Merge pull request #142 from JanssenProject/admin-ui-setup

Admin UI setup

install.py

@@ -137,7 +137,7 @@ def download_gcs():
 setup_zip_file = os.path.join(jans_app_dir, 'jans-setup.zip')
 
 if not (argsp.u or argsp.uninstall):
-    setup_url = 'https://github.com/JanssenProject/jans-setup/archive/master.zip'
+    setup_url = 'https://github.com/JanssenProject/jans-setup/archive/refs/heads/{}.zip'.format(app_versions['SETUP_BRANCH'])
     download(setup_url, setup_zip_file)
 
     download('https://corretto.aws/downloads/resources/{0}/amazon-corretto-{0}-linux-x64.tar.gz'.format(app_versions['AMAZON_CORRETTO_VERSION']), os.path.join(app_dir, 'amazon-corretto-{0}-linux-x64.tar.gz'.format(app_versions['AMAZON_CORRETTO_VERSION'])))
@@ -151,6 +151,9 @@ def download_gcs():
     download(urljoin(maven_base_url, 'scim-plugin/{0}{1}/scim-plugin-{0}{1}-distribution.jar'.format(app_versions['JANS_APP_VERSION'], app_versions['JANS_BUILD'])), os.path.join(jans_app_dir, 'scim-plugin.jar'))
     download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/jca.tgz', os.path.join(jans_app_dir, 'jca-swagger-client.tgz'))
     download('https://ox.gluu.org/icrby8xcvbcv/cli-swagger/scim.tgz', os.path.join(jans_app_dir, 'scim-swagger-client.tgz'))
+    download(urljoin(maven_base_url, 'admin-ui-plugin/{0}{1}/admin-ui-plugin-{0}{1}-distribution.jar'.format(app_versions['JANS_APP_VERSION'], app_versions['JANS_BUILD'])), os.path.join(jans_app_dir, 'admin-ui-plugin-distribution.jar'))
+    download('https://raw.githubusercontent.com/JanssenProject/jans-config-api/master/server/src/main/resources/log4j2.xml', os.path.join(jans_app_dir, 'log4j2.xml'))
+    download('https://raw.githubusercontent.com/JanssenProject/jans-config-api/master/plugins/admin-ui-plugin/config/log4j2-adminui.xml', os.path.join(jans_app_dir, 'log4j2-adminui.xml'))
 
     if argsp.profile == 'jans':
         download('https://maven.gluu.org/maven/org/gluufederation/opendj/opendj-server-legacy/{0}/opendj-server-legacy-{0}.zip'.format(app_versions['OPENDJ_VERSION']), os.path.join(app_dir, 'opendj-server-legacy-{0}.zip'.format(app_versions['OPENDJ_VERSION'])))

setup.py

@@ -67,7 +67,6 @@
 from setup_app.installers.config_api import ConfigApiInstaller
 from setup_app.installers.jans_cli import JansCliInstaller
 from setup_app.installers.rdbm import RDBMInstaller
-#from setup_app.installers.admin_ui import AdminUIInstaller
 
 
 # from setup_app.installers.oxd import OxdInstaller
@@ -170,7 +169,6 @@
     scimInstaller = ScimInstaller()
     elevenInstaller = ElevenInstaller()
 jansCliInstaller = JansCliInstaller()
-#adminUIInstaller = AdminUIInstaller()
 
 # oxdInstaller = OxdInstaller()
 
@@ -327,10 +325,6 @@ def do_installation():
                     not Config.installed_instance and Config.get(elevenInstaller.install_var)):
                 elevenInstaller.start_installation()
 
