From c6babfc058a9d3dea2be956310b12a6e86002bce Mon Sep 17 00:00:00 2001 From: pujavs Date: Tue, 2 Apr 2024 16:10:48 +0530 Subject: [PATCH 1/2] fix(config-api): asset scope rename and get endpoint modification Signed-off-by: pujavs --- .../configapi/util/ApiAccessConstants.java | 2 +- .../docs/jans-config-api-swagger.yaml | 69 ++++++++++++++----- .../plugins/docs/fido2-plugin-swagger.yaml | 13 +++- .../plugins/docs/user-mgt-plugin-swagger.yaml | 33 ++++++++- .../configapi/service/auth/AssetService.java | 3 +- .../main/resources/config-api-rs-protect.json | 2 +- 6 files changed, 98 insertions(+), 24 deletions(-) diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java index e9a3f0c8110..f9d4ad07c6f 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java @@ -97,7 +97,7 @@ private ApiAccessConstants() { public static final String APP_VERSION_READ_ACCESS = "https://jans.io/oauth/config/app-version.readonly"; - public static final String JANS_ASSET_READ_ACCESS = "https://jans.io/oauth/jans_asset-read"; + public static final String JANS_ASSET_READ_ACCESS = "https://jans.io/oauth/config/jans_asset-read"; public static final String JANS_ASSET_WRITE_ACCESS = "https://jans.io/oauth/config/jans_asset-write"; public static final String JANS_ASSET_DELETE_ACCESS = "https://jans.io/oauth/config/jans_asset-delete"; diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index da822f4c4b5..b4a8bb903da 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -514,7 +514,7 @@ paths: $ref: '#/components/schemas/ApiError' security: - oauth2: - - https://jans.io/oauth/jans_asset-read + - https://jans.io/oauth/config/jans_asset-read delete: tags: - Jans Assets @@ -595,7 +595,7 @@ paths: $ref: '#/components/schemas/ApiError' security: - oauth2: - - https://jans.io/oauth/jans_asset-read + - https://jans.io/oauth/config/jans_asset-read /api/v1/jans-assets: get: tags: @@ -713,7 +713,7 @@ paths: $ref: '#/components/schemas/ApiError' security: - oauth2: - - https://jans.io/oauth/jans_asset-read + - https://jans.io/oauth/config/jans_asset-read /api/v1/jans-assets/upload: put: tags: @@ -4396,12 +4396,14 @@ paths: - end_session - post_authn - select_account + - create_user - scim - ciba_end_user_notification - revoke_token - persistence_extension - idp - discovery + - health_check - authz_detail - update_token - config_api_auth @@ -8217,20 +8219,20 @@ components: type: string selected: type: boolean - userCanEdit: + whitePagesCanView: + type: boolean + adminCanEdit: type: boolean adminCanView: type: boolean - userCanView: + userCanEdit: type: boolean - adminCanEdit: + userCanView: type: boolean userCanAccess: type: boolean adminCanAccess: type: boolean - whitePagesCanView: - type: boolean baseDn: type: string PatchRequest: @@ -8777,6 +8779,8 @@ components: type: boolean endSessionWithAccessToken: type: boolean + disablePromptCreate: + type: boolean cookieDomain: type: string enabledOAuthAuditLogging: @@ -9049,8 +9053,6 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' - fapi: - type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -9060,6 +9062,8 @@ components: - code - token - id_token + fapi: + type: boolean AuthenticationFilter: required: - baseDn @@ -10038,12 +10042,14 @@ components: - end_session - post_authn - select_account + - create_user - scim - ciba_end_user_notification - revoke_token - persistence_extension - idp - discovery + - health_check - authz_detail - update_token - config_api_auth @@ -10077,14 +10083,14 @@ components: type: boolean internal: type: boolean + locationPath: + type: string locationType: type: string enum: - ldap - db - file - locationPath: - type: string baseDn: type: string ScriptError: @@ -10513,10 +10519,10 @@ components: ttl: type: integer format: int32 - opbrowserState: - type: string persisted: type: boolean + opbrowserState: + type: string SessionIdAccessMap: type: object properties: @@ -10543,6 +10549,19 @@ components: type: array items: type: string + externalUid: + type: array + items: + type: string + authenticator: + $ref: '#/components/schemas/UserAuthenticatorList' + status: + type: string + enum: + - active + - inactive + - expired + - register customAttributes: type: array items: @@ -10551,10 +10570,26 @@ components: type: array items: type: string - status: - type: string baseDn: type: string + UserAuthenticator: + type: object + properties: + id: + type: string + type: + type: string + custom: + type: object + additionalProperties: + type: object + UserAuthenticatorList: + type: object + properties: + authenticators: + type: array + items: + $ref: '#/components/schemas/UserAuthenticator' UmaResource: required: - name @@ -10682,6 +10717,6 @@ components: configuration properties https://jans.io/oauth/client/authorizations.readonly: View ClientAuthorizations