fix: avoid duplicated client when re-running persistence-loader and c…

…onfigurator (#1134) * fix: add missing client config and secret * docs: add notes about deprecation of client config and secret
JanssenProject · Mar 31, 2022 · 5567ba9 · 5567ba9
1 parent 49f64d4
commit 5567ba9
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/docker-jans-configurator/scripts/bootstrap.py b/docker-jans-configurator/scripts/bootstrap.py
@@ -807,9 +807,35 @@ def generate(self):
         if "casa" in opt_scopes:
             self.casa_ctx()
 
+        self.admin_ui_ctx()
+        self.jans_cli_ctx()
+
         # populated config
         return self.ctx
 
+    def admin_ui_ctx(self):
+        self.set_config("admin_ui_client_id", lambda: f"1901.{uuid4()}")
+        admin_ui_client_pw = self.set_secret("admin_ui_client_pw", get_random_chars)
+        self.set_secret(
+            "admin_ui_client_encoded_pw",
+            partial(encode_text, admin_ui_client_pw, self.get_secret("encoded_salt")),
+        )
+
+        self.set_config("token_server_admin_ui_client_id", lambda: f"1901.{uuid4()}")
+        token_server_admin_ui_client_pw = self.set_secret("token_server_admin_ui_client_pw", get_random_chars)
+        self.set_secret(
+            "token_server_admin_ui_client_encoded_pw",
+            partial(encode_text, token_server_admin_ui_client_pw, self.get_secret("encoded_salt")),
+        )
+
+    def jans_cli_ctx(self):
+        self.set_config("role_based_client_id", lambda: f"2000.{uuid4()}")
+        role_based_client_pw = self.set_secret("role_based_client_pw", get_random_chars)
+        self.set_secret(
+            "role_based_client_encoded_pw",
+            partial(encode_text, role_based_client_pw, self.get_secret("encoded_salt")),
+        )
+
 
 def gen_idp3_key(storepass):
     cmd = " ".join([

diff --git a/docker-jans-persistence-loader/scripts/utils.py b/docker-jans-persistence-loader/scripts/utils.py
@@ -149,6 +149,11 @@ def get_base_ctx(manager):
     # static kid
     ctx["staticKid"] = os.environ.get("CN_OB_STATIC_KID", "")
 
+    # WARNING:
+    # - deprecate configs and secrets for admin_ui and token_server_admin_ui
+    # - move the configs and secrets creation to configurator
+    # - remove them on future release
+
     # admin-ui plugins
     ctx["admin_ui_client_id"] = manager.config.get("admin_ui_client_id")
     if not ctx["admin_ui_client_id"]:
@@ -337,6 +342,11 @@ def merge_casa_ctx(manager, ctx):
 
 
 def merge_jans_cli_ctx(manager, ctx):
+    # WARNING:
+    # - deprecated configs and secrets for role_based
+    # - move the configs and secrets creation to configurator
+    # - remove them on future release
+
     # jans-cli client
     ctx["role_based_client_id"] = manager.config.get("role_based_client_id")
     if not ctx["role_based_client_id"]: