fix(jans-cli-tui): re-write date-time picker

[devrimyatar]

closes #8779

@ossdhaval Please update Date Time picker navigation

To go into edit mode, press Enter on date-time widget

key:tab navigates among date-time widgets

Navigation on days:
key: left-arrow prvious day
key: right-arrow next day
key: up-arrow goes a week back
key: down-arrow goes a week forward

Navigation in month/year/time area:
key: up-arrow increases value by one
key: down-arrow decreases value by one

After you adjust date-time, press Enter button again to set date-time

To unset date/time, press Delete button when it is not in edit mode:

After pressing Delete button:

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Server-Side Request Forgery Analyzer	✅	0 findings
Configured Codepaths Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
SQL Injection Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
IDOR Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request cover various components of the jans-cli-tui application, including utility functions, UI styling, and the management of Software Statement Assertions (SSAs) and OAuth clients. The changes do not appear to introduce any obvious security vulnerabilities, but there are a few areas that should be reviewed from an application security perspective:

1. Input Validation: Ensure that all user input, such as dates, custom claims, and client metadata, is properly validated and sanitized to prevent potential injection attacks.
2. Secure Coding Practices: Review the codebase for adherence to secure coding practices, such as the use of secure cryptographic algorithms, proper error handling, and the implementation of robust access controls.
3. Dependency Management: Ensure that the application's dependencies are up-to-date and free of known vulnerabilities.
4. Authentication and Authorization: Verify that the application's authentication and authorization mechanisms are implemented securely, with proper session management and access control.
5. Logging and Monitoring: Assess the logging and monitoring capabilities of the application to ensure that security-relevant events are properly captured and analyzed.

Files Changed:

1. jans-cli-tui/cli_tui/utils/static.py: The changes introduce a new constant ISOFORMAT, which is likely used to define a standard date/time format for the application. This change does not appear to introduce any security concerns.
2. jans-cli-tui/cli_tui/plugins/010_auth_server/ssa.py: The changes focus on the management of Software Statement Assertions (SSAs), including the handling of expiration dates, custom claims, and asynchronous operations. Proper validation and sanitization of user inputs are crucial to prevent potential security issues.
3. jans-cli-tui/cli_tui/cli_style.py: The changes are related to the visual styling of the CLI and TUI components, and do not directly impact the application's security.
4. jans-cli-tui/cli_tui/plugins/010_auth_server/edit_client_dialog.py: The changes introduce new functionality for managing various aspects of OAuth clients, such as tokens, logout, software information, and encryption/signing algorithms. Ensuring the secure implementation of these features is essential to protect the application's security.
5. jans-cli-tui/cli_tui/utils/utils.py: The changes to the fromisoformat function improve the handling of None input, which is a reasonable defensive programming practice.
6. jans-cli-tui/cli_tui/wui_components/jans_date_picker.py: The changes are related to the implementation of a date picker widget, which appears to be well-structured and secure. However, it's important to review the input validation and error handling mechanisms to ensure the overall security of the application.

Powered by DryRun Security

[sonarcloud]

Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed for 'Jans-Keycloak-Link'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed for 'Fido2 API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed for 'SCIM API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud