDn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", - "inum": "1bb91a73-6899-440f-ac27-c04429671522" + "baseDn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", + "inum": "3000.6a724dcb-2dd1-47be-9fcd-981b83556965" } ] } \ No newline at end of file diff --git a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java index 32627bcfcdc..a81f99fe99c 100644 --- a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java +++ b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java @@ -146,6 +146,15 @@ public static void throwInternalServerException(Throwable throwable) { throw new InternalServerErrorException(getInternalServerException(throwable.getMessage())); } } + + public static void throwNotFoundException(String msg) { + throw new NotFoundException(getNotFoundError(msg)); + } + + public static void throwNotFoundException(String msg, String description) { + throw new NotFoundException(getNotFoundError(msg, description)); + } + /** * @param attributeName @@ -164,6 +173,13 @@ protected static Response getNotFoundError(String objectName) { return Response.status(Response.Status.NOT_FOUND).entity(error).build(); } + protected static Response getNotFoundError(String msg, String description) { + ApiError error = new ApiError.ErrorBuilder() + .withCode(String.valueOf(Response.Status.NOT_FOUND.getStatusCode())).withMessage(msg).andDescription(description) + .build(); + return Response.status(Response.Status.NOT_FOUND).entity(error).build(); + } + protected static Response getNotAcceptableException(String msg) { ApiError error = new ApiError.ErrorBuilder() .withCode(String.valueOf(Response.Status.NOT_ACCEPTABLE.getStatusCode())).withMessage(msg).build(); diff --git a/jans-linux-setup/jans_setup/templates/base.ldif b/jans-linux-setup/jans_setup/templates/base.ldif index bccb5945da9..ccce2e72b02 100644 --- a/jans-linux-setup/jans_setup/templates/base.ldif +++ b/jans-linux-setup/jans_setup/templates/base.ldif @@ -147,3 +147,8 @@ dn: ou=archived_jwks,o=jans objectClass: top objectClass: organizationalUnit ou: archived_jwks + +dn: ou=document,o=jans +objectClass: top +objectClass: organizationalUnit +ou: document diff --git a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json index 91222c5f3e4..7929dc29603 100644 --- a/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json +++ b/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json @@ -1,6 +1,9 @@ { "configOauthEnabled": ${configOauthEnabled}, + "disableLoggerTimer": false, + "disableAuditLogger": false, "customAttributeValidationEnabled": true, + "assetMgtEnabled": true, "apiApprovedIssuer": ["${apiApprovedIssuer}"], "apiProtectionType": "${apiProtectionType}", "apiClientId": "${jca_client_id}",