fix: flex linux setup admin UI client (#542)

* feat: flex-linux-setup seperate Admin UI client * fix: flex-linux-setup create Admin UI client if not exists * fix: flex-linux-setup keep admin-ui configuration upon removal -- needed by CLI * fix: flex-linux-setup delete admin-ui client upon removal * fix: flex-linux-setup plain client password in auiConfiguration.properties
GluuFederation · Oct 25, 2022 · ef51e0f · ef51e0f
1 parent f5e246d
commit ef51e0f
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 10 deletions.
diff --git a/flex-linux-setup/flex_linux_setup/flex_setup.py b/flex-linux-setup/flex_linux_setup/flex_setup.py
@@ -152,6 +152,7 @@ def get_flex_setup_parser():
 sys.path.insert(0, os.path.join(base.pylib_dir, 'gcs'))
 
 from setup_app.pylib.jproperties import Properties
+from setup_app.pylib.ldif4.ldif import LDIFWriter
 from setup_app.utils.package_utils import packageUtils
 from setup_app.config import Config
 from setup_app.utils.collect_properties import CollectProperties
@@ -162,6 +163,8 @@ def get_flex_setup_parser():
 from setup_app.installers.jans_auth import JansAuthInstaller
 from setup_app.installers.jans_cli import JansCliInstaller
 from setup_app.utils.properties_utils import propertiesUtils
+from setup_app.utils.ldif_utils import myLdifParser
+
 
 Config.outputFolder = os.path.join(__STATIC_SETUP_DIR__, 'output')
 if not os.path.join(Config.outputFolder):
@@ -355,6 +358,27 @@ def install_gluu_admin_ui(self):
         base.extract_from_zip(self.flex_path, 'admin-ui', self.source_dir)
 
         print("Source directory:", self.source_dir)
+
+        print("Creating Gluu Flex Admin UI Client")
+
+        client_check_result = config_api_installer.check_clients([('admin_ui_client_id', '2001.')])
+        if client_check_result['2001.'] == -1:
+            ldif_parser = myLdifParser(jans_cli_installer.ldif_client)
+            ldif_parser.parse()
+
+            ldif_parser.entries[0][1]['inum'] = ['%(admin_ui_client_id)s']
+            ldif_parser.entries[0][1]['jansClntSecret'] = ['%(admin_ui_client_encoded_pw)s']
+            ldif_parser.entries[0][1]['displayName'] = ['Gluu Flex Admin UI Client']
+
+            client_tmp_fn = os.path.join(self.templates_dir, 'admin_ui_client.ldif')
+
+            with open(client_tmp_fn, 'wb') as w:
+                ldif_writer = LDIFWriter(w)
+                ldif_writer.unparse('inum=%(admin_ui_client_id)s,ou=clients,o=jans', ldif_parser.entries[0][1])
+
+            config_api_installer.renderTemplateInOut(client_tmp_fn, self.templates_dir, self.source_dir)
+            self.dbUtils.import_ldif([os.path.join(self.source_dir, os.path.basename(client_tmp_fn))])
+
         env_tmp = os.path.join(self.source_dir, '.env.tmp')
         print("env_tmp", env_tmp)
         config_api_installer.renderTemplateInOut(env_tmp, self.source_dir, self.source_dir)
@@ -373,9 +397,9 @@ def install_gluu_admin_ui(self):
         config_api_installer.copy_tree(os.path.join(self.source_dir, 'dist'),  Config.templateRenderingDict['admin_ui_apache_root'])
 
         Config.templateRenderingDict['adminui_authentication_mode'] = argsp.adminui_authentication_mode
-        config_api_installer.check_clients([('role_based_client_id', '2000.')])
-        config_api_installer.renderTemplateInOut(self.admin_ui_config_properties_path, os.path.join(self.flex_setup_dir, 'templates'), config_api_installer.custom_config_dir)
-        
+
+        config_api_installer.renderTemplateInOut(self.admin_ui_config_properties_path, self.templates_dir, config_api_installer.custom_config_dir)
+
         config_api_installer.copyFile(self.admin_ui_plugin_source_path, config_api_installer.libDir)
         config_api_installer.add_extra_class(self.admin_ui_plugin_path)
 
@@ -605,8 +629,10 @@ def uninstall_casa(self):
     def uninstall_admin_ui(self):
         print("Uninstalling Gluu Admin-UI")
 
-        print("  - Deleting admin-ui configuration from db backend")
-        self.dbUtils.delete_dn('ou=admin-ui,ou=configuration,o=jans')
+        client_check_result = config_api_installer.check_clients([('admin_ui_client_id', '2001.')])
+        if client_check_result['2001.'] == 1:
+            print("  - Deleting Gluu Flex Admin UI Client ", Config.admin_ui_client_id)
+            self.dbUtils.delete_dn('inum={},ou=clients,o=jans'.format(Config.admin_ui_client_id))
 
         print("  - Removing Admin UI directives from apache configuration")
         self.remove_apache_directive('<Directory "{}">'.format(Config.templateRenderingDict['admin_ui_apache_root']))
@@ -615,7 +641,6 @@ def uninstall_admin_ui(self):
             print(del_msg, self.admin_ui_plugin_path)
             self.run(['rm', '-f', self.admin_ui_plugin_path])
 
-
         write_config_api_xml = False
         config_api_plugins = config_api_installer.get_plugins(paths=True)
 

diff --git a/flex-linux-setup/flex_linux_setup/templates/auiConfiguration.properties b/flex-linux-setup/flex_linux_setup/templates/auiConfiguration.properties
@@ -1,5 +1,5 @@
-authserver.clientId=%(role_based_client_id)s
-authserver.clientSecret=%(role_based_client_pw)s
+authserver.clientId=%(admin_ui_client_id)s
+authserver.clientSecret=%(admin_ui_client_pw)s
 authserver.authzBaseUrl=https://%(hostname)s/jans-auth/restv1/authorize
 authserver.scope=openid+profile+email+user_name
 authserver.acrValues=%(adminui_authentication_mode)s
@@ -11,8 +11,8 @@ authserver.introspectionEndpoint=https://%(hostname)s/jans-auth/restv1/introspec
 authserver.userInfoEndpoint=https://%(hostname)s/jans-auth/restv1/userinfo
 authserver.endSessionEndpoint=https://%(hostname)s/jans-auth/restv1/end_session
 
-tokenServer.clientId=%(role_based_client_id)s
-tokenServer.clientSecret=%(role_based_client_pw)s
+tokenServer.clientId=%(admin_ui_client_id)s
+tokenServer.clientSecret=%(admin_ui_client_pw)s
 tokenServer.authzBaseUrl=https://%(hostname)s/jans-auth/restv1/authorize
 tokenServer.scope=openid+profile+email+user_name
 tokenServer.acrValues=basic