Skip to content

Commit

Permalink
fix(config-api): fixes for client creation, enum handling (#2854)
Browse files Browse the repository at this point in the history
* fix(config-api): client creation exception

* fix(config-api): client creations exception

* fix(config-api): issues fixed 2743, 2755 and 2689

* fix(config-api): change to use fido2 app config model

* fix(config-api): change to use fido2 app config model
  • Loading branch information
pujavs authored Nov 3, 2022
1 parent de8a86e commit 3121493
Show file tree
Hide file tree
Showing 7 changed files with 167 additions and 73 deletions.
49 changes: 30 additions & 19 deletions jans-config-api/docs/jans-config-api-swagger-auto.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7178,20 +7178,20 @@ components:
$ref: '#/components/schemas/AttributeValidation'
tooltip:
type: string
whitePagesCanView:
type: boolean
adminCanEdit:
type: boolean
adminCanView:
type: boolean
userCanView:
type: boolean
userCanAccess:
type: boolean
adminCanAccess:
type: boolean
userCanEdit:
type: boolean
adminCanView:
type: boolean
userCanAccess:
type: boolean
whitePagesCanView:
type: boolean
baseDn:
type: string
PatchRequest:
Expand Down Expand Up @@ -7355,6 +7355,7 @@ components:
- client_credentials
- refresh_token
- urn:ietf:params:oauth:grant-type:uma-ticket
- urn:ietf:params:oauth:grant-type:token-exchange
- urn:openid:params:grant-type:ciba
- urn:ietf:params:oauth:grant-type:device_code
applicationType:
Expand Down Expand Up @@ -7517,8 +7518,6 @@ components:
format: int32
displayName:
type: string
tokenBindingSupported:
type: boolean
authenticationMethod:
type: string
enum:
Expand All @@ -7530,6 +7529,8 @@ components:
- tls_client_auth
- self_signed_tls_client_auth
- none
tokenBindingSupported:
type: boolean
baseDn:
type: string
inum:
Expand Down Expand Up @@ -7796,6 +7797,7 @@ components:
- client_credentials
- refresh_token
- urn:ietf:params:oauth:grant-type:uma-ticket
- urn:ietf:params:oauth:grant-type:token-exchange
- urn:openid:params:grant-type:ciba
- urn:ietf:params:oauth:grant-type:device_code
subjectTypesSupported:
Expand Down Expand Up @@ -8056,6 +8058,7 @@ components:
- client_credentials
- refresh_token
- urn:ietf:params:oauth:grant-type:uma-ticket
- urn:ietf:params:oauth:grant-type:token-exchange
- urn:openid:params:grant-type:ciba
- urn:ietf:params:oauth:grant-type:device_code
cssLocation:
Expand Down Expand Up @@ -8171,6 +8174,10 @@ components:
type: boolean
disableU2fEndpoint:
type: boolean
rotateDeviceSecret:
type: boolean
returnDeviceSecretFromAuthzEndpoint:
type: boolean
dcrSignatureValidationEnabled:
type: boolean
dcrSignatureValidationSharedSecret:
Expand Down Expand Up @@ -8328,15 +8335,6 @@ components:
$ref: '#/components/schemas/SsaConfiguration'
fapi:
type: boolean
allResponseTypesSupported:
uniqueItems: true
type: array
items:
type: string
enum:
- code
- token
- id_token
enabledFeatureFlags:
uniqueItems: true
type: array
Expand Down Expand Up @@ -8364,6 +8362,15 @@ components:
- STAT
- PAR
- SSA
allResponseTypesSupported:
uniqueItems: true
type: array
items:
type: string
enum:
- code
- token
- id_token
AuthenticationFilter:
required:
- baseDn
Expand Down Expand Up @@ -8620,13 +8627,13 @@ components:
type: boolean
internal:
type: boolean
locationPath:
type: string
locationType:
type: string
enum:
- ldap
- file
locationPath:
type: string
baseDn:
type: string
ScriptError:
Expand Down Expand Up @@ -9028,6 +9035,10 @@ components:
type: object
additionalProperties:
type: string
deviceSecrets:
type: array
items:
type: string
expirationDate:
type: string
format: date-time
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ public AdminRole getRoleObjByName(String role) throws ApplicationException {
List<AdminRole> roles = adminConf.getDynamic().getRoles().stream().filter(ele -> ele.getRole().equals(role)).collect(Collectors.toList());
if (roles.isEmpty()) {
log.error(ErrorResponse.ROLE_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.NOT_FOUND.getStatusCode(), ErrorResponse.ROLE_NOT_FOUND.getDescription());
}
return roles.stream().findFirst().get();
} catch (ApplicationException e) {
Expand Down Expand Up @@ -160,7 +160,7 @@ public AdminPermission getPermissionObjByName(String permission) throws Applicat
List<AdminPermission> permissions = adminConf.getDynamic().getPermissions().stream().filter(ele -> ele.getPermission().equals(permission)).collect(Collectors.toList());
if (permissions.isEmpty()) {
log.error(ErrorResponse.ROLE_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.NOT_FOUND.getStatusCode(), ErrorResponse.PERMISSION_NOT_FOUND.getDescription());
}
return permissions.stream().findFirst().get();
} catch (ApplicationException e) {
Expand Down Expand Up @@ -336,9 +336,12 @@ public RolePermissionMapping getAdminUIRolePermissionsMapping(String role) throw

