fix(jans-linux-setup): default value of jans link prompt #8768

devrimyatar · 2024-06-24T09:55:31Z

Signed-off-by: Mustafa Baser <mbaser@mail.com>

dryrunsecurity · 2024-06-24T09:55:41Z

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Server-Side Request Forgery Analyzer	✅	0 findings
Configured Codepaths Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings
Authn/Authz Analyzer	❕	3 findings
SQL Injection Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
IDOR Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request are primarily focused on updating the configuration and setup options for the Jans application. The key changes include:

Disabling the installation of the jans-link component by default.
Updating the logic for setting the 'install_jans_link' option, where it is now set to True if the --install-jans-link argument is provided.
Renaming the --no-link argument to --install-jans-link and adding a new --install-jans-keycloak-link argument.

From an application security perspective, these changes do not appear to introduce any obvious security concerns. The changes are primarily related to configuration options and the installation of optional components, rather than changes to core security-critical functionality.

However, it's important to thoroughly review any configuration changes to ensure that they do not have unintended consequences or introduce security vulnerabilities. Additionally, it's crucial to understand the purpose and dependencies of the jans-link and jans-keycloak-link components, and how their installation or removal might affect the overall system.

Files Changed:

jans-linux-setup/jans_setup/setup_app/config.py: The changes in this file disable the installation of the jans-link component by setting self.install_jans_link = False.
jans-linux-setup/jans_setup/setup_app/setup_options.py: The changes in this file update the logic for setting the 'install_jans_link' option, where it is now set to True if the --install-jans-link argument is provided.
jans-linux-setup/jans_setup/setup_app/utils/arg_parser.py: The changes in this file rename the --no-link argument to --install-jans-link and add a new --install-jans-keycloak-link argument.