docs: end session script (#3402)

* docs: fix ropc methods table * docs: add end session * docs: fix schema command * docs: fix custom script schema commands
JanssenProject · Dec 23, 2022 · 7f71ffe · 7f71ffe
1 parent 436697f
commit 7f71ffe
Show file tree

Hide file tree

Showing 7 changed files with 117 additions and 12 deletions.
diff --git a/docs/admin/config-guide/jans-cli/cli-custom-scripts.md b/docs/admin/config-guide/jans-cli/cli-custom-scripts.md
@@ -39,7 +39,7 @@ Operation ID: delete-config-scripts-by-inum
   Description: Deletes a custom script.
   url-suffix: inum
 
-To get sample schema type /opt/jans/jans-cli/config-cli.py --schema <schma>, for example /opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript
+To get sample schema type /opt/jans/jans-cli/config-cli.py --schema <schma>, for example /opt/jans/jans-cli/config-cli.py --schema CustomScript
 ```
 
 Let's perform each of this operation.
@@ -71,7 +71,7 @@ Operation ID: post-config-scripts
 So, let's get the schema first:
 
 ```
-/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
+/opt/jans/jans-cli/config-cli.py CustomScript > /tmp/cs.json
 ```
 
 ```

diff --git a/docs/admin/developer/interception-scripts.md b/docs/admin/developer/interception-scripts.md
@@ -259,7 +259,7 @@ The post-config-scripts and put-config-scripts require various details about the
 ### Basic schema of a custom script
 Command:
 
-`/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript `
+`/opt/jans/jans-cli/config-cli.py --schema CustomScript `
 
 Output:
 ```json

diff --git a/docs/admin/developer/scripts/end-session.md b/docs/admin/developer/scripts/end-session.md
@@ -5,14 +5,118 @@ tags:
   - scripts
 ---
 
-## This content is in progress
+## Overview
+End Session scripts allows the administrator to modify HTML response for OpenID Connect Frontchannel logout ([spec](https://openid.net/specs/openid-connect-frontchannel-1_0.html)).
 
-The Janssen Project documentation is currently in development. Topic pages are being created in order of broadest relevance, and this page is coming in the near future.
+## Interface
+The end session script implements the [EndSessionType](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/logout/EndSessionType.java) interface. This extends methods from the base script type in addition to adding new methods:
 
-## Have questions in the meantime?
+### Inherited Methods
+| Method header | Method description |
+|:-----|:------|
+| `def init(self, customScript, configurationAttributes)` | This method is only called once during the script initialization. It can be used for global script initialization, initiate objects etc |
+| `def destroy(self, configurationAttributes)` | This method is called once to destroy events. It can be used to free resource and objects created in the `init()` method |
+| `def getApiVersion(self, configurationAttributes, customScript)` | The getApiVersion method allows API changes in order to do transparent migration from an old script to a new API. Only include the customScript variable if the value for getApiVersion is greater than 10 |
 
-While this documentation is in progress, you can ask questions through [GitHub Discussions](https://github.com/JanssenProject/jans/discussion) or the [community chat on Gitter](https://gitter.im/JanssenProject/Lobby). Any questions you have will help determine what information our documentation should cover.
+### New Methods
+| Method header | Method description |
+|:-----|:------|
+| `def getFrontchannelHtml(self, context)` | Returns string, it must be valid HTML (with iframes according to [specification](http://openid.net/specs/openid-connect-frontchannel-1_0.html)). This method is called on `/end_session` after actual session is killed and authorization server constructs HTML to return to RP. |
 
-## Want to contribute?
+### Objects
+| Object name | Object description |
+|:-----|:------|
+|`customScript`| The custom script object. [Reference](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/model/CustomScript.java) |
+|`configurationAttributes`| `configurationProperties` passed in when adding custom script. `Map<String, SimpleCustomProperty> configurationAttributes` |
+|`context`| [Reference](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/EndSessionContext.java)
 
-If you have content you'd like to contribute to this page in the meantime, you can get started with our [Contribution guide](https://docs.jans.io/head/CONTRIBUTING/).
+
+## Use case: Dummy Logout Page
+This script has been adapted from the Gluu Server [sample end session script](https://github.com/GluuFederation/community-edition-setup/blob/version_4.4.0/static/extension/end_session/end_session.py). 
+
+!!! Note
+
+    The example script is a proof of concept, as the `getFrontchannelHtml()` must return an actual HTML string.
+
+### Script Type: Python
+```python
+from io.jans.model.custom.script.type.logout import EndSessionType
+from java.lang import String
+
+class EndSession(EndSessionType):
+    def __init__(self, currentTimeMillis):
+        self.currentTimeMillis = currentTimeMillis
+
+    def init(self, customScript, configurationAttributes):
+        print "EndSession script. Initializing ..."
+        print "EndSession script. Initialized successfully"
+
+        return True
+
+    def destroy(self, configurationAttributes):
+        print "EndSession script. Destroying ..."
+        print "EndSession script. Destroyed successfully"
+        return True
+
+    def getApiVersion(self):
+        return 11
+
+    # Must return an HTML string
+    def getFrontchannelHtml(self, context):
+        return ""
+```
+
+### Script Type: Java
+```java
+import java.util.Map;
+
+import io.jans.model.SimpleCustomProperty;
+import io.jans.model.custom.script.model.CustomScript;
+import io.jans.model.custom.script.type.logout.EndSessionType;
+import io.jans.service.custom.script.CustomScriptManager;
+import io.jans.as.server.service.external.context.EndSessionContext;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class EndSession implements EndSessionType {
+
+	private static final Logger log = LoggerFactory.getLogger(CustomScriptManager.class);
+
+	@Override
+	public boolean init(Map<String, SimpleCustomProperty> configurationAttributes) {
+        log.info("ROPC Script. Initializing...");
+        log.info("ROPC Script. Initialized");
+        return true;
+	}
+
+	@Override
+	public boolean init(CustomScript customScript, Map<String, SimpleCustomProperty> configurationAttributes) {
+        log.info("ROPC Script. Initializing...");
+        log.info("ROPC Script. Initialized");
+        return true;
+	}
+
+	@Override
+	public boolean destroy(Map<String, SimpleCustomProperty> configurationAttributes) {
+        log.info("ROPC Script. Destroying...");
+        log.info("ROPC Script. Destroyed.");
+        return true;
+	}
+
+	@Override
+	public int getApiVersion() {
+		return 11;
+	}
+
+	@Override
+	public String getFrontchannelHtml(Object context) {
+		EndSessionContext endSessionContext = (EndSessionContext) context;
+		// Must return a real HTML string as per OIDC front channel logout spec
+		return "";
+	}
+
+}
+
+```
diff --git a/docs/admin/developer/scripts/ropc.md b/docs/admin/developer/scripts/ropc.md
@@ -22,6 +22,7 @@ The ROPC script implements the [ResourceOwnerPasswordCredentialsType](https://gi
 
 ### New Methods
 | Method header | Method description |
+|:-----|:------|
 | `def authenticate(self, context)` | This method is called after normal ROPC authentication. This method can cancel normal authentication if it returns false and sets `context.setUser(null)` |
 
 ### Objects

diff --git a/docs/admin/developer/scripts/update-token.md b/docs/admin/developer/scripts/update-token.md
@@ -27,7 +27,7 @@ Jans AS->>RP: return token(s) (Access token, ID token or Refresh Token) reflecti
 
 1. Create cs.json with the contents of a CUSTOM script. To do that, run the following command.
 ```
-/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
+/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
 ```
 2. Edit the file's contents to reflect the addition of the UpdateToken custom script.
 

diff --git a/docs/script-catalog/person_authentication/duo-external-authenticator/README.md b/docs/script-catalog/person_authentication/duo-external-authenticator/README.md
@@ -69,7 +69,7 @@ The dependencies have to be added separately as mentioned in the steps below. Us
 
 1. Create `cs.json` with the contents of a CUSTOM script. To do that, run the following command.
 ```
-/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
+/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
 ```
 2. Edit the file's contents to reflect the addition of the duo custom script. 
  *  Set enabled flag `true`

diff --git a/docs/script-catalog/update_token/README.md b/docs/script-catalog/update_token/README.md
@@ -27,7 +27,7 @@ Jans AS->>RP: return token(s) (Access token, ID token or Refresh Token) reflecti
 
 1. Create cs.json with the contents of a CUSTOM script. To do that, run the following command.
 ```
-/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
+/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
 ```
 2. Edit the file's contents to reflect the addition of the UpdateToken custom script.