fix(jans-cli): sample schema generetation (ref: #8713)

[devrimyatar]

closes #8713
closes #8712

Sample output:

# python3 /opt/jans/jans-cli/cli/config_cli.py --schema JansAttribute
dn                       string
inum                     string
sourceAttribute          string
nameIdType               string
name*                    string
                         maxLength: 30
                         minLength: 1
                         pattern: ^[a-zA-Z0-9_]+$
displayName*             string
                         maxLength: 60
                         minLength: 0
description*             string
                         maxLength: 4000
                         minLength: 0
origin                   string
dataType*                string
                         enum: ['string', 'numeric', 'boolean', 'binary', 'certificate', 'generalizedTime', 'json']
editType*                array of string
                         enum: ['admin', 'owner', 'manager', 'user', 'whitePages']
viewType*                array of string
                         enum: ['admin', 'owner', 'manager', 'user', 'whitePages']
usageType                array of string
                         enum: ['openid']
claimName                string
seeAlso                  string
status                   string
                         enum: ['active', 'inactive', 'expired', 'register']
saml1Uri                 string
saml2Uri                 string
urn                      string
scimCustomAttr           boolean
oxMultiValuedAttribute   boolean
jansHideOnDiscovery      boolean
custom                   boolean
attributeValidation      object
                           minLength: integer
                           maxLength: integer
                           regexp: string
tooltip                  string
selected                 boolean
adminCanEdit             boolean
userCanEdit              boolean
adminCanView             boolean
userCanView              boolean
adminCanAccess           boolean
userCanAccess            boolean
whitePagesCanView        boolean
baseDn                   string

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Server-Side Request Forgery Analyzer	✅	0 findings
Configured Codepaths Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
SQL Injection Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
IDOR Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request focus on enhancing the functionality and usability of the Jans CLI TUI (Command-Line Interface Text-based User Interface) application. The key changes include the addition of schema handling capabilities, improved patch operation functionality, and enhanced logging and debugging features. From an application security perspective, the changes address several important security-related aspects, such as access token management, input validation, file handling, and sensitive data handling. While the changes appear to incorporate some security considerations, it's crucial to thoroughly review the entire codebase and conduct comprehensive security testing to ensure the application's resilience against potential attacks.

Files Changed:

• jans-cli-tui/cli_tui/cli/config_cli.py: This file contains the primary changes introduced in this pull request. The key updates include:
  1. Schema Handling: The ability to retrieve sample JSON schemas and detailed schema information for various API operations using the --schema-sample and --schema arguments.
  2. Patch Operations: Enhanced patch operation functionality, allowing users to perform add, remove, and replace patch operations using the --patch-add, --patch-replace, and --patch-remove arguments.
  3. Logging and Debugging: Improved logging and debugging capabilities, including the ability to log requests and responses, as well as write command logs and error logs to specific directories.
  4. Access Token Management: The CLI handles access token management, including the ability to revoke sessions and retrieve access tokens.
  5. Input Validation: The CLI appears to perform some input validation, such as checking the validity of the patch-related arguments.
  6. File Handling: The CLI allows users to provide file paths for data input, which should be properly validated to prevent potential security issues.
  7. Sensitive Data Handling: The CLI handles sensitive data, such as client IDs, client secrets, and access tokens, which must be properly encrypted, stored, and transmitted.

Overall, the changes focus on enhancing the functionality and usability of the Jans CLI TUI application, while also addressing several security-related aspects. However, a thorough review of the entire codebase and comprehensive security testing are recommended to ensure the application's security and resilience against potential attacks.

Powered by DryRun Security

[sonarcloud]

Quality Gate failed for 'jans-cli'

Failed conditions
4 Security Hotspots

See analysis details on SonarCloud