From 9e96e4c6b13bc44f4bb2d74222da1669d5b5ed22 Mon Sep 17 00:00:00 2001 From: Mustafa Baser Date: Sat, 19 Feb 2022 10:42:54 +0300 Subject: [PATCH] fix(jans-cli): jans cli pkg fixes (#854) * fix: jans-cli pkg fixes * fix: jans-linux-setup copy log4j2.xml to config-api custom dir * fix: linux-setup update swagger client * fix: jans-linux-setup remove unused code block * fix: jans-linux-setup remove unused function * fix: jans-cli redirect ancoding errors to /dev/null (ref: #857) * fix: jans-cli code smell * fix: jans-linux-setup scim-cli uses role based client for jwt token * fix: jans-linux-setup mode of setup.properties --- jans-cli/cli/config_cli.py | 7 +- jans-cli/cli/jca.yaml | 165 +++++++++++++++++- jans-cli/setup.py | 6 +- jans-linux-setup/install.py | 1 - jans-linux-setup/jans_setup/install.py | 10 +- .../jans_setup/setup_app/config.py | 2 +- .../setup_app/installers/config_api.py | 23 ++- .../setup_app/installers/jans_cli.py | 20 +-- .../jans_setup/setup_app/utils/base.py | 16 ++ .../setup_app/utils/properties_utils.py | 7 +- .../jans-auth/role-scope-mappings.ldif | 2 +- 11 files changed, 220 insertions(+), 39 deletions(-) delete mode 120000 jans-linux-setup/install.py diff --git a/jans-cli/cli/config_cli.py b/jans-cli/cli/config_cli.py index 0e22c414ff8..c35c5a513fd 100644 --- a/jans-cli/cli/config_cli.py +++ b/jans-cli/cli/config_cli.py @@ -32,7 +32,10 @@ sys.path.append(cur_dir) from pylib.tabulate.tabulate import tabulate -from pylib import jwt +try: + import jwt +except ModuleNotFoundError: + from pylib import jwt tabulate_endpoints = { 'jca.get-config-scripts': ['scriptType', 'name', 'enabled', 'inum'], @@ -66,7 +69,7 @@ def encode_decode(s, decode=False): cmd = '/opt/jans/bin/encode.py ' if decode: cmd += '-D ' - result = os.popen(cmd + s).read() + result = os.popen(cmd + s + ' 2>/dev/null').read() return result.strip() diff --git a/jans-cli/cli/jca.yaml b/jans-cli/cli/jca.yaml index 02b8a114be8..979f43deeb4 100644 --- a/jans-cli/cli/jca.yaml +++ b/jans-cli/cli/jca.yaml @@ -33,8 +33,10 @@ tags: - name: OAuth - Scopes - name: Statistics - User - name: Health - Check + - name: Server Stats - name: SCIM - User Management - name: SCIM - Config Management + - name: Organization Configuration - name: Auth Server Health - Check - name: Admin UI - Role - name: Admin UI - Permission @@ -2377,6 +2379,23 @@ paths: $ref: '#/components/schemas/HealthStatusItem' '500': description: Internal Server Error + + /jans-config-api/api/v1/health/server-stat: + get: + summary: Returns application server status. + description: Returns application server status. + operationId: get-server-stat + tags: + - Server Stats + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/StatsData' + '500': + description: Internal Server Error /jans-config-api/scim/user: get: @@ -2806,7 +2825,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' security: - oauth2: [https://jans.io/oauth/config/scim/users.read https://jans.io/scim/users.read] - + /jans-config-api/scim/config: get: summary: Retrieves SCIM App configuration. @@ -2859,7 +2878,60 @@ paths: $ref: '#/components/responses/Unauthorized' '500': $ref: '#/components/responses/InternalServerError' - + + /jans-config-api/api/v1/org: + get: + summary: Retrieves organization configuration. + description: Retrieves organization configuration. + operationId: get-organization-config + security: + - oauth2: [https://jans.io/oauth/config/organization.readonly] + tags: + - Organization Configuration + responses: + '200': + description: OK + content: + application/json: + schema: + title: Organization + description: Organization configuration. + $ref: '#/components/schemas/Organization' + '401': + $ref: '#/components/responses/Unauthorized' + '500': + $ref: '#/components/responses/InternalServerError' + patch: + summary: Partially modifies organization configuration. + description: Partially modifies organization configuration. + operationId: patch-organization-config + security: + - oauth2: [https://jans.io/oauth/config/organization.write] + tags: + - Organization Configuration + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + $ref: '#/components/schemas/PatchRequest' + description: String representing patch-document. + example: '[{"op": "add", "path": "/jsFaviconPath", "value": "/opt/jans/jetty/jans-auth/custom/static/"}]' + responses: + '200': + description: OK + content: + application/json: + schema: + title: Organization + description: Organization configuration. + $ref: '#/components/schemas/Organization' + '401': + $ref: '#/components/responses/Unauthorized' + '500': + $ref: '#/components/responses/InternalServerError' + /jans-config-api/api/v1/jans-auth-server/health: get: summary: Returns auth server health status. @@ -3336,6 +3408,8 @@ components: https://jans.io/oauth/config/scim/users.write: Manage scim user related information https://jans.io/scim/config.readonly: Vew SCIM App configuration https://jans.io/scim/config.write: Manage SCIM App configuration + https://jans.io/oauth/config/organization.readonly: View organization configuration information + https://jans.io/oauth/config/organization.write: Manage organization configuration information responses: Found: @@ -6542,5 +6616,88 @@ components: useLocalCache: type: boolean description: Boolean value specifying whether to enable local in-memory cache. - - \ No newline at end of file + + Organization: + type: object + properties: + displayName: + type: string + description: Organization name + description: + type: string + description: Organization description + member: + type: string + description: String describing memberOf + countryName: + type: string + description: Organization country name + organization: + type: string + status: + type: string + managerGroup: + type: string + description: qualified id of the group + example: inum=60B7,ou=groups,o=jans + themeColor: + type: string + description: color of the theme + example: 166309 + shortName: + type: string + customMessages: + type: array + items: + type: string + title: + type: string + jsLogoPath: + type: string + description: Path to organization logo image + jsFaviconPath: + type: string + description: Path to organization favicon image + + + FacterData: + type: object + properties: + memoryfree: + type: string + description: Server free memory + swapfree: + type: string + description: Server swap free + hostname: + type: string + description: Server hostname + ipaddress: + type: string + description: Server ipaddress + uptime: + type: string + description: Server uptime + free_disk_space: + type: string + description: Server free disk space + load_average: + type: string + description: Server average load time + + + StatsData: + type: object + properties: + dbType: + type: string + description: Jans Server DB type + lastUpdate: + type: string + description: Stats update time + facterData: + type: object + $ref: '#/components/schemas/FacterData' + description: Underlying Server stats + + diff --git a/jans-cli/setup.py b/jans-cli/setup.py index fb8fe686f8c..b987ffc620f 100644 --- a/jans-cli/setup.py +++ b/jans-cli/setup.py @@ -36,7 +36,11 @@ def find_version(*file_paths): package_data={'': ['*.yaml']}, zip_safe=False, install_requires=[ - "ruamel.yaml>=0.16.5" + "ruamel.yaml>=0.16.5", + "PyJWT==2.3.0", + "jca-swagger-client @ https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca_swagger_client.zip", + "scim_swagger_client @ https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim_swagger_client.zip", + ], classifiers=[ "Intended Audience :: Developers", diff --git a/jans-linux-setup/install.py b/jans-linux-setup/install.py deleted file mode 120000 index 326c5739678..00000000000 --- a/jans-linux-setup/install.py +++ /dev/null @@ -1 +0,0 @@ -jans_setup/install.py \ No newline at end of file diff --git a/jans-linux-setup/jans_setup/install.py b/jans-linux-setup/jans_setup/install.py index 25dd6c422e2..fc7f8e7d817 100755 --- a/jans-linux-setup/jans_setup/install.py +++ b/jans-linux-setup/jans_setup/install.py @@ -232,8 +232,8 @@ def download_files(): download(urljoin(maven_base_url, 'jans-config-api-server/{0}{1}/jans-config-api-server-{0}{1}.war'.format(app_versions['JANS_APP_VERSION'], app_versions['JANS_BUILD'])), os.path.join(jans_app_dir, 'jans-config-api.war')) download('https://github.com/sqlalchemy/sqlalchemy/archive/rel_1_3_23.zip', sqlalchemy_zip_file) download(urljoin(maven_base_url, 'scim-plugin/{0}{1}/scim-plugin-{0}{1}-distribution.jar'.format(app_versions['JANS_APP_VERSION'], app_versions['JANS_BUILD'])), os.path.join(jans_app_dir, 'scim-plugin.jar')) - download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca.tgz', os.path.join(jans_app_dir, 'jca-swagger-client.tgz')) - download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim.tgz', os.path.join(jans_app_dir, 'scim-swagger-client.tgz')) + download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca_swagger_client.zip', os.path.join(jans_app_dir, 'jca-swagger-client.zip')) + download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim_swagger_client.zip', os.path.join(jans_app_dir, 'scim-swagger-client.zip')) download('https://raw.githubusercontent.com/GluuFederation/gluu-snap/master/facter/facter', os.path.join(jans_app_dir, 'facter')) download('https://github.com/jpadilla/pyjwt/archive/refs/tags/2.3.0.zip', os.path.join(app_dir, 'pyjwt.zip')) @@ -311,11 +311,6 @@ def extract_yaml_files(): extract_file(jans_zip_file, 'jans-config-api/server/src/main/resources/log4j2.xml', jans_app_dir) -def prepare_jans_cli_package(): - print("Preparing jans-cli package") - extract_subdir(jans_zip_file, 'jans-cli', 'jans-cli', os.path.join(jans_app_dir, 'jans-cli.zip')) - - def uninstall_jans(): check_installation() print('\033[31m') @@ -408,7 +403,6 @@ def main(): else: profile_setup() - prepare_jans_cli_package() if not argsp.no_setup: print("Launching Janssen Setup") diff --git a/jans-linux-setup/jans_setup/setup_app/config.py b/jans-linux-setup/jans_setup/setup_app/config.py index 6255654a321..cb8ed03b8ea 100644 --- a/jans-linux-setup/jans_setup/setup_app/config.py +++ b/jans-linux-setup/jans_setup/setup_app/config.py @@ -239,7 +239,7 @@ def progress(self, service_name, msg, incr=False): self.ldapCertFn = self.opendj_cert_fn = os.path.join(self.certFolder, 'opendj.crt') self.ldapTrustStoreFn = self.opendj_p12_fn = os.path.join(self.certFolder, 'opendj.p12') - self.oxd_package = base.determine_package(os.path.join(Config.distJansFolder, 'oxd-server*.tgz')) + self.oxd_package = base.determine_package(os.path.join(self.distJansFolder, 'oxd-server*.tgz')) self.opendj_p12_pass = None diff --git a/jans-linux-setup/jans_setup/setup_app/installers/config_api.py b/jans-linux-setup/jans_setup/setup_app/installers/config_api.py index b1046d61c32..0829b6f4cfd 100644 --- a/jans-linux-setup/jans_setup/setup_app/installers/config_api.py +++ b/jans-linux-setup/jans_setup/setup_app/installers/config_api.py @@ -60,6 +60,12 @@ def install(self): self.copyFile(self.source_files[1][0], self.libDir) scim_plugin_path = os.path.join(self.libDir, os.path.basename(self.source_files[1][0])) self.add_extra_class(scim_plugin_path) + base.extract_file( + os.path.join(Config.distJansFolder, 'jans.zip'), + 'jans-config-api/server/src/main/resources/log4j2.xml', + self.custom_config_dir + ) + self.enable() def installed(self): @@ -192,15 +198,11 @@ def render_import_templates(self): self.dbUtils.import_ldif(self.load_ldif_files) - def load_test_data(self): - if not self.installed(): - return - - check_result = self.check_clients([('jca_test_client_id', '1802.')]) + def prepare_scope_list(self): - result = self.dbUtils.search('ou=scopes,o=jans', search_filter='(&(inum=1800.*)(objectClass=jansScope))', fetchmany=True) scopes = [] scopes_id_list = [] + result = self.dbUtils.search('ou=scopes,o=jans', search_filter='(&(inum=1800.*)(objectClass=jansScope))', fetchmany=True) for scope in result: if isinstance(scope, dict): @@ -220,6 +222,15 @@ def load_test_data(self): Config.templateRenderingDict['config_api_scopes'] = '\n'.join(scopes) Config.templateRenderingDict['config_api_scopes_list'] = ' '.join(scopes_id_list) + + def load_test_data(self): + if not self.installed(): + return + + check_result = self.check_clients([('jca_test_client_id', '1802.')]) + + self.prepare_scope_list() + if check_result.get('1802.') == 1: warning = "Test data for Config Api was allready loaded." self.logIt(warning) diff --git a/jans-linux-setup/jans_setup/setup_app/installers/jans_cli.py b/jans-linux-setup/jans_setup/setup_app/installers/jans_cli.py index 34b90387056..7bf9e2308ff 100644 --- a/jans-linux-setup/jans_setup/setup_app/installers/jans_cli.py +++ b/jans-linux-setup/jans_setup/setup_app/installers/jans_cli.py @@ -37,9 +37,9 @@ def __init__(self): self.register_progess() self.source_files = [ - (os.path.join(Config.distJansFolder, 'jans-cli.zip'), 'https://api.github.com/repos/JanssenProject/jans-cli/tarball/main'.format(Config.oxVersion)), - (os.path.join(Config.distJansFolder, 'jca-swagger-client.tgz'), 'https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca.tgz'), - (os.path.join(Config.distJansFolder, 'scim-swagger-client.tgz'), 'https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim.tgz'), + (os.path.join(Config.distJansFolder, 'jans.zip'), 'https://github.com/JanssenProject/jans/archive/refs/heads/{}.zip'.format(Config.githubBranchName)), + (os.path.join(Config.distJansFolder, 'jca-swagger-client.zip'), 'https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca_swagger_client.zip'), + (os.path.join(Config.distJansFolder, 'scim-swagger-client.zip'), 'https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim_swagger_client.zip'), (os.path.join(Config.distAppFolder, 'pyjwt.zip'), 'https://github.com/jpadilla/pyjwt/archive/refs/tags/2.3.0.zip'), ] @@ -48,18 +48,14 @@ def install(self): self.logIt("Installing Jans Cli", pbar=self.service_name) #extract jans-cli tgz archieve - base.extract_from_zip(self.source_files[0][0], 'cli', self.jans_cli_install_dir) + base.extract_from_zip(self.source_files[0][0], 'jans-cli/cli', self.jans_cli_install_dir) self.run([paths.cmd_ln, '-s', os.path.join(self.jans_cli_install_dir, 'config_cli.py'), os.path.join(self.jans_cli_install_dir, 'config-cli.py')]) self.run([paths.cmd_ln, '-s', os.path.join(self.jans_cli_install_dir, 'config_cli.py'), os.path.join(self.jans_cli_install_dir, 'scim-cli.py')]) self.run([paths.cmd_chmod, '+x', os.path.join(self.jans_cli_install_dir, 'config_cli.py')]) - for i, app_mod in enumerate(('jca', 'scim')): - swagger_cli_dir = os.path.join(self.jans_cli_install_dir, app_mod) - self.createDirs(swagger_cli_dir) - init_fn = os.path.join(swagger_cli_dir, '__init__.py') - self.writeFile(init_fn, '') - shutil.unpack_archive(self.source_files[i+1][0], swagger_cli_dir) + base.extract_from_zip(self.source_files[1][0], 'jca', os.path.join(self.jans_cli_install_dir, 'jca')) + base.extract_from_zip(self.source_files[2][0], 'scim', os.path.join(self.jans_cli_install_dir, 'scim')) #extract pyjwt from archieve base.extract_from_zip(self.source_files[3][0], 'jwt', os.path.join(self.jans_cli_install_dir, 'pylib/jwt')) @@ -90,8 +86,8 @@ def configure(self, options={}): config['DEFAULT']['jca_client_secret_enc'] = Config.role_based_client_encoded_pw if Config.get('installScimServer'): - config['DEFAULT']['scim_client_id'] = Config.scim_client_id - config['DEFAULT']['scim_client_secret_enc'] = Config.scim_client_encoded_pw + config['DEFAULT']['scim_client_id'] = Config.role_based_client_id + config['DEFAULT']['scim_client_secret_enc'] = Config.role_based_client_encoded_pw config.write(self.config_ini_fn.open('w')) diff --git a/jans-linux-setup/jans_setup/setup_app/utils/base.py b/jans-linux-setup/jans_setup/setup_app/utils/base.py index 8a4b311820b..c53a3085a6c 100644 --- a/jans-linux-setup/jans_setup/setup_app/utils/base.py +++ b/jans-linux-setup/jans_setup/setup_app/utils/base.py @@ -317,6 +317,22 @@ def download(url, dst): else: break +def extract_file(zip_file, source, target, ren=False): + zip_obj = zipfile.ZipFile(zip_file, "r") + for member in zip_obj.infolist(): + if not member.is_dir() and member.filename.endswith(source): + if ren: + target_p = Path(target) + else: + p = Path(member.filename) + target_p = Path(target).joinpath(p.name) + if not target_p.parent.exists(): + target_p.parent.mkdir(parents=True) + target_p.write_bytes(zip_obj.read(member)) + break + zip_obj.close() + + def extract_from_zip(zip_file, sub_dir, target_dir, remove_target_dir=False): zipobj = zipfile.ZipFile(zip_file, "r") parent_dir = zipobj.namelist()[0] diff --git a/jans-linux-setup/jans_setup/setup_app/utils/properties_utils.py b/jans-linux-setup/jans_setup/setup_app/utils/properties_utils.py index ce9faa00ce4..1471b2583f1 100644 --- a/jans-linux-setup/jans_setup/setup_app/utils/properties_utils.py +++ b/jans-linux-setup/jans_setup/setup_app/utils/properties_utils.py @@ -274,12 +274,12 @@ def save_properties(self, prop_fn=None, obj=None): if not prop_fn: prop_fn = Config.savedProperties - + if not obj: obj = self self.logIt('Saving properties to %s' % prop_fn) - + def getString(value): if isinstance(value, str): return str(value).strip() @@ -298,7 +298,6 @@ def getString(value): if obj_name.startswith('cmd_'): continue - if not obj_name.startswith('__') and (not callable(obj)): if obj_name == 'mappingLocations': @@ -311,6 +310,8 @@ def getString(value): with open(prop_fn, 'wb') as f: p.store(f, encoding="utf-8") + self.run([paths.cmd_chmod, '600', prop_fn]) + # TODO: uncomment later return diff --git a/jans-linux-setup/jans_setup/templates/jans-auth/role-scope-mappings.ldif b/jans-linux-setup/jans_setup/templates/jans-auth/role-scope-mappings.ldif index 68f1237bbf6..ce0f4835e85 100644 --- a/jans-linux-setup/jans_setup/templates/jans-auth/role-scope-mappings.ldif +++ b/jans-linux-setup/jans_setup/templates/jans-auth/role-scope-mappings.ldif @@ -2,7 +2,7 @@ version: 1 dn: ou=admin-ui,ou=configuration,o=jans objectClass: jansAdminConfDyn objectClass: top -jansConfDyn: {"roles":[{"role":"api-viewer","description":"desc"},{"role":"api-editor","description":""},{"role":"api-manager","description":""},{"role":"api-admin","description":""}],"permissions":[{"permission":"https://jans.io/oauth/config/attributes.readonly","description":null},{"permission":"https://jans.io/oauth/config/attributes.write","description":null},{"permission":"https://jans.io/oauth/config/attributes.delete","description":null},{"permission":"https://jans.io/oauth/config/acrs.readonly","description":null},{"permission":"https://jans.io/oauth/config/acrs.write","description":null},{"permission":"https://jans.io/oauth/config/acrs.delete","description":null},{"permission":"https://jans.io/oauth/config/scopes.readonly","description":null},{"permission":"https://jans.io/oauth/config/scopes.write","description":null},{"permission":"https://jans.io/oauth/config/scopes.delete","description":null},{"permission":"https://jans.io/oauth/config/scripts.readonly","description":null},{"permission":"https://jans.io/oauth/config/scripts.write","description":null},{"permission":"https://jans.io/oauth/config/scripts.delete","description":null},{"permission":"https://jans.io/oauth/config/openid/clients.readonly","description":null},{"permission":"https://jans.io/oauth/config/openid/clients.write","description":null},{"permission":"https://jans.io/oauth/config/openid/clients