diff --git a/setup_app/installers/scim.py b/setup_app/installers/scim.py index 96edbe94e..1a92fa95c 100644 --- a/setup_app/installers/scim.py +++ b/setup_app/installers/scim.py @@ -48,6 +48,14 @@ def installed(self): return os.path.exists(os.path.join(Config.jetty_base, self.service_name, 'start.ini')) def generate_configuration(self): + + if base.argsp.enable_scim_test_mode: + Config.scim_protection_mode = 'TEST' + elif base.argsp.enable_scim_uma_mode: + Config.scim_protection_mode = 'UMA' + else: + Config.scim_protection_mode = 'OAUTH' + self.logIt("Generating {} configuration".format(self.service_name)) client_var_id_list = ( ('scim_rs_client_id', '1201.'), @@ -64,7 +72,6 @@ def generate_configuration(self): if not Config.get('scim_rp_client_jks_pass'): Config.scim_rp_client_jks_pass = 'secret' - Config.scimTestMode = Config.get('scimTestMode', 'false') Config.enable_scim_access_policy = 'true' if Config.installPassport else 'false' #backup current jks files if exists diff --git a/setup_app/setup_options.py b/setup_app/setup_options.py index ba02d8506..95312789f 100644 --- a/setup_app/setup_options.py +++ b/setup_app/setup_options.py @@ -93,9 +93,6 @@ def get_setup_options(): if base.argsp.no_httpd: setupOptions['installHTTPD'] = False - if base.argsp.enable_scim_test_mode: - setupOptions['scimTestMode'] = 'true' - setupOptions['installSaml'] = base.argsp.install_shib setupOptions['downloadWars'] = base.argsp.w setupOptions['installOxAuthRP'] = base.argsp.install_oxauth_rp diff --git a/setup_app/utils/arg_parser.py b/setup_app/utils/arg_parser.py index 0fc72601a..e9460a6e3 100644 --- a/setup_app/utils/arg_parser.py +++ b/setup_app/utils/arg_parser.py @@ -23,7 +23,11 @@ def arg_parser(): parser.add_argument('-t', help="Load test data", action='store_true') parser.add_argument('-x', help="Load test data and exit", action='store_true') parser.add_argument('-csx', help="Collect setup properties, save and exit", action='store_true') - parser.add_argument('-stm', '--enable-scim-test-mode', help="Enable Scim Test Mode", action='store_true') + + scim_mode_group = parser.add_mutually_exclusive_group() + scim_mode_group.add_argument('-stm', '--enable-scim-test-mode', help="Enable Scim Test Mode", action='store_true') + scim_mode_group.add_argument('-sum', '--enable-scim-uma-mode', help="Enable Scim Uma Mode", action='store_true') + parser.add_argument('--allow-pre-released-features', help="Enable options to install experimental features, not yet officially supported", action='store_true') parser.add_argument('--import-ldif', help="Render ldif templates from directory and import them in LDAP") parser.add_argument('--listen_all_interfaces', help="Allow the LDAP server to listen on all server interfaces", action='store_true') diff --git a/setup_app/utils/collect_properties.py b/setup_app/utils/collect_properties.py index 7424b63d8..3d979cf4e 100644 --- a/setup_app/utils/collect_properties.py +++ b/setup_app/utils/collect_properties.py @@ -203,8 +203,10 @@ def collect(self): if 'scimUmaResourceId' in oxTrustConfApplication: Config.scim_resource_oxid = oxTrustConfApplication['scimUmaResourceId'] - if 'scimTestMode' in oxTrustConfApplication: - Config.scimTestMode = oxTrustConfApplication['scimTestMode'] + if 'ScimProperties' in oxTrustConfApplication and 'protectionMode' in oxTrustConfApplication['ScimProperties']: + Config.scim_protection_mode = oxTrustConfApplication['ScimProperties']['protectionMode'] + else: + Config.scim_protection_mode = 'OAUTH' if 'apiUmaClientKeyStorePassword' in oxTrustConfApplication: Config.api_rp_client_jks_pass = self.unobscure(oxTrustConfApplication['apiUmaClientKeyStorePassword']) diff --git a/templates/scim/oxtrust_config.json b/templates/scim/oxtrust_config.json index 76ef76668..dec1d7740 100644 --- a/templates/scim/oxtrust_config.json +++ b/templates/scim/oxtrust_config.json @@ -1,7 +1,7 @@ { "ScimProperties": { "maxCount": 200, - "protectionMode": "OAUTH" + "protectionMode": "%(scim_protection_mode)s" }, "scimUmaClientKeyId": "", "scimUmaResourceId": "%(scim_resource_oxid)s",