Skip to content

Commit

Permalink
docs: end session script (#3402)
Browse files Browse the repository at this point in the history
* docs: fix ropc methods table

* docs: add end session

* docs: fix schema command

* docs: fix custom script schema commands
  • Loading branch information
SafinWasi authored Dec 23, 2022
1 parent 436697f commit 7f71ffe
Show file tree
Hide file tree
Showing 7 changed files with 117 additions and 12 deletions.
4 changes: 2 additions & 2 deletions docs/admin/config-guide/jans-cli/cli-custom-scripts.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ Operation ID: delete-config-scripts-by-inum
Description: Deletes a custom script.
url-suffix: inum
To get sample schema type /opt/jans/jans-cli/config-cli.py --schema <schma>, for example /opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript
To get sample schema type /opt/jans/jans-cli/config-cli.py --schema <schma>, for example /opt/jans/jans-cli/config-cli.py --schema CustomScript
```

Let's perform each of this operation.
Expand Down Expand Up @@ -71,7 +71,7 @@ Operation ID: post-config-scripts
So, let's get the schema first:

```
/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
/opt/jans/jans-cli/config-cli.py CustomScript > /tmp/cs.json
```

```
Expand Down
2 changes: 1 addition & 1 deletion docs/admin/developer/interception-scripts.md
Original file line number Diff line number Diff line change
Expand Up @@ -259,7 +259,7 @@ The post-config-scripts and put-config-scripts require various details about the
### Basic schema of a custom script
Command:

`/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript `
`/opt/jans/jans-cli/config-cli.py --schema CustomScript `

Output:
```json
Expand Down
116 changes: 110 additions & 6 deletions docs/admin/developer/scripts/end-session.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,118 @@ tags:
- scripts
---

## This content is in progress
## Overview
End Session scripts allows the administrator to modify HTML response for OpenID Connect Frontchannel logout ([spec](https://openid.net/specs/openid-connect-frontchannel-1_0.html)).

The Janssen Project documentation is currently in development. Topic pages are being created in order of broadest relevance, and this page is coming in the near future.
## Interface
The end session script implements the [EndSessionType](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/logout/EndSessionType.java) interface. This extends methods from the base script type in addition to adding new methods:

## Have questions in the meantime?
### Inherited Methods
| Method header | Method description |
|:-----|:------|
| `def init(self, customScript, configurationAttributes)` | This method is only called once during the script initialization. It can be used for global script initialization, initiate objects etc |
| `def destroy(self, configurationAttributes)` | This method is called once to destroy events. It can be used to free resource and objects created in the `init()` method |
| `def getApiVersion(self, configurationAttributes, customScript)` | The getApiVersion method allows API changes in order to do transparent migration from an old script to a new API. Only include the customScript variable if the value for getApiVersion is greater than 10 |

While this documentation is in progress, you can ask questions through [GitHub Discussions](https://github.com/JanssenProject/jans/discussion) or the [community chat on Gitter](https://gitter.im/JanssenProject/Lobby). Any questions you have will help determine what information our documentation should cover.
### New Methods
| Method header | Method description |
|:-----|:------|
| `def getFrontchannelHtml(self, context)` | Returns string, it must be valid HTML (with iframes according to [specification](http://openid.net/specs/openid-connect-frontchannel-1_0.html)). This method is called on `/end_session` after actual session is killed and authorization server constructs HTML to return to RP. |

## Want to contribute?
### Objects
| Object name | Object description |
|:-----|:------|
|`customScript`| The custom script object. [Reference](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/model/CustomScript.java) |
|`configurationAttributes`| `configurationProperties` passed in when adding custom script. `Map<String, SimpleCustomProperty> configurationAttributes` |
|`context`| [Reference](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/EndSessionContext.java)

If you have content you'd like to contribute to this page in the meantime, you can get started with our [Contribution guide](https://docs.jans.io/head/CONTRIBUTING/).

## Use case: Dummy Logout Page
This script has been adapted from the Gluu Server [sample end session script](https://github.com/GluuFederation/community-edition-setup/blob/version_4.4.0/static/extension/end_session/end_session.py).

!!! Note

The example script is a proof of concept, as the `getFrontchannelHtml()` must return an actual HTML string.

### Script Type: Python
```python
from io.jans.model.custom.script.type.logout import EndSessionType
from java.lang import String