.delete","description":null},{"permission":"https://jans.io/oauth/config/smtp.readonly","description":null},{"permission":"https://jans.io/oauth/config/smtp.write","description":null},{"permission":"https://jans.io/oauth/config/smtp.delete","description":null},{"permission":"https://jans.io/oauth/config/logging.readonly","description":null},{"permission":"https://jans.io/oauth/config/logging.write","description":null},{"permission":"https://jans.io/oauth/config/uma/resources.readonly","description":null},{"permission":"https://jans.io/oauth/config/uma/resources.write","description":null},{"permission":"https://jans.io/oauth/config/uma/resources.delete","description":null},{"permission":"https://jans.io/oauth/config/database/ldap.readonly","description":null},{"permission":"https://jans.io/oauth/config/database/ldap.write","description":null},{"permission":"https://jans.io/oauth/config/database/ldap.delete","description":null},{"permission":"https://jans.io/oauth/config/jwks.readonly","description":null},{"permission":"https://jans.io/oauth/config/jwks.write","description":null},{"permission":"https://jans.io/oauth/config/fido2.readonly","description":null},{"permission":"https://jans.io/oauth/config/fido2.write","description":null},{"permission":"https://jans.io/oauth/config/cache.readonly","description":null},{"permission":"https://jans.io/oauth/config/cache.write","description":null},{"permission":"https://jans.io/oauth/config/database/couchbase.readonly","description":null},{"permission":"https://jans.io/oauth/config/database/couchbase.write","description":null},{"permission":"https://jans.io/oauth/config/database/sql.readonly","description":null},{"permission":"https://jans.io/oauth/config/database/sql.write","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/properties.readonly","description":null},{"permission":"https://jans.io/oauth/config/stats.readonly","description":null},{"permission":"jans_stat","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly","description":null},{"permission":"https://jans.io/oauth/jans-auth-server/config/adminui/license.write","description":null}],"rolePermissionMapping":[{"role":"api-viewer","permissions":["https://jans.io/oauth/config/attributes.readonly","https://jans.io/oauth/config/acrs.readonly","https://jans.io/oauth/config/scopes.readonly","https://jans.io/oauth/config/scripts.readonly","https://jans.io/oauth/config/openid/clients.readonly","https://jans.io/oauth/config/smtp.readonly","https://jans.io/oauth/config/logging.readonly","https://jans.io/oauth/config/uma/resources.readonly","https://jans.io/oauth/config/database/ldap.readonly","https://jans.io/oauth/config/jwks.readonly","https://jans.io/oauth/config/fido2.readonly","https://jans.io/oauth/config/cache.readonly","https://jans.io/oauth/jans-auth-server/config/properties.readonly","https://jans.io/oauth/config/database/couchbase.readonly","https://jans.io/oauth/config/database/sql.readonly","https://jans.io/oauth/config/stats.readonly"]},{"role":"api-editor","permissions":["https://jans.io/oauth/config/attributes.readonly","https://jans.io/oauth/config/attributes.write","https://jans.io/oauth/config/acrs.readonly","https://jans.io/oauth/config/acrs.write","https://jans.io/oauth/config/scopes.readonly","https://jans.io/oauth/config/scopes.write","https://jans.io/oauth/config/scripts.readonly","https://jans.io/oauth/config/scripts.write","https://jans.io/oauth/config/openid/clients.readonly","https://jans.io/oauth/config/openid/clients.write","https://jans.io/oauth/config/smtp.readonly","https://jans.io/oauth/config/smtp.write","https://jans.io/oauth/config/logging.readonly","https://jans.io/oauth/config/logging.write","https://jans.io/oauth/config/uma/resources.readonly","https://jans.io/oauth/config/uma/resources.write","https://jans.io/oauth/config/database/ldap.readonly","https://jans.io/oauth/config/database/ldap.write","https://jans.io/oauth/config/jwks.readonly","https://jans.io/oauth/config/jwks.write","https://jans.io/oauth/config/fido2.readonly","https://jans.io/oauth/config/fido2.write","https://jans.io/oauth/config/cache.readonly","https://jans.io/oauth/config/cache.write","https://jans.io/oauth/config/database/couchbase.readonly","https://jans.io/oauth/config/database/couchbase.write","https://jans.io/oauth/config/database/sql.readonly","https://jans.io/oauth/config/database/sql.write","https://jans.io/oauth/jans-auth-server/config/properties.readonly","https://jans.io/oauth/config/stats.readonly","jans_stat"]},{"role":"api-manager","permissions":["https://jans.io/oauth/config/attributes.readonly","https://jans.io/oauth/config/attributes.write","https://jans.io/oauth/config/attributes.delete","https://jans.io/oauth/config/acrs.readonly","https://jans.io/oauth/config/acrs.write","https://jans.io/oauth/config/acrs.delete","https://jans.io/oauth/config/scopes.readonly","https://jans.io/oauth/config/scopes.write","https://jans.io/oauth/config/scopes.delete","https://jans.io/oauth/config/scripts.readonly","https://jans.io/oauth/config/scripts.write","https://jans.io/oauth/config/scripts.delete","https://jans.io/oauth/config/openid/clients.readonly","https://jans.io/oauth/config/openid/clients.write","https://jans.io/oauth/config/openid/clients.delete","https://jans.io/oauth/config/smtp.readonly","https://jans.io/oauth/config/smtp.write","https://jans.io/oauth/config/smtp.delete","https://jans.io/oauth/config/logging.readonly","https://jans.io/oauth/config/logging.write","https://jans.io/oauth/config/uma/resources.readonly","https://jans.io/oauth/config/uma/resources.write","https://jans.io/oauth/config/uma/resources.delete","https://jans.io/oauth/config/database/ldap.readonly","https://jans.io/oauth/config/database/ldap.write","https://jans.io/oauth/config/database/ldap.delete","https://jans.io/oauth/config/jwks.readonly","https://jans.io/oauth/config/jwks.write","https://jans.io/oauth/config/fido2.readonly","https://jans.io/oauth/config/fido2.write","https://jans.io/oauth/config/cache.readonly","https://jans.io/oauth/config/cache.write","https://jans.io/oauth/config/database/couchbase.readonly","https://jans.io/oauth/config/database/couchbase.write","https://jans.io/oauth/config/database/sql.readonly","https://jans.io/oauth/config/database/sql.write","https://jans.io/oauth/jans-auth-server/config/properties.readonly","https://jans.io/oauth/config/stats.readonly","jans_stat"]},{"role":"api-admin","permissions":["https://jans.io/oauth/config/attributes.readonly","https://jans.io/oauth/config/attributes.write","https://jans.io/oauth/config/attributes.delete","https://jans.io/oauth/config/acrs.readonly","https://jans.io/oauth/config/acrs.write","https://jans.io/oauth/config/acrs.delete","https://jans.io/oauth/config/scopes.readonly","https://jans.io/oauth/config/scopes.write","https://jans.io/oauth/config/scopes.delete","https://jans.io/oauth/config/scripts.readonly","https://jans.io/oauth/config/scripts.write","https://jans.io/oauth/config/scripts.delete","https://jans.io/oauth/config/openid/clients.readonly","https://jans.io/oauth/config/openid/clients.write","https://jans.io/oauth/config/openid/clients.delete","https://jans.io/oauth/config/smtp.readonly","https://jans.io/oauth/config/smtp.write","https://jans.io/oauth/config/smtp.delete","https://jans.io/oauth/config/logging.readonly","https://jans.io/oauth/config/logging.write","https://jans.io/oauth/config/uma/resources.readonly","https://jans.io/oauth/config/uma/resources.write","https://jans.io/oauth/config/uma/resources.delete","https://jans.io/oauth/config/database/ldap.readonly","https://jans.io/oauth/config/database/ldap.write","https://jans.io/oauth/config/database/ldap.delete","https://jans.io/oauth/config/jwks.readonly","https://jans.io/oauth/config/jwks.write","https://jans.io/oauth/config/fido2.readonly","https://jans.io/oauth/config/fido2.write","https://jans.io/oauth/config/cache.readonly","https://jans.io/oauth/config/cache.write","https://jans.io/oauth/config/database/couchbase.readonly","https://jans.io/oauth/config/database/couchbase.write","https://jans.io/oauth/config/database/sql.readonly","https://jans.io/oauth/config/database/sql.write","https://jans.io/oauth/jans-auth-server/config/properties.readonly","https://jans.io/oauth/config/stats.readonly","jans_stat","https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly","https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write","https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly","https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write","https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly","https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write", "https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", "https://jans.io/oauth/jans-auth-server/config/adminui/license.write"]}]} +jansConfDyn: {"roles": [{"role": "api-viewer", "description": "desc"}, {"role": "api-editor", "description": ""}, {"role": "api-manager", "description": ""}, {"role": "api-admin", "description": ""}], "permissions": [{"permission": "https://jans.io/oauth/config/attributes.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/attributes.write", "description": null}, {"permission": "https://jans.io/oauth/config/attributes.delete", "description": null}, {"permission": "https://jans.io/oauth/config/acrs.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/acrs.write", "description": null}, {"permission": "https://jans.io/oauth/config/acrs.delete", "description": null}, {"permission": "https://jans.io/oauth/config/scopes.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/scopes.write", "description": null}, {"permission": "https://jans.io/oauth/config/scopes.delete", "description": null}, {"permission": "https://jans.io/oauth/config/scripts.