Skip to content

Commit

Permalink
Security fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@harture
harture committed Apr 25, 2019
2 parents e8a7d70 + 98ed4fe commit 138f1a1
Show file tree
Hide file tree
Showing 38 changed files with 1,954 additions and 131 deletions.
4 changes: 2 additions & 2 deletions Gopkg.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

26 changes: 26 additions & 0 deletions api/events/api.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package events_api

// AuditRepresentation elements returned by GetEvents
type AuditRepresentation struct {
AuditID int64 `json:"auditId,omitempty"`
AuditTime int64 `json:"auditTime,omitempty"`
Origin string `json:"origin,omitempty"`
RealmName string `json:"realmName,omitempty"`
AgentUserID string `json:"agentUserId,omitempty"`
AgentUsername string `json:"agentUsername,omitempty"`
AgentRealmName string `json:"agentRealmName,omitempty"`
UserID string `json:"userId,omitempty"`
Username string `json:"username,omitempty"`
CtEventType string `json:"ctEventType,omitempty"`
KcEventType string `json:"kcEventType,omitempty"`
KcOperationType string `json:"kcOperationType,omitempty"`
ClientID string `json:"clientId,omitempty"`
AdditionalInfo string `json:"additionalInfo,omitempty"`
}

// EventSummaryRepresentation elements returned by GetEventsSummary
type EventSummaryRepresentation struct {
Origins []string `json:"origins,omitempty"`
Realms []string `json:"realms,omitempty"`
CtEventTypes []string `json:"ctEventTypes,omitempty"`
}
178 changes: 178 additions & 0 deletions api/events/swagger-api_events.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,178 @@
openapi: 3.0.1
info:
title: Swagger Cloudtrust Management
description: 'API Mangement for Cloudtrust.'
version: 1.0.0
servers:
- url: http://localhost:8888
tags:
- name: Events
description: Events management
paths:
/events:
get:
tags:
- Events
parameters:
- name: first
in: query
description: start offset. Used by pagination.
required: false
schema:
type: number
- name: max
in: query
description: page size. Used by pagination.
required: false
schema:
type: number
- name: dateFrom
in: query
description: start date
required: false
schema:
type: number
- name: dateTo
in: query
description: end date
required: false
schema:
type: number
- name: realmTarget
in: query
description: realm. When missing, all realms
required: false
schema:
type: string
- name: origin
in: query
description: origin (a.k.a. "source"). When missing, all origins.
required: false
schema:
type: string
- name: ctEventType
in: query
description: CT event type. When missing, all CT event types.
required: false
schema:
type: string
summary: Get all events
responses:
200:
description: Returns a list of all events
content:
application/json:
schema:
type: object
properties:
events:
type: array
items:
$ref: '#/components/schemas/Event'
count:
type: number
/events/summary:
get:
tags:
- Events
summary: Events summary. Used by the backoffice dropdowns.
responses:
200:
description: Returns a summary of all events
content:
application/json:
schema:
type: object
properties:
realms:
type: array
items:
type: string
origins:
type: array
items:
type: string
ctEventTypes:
type: array
items:
type: string
/events/realms/{realm}/users/{userID}/events:
get:
tags:
- Events
summary: Get all events for the user
parameters:
- name: realm
in: path
description: realm name (not id!)
required: true
schema:
type: string
- name: userID
in: path
description: User id
required: true
schema:
type: string
- name: first
in: query
description: start offset. Used by pagination.
required: false
schema:
type: number
- name: max
in: query
description: page size. Used by pagination.
required: false
schema:
type: number
responses:
200:
description: successful operation
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Event'
components:
schemas:
Event:
type: object
properties:
auditId:
type: string
auditTime:
type: number
origin:
type: string
realmName:
type: string
agentUserId:
type: string
agentUsername:
type: string
agentRealmName:
type: string
userId:
type: string
username:
type: string
ctEventType:
type: string
kcEventType:
type: string
kcOperationType:
type: string
clientId:
type: string
additionalInfo:
type: string
securitySchemes:
openId:
type: openIdConnect
openIdConnectUrl: http://toto.com/.well-known/openid-configuration
security:
- openId:
- todo

30 changes: 28 additions & 2 deletions api/management/swagger-api_management.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,9 +120,9 @@ paths:
required: true
schema:
type: string
- name: group
- name: groupId
in: query
description: group the users belong to
description: groupId the users belong to
required: true
schema:
type: string
Expand Down Expand Up @@ -451,6 +451,32 @@ paths:
responses:
200:
description: successful operation
/realms/{realm}/users/{userID}/send-new-enrolment-code:
post:
tags:
- Users
summary: >
Send a new enrolment code for a particular userID.
parameters:
- name: realm
in: path
description: Realm name (not id!)
required: true
schema:
type: string
- name: userID
in: path
description: User id
required: true
schema:
type: string
responses:
200:
description: "Code correctly sent by SMS"
400:
description: "Invalid input"
403:
description: "No permission to call this operation"
/realms/{realm}/users/{userID}/credentials:
get:
tags:
Expand Down

0 comments on commit 138f1a1

Please sign in to comment.