-        #if (Config.installed_instance and adminUIInstaller.install_var in Config.addPostSetupService) or (
-        #        not Config.installed_instance and Config.get(adminUIInstaller.install_var)):
-        #    adminUIInstaller.start_installation()
-
         if Config.installJansCli:
             jansCliInstaller.start_installation()
             jansCliInstaller.configure()

setup_app/installers/base.py

@@ -50,6 +50,7 @@ def start_installation(self):
 
         self.render_import_templates()
         self.update_backend()
+        self.service_post_setup()
 
     def update_rendering_dict(self):
         mydict = {}
@@ -72,24 +73,31 @@ def check_clients(self, client_var_id_list, resource=False):
                 client_pw = cids[2]['pw']
                 client_encoded_pw = cids[2]['encoded']
             else:
-                client_pw = None
-                client_encoded_pw = None
+                tmp_ = client_var_name.split('_')
+                client_pw =  '_'.join(tmp_[:-1]) + '_pw'
+                client_encoded_pw = '_'.join(tmp_[:-1]) + '_encoded_pw'
 
             self.logIt("Checking ID for client {}".format(client_var_name))
             if not Config.get(client_var_name):
                 result = self.dbUtils.search('ou={},o=jans'.format(ou), '(&({}={}*)(objectClass=jansClnt))'.format(field_name, client_id_prefix))
                 if result:
                     setattr(Config, client_var_name, result[field_name])
                     self.logIt("{} was found in backend as {}".format(client_var_name, result[field_name]))
-                    if client_encoded_pw:
-                        if 'jansClntSecret' in result:
-                            setattr(Config, client_encoded_pw, result['jansClntSecret'])
-                            setattr(Config, client_pw, self.unobscure(result['jansClntSecret']))
-
+                    if 'jansClntSecret' in result:
+                        setattr(Config, client_encoded_pw, result['jansClntSecret'])
+                        setattr(Config, client_pw, self.unobscure(result['jansClntSecret']))
             if not Config.get(client_var_name):
                 setattr(Config, client_var_name, client_id_prefix + str(uuid.uuid4()))
                 self.logIt("Client ID for {} was created as {}".format(client_var_name, Config.get(client_var_name)))
+            else:
+                self.logIt("Client {} exists in current configuration as {}".format(client_var_name, getattr(Config, client_var_name)))
 
+            if not Config.get(client_pw):
+                self.logIt("Generating password for {}".format(client_pw))
+                client_pw_s = self.getPW()
+                client_encoder_pw_s = self.obscure(client_pw_s)
+                setattr(Config, client_pw, client_pw_s)
+                setattr(Config, client_encoded_pw, client_encoder_pw_s)
 
     def check_scope(self, scope_id):
         search_filter = '(&(objectClass=jansScope)(jansId={}))'.format(scope_id)
@@ -203,3 +211,6 @@ def installed(self):
 
     def check_need_for_download(self):
         pass
+
+    def service_post_setup(self):
+        pass

setup_app/installers/config_api.py

@@ -37,12 +37,20 @@ def __init__(self):
         self.config_ldif_fn = os.path.join(self.output_folder, 'config.ldif')
         self.load_ldif_files = [self.config_ldif_fn, self.scope_ldif_fn]
         self.libDir = os.path.join(self.jetty_base, self.service_name, 'custom/libs/')
+        self.custom_config_dir = os.path.join(self.jetty_base, self.service_name, 'custom/config')
+        self.admin_ui_config_properties = os.path.join(self.output_folder, 'auiConfiguration.properties')
 
         self.source_files = [
                 (os.path.join(Config.distJansFolder, 'jans-config-api.war'), 'https://maven.jans.io/maven/io/jans/jans-config-api-server/{0}/jans-config-api-server-{0}.war'.format(Config.oxVersion)),
-                (os.path.join(Config.distJansFolder, 'scim-plugin.jar'), 'https://maven.jans.io/maven/io/jans/scim-plugin/{0}/scim-plugin-{0}-distribution.jar'.format(Config.oxVersion))
+                (os.path.join(Config.distJansFolder, 'scim-plugin.jar'), 'https://maven.jans.io/maven/io/jans/scim-plugin/{0}/scim-plugin-{0}-distribution.jar'.format(Config.oxVersion)),
+                (os.path.join(Config.distJansFolder, 'admin-ui-plugin-distribution.jar'), 'https://maven.jans.io/maven/io/jans/admin-ui-plugin/{0}/admin-ui-plugin-{0}-distribution.jar'.format(Config.oxVersion)),
+                (os.path.join(Config.distJansFolder, 'log4j2.xml'), 'https://raw.githubusercontent.com/JanssenProject/jans-config-api/master/server/src/main/resources/log4j2.xml'),
+                (os.path.join(Config.distJansFolder, 'log4j2-adminui.xml'), 'https://raw.githubusercontent.com/JanssenProject/jans-config-api/master/plugins/admin-ui-plugin/config/log4j2-adminui.xml'),
                 ]
 
+
+
+
     def install(self):
         self.installJettyService(self.jetty_app_configuration[self.service_name], True)
         self.logIt("Copying fido.war into jetty webapps folder...")
@@ -59,7 +67,7 @@ def installed(self):
 
 
     def create_folders(self):
-        for d in (self.output_folder,):
+        for d in (self.output_folder, self.custom_config_dir):
             if not os.path.exists(d):
                 self.createDirs(d)
 
@@ -236,4 +244,15 @@ def load_test_data(self):
         self.writeFile(out_fn, rendered_text)
         self.dbUtils.import_ldif([out_fn])
 
-
+    def service_post_setup(self):
+        if Config.installAdminUI:
+            self.logIt("Installing Jans Admin UI", pbar=self.service_name)
+            self.check_clients([('role_based_client_id', '2000.')])
+            self.renderTemplateInOut(self.admin_ui_config_properties, self.templates_folder, self.output_folder)
+            self.copyFile(self.source_files[2][0], self.libDir)
+            admin_ui_plugin_path = os.path.join(self.libDir, os.path.basename(self.source_files[2][0]))
+            self.add_extra_class(admin_ui_plugin_path)
+            self.copyFile(self.admin_ui_config_properties, self.custom_config_dir)
+
+            for logfn in (self.source_files[3][0], self.source_files[4][0]):
+                self.copyFile(logfn, self.custom_config_dir)

setup_app/installers/jans.py

@@ -70,7 +70,7 @@ def __repr__(self):
             txt += 'Install Apache 2 web server'.ljust(30) + repr(Config.installHttpd).rjust(35) + (' *' if 'installHttpd' in Config.addPostSetupService else '') + "\n"
             txt += 'Install Auth Server'.ljust(30) + repr(Config.installOxAuth).rjust(35) + "\n"
             txt += 'Install Jans Auth Config Api'.ljust(30) + repr(Config.installConfigApi).rjust(35) + "\n"
-            #txt += 'Install Gluu Admin UI'.ljust(30) + repr(Config.installAdminUI).rjust(35) + "\n"            
+            txt += 'Install Jans Admin UI'.ljust(30) + repr(Config.installAdminUI).rjust(35) + "\n"            
             if Config.profile == 'jans':
                 txt += 'Install Fido2 Server'.ljust(30) + repr(Config.installFido2).rjust(35) + (' *' if 'installFido2' in Config.addPostSetupService else '') + "\n"
                 txt += 'Install Scim Server'.ljust(30) + repr(Config.installScimServer).rjust(35) + (' *' if 'installScimServer' in Config.addPostSetupService else '') + "\n"

setup_app/installers/jans_cli.py

@@ -67,9 +67,6 @@ def install(self):
 
     def generate_configuration(self):
         self.check_clients([('role_based_client_id', '2000.')])
-        if not Config.get('role_based_client_pw'):
-            Config.role_based_client_pw = self.getPW()
-            Config.role_based_client_encoded_pw = self.obscure(Config.role_based_client_pw)
 
     def configure(self, options={}):
         config = configparser.ConfigParser()

setup_app/installers/jetty.py

@@ -363,9 +363,10 @@ def war_for_jetty10(self, war_file):
             shutil.move(tmp_war_fn+'.zip', war_file)
 