https://jans.io/oauth/client/authorizations.delete: Revoke ClientAuthorizations - https://jans.io/oauth/jans_asset-read: View Jans Assets + https://jans.io/oauth/config/jans_asset-read: View Jans Assets https://jans.io/oauth/config/jans_asset-write: Manage Jans Assets https://jans.io/oauth/config/jans_asset-delete: Delete Jans Assets diff --git a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml index 941e2813ac9..0fc0be84241 100644 --- a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml @@ -211,6 +211,17 @@ components: type: string push_token: type: string + Fido2DeviceNotificationConf: + type: object + properties: + sns_endpoint_arn: + type: string + sns_endpoint_arn_remove: + type: string + sns_endpoint_arn_history: + type: array + items: + type: string Fido2RegistrationData: type: object properties: @@ -308,7 +319,7 @@ components: - compromised - canceled deviceNotificationConf: - type: string + $ref: '#/components/schemas/Fido2DeviceNotificationConf' deviceData: $ref: '#/components/schemas/Fido2DeviceData' expiration: diff --git a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml index cb2dcc6823c..817e0097b83 100644 --- a/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/user-mgt-plugin-swagger.yaml @@ -884,6 +884,19 @@ components: type: array items: type: string + externalUid: + type: array + items: + type: string + authenticator: + $ref: '#/components/schemas/UserAuthenticatorList' + status: + type: string + enum: + - active + - inactive + - expired + - register customAttributes: type: array items: @@ -904,10 +917,26 @@ components: type: string userPassword: type: string - status: - type: string baseDn: type: string + UserAuthenticator: + type: object + properties: + id: + type: string + type: + type: string + custom: + type: object + additionalProperties: + type: object + UserAuthenticatorList: + type: object + properties: + authenticators: + type: array + items: + $ref: '#/components/schemas/UserAuthenticator' ApiError: type: object properties: diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java index 0f518d201eb..548aefa876f 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/AssetService.java @@ -91,9 +91,8 @@ public PagedResult searchAsset(SearchRequest searchRequest, String sta targetArray, null); Filter descriptionFilter = Filter.createSubstringFilter(AttributeConstants.DESCRIPTION, null, targetArray, null); - Filter aliasFilter = Filter.createSubstringFilter("jansAlias", null, targetArray, null); Filter inumFilter = Filter.createSubstringFilter(AttributeConstants.INUM, null, targetArray, null); - filters.add(Filter.createORFilter(displayNameFilter, descriptionFilter, aliasFilter, inumFilter)); + filters.add(Filter.createORFilter(displayNameFilter, descriptionFilter, inumFilter)); } searchFilter = Filter.createORFilter(filters); } diff --git a/jans-config-api/server/src/main/resources/config-api-rs-protect.json b/jans-config-api/server/src/main/resources/config-api-rs-protect.json index b81ffe068e8..62b6a94c1c4 100644 --- a/jans-config-api/server/src/main/resources/config-api-rs-protect.json +++ b/jans-config-api/server/src/main/resources/config-api-rs-protect.json @@ -2884,7 +2884,7 @@ "scopes": [ { "inum": "1800.01.75", - "name": "https://jans.io/oauth/jans_asset-read" + "name": "https://jans.io/oauth/config/jans_asset-read" } ], "groupScopes": [ From b3b828fc0fa62be5f5ebc50ea04427c7ad2a9aac Mon Sep 17 00:00:00 2001 From: pujavs Date: Tue, 2 Apr 2024 18:10:06 +0530 Subject: [PATCH 2/2] fix(config-api): asset scope rename and get endpoint modification Signed-off-by: pujavs --- .../docs/jans-config-api-swagger.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index b4a8bb903da..c07eb87f03e 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -8219,8 +8219,6 @@ components: type: string selected: type: boolean - whitePagesCanView: - type: boolean adminCanEdit: type: boolean adminCanView: @@ -8233,6 +8231,8 @@ components: type: boolean adminCanAccess: type: boolean + whitePagesCanView: + type: boolean baseDn: type: string PatchRequest: @@ -9053,6 +9053,8 @@ components: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' + fapi: + type: boolean allResponseTypesSupported: uniqueItems: true type: array @@ -9062,8 +9064,6 @@ components: - code - token - id_token - fapi: - type: boolean AuthenticationFilter: required: - baseDn @@ -10083,14 +10083,14 @@ components: type: boolean internal: type: boolean - locationPath: - type: string locationType: type: string enum: - ldap - db - file + locationPath: + type: string baseDn: type: string ScriptError: @@ -10519,10 +10519,10 @@ components: ttl: type: integer format: int32 - persisted: - type: boolean opbrowserState: type: string + persisted: + type: boolean SessionIdAccessMap: type: object properties: