Skip to content

Commit

Permalink
feat(config-api): agama deployment path param change and client autho…
Browse files Browse the repository at this point in the history
…rization (#4147)

* fix(config-api): customObjectClass changes

* fix(config-api): user custom attribute changes and agama param changes

* fix(config-api): user custom attribute changes and agama param changes

* fix(config-api): user custom attribute changes and agama param changes

* feat(config-api): agama deployment path param change and client authorization

* feat(config-api): agama deployment path param change and client authorization

* feat(config-api): agama deployment path param change and client authorization
  • Loading branch information
pujavs authored Mar 14, 2023
1 parent 8c0bbb3 commit 22323ce
Show file tree
Hide file tree
Showing 11 changed files with 378 additions and 90 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,9 @@ private ApiConstants() {}
public static final String PLUGIN = "/plugin";
public static final String PLUGIN_NAME_PATH = "{pluginName}";
public static final String AUTHORIZATIONS = "/authorizations";
public static final String USERID_PATH = "{userId}";
public static final String USERID = "userId";
public static final String USERNAME = "username";

public static final String LIMIT = "limit";
public static final String START_INDEX = "startIndex";
Expand Down
123 changes: 101 additions & 22 deletions jans-config-api/docs/jans-config-api-swagger.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ paths:
- oauth2:
- https://jans.io/oauth/config/acrs.write
- https://jans.io/oauth/config/write-all
/api/v1/agama-deployment:
/api/v1/agama-deployment/{name}:
get:
tags:
- Agama - Developer Studio
Expand All @@ -182,7 +182,9 @@ paths:
operationId: get-agama-dev-studio-prj-by-name
parameters:
- name: name
in: query
in: path
description: Agama project name
required: true
schema:
type: string
responses:
Expand Down Expand Up @@ -217,7 +219,9 @@ paths:
operationId: post-agama-dev-studio-prj
parameters:
- name: name
in: query
in: path
description: Agama project name
required: true
schema:
type: string
requestBody:
Expand Down Expand Up @@ -258,7 +262,9 @@ paths:
operationId: delete-agama-dev-studio-prj
parameters:
- name: name
in: query
in: path
description: Agama project name
required: true
schema:
type: string
responses:
Expand All @@ -277,7 +283,7 @@ paths:
security:
- oauth2:
- https://jans.io/oauth/config/agama.delete
/api/v1/agama-deployment/configs:
/api/v1/agama-deployment/configs/{name}:
get:
tags:
- Agama - Developer Studio
Expand All @@ -286,7 +292,9 @@ paths:
operationId: get-agama-dev-prj-configs
parameters:
- name: name
in: query
in: path
description: Agama project name
required: true
schema:
type: string
responses:
Expand Down Expand Up @@ -315,7 +323,9 @@ paths:
operationId: put-agama-dev-studio-prj
parameters:
- name: name
in: query
in: path
description: Agama project name
required: true
schema:
type: string
requestBody:
Expand Down Expand Up @@ -1959,6 +1969,75 @@ paths:
security:
- oauth2:
- https://jans.io/oauth/config/cache.write
/api/v1/clients/authorizations:
get:
tags:
- Client Authorization
summary: Gets list of client authorization
description: Gets list of client authorizations
operationId: get-client-authorization_1
parameters:
- name: userId
in: path
description: User identifier
required: true
schema:
type: string
responses:
"200":
description: Ok
content:
application/json:
schema:
type: string
examples:
Response json example:
description: Response json example
value: ""
"401":
description: Unauthorized
"500":
description: InternalServerError
security:
- oauth2:
- https://jans.io/oauth/client/authorizations.readonly
delete:
tags:
- Client Authorization
summary: Revoke client authorization
description: Revoke client authorizations
operationId: get-client-authorization
parameters:
- name: userId
in: path
description: User identifier
required: true
schema:
type: string
- name: username
in: path
description: User name
required: true
schema:
type: string
- name: clientId
in: path
description: Client identifier
required: true
schema:
type: string
responses:
"204":
description: No Content
"401":
description: Unauthorized
"404":
description: Not Found
"500":
description: InternalServerError
security:
- oauth2:
- https://jans.io/oauth/client/authorizations.delete
/api/v1/openid/clients:
get:
tags:
Expand Down Expand Up @@ -7610,14 +7689,14 @@ components:
type: boolean
adminCanView:
type: boolean
userCanAccess:
type: boolean
userCanView:
type: boolean
userCanEdit:
type: boolean
adminCanAccess:
type: boolean
userCanAccess:
type: boolean
adminCanEdit:
type: boolean
baseDn:
Expand Down Expand Up @@ -8876,17 +8955,6 @@ components:
format: int32
displayName:
type: string
authenticationMethod:
type: string
enum:
- client_secret_basic
- client_secret_post
- client_secret_jwt
- private_key_jwt
- access_token
- tls_client_auth
- self_signed_tls_client_auth
- none
allAuthenticationMethods:
uniqueItems: true
type: array
Expand All @@ -8901,6 +8969,17 @@ components:
- tls_client_auth
- self_signed_tls_client_auth
- none
authenticationMethod:
type: string
enum:
- client_secret_basic
- client_secret_post
- client_secret_jwt
- private_key_jwt
- access_token
- tls_client_auth
- self_signed_tls_client_auth
- none
baseDn:
type: string
inum:
Expand Down Expand Up @@ -9225,14 +9304,14 @@ components:
type: boolean
internal:
type: boolean
locationPath:
type: string
locationType:
type: string
enum:
- ldap
- db
- file
locationPath:
type: string
baseDn:
type: string
ScriptError:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,8 @@ public Response getUsers(
@Parameter(description = "Attribute whose value will be used to order the returned response") @QueryParam(value = ApiConstants.SORT_BY) String sortBy,
@Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder)
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}",
if (logger.isInfoEnabled()) {
logger.info("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}",
escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy),
escapeLog(sortOrder));
}
Expand All @@ -108,8 +108,8 @@ public Response getUsers(
public Response getUserByInum(
@Parameter(description = "User identifier") @PathParam(ApiConstants.INUM) @NotNull String inum)
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search by inum:{}", escapeLog(inum));
if (logger.isInfoEnabled()) {
logger.info("User search by inum:{}", escapeLog(inum));
}
User user = userMgmtSrv.getUserBasedOnInum(inum);
checkResourceNotNull(user, USER);
Expand All @@ -121,7 +121,7 @@ public Response getUserByInum(

// get custom user
CustomUser customUser = getCustomUser(user, true);
logger.debug("customUser:{}", customUser);
logger.info("customUser:{}", customUser);

return Response.ok(customUser).build();
}
Expand All @@ -140,8 +140,8 @@ public Response getUserByInum(
public Response createUser(@Valid CustomUser customUser,
@Parameter(description = "Boolean flag to indicate if attributes to be removed for non-LDAP DB. Default value is true, indicating non-LDAP attributes will be removed from request.") @DefaultValue("true") @QueryParam(value = ApiConstants.REMOVE_NON_LDAP_ATTRIBUTES) boolean removeNonLDAPAttributes)
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User details to be added - customUser:{}, removeNonLDAPAttributes:{}", escapeLog(customUser),
if (logger.isInfoEnabled()) {
logger.info("User details to be added - customUser:{}, removeNonLDAPAttributes:{}", escapeLog(customUser),
removeNonLDAPAttributes);
}

Expand All @@ -164,7 +164,7 @@ public Response createUser(@Valid CustomUser customUser,

// get custom user
customUser = getCustomUser(user, removeNonLDAPAttributes);
logger.debug("newly created customUser:{}", customUser);
logger.info("newly created customUser:{}", customUser);

return Response.status(Response.Status.CREATED).entity(customUser).build();
}
Expand All @@ -184,8 +184,8 @@ public Response createUser(@Valid CustomUser customUser,
public Response updateUser(@Valid CustomUser customUser,
@Parameter(description = "Boolean flag to indicate if attributes to be removed for non-LDAP DB. Default value is true, indicating non-LDAP attributes will be removed from request.") @DefaultValue("true") @QueryParam(value = ApiConstants.REMOVE_NON_LDAP_ATTRIBUTES) boolean removeNonLDAPAttributes)
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User details to be updated - customUser:{}, removeNonLDAPAttributes:{}",
if (logger.isInfoEnabled()) {
logger.info("User details to be updated - customUser:{}, removeNonLDAPAttributes:{}",
escapeLog(customUser), removeNonLDAPAttributes);
}