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/scripts.write", "description": null}, {"permission": "https://jans.io/oauth/config/scripts.delete", "description": null}, {"permission": "https://jans.io/oauth/config/openid/clients.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/openid/clients.write", "description": null}, {"permission": "https://jans.io/oauth/config/openid/clients.delete", "description": null}, {"permission": "https://jans.io/oauth/config/smtp.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/smtp.write", "description": null}, {"permission": "https://jans.io/oauth/config/smtp.delete", "description": null}, {"permission": "https://jans.io/oauth/config/logging.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/logging.write", "description": null}, {"permission": "https://jans.io/oauth/config/uma/resources.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/uma/resources.write", "description": null}, {"permission": "https://jans.io/oauth/config/uma/resources.delete", "description": null}, {"permission": "https://jans.io/oauth/config/database/ldap.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/database/ldap.write", "description": null}, {"permission": "https://jans.io/oauth/config/database/ldap.delete", "description": null}, {"permission": "https://jans.io/oauth/config/jwks.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/jwks.write", "description": null}, {"permission": "https://jans.io/oauth/config/fido2.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/fido2.write", "description": null}, {"permission": "https://jans.io/oauth/config/cache.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/cache.write", "description": null}, {"permission": "https://jans.io/oauth/config/database/couchbase.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/database/couchbase.write", "description": null}, {"permission": "https://jans.io/oauth/config/database/sql.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/database/sql.write", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/properties.readonly", "description": null}, {"permission": "https://jans.io/oauth/config/stats.readonly", "description": null}, {"permission": "jans_stat", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", "description": null}, {"permission": "https://jans.io/oauth/jans-auth-server/config/adminui/license.write", "description": null}], "rolePermissionMapping": [{"role": "api-viewer", "permissions": ["https://jans.io/oauth/config/attributes.readonly", "https://jans.io/oauth/config/acrs.readonly", "https://jans.io/oauth/config/scopes.readonly", "https://jans.io/oauth/config/scripts.readonly", "https://jans.io/oauth/config/openid/clients.readonly", "https://jans.io/oauth/config/smtp.readonly", "https://jans.io/oauth/config/logging.readonly", "https://jans.io/oauth/config/uma/resources.readonly", "https://jans.io/oauth/config/database/ldap.readonly", "https://jans.io/oauth/config/jwks.readonly", "https://jans.io/oauth/config/fido2.readonly", "https://jans.io/oauth/config/cache.readonly", "https://jans.io/oauth/jans-auth-server/config/properties.readonly", "https://jans.io/oauth/config/database/couchbase.readonly", "https://jans.io/oauth/config/database/sql.readonly", "https://jans.io/oauth/config/stats.readonly"]}, {"role": "api-editor", "permissions": ["https://jans.io/oauth/config/attributes.readonly", "https://jans.io/oauth/config/attributes.write", "https://jans.io/oauth/config/acrs.readonly", "https://jans.io/oauth/config/acrs.write", "https://jans.io/oauth/config/scopes.readonly", "https://jans.io/oauth/config/scopes.write", "https://jans.io/oauth/config/scripts.readonly", "https://jans.io/oauth/config/scripts.write", "https://jans.io/oauth/config/openid/clients.readonly", "https://jans.io/oauth/config/openid/clients.write", "https://jans.io/oauth/config/smtp.readonly", "https://jans.io/oauth/config/smtp.write", "https://jans.io/oauth/config/logging.readonly", "https://jans.io/oauth/config/logging.write", "https://jans.io/oauth/config/uma/resources.readonly", "https://jans.io/oauth/config/uma/resources.write", "https://jans.io/oauth/config/database/ldap.readonly", "https://jans.io/oauth/config/database/ldap.write", "https://jans.io/oauth/config/jwks.readonly", "https://jans.io/oauth/config/jwks.write", "https://jans.io/oauth/config/fido2.readonly", "https://jans.io/oauth/config/fido2.write", "https://jans.io/oauth/config/cache.readonly", "https://jans.io/oauth/config/cache.write", "https://jans.io/oauth/config/database/couchbase.readonly", "https://jans.io/oauth/config/database/couchbase.write", "https://jans.io/oauth/config/database/sql.readonly", "https://jans.io/oauth/config/database/sql.write", "https://jans.io/oauth/jans-auth-server/config/properties.readonly", "https://jans.io/oauth/config/stats.readonly", "jans_stat"]}, {"role": "api-manager", "permissions": ["https://jans.io/oauth/config/attributes.readonly", "https://jans.io/oauth/config/attributes.write", "https://jans.io/oauth/config/attributes.delete", "https://jans.io/oauth/config/acrs.readonly", "https://jans.io/oauth/config/acrs.write", "https://jans.io/oauth/config/acrs.delete", "https://jans.io/oauth/config/scopes.readonly", "https://jans.io/oauth/config/scopes.write", "https://jans.io/oauth/config/scopes.delete", "https://jans.io/oauth/config/scripts.readonly", "https://jans.io/oauth/config/scripts.write", "https://jans.io/oauth/config/scripts.delete", "https://jans.io/oauth/config/openid/clients.readonly", "https://jans.io/oauth/config/openid/clients.write", "https://jans.io/oauth/config/openid/clients.delete", "https://jans.io/oauth/config/smtp.readonly", "https://jans.io/oauth/config/smtp.write", "https://jans.io/oauth/config/smtp.delete", "https://jans.io/oauth/config/logging.readonly", "https://jans.io/oauth/config/logging.write", "https://jans.io/oauth/config/uma/resources.readonly", "https://jans.io/oauth/config/uma/resources.write", "https://jans.io/oauth/config/uma/resources.delete", "https://jans.io/oauth/config/database/ldap.readonly", "https://jans.io/oauth/config/database/ldap.write", "https://jans.io/oauth/config/database/ldap.delete", "https://jans.io/oauth/config/jwks.readonly", "https://jans.io/oauth/config/jwks.write", "https://jans.io/oauth/config/fido2.readonly", "https://jans.io/oauth/config/fido2.write", "https://jans.io/oauth/config/cache.readonly", "https://jans.io/oauth/config/cache.write", "https://jans.io/oauth/config/database/couchbase.readonly", "https://jans.io/oauth/config/database/couchbase.write", "https://jans.io/oauth/config/database/sql.readonly", "https://jans.io/oauth/config/database/sql.write", "https://jans.io/oauth/jans-auth-server/config/properties.readonly", "https://jans.io/oauth/config/stats.readonly", "jans_stat"]}, {"role": "api-admin", "permissions": ["https://jans.io/oauth/config/attributes.readonly", "https://jans.io/oauth/config/attributes.write", "https://jans.io/oauth/config/attributes.delete", "https://jans.io/oauth/config/acrs.readonly", "https://jans.io/oauth/config/acrs.write", "https://jans.io/oauth/config/acrs.delete", "https://jans.io/oauth/config/scopes.readonly", "https://jans.io/oauth/config/scopes.write", "https://jans.io/oauth/config/scopes.delete", "https://jans.io/oauth/config/scripts.readonly", "https://jans.io/oauth/config/scripts.write", "https://jans.io/oauth/config/scripts.delete", "https://jans.io/oauth/config/openid/clients.readonly", "https://jans.io/oauth/config/openid/clients.write", "https://jans.io/oauth/config/openid/clients.delete", "https://jans.io/oauth/config/smtp.readonly", "https://jans.io/oauth/config/smtp.write", "https://jans.io/oauth/config/smtp.delete", "https://jans.io/oauth/config/logging.readonly", "https://jans.io/oauth/config/logging.write", "https://jans.io/oauth/config/uma/resources.readonly", "https://jans.io/oauth/config/uma/resources.write", "https://jans.io/oauth/config/uma/resources.delete", "https://jans.io/oauth/config/database/ldap.readonly", "https://jans.io/oauth/config/database/ldap.write", "https://jans.io/oauth/config/database/ldap.delete", "https://jans.io/oauth/config/jwks.readonly", "https://jans.io/oauth/config/jwks.write", "https://jans.io/oauth/config/fido2.readonly", "https://jans.io/oauth/config/fido2.write", "https://jans.io/oauth/config/cache.readonly", "https://jans.io/oauth/config/cache.write", "https://jans.io/oauth/config/database/couchbase.readonly", "https://jans.io/oauth/config/database/couchbase.write", "https://jans.io/oauth/config/database/sql.readonly", "https://jans.io/oauth/config/database/sql.write", "https://jans.io/oauth/jans-auth-server/config/properties.readonly", "https://jans.io/oauth/config/stats.readonly", "jans_stat", "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly", "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write", "https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly", "https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write", "https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly", "https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write", "https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", "https://jans.io/oauth/jans-auth-server/config/adminui/license.write", "https://jans.io/scim/bulk", "https://jans.io/scim/users.write", "https://jans.io/scim/fido.read", "https://jans.io/scim/all-resources.search", "https://jans.io/scim/fido2.read", "https://jans.io/scim/groups.write", "https://jans.io/scim/users.read", "https://jans.io/scim/groups.read", "https://jans.io/scim/fido2.write", "https://jans.io/scim/fido.write"]}]} jansRevision: 1 ou: admin-ui