 
-    def add_extra_class(self, class_path):
-
-        tree = ET.parse(self.web_app_xml_fn)
+    def add_extra_class(self, class_path, xml_fn=None):
+        if not xml_fn:
+            xml_fn = self.web_app_xml_fn
+        tree = ET.parse(xml_fn)
         root = tree.getroot()
 
         for app_set in root.findall("Set"):
@@ -377,7 +378,7 @@ def add_extra_class(self, class_path):
             child.text = class_path
             root.append(child)
 
-            with open(self.web_app_xml_fn, 'wb') as f:
+            with open(xml_fn, 'wb') as f:
                 f.write(b'<?xml version="1.0"  encoding="ISO-8859-1"?>\n')
                 f.write(b'<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">\n')
                 f.write(ET.tostring(root, method='xml'))

setup_app/installers/rdbm.py

@@ -1,7 +1,7 @@
 import os
 import re
 import sys
-import datetime
+import time
 import sqlalchemy
 import shutil
 
@@ -342,10 +342,7 @@ def import_ldif(self):
         self.dbUtils.import_ldif(ldif_files)
 
     def server_time_zone(self):
-        my_time_zone = str(datetime.datetime.now(datetime.timezone(datetime.timedelta(0))).astimezone().tzinfo)
-        if not my_time_zone == 'UTC':
-            my_time_zone = 'GMT'+my_time_zone
-        Config.templateRenderingDict['server_time_zone'] = my_time_zone
+        Config.templateRenderingDict['server_time_zone'] = 'UTC' + time.strftime("%z")
 
     def rdbmProperties(self):
         if Config.rdbm_type in ('sql', 'mysql'):

setup_app/utils/properties_utils.py

@@ -595,7 +595,7 @@ def promptAdminUI(self):
         if Config.installed_instance and Config.installAdminUI:
             return
 
-        promptForAdminUI = self.getPrompt("Install Gluu Admin UI?", 
+        promptForAdminUI = self.getPrompt("Install Jans Admin UI?", 
                             self.getDefaultOption(Config.installAdminUI)
                             )[0].lower()
 
@@ -844,10 +844,13 @@ def promptForProperties(self):
             if Config.installHttpd:
                 Config.ip = self.get_ip()
 
-            detectedHostname = self.detect_hostname()
+            if base.argsp.host_name:
+                detectedHostname = base.argsp.host_name
+            else:
+                detectedHostname = self.detect_hostname()
 
-            if detectedHostname == 'localhost':
-                detectedHostname = None
+                if detectedHostname == 'localhost':
+                    detectedHostname = None
 
             while True:
                 if detectedHostname:
@@ -905,7 +908,7 @@ def promptForProperties(self):
             Config.admin_password = adminPass
 
             self.promptForConfigApi()
-            #self.promptAdminUI()
+            self.promptAdminUI()
             self.promptForScimServer()
             self.promptForFido2Server()
             self.promptForEleven()

templates/jans-cli/admin_ui_addons.ldif

@@ -0,0 +1,6 @@
+jansRedirectURI: https://%(hostname)s/admin-ui
+jansRedirectURI: http://localhost:4100
+jansLogoutURI: http://localhost:4100/logout
+jansLogoutURI: https://%(hostname)s/admin-ui/logout
+jansPostLogoutRedirectURI: http://localhost:4100
+jansPostLogoutRedirectURI: https://%(hostname)s/admin-ui

templates/jans-cli/client.ldif

@@ -21,6 +21,10 @@ jansLogoutSessRequired: false
 jansPersistClntAuthzs: true
 jansRedirectURI: https://%(hostname)s/admin-ui
 jansRedirectURI: http://localhost:4100
+jansLogoutURI: http://localhost:4100/logout
+jansLogoutURI: https://%(hostname)s/admin-ui/logout
+jansPostLogoutRedirectURI: http://localhost:4100
+jansPostLogoutRedirectURI: https://%(hostname)s/admin-ui
 jansRequireAuthTime: false
 jansRespTyp: code
 jansRptAsJwt: false