feat(flex-linux-setup): add adminu ui token client

GluuFederation · Sep 12, 2023 · 93f4deb · 93f4deb
1 parent d3f0843
commit 93f4deb
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 5 deletions.
diff --git a/flex-linux-setup/flex_linux_setup/flex_setup.py b/flex-linux-setup/flex_linux_setup/flex_setup.py
@@ -459,18 +459,26 @@ def install_gluu_admin_ui(self):
         print("Installing Gluu Admin UI Frontend")
         self.build_gluu_admin_ui()
 
-        print("Creating Gluu Flex Admin UI Client")
 
-        client_check_result = config_api_installer.check_clients([('admin_ui_client_id', '2001.')])
-        if client_check_result['2001.'] == -1:
+        def get_client_parser():
 
             cli_ldif_client_fn = os.path.join(jans_cli_installer.templates_folder, os.path.basename(jans_cli_installer.ldif_client))
             ldif_parser = myLdifParser(cli_ldif_client_fn)
             ldif_parser.parse()
 
+            return ldif_parser
+
+        print("Creating Gluu Flex Admin UI Client")
+
+        client_check_result = config_api_installer.check_clients([('admin_ui_client_id', '2001.')])
+        if client_check_result['2001.'] == -1:
+
+            ldif_parser = get_client_parser()
+
             ldif_parser.entries[0][1]['inum'] = ['%(admin_ui_client_id)s']
             ldif_parser.entries[0][1]['jansClntSecret'] = ['%(admin_ui_client_encoded_pw)s']
             ldif_parser.entries[0][1]['displayName'] = ['Admin UI Client {}'.format(ssa_json.get('org_id', ''))]
+            ldif_parser.entries[0][1]['jansTknEndpointAuthMethod'] = ['none']
 
             client_tmp_fn = os.path.join(self.templates_dir, 'admin_ui_client.ldif')
 
@@ -484,6 +492,31 @@ def install_gluu_admin_ui(self):
             config_api_installer.renderTemplateInOut(client_tmp_fn, self.templates_dir, self.source_dir)
             self.dbUtils.import_ldif([os.path.join(self.source_dir, os.path.basename(client_tmp_fn))])
 
+
+
+        client_check_result = config_api_installer.check_clients([('admin_ui_token_client_id', '2002.')])
+        if client_check_result['2002.'] == -1:
+
+            ldif_parser = get_client_parser()
+
+            ldif_parser.entries[0][1]['inum'] = ['%(admin_ui_token_client_id)s']
+            ldif_parser.entries[0][1]['jansClntSecret'] = ['%(admin_ui_token_client_encoded_pw)s']
+            ldif_parser.entries[0][1]['displayName'] = ['Admin UI Token Client {}'.format(ssa_json.get('org_id', ''))]
+            ldif_parser.entries[0][1]['jansGrantTyp'] = ['client_credentials']
+
+            token_client_tmp_fn = os.path.join(self.templates_dir, 'admin_ui_token_client.ldif')
+
+            print("\033[1mAdmin UI Token Client ID:\033[0m", Config.admin_ui_token_client_id)
+            print("\033[1mAdmin UI Token Client Secret:\033[0m", Config.admin_ui_token_client_encoded_pw)
+
+            with open(token_client_tmp_fn, 'wb') as w:
+                ldif_writer = LDIFWriter(w)
+                ldif_writer.unparse('inum=%(admin_ui_token_client_id)s,ou=clients,o=jans', ldif_parser.entries[0][1])
+
+            config_api_installer.renderTemplateInOut(token_client_tmp_fn, self.templates_dir, self.source_dir)
+            self.dbUtils.import_ldif([os.path.join(self.source_dir, os.path.basename(token_client_tmp_fn))])
+
+
         self.add_apache_directive(Config.templateRenderingDict['admin_ui_apache_root'], 'admin_ui_apache_directive')
 
         oidc_client = installed_components.get('oidc_client', {})
@@ -795,6 +828,12 @@ def uninstall_admin_ui(self):
             print("  - Deleting Gluu Flex Admin UI Client ", Config.admin_ui_client_id)
             self.dbUtils.delete_dn('inum={},ou=clients,o=jans'.format(Config.admin_ui_client_id))
 
+        client_check_result = config_api_installer.check_clients([('admin_ui_token_client_id', '2002.')])
+        if client_check_result['2002.'] == 1:
+            print("  - Deleting Gluu Flex Admin UI Token Client ", Config.admin_ui_token_client_id)
+            self.dbUtils.delete_dn('inum={},ou=clients,o=jans'.format(Config.admin_ui_token_client_id))
+
+
         self.dbUtils.set_configuration("jansConfApp", None, self.admin_ui_dn)
 
         print("  - Removing Admin UI directives from apache configuration")

diff --git a/flex-linux-setup/flex_linux_setup/templates/auiConfiguration.json b/flex-linux-setup/flex_linux_setup/templates/auiConfiguration.json
@@ -19,8 +19,8 @@
     },
     "tokenServerClient": {
       "opHost": "https://%(hostname)s",
-      "clientId": "%(admin_ui_client_id)s",
-      "clientSecret": "%(admin_ui_client_encoded_pw)s",
+      "clientId": "%(admin_ui_token_client_id)s",
+      "clientSecret": "%(admin_ui_token_client_encoded_pw)s",
       "tokenEndpoint": "https://%(hostname)s/jans-auth/restv1/token",
       "scopes": [
         "openid",