class EndSession(EndSessionType):
def __init__(self, currentTimeMillis):
self.currentTimeMillis = currentTimeMillis

def init(self, customScript, configurationAttributes):
print "EndSession script. Initializing ..."
print "EndSession script. Initialized successfully"

return True

def destroy(self, configurationAttributes):
print "EndSession script. Destroying ..."
print "EndSession script. Destroyed successfully"
return True

def getApiVersion(self):
return 11

# Must return an HTML string
def getFrontchannelHtml(self, context):
return ""
```

### Script Type: Java
```java
import java.util.Map;

import io.jans.model.SimpleCustomProperty;
import io.jans.model.custom.script.model.CustomScript;
import io.jans.model.custom.script.type.logout.EndSessionType;
import io.jans.service.custom.script.CustomScriptManager;
import io.jans.as.server.service.external.context.EndSessionContext;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


public class EndSession implements EndSessionType {

private static final Logger log = LoggerFactory.getLogger(CustomScriptManager.class);

@Override
public boolean init(Map<String, SimpleCustomProperty> configurationAttributes) {
log.info("ROPC Script. Initializing...");
log.info("ROPC Script. Initialized");
return true;
}

@Override
public boolean init(CustomScript customScript, Map<String, SimpleCustomProperty> configurationAttributes) {
log.info("ROPC Script. Initializing...");
log.info("ROPC Script. Initialized");
return true;
}

@Override
public boolean destroy(Map<String, SimpleCustomProperty> configurationAttributes) {
log.info("ROPC Script. Destroying...");
log.info("ROPC Script. Destroyed.");
return true;
}

@Override
public int getApiVersion() {
return 11;
}

@Override
public String getFrontchannelHtml(Object context) {
EndSessionContext endSessionContext = (EndSessionContext) context;
// Must return a real HTML string as per OIDC front channel logout spec
return "";
}

}

```
1 change: 1 addition & 0 deletions docs/admin/developer/scripts/ropc.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ The ROPC script implements the [ResourceOwnerPasswordCredentialsType](https://gi

### New Methods
| Method header | Method description |
|:-----|:------|
| `def authenticate(self, context)` | This method is called after normal ROPC authentication. This method can cancel normal authentication if it returns false and sets `context.setUser(null)` |

### Objects
Expand Down
2 changes: 1 addition & 1 deletion docs/admin/developer/scripts/update-token.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ Jans AS->>RP: return token(s) (Access token, ID token or Refresh Token) reflecti

1. Create cs.json with the contents of a CUSTOM script. To do that, run the following command.
```
/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
```
2. Edit the file's contents to reflect the addition of the UpdateToken custom script.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ The dependencies have to be added separately as mentioned in the steps below. Us

1. Create `cs.json` with the contents of a CUSTOM script. To do that, run the following command.
```
/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
```
2. Edit the file's contents to reflect the addition of the duo custom script.
* Set enabled flag `true`
Expand Down
2 changes: 1 addition & 1 deletion docs/script-catalog/update_token/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ Jans AS->>RP: return token(s) (Access token, ID token or Refresh Token) reflecti

1. Create cs.json with the contents of a CUSTOM script. To do that, run the following command.
```
/opt/jans/jans-cli/config-cli.py --schema /components/schemas/CustomScript > /tmp/cs.json
/opt/jans/jans-cli/config-cli.py --schema CustomScript > /tmp/cs.json
```
2. Edit the file's contents to reflect the addition of the UpdateToken custom script.

Expand Down

0 comments on commit 7f71ffe

Please sign in to comment.