if (roleScopeMapping.isEmpty()) {
log.error(ErrorResponse.ROLE_PERMISSION_MAP_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_PERMISSION_MAP_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.NOT_FOUND.getStatusCode(), ErrorResponse.ROLE_PERMISSION_MAP_NOT_FOUND.getDescription());
}
return roleScopeMapping.stream().findFirst().get();
} catch (ApplicationException e) {
log.error(ErrorResponse.GET_ADMIUI_PERMISSIONS_ERROR.getDescription());
throw e;
} catch (Exception e) {
log.error(ErrorResponse.ERROR_READING_ROLE_PERMISSION_MAP.getDescription(), e);
throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_READING_ROLE_PERMISSION_MAP.getDescription());
Expand Down
83 changes: 75 additions & 8 deletions jans-config-api/plugins/docs/fido2-plugin-swagger.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/DbApplicationConfiguration'
$ref: '#/components/schemas/AppConfiguration'
"401":
description: Unauthorized
"500":
Expand All @@ -48,14 +48,14 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/DbApplicationConfiguration'
$ref: '#/components/schemas/AppConfiguration'
responses:
"200":
description: Fido2Config
content:
application/json:
schema:
type: string
$ref: '#/components/schemas/AppConfiguration'
"401":
description: Unauthorized
"500":
Expand Down Expand Up @@ -94,16 +94,83 @@ paths:
- https://jans.io/oauth/config/fido2.readonly
components:
schemas:
DbApplicationConfiguration:
AppConfiguration:
type: object
properties:
dn:
issuer:
type: string
dynamicConf:
baseEndpoint:
type: string
revision:
cleanServiceInterval:
type: integer
format: int32
cleanServiceBatchChunkSize:
type: integer
format: int64
format: int32
useLocalCache:
type: boolean
disableJdkLogger:
type: boolean
loggingLevel:
type: string
loggingLayout:
type: string
externalLoggerConfiguration:
type: string
metricReporterInterval:
type: integer
format: int32
metricReporterKeepDataDays:
type: integer
format: int32
metricReporterEnabled:
type: boolean
personCustomObjectClassList:
type: array
items:
type: string
fido2Configuration:
$ref: '#/components/schemas/Fido2Configuration'
Fido2Configuration:
type: object
properties:
authenticatorCertsFolder:
type: string
mdsAccessToken:
type: string
mdsCertsFolder:
type: string
mdsTocsFolder:
type: string
checkU2fAttestations:
type: boolean
userAutoEnrollment:
type: boolean
unfinishedRequestExpiration:
type: integer
format: int32
authenticationHistoryExpiration:
type: integer
format: int32
serverMetadataFolder:
type: string
requestedCredentialTypes:
type: array
items:
type: string
requestedParties:
type: array
items:
$ref: '#/components/schemas/RequestedParty'
RequestedParty:
type: object
properties:
name:
type: string
domains:
type: array
items:
type: string
Fido2RegistrationData:
type: object
properties:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,13 @@

