diff --git a/jans-config-api/docs/jans-config-api-swagger-auto.yaml b/jans-config-api/docs/jans-config-api-swagger-auto.yaml index d2a2972f1c2..e5ed6d6964d 100644 --- a/jans-config-api/docs/jans-config-api-swagger-auto.yaml +++ b/jans-config-api/docs/jans-config-api-swagger-auto.yaml @@ -7178,18 +7178,18 @@ components: $ref: '#/components/schemas/AttributeValidation' tooltip: type: string + adminCanAccess: + type: boolean + userCanAccess: + type: boolean adminCanEdit: type: boolean userCanView: type: boolean - adminCanAccess: - type: boolean userCanEdit: type: boolean adminCanView: type: boolean - userCanAccess: - type: boolean whitePagesCanView: type: boolean baseDn: @@ -7370,14 +7370,24 @@ components: idTokenTokenBindingCnf: type: string clientName: - $ref: '#/components/schemas/LocalizedString' + type: string logoUri: - $ref: '#/components/schemas/LocalizedString' + type: string clientUri: - $ref: '#/components/schemas/LocalizedString' + type: string policyUri: - $ref: '#/components/schemas/LocalizedString' + type: string tosUri: + type: string + clientNameLocalized: + $ref: '#/components/schemas/LocalizedString' + logoUriLocalized: + $ref: '#/components/schemas/LocalizedString' + clientUriLocalized: + $ref: '#/components/schemas/LocalizedString' + policyUriLocalized: + $ref: '#/components/schemas/LocalizedString' + tosUriLocalized: $ref: '#/components/schemas/LocalizedString' jwksUri: type: string @@ -7518,6 +7528,8 @@ components: format: int32 displayName: type: string + tokenBindingSupported: + type: boolean authenticationMethod: type: string enum: @@ -7529,8 +7541,6 @@ components: - tls_client_auth - self_signed_tls_client_auth - none - tokenBindingSupported: - type: boolean baseDn: type: string inum: @@ -8333,8 +8343,6 @@ components: $ref: '#/components/schemas/EngineConfig' ssaConfiguration: $ref: '#/components/schemas/SsaConfiguration' - fapi: - type: boolean enabledFeatureFlags: uniqueItems: true type: array @@ -8371,6 +8379,8 @@ components: - code - token - id_token + fapi: + type: boolean AuthenticationFilter: required: - baseDn diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index f55c45f8857..591a3ec979f 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -4441,9 +4441,6 @@ components: description: LDAP custom object class list for dynamic person enrolment. items: type: string - enum: - - gluuCustomPerson - - gluuPerson persistIdTokenInLdap: type: boolean description: Specifies whether to persist id_token into LDAP (otherwise saves into cache). @@ -5020,42 +5017,42 @@ components: type: string description: Data Type of attribute. enum: - - STRING - - NUMERIC - - BOOLEAN - - BINARY - - CERTIFICATE - - DATE - - JSON + - string + - numeric + - boolean + - binary + - certificate + - date + - json editType: type: array description: GluuUserRole items: type: string enum: - - ADMIN - - OWNER - - MANAGER - - USER - - WHITEPAGES + - admin + - owner + - manager + - user + - whitepages viewType: type: array description: GluuUserRole items: type: string enum: - - ADMIN - - OWNER - - MANAGER - - USER - - WHITEPAGES + - admin + - owner + - manager + - user + - whitepages usageType: type: array description: GluuAttributeUsageType items: type: string enum: - - OPENID + - openid claimName: type: string seeAlso: @@ -5064,10 +5061,10 @@ components: type: string description: Attrubute status enum: - - ACTIVE - - INACTIVE - - EXPIRED - - REGISTER + - active + - inactive + - expired + - register saml1Uri: type: string saml2Uri: @@ -5224,10 +5221,10 @@ components: description: Scope creator type type: string enum: - - NONE - - CLIENT - - USER - - AUTO + - none + - client + - user + - auto creationDate: description: Scope creation date time. type: string @@ -7434,8 +7431,8 @@ components: description: Session status type: string enum: - - AUTHENTICATED - - UNAUTHENTICATED + - authenticated + - unauthenticated sessionState: description: state of session. type: string diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java index 14f7d55f0d9..edea2d0c6a4 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java @@ -74,7 +74,7 @@ private class UserPagedResult extends PagedResult{}; "Configuration – User Management" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.USER_READ_ACCESS })) @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = UserPagedResult.class) , examples = @ExampleObject(name = "Response json example", value = "example/user/user-all.json"))), + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = UserPagedResult.class), examples = @ExampleObject(name = "Response json example", value = "example/user/user-all.json"))), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @GET @@ -101,7 +101,7 @@ public Response getUsers( "Configuration – User Management" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.USER_READ_ACCESS })) @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class, description = "CustomUser identified by inum") , examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))), + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class, description = "CustomUser identified by inum"), examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @@ -196,9 +196,13 @@ public Response updateUser(@Valid CustomUser customUser) List excludeAttributes = List.of(USER_PWD); checkMissingAttributes(user, excludeAttributes); ignoreCustomObjectClassesForNonLDAP(user); - - user = userMgmtSrv.updateUser(user); - logger.debug("Updated user:{}", user); + try { + user = userMgmtSrv.updateUser(user); + logger.debug("Updated user:{}", user); + } catch (Exception ex) { + logger.error("Error while updating user", ex); + thorwInternalServerException(ex); + } // excludedAttributes user = excludeUserAttributes(user); @@ -208,6 +212,7 @@ public Response updateUser(@Valid CustomUser customUser) logger.debug("updated customUser:{}", customUser); return Response.ok(customUser).build(); + } @Operation(summary = "Patch user properties by Inum", description = "Patch user properties by Inum", operationId = "patch-user-by-inum", tags = { @@ -270,8 +275,7 @@ public Response deleteUser(@PathParam(ApiConstants.INUM) @NotNull String inum) { return Response.noContent().build(); } - private UserPagedResult doSearch(SearchRequest searchReq) - throws IllegalAccessException, InvocationTargetException { + private UserPagedResult doSearch(SearchRequest searchReq) throws IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User search params - searchReq:{} ", escapeLog(searchReq)); } diff --git a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java index 5d109d827e5..c33b14d40b6 100644 --- a/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java +++ b/jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java @@ -28,7 +28,7 @@ import org.slf4j.LoggerFactory; public class BaseResource { - + @Inject Util util; @@ -37,7 +37,7 @@ public class BaseResource { public static final String MISSING_ATTRIBUTE_CODE = "OCA001"; public static final String MISSING_ATTRIBUTE_MESSAGE = "A required attribute is missing."; public static final String TOKEN_DELIMITER = ","; - + public static void checkResourceNotNull(T resource, String objectName) { if (resource == null) { throw new NotFoundException(getNotFoundError(objectName)); @@ -101,6 +101,13 @@ public static void thorwInternalServerException(String msg) { throw new InternalServerErrorException(getInternalServerException(msg)); } + public static void thorwInternalServerException(Throwable throwable) { + throwable = findRootError(throwable); + if (throwable != null) { + throw new InternalServerErrorException(getInternalServerException(throwable.getMessage())); + } + } + /** * @param attributeName * @return @@ -173,7 +180,7 @@ protected SearchRequest createSearchRequest(String schemas, String filter, Strin if (StringUtils.isEmpty(sortOrder) || !sortOrder.equals(SortOrder.DESCENDING.getValue())) { sortOrder = SortOrder.ASCENDING.getValue(); } - log.debug(" util.getTokens(filter,TOKEN_DELIMITER):{} ", util.getTokens(filter,TOKEN_DELIMITER)); + log.debug(" util.getTokens(filter,TOKEN_DELIMITER):{} ", util.getTokens(filter, TOKEN_DELIMITER)); searchRequest.setSchemas(schemas); searchRequest.setAttributes(attrsList); searchRequest.setExcludedAttributes(excludedAttrsList); @@ -183,9 +190,20 @@ protected SearchRequest createSearchRequest(String schemas, String filter, Strin searchRequest.setStartIndex(startIndex); searchRequest.setCount(count); searchRequest.setMaxCount(maximumRecCount); - searchRequest.setFilterAssertionValue(util.getTokens(filter,TOKEN_DELIMITER)); + searchRequest.setFilterAssertionValue(util.getTokens(filter, TOKEN_DELIMITER)); return searchRequest; } + public static Throwable findRootError(Throwable throwable) { + if (throwable == null) { + return throwable; + } + Throwable rootCause = throwable; + while (rootCause.getCause() != null && rootCause.getCause() != rootCause) { + rootCause = rootCause.getCause(); + } + return rootCause; + } + }