Expand All @@ -203,7 +203,7 @@ public Response updateUser(@Valid CustomUser customUser,

try {
user = userMgmtSrv.updateUser(user);
logger.debug("Updated user:{}", user);
logger.info("Updated user:{}", user);
} catch (Exception ex) {
logger.error("Error while updating user", ex);
throwInternalServerException(ex);
Expand All @@ -214,7 +214,7 @@ public Response updateUser(@Valid CustomUser customUser,

// get custom user
customUser = getCustomUser(user, removeNonLDAPAttributes);
logger.debug("updated customUser:{}", customUser);
logger.info("updated customUser:{}", customUser);

return Response.ok(customUser).build();

Expand All @@ -238,8 +238,8 @@ public Response patchUser(
@NotNull UserPatchRequest userPatchRequest,
@Parameter(description = "Boolean flag to indicate if attributes to be removed for non-LDAP DB. Default value is true, indicating non-LDAP attributes will be removed from request.") @DefaultValue("true") @QueryParam(value = ApiConstants.REMOVE_NON_LDAP_ATTRIBUTES) boolean removeNonLDAPAttributes)
throws IllegalAccessException, InvocationTargetException, JsonPatchException, IOException {
if (logger.isDebugEnabled()) {
logger.debug("User:{} to be patched with :{}, removeNonLDAPAttributes:{} ", escapeLog(inum),
if (logger.isInfoEnabled()) {
logger.info("User:{} to be patched with :{}, removeNonLDAPAttributes:{} ", escapeLog(inum),
escapeLog(userPatchRequest), removeNonLDAPAttributes);
}
// check if user exists
Expand All @@ -259,7 +259,7 @@ public Response patchUser(

// get custom user
CustomUser customUser = getCustomUser(existingUser, removeNonLDAPAttributes);
logger.debug("patched customUser:{}", customUser);
logger.info("patched customUser:{}", customUser);

return Response.ok(customUser).build();
}
Expand All @@ -276,8 +276,8 @@ public Response patchUser(
@ProtectedApi(scopes = { ApiAccessConstants.USER_DELETE_ACCESS })
public Response deleteUser(
@Parameter(description = "User identifier") @PathParam(ApiConstants.INUM) @NotNull String inum) {
if (logger.isDebugEnabled()) {
logger.debug("User to be deleted - inum:{} ", escapeLog(inum));
if (logger.isInfoEnabled()) {
logger.info("User to be deleted - inum:{} ", escapeLog(inum));
}
User user = userMgmtSrv.getUserBasedOnInum(inum);
checkResourceNotNull(user, USER);
Expand All @@ -287,8 +287,8 @@ public Response deleteUser(

private UserPagedResult doSearch(SearchRequest searchReq, Boolean removeNonLDAPAttributes)
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search params - searchReq:{}, removeNonLDAPAttributes:{} ", escapeLog(searchReq),
if (logger.isInfoEnabled()) {
logger.info("User search params - searchReq:{}, removeNonLDAPAttributes:{} ", escapeLog(searchReq),
removeNonLDAPAttributes);
}

Expand Down Expand Up @@ -317,7 +317,7 @@ private UserPagedResult doSearch(SearchRequest searchReq, Boolean removeNonLDAPA
pagedCustomUser.setEntries(customUsers);
}

logger.debug("User pagedCustomUser:{}", pagedCustomUser);
logger.info("User pagedCustomUser:{}", pagedCustomUser);
return pagedCustomUser;

}
Expand Down
Loading

0 comments on commit 22323ce

Please sign in to comment.