package io.jans.configapi.plugin.fido2.rest;

import com.fasterxml.jackson.core.JsonProcessingException;

import io.jans.config.oxtrust.DbApplicationConfiguration;
import io.jans.configapi.core.rest.BaseResource;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.plugin.fido2.service.Fido2Service;
import io.jans.configapi.plugin.fido2.util.Fido2Util;
import io.jans.configapi.util.ApiAccessConstants;
import io.jans.configapi.plugin.fido2.util.Constants;
import io.jans.configapi.core.util.Jackson;
import io.jans.fido2.model.conf.AppConfiguration;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
Expand Down Expand Up @@ -53,33 +50,33 @@ public class Fido2ConfigResource extends BaseResource {
"Fido2 - Configuration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
ApiAccessConstants.FIDO2_CONFIG_READ_ACCESS }))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = DbApplicationConfiguration.class))),
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = AppConfiguration.class))),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError") })
@GET
@ProtectedApi(scopes = { ApiAccessConstants.FIDO2_CONFIG_READ_ACCESS })
public Response getFido2Configuration() throws JsonProcessingException {
DbApplicationConfiguration dbApplicationConfiguration = this.fido2Service.find();
logger.debug("FIDO2 details dbApplicationConfiguration.getDynamicConf():{}",
dbApplicationConfiguration.getDynamicConf());
return Response.ok(Jackson.asJsonNode(dbApplicationConfiguration.getDynamicConf())).build();
public Response getFido2Configuration() {
AppConfiguration appConfiguration = this.fido2Service.find();
logger.debug("FIDO2 details appConfiguration():{}", appConfiguration);
return Response.ok(appConfiguration).build();
}

@Operation(summary = "Updates Fido2 configuration properties", description = "Updates Fido2 configuration properties", operationId = "put-properties-fido2", tags = {
"Fido2 - Configuration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
ApiAccessConstants.FIDO2_CONFIG_WRITE_ACCESS }))
@RequestBody(description = "Fido2Config", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = DbApplicationConfiguration.class)))
@RequestBody(description = "Fido2Config", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = AppConfiguration.class)))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Fido2Config", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = String.class))),
@ApiResponse(responseCode = "200", description = "Fido2Config", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = AppConfiguration.class))),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError") })
@PUT
@ProtectedApi(scopes = { ApiAccessConstants.FIDO2_CONFIG_WRITE_ACCESS })
public Response updateFido2Configuration(@NotNull String fido2ConfigJson) {
logger.debug("FIDO2 details to be updated - fido2ConfigJson:{} ", fido2ConfigJson);
checkResourceNotNull(fido2ConfigJson, FIDO2_CONFIGURATION);
this.fido2Service.merge(fido2ConfigJson);
return Response.ok(fido2ConfigJson).build();
public Response updateFido2Configuration(@NotNull AppConfiguration appConfiguration) {
logger.debug("FIDO2 details to be updated - appConfiguration:{} ", appConfiguration);
checkResourceNotNull(appConfiguration, FIDO2_CONFIGURATION);
this.fido2Service.merge(appConfiguration);
appConfiguration = this.fido2Service.find();
return Response.ok(appConfiguration).build();
}

}
Loading

0 comments on commit 3121493

Please sign in to comment.