Skip to content

Commit

Permalink
feat(jans-config-api): ignore client.customObjectClasses value for pe…
Browse files Browse the repository at this point in the history 
…rsistence type other than LDAP (#1073)
  • Loading branch information
@pujavs
pujavs committed Mar 18, 2022
1 parent cca0551 commit 622bcf4
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 6 deletions.
6 changes: 3 additions & 3 deletions jans-config-api/profiles/local/test.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,9 @@ test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/con
#test.issuer=https://jans.server4


# jans.server1
# jans.server
token.endpoint=https://jans.server/jans-auth/restv1/token
token.grant.type=client_credentials
test.client.id=1800.1832c189-59e0-4077-b3d9-3d03e90c8194
test.client.secret=9WWPhtHBGktg
test.client.id=1800.77e9a8e6-8fee-4b86-b294-017ba6ab2112
test.client.secret=dobHjXDhH6zh
test.issuer=https://jans.server
30 changes: 27 additions & 3 deletions ...config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/ClientsResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,12 @@
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.rest.model.SearchRequest;
import io.jans.configapi.service.auth.ClientService;
import io.jans.configapi.service.auth.ConfigurationService;
import io.jans.configapi.util.ApiAccessConstants;
import io.jans.configapi.util.ApiConstants;
import io.jans.configapi.util.AttributeNames;
import io.jans.configapi.core.util.Jackson;
import io.jans.orm.PersistenceEntryManager;
import io.jans.orm.model.PagedResult;
import io.jans.util.StringHelper;
import io.jans.util.security.StringEncrypter.EncryptionException;
Expand Down Expand Up @@ -55,6 +57,9 @@ public class ClientsResource extends BaseResource {
@Inject
ClientService clientService;

@Inject
ConfigurationService configurationService;

@Inject
private InumService inumService;

Expand All @@ -79,7 +84,7 @@ public Response getOpenIdConnectClients(
startIndex, limit, null, null);

final List<Client> clients = this.doSearch(searchReq);
log.trace("Client serach result:{}", clients);
logger.trace("Client serach result:{}", clients);
return Response.ok(getClients(clients)).build();
}

Expand Down Expand Up @@ -116,6 +121,9 @@ public Response createOpenIdConnect(@Valid Client client) throws EncryptionExcep
client.setClientSecret(encryptionService.encrypt(clientSecret));
client.setDn(clientService.getDnForClient(inum));
client.setDeletable(client.getClientSecretExpiresAt() != null);
ignoreCustomObjectClassesForNonLDAP(client);

logger.debug("Final Client details to be added - client:{}", client);
clientService.addClient(client);
Client result = clientService.getClientByInum(inum);
result.setClientSecret(encryptionService.decrypt(result.getClientSecret()));
Expand All @@ -140,6 +148,9 @@ public Response updateClient(@Valid Client client) throws EncryptionException {
if (client.getClientSecret() != null) {
client.setClientSecret(encryptionService.encrypt(client.getClientSecret()));
}
ignoreCustomObjectClassesForNonLDAP(client);

logger.debug("Final Client details to be updated - client:{}", client);
clientService.updateClient(client);
Client result = clientService.getClientByInum(existingClient.getClientId());
result.setClientSecret(encryptionService.decrypt(client.getClientSecret()));
Expand Down Expand Up @@ -198,17 +209,30 @@ private List<Client> doSearch(SearchRequest searchReq) {

PagedResult<Client> pagedResult = clientService.searchClients(searchReq);
if (logger.isTraceEnabled()) {
log.trace("PagedResult - pagedResult:{}", pagedResult);
logger.trace("PagedResult - pagedResult:{}", pagedResult);
}

List<Client> clients = new ArrayList<>();
if (pagedResult != null) {
log.trace("Clients fetched - pagedResult.getEntries():{}", pagedResult.getEntries());
logger.trace("Clients fetched - pagedResult.getEntries():{}", pagedResult.getEntries());
clients = pagedResult.getEntries();
}
if (logger.isDebugEnabled()) {
logger.debug("Clients fetched - clients:{}", clients);
}
return clients;
}

private Client ignoreCustomObjectClassesForNonLDAP(Client client) {
String persistenceType = configurationService.getPersistenceType();
logger.debug("persistenceType: {}",persistenceType);
if(!PersistenceEntryManager.PERSITENCE_TYPES.ldap.name().equals(persistenceType)) {
logger.debug("Setting CustomObjectClasses :{} to null as its used only for LDAP and current persistenceType is {} ", client.getCustomObjectClasses() , persistenceType);
client.setCustomObjectClasses(null);
}
return client;
}



}
2 changes: 2 additions & 0 deletions jans-config-api/server/src/test/resources/feature/openid/clients/client.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
{
"applicationType": "web",
"description":"Description for test client",
"customObjectClasses":["top"],
"accessTokenAsJwt": false,
"claimRedirectUris": [
],
Expand Down
4 changes: 4 additions & 0 deletions jans-config-api/server/src/test/resources/feature/openid/clients/clients.feature
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,25 +81,29 @@ And header Authorization = 'Bearer ' + accessToken
And request read('client.json')
When method POST
Then status 201
And print response
Then def result = response
Then set result.displayName = 'UpdatedQAAddedClient'
Given url mainUrl
And header Authorization = 'Bearer ' + accessToken
And request result
When method PUT
Then status 200
And print response
And assert response.displayName == 'UpdatedQAAddedClient'
Given url mainUrl + '/' +response.inum
And header Authorization = 'Bearer ' + accessToken
When method DELETE
Then status 204
And print response


Scenario: Delete a non-existion openid connect client by inum
Given url mainUrl + '/1402.66633-8675-473e-a749'
And header Authorization = 'Bearer ' + accessToken
When method GET
Then status 404
And print response


Scenario: Patch openid connect client
Expand Down

0 comments on commit 622bcf4

Please sign in to comment.