From 622bcf4afae94cddff2a19ca5178f2b8230165d5 Mon Sep 17 00:00:00 2001 From: pujavs <43700552+pujavs@users.noreply.github.com> Date: Sat, 19 Mar 2022 03:02:41 +0530 Subject: [PATCH] feat(jans-config-api): ignore client.customObjectClasses value for persistence type other than LDAP (#1073) --- .../profiles/local/test.properties | 6 ++-- .../rest/resource/auth/ClientsResource.java | 30 +++++++++++++++++-- .../feature/openid/clients/client.json | 2 ++ .../feature/openid/clients/clients.feature | 4 +++ 4 files changed, 36 insertions(+), 6 deletions(-) diff --git a/jans-config-api/profiles/local/test.properties b/jans-config-api/profiles/local/test.properties index 8f1c0a4d8f3..bcad7a33e42 100644 --- a/jans-config-api/profiles/local/test.properties +++ b/jans-config-api/profiles/local/test.properties @@ -67,9 +67,9 @@ test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/con #test.issuer=https://jans.server4 -# jans.server1 +# jans.server token.endpoint=https://jans.server/jans-auth/restv1/token token.grant.type=client_credentials -test.client.id=1800.1832c189-59e0-4077-b3d9-3d03e90c8194 -test.client.secret=9WWPhtHBGktg +test.client.id=1800.77e9a8e6-8fee-4b86-b294-017ba6ab2112 +test.client.secret=dobHjXDhH6zh test.issuer=https://jans.server \ No newline at end of file diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/ClientsResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/ClientsResource.java index 1d6982a34d8..f3b35c4fcda 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/ClientsResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/ClientsResource.java @@ -14,10 +14,12 @@ import io.jans.configapi.core.rest.ProtectedApi; import io.jans.configapi.rest.model.SearchRequest; import io.jans.configapi.service.auth.ClientService; +import io.jans.configapi.service.auth.ConfigurationService; import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; import io.jans.configapi.util.AttributeNames; import io.jans.configapi.core.util.Jackson; +import io.jans.orm.PersistenceEntryManager; import io.jans.orm.model.PagedResult; import io.jans.util.StringHelper; import io.jans.util.security.StringEncrypter.EncryptionException; @@ -55,6 +57,9 @@ public class ClientsResource extends BaseResource { @Inject ClientService clientService; + @Inject + ConfigurationService configurationService; + @Inject private InumService inumService; @@ -79,7 +84,7 @@ public Response getOpenIdConnectClients( startIndex, limit, null, null); final List clients = this.doSearch(searchReq); - log.trace("Client serach result:{}", clients); + logger.trace("Client serach result:{}", clients); return Response.ok(getClients(clients)).build(); } @@ -116,6 +121,9 @@ public Response createOpenIdConnect(@Valid Client client) throws EncryptionExcep client.setClientSecret(encryptionService.encrypt(clientSecret)); client.setDn(clientService.getDnForClient(inum)); client.setDeletable(client.getClientSecretExpiresAt() != null); + ignoreCustomObjectClassesForNonLDAP(client); + + logger.debug("Final Client details to be added - client:{}", client); clientService.addClient(client); Client result = clientService.getClientByInum(inum); result.setClientSecret(encryptionService.decrypt(result.getClientSecret())); @@ -140,6 +148,9 @@ public Response updateClient(@Valid Client client) throws EncryptionException { if (client.getClientSecret() != null) { client.setClientSecret(encryptionService.encrypt(client.getClientSecret())); } + ignoreCustomObjectClassesForNonLDAP(client); + + logger.debug("Final Client details to be updated - client:{}", client); clientService.updateClient(client); Client result = clientService.getClientByInum(existingClient.getClientId()); result.setClientSecret(encryptionService.decrypt(client.getClientSecret())); @@ -198,12 +209,12 @@ private List doSearch(SearchRequest searchReq) { PagedResult pagedResult = clientService.searchClients(searchReq); if (logger.isTraceEnabled()) { - log.trace("PagedResult - pagedResult:{}", pagedResult); + logger.trace("PagedResult - pagedResult:{}", pagedResult); } List clients = new ArrayList<>(); if (pagedResult != null) { - log.trace("Clients fetched - pagedResult.getEntries():{}", pagedResult.getEntries()); + logger.trace("Clients fetched - pagedResult.getEntries():{}", pagedResult.getEntries()); clients = pagedResult.getEntries(); } if (logger.isDebugEnabled()) { @@ -211,4 +222,17 @@ private List doSearch(SearchRequest searchReq) { } return clients; } + + private Client ignoreCustomObjectClassesForNonLDAP(Client client) { + String persistenceType = configurationService.getPersistenceType(); + logger.debug("persistenceType: {}",persistenceType); + if(!PersistenceEntryManager.PERSITENCE_TYPES.ldap.name().equals(persistenceType)) { + logger.debug("Setting CustomObjectClasses :{} to null as its used only for LDAP and current persistenceType is {} ", client.getCustomObjectClasses() , persistenceType); + client.setCustomObjectClasses(null); + } + return client; + } + + + } diff --git a/jans-config-api/server/src/test/resources/feature/openid/clients/client.json b/jans-config-api/server/src/test/resources/feature/openid/clients/client.json index a9a1ad6b3bb..8b726bae869 100644 --- a/jans-config-api/server/src/test/resources/feature/openid/clients/client.json +++ b/jans-config-api/server/src/test/resources/feature/openid/clients/client.json @@ -1,5 +1,7 @@ { "applicationType": "web", + "description":"Description for test client", + "customObjectClasses":["top"], "accessTokenAsJwt": false, "claimRedirectUris": [ ], diff --git a/jans-config-api/server/src/test/resources/feature/openid/clients/clients.feature b/jans-config-api/server/src/test/resources/feature/openid/clients/clients.feature index e676b74479b..c0a251fd175 100644 --- a/jans-config-api/server/src/test/resources/feature/openid/clients/clients.feature +++ b/jans-config-api/server/src/test/resources/feature/openid/clients/clients.feature @@ -81,6 +81,7 @@ And header Authorization = 'Bearer ' + accessToken And request read('client.json') When method POST Then status 201 +And print response Then def result = response Then set result.displayName = 'UpdatedQAAddedClient' Given url mainUrl @@ -88,11 +89,13 @@ And header Authorization = 'Bearer ' + accessToken And request result When method PUT Then status 200 +And print response And assert response.displayName == 'UpdatedQAAddedClient' Given url mainUrl + '/' +response.inum And header Authorization = 'Bearer ' + accessToken When method DELETE Then status 204 +And print response Scenario: Delete a non-existion openid connect client by inum @@ -100,6 +103,7 @@ Given url mainUrl + '/1402.66633-8675-473e-a749' And header Authorization = 'Bearer ' + accessToken When method GET Then status 404 +And print response Scenario: Patch openid connect client