diff --git a/docs/admin/auth-server/endpoints/ssa.md b/docs/admin/auth-server/endpoints/ssa.md index 0bbaeff969e..fdf050c6fb8 100644 --- a/docs/admin/auth-server/endpoints/ssa.md +++ b/docs/admin/auth-server/endpoints/ssa.md @@ -37,6 +37,7 @@ Use [Janssen Text-based UI(TUI)](../../config-guide/tui.md) or [Janssen command- When using TUI, navigate via `Auth Server`->`Properties`->`enabledFeatureFlags` to screen below. From here, enable or disable `SSA` flag as required. + ![](../../../assets/image-tui-enable-components.png) ## Configuration Properties @@ -63,6 +64,7 @@ parameters as described below: - `ssaSigningAlg` — Algorithm to sign the JWT that is returned after creating an SSA. - `ssaExpirationInDays` — Expiration expressed in days, when an SSA is created and the expiration is not sent. + ## SSA Security To call SSA services, a token of type `client_credentials` must be generated with the following scopes enabled: diff --git a/docs/admin/config-guide/config-api/README.md b/docs/admin/config-guide/config-api/README.md index 3b4c50c5e75..f1970945eed 100644 --- a/docs/admin/config-guide/config-api/README.md +++ b/docs/admin/config-guide/config-api/README.md @@ -7,10 +7,10 @@ tags: # config-api ## Overview -[Jans Config Api](https://github.com/JanssenProject/jans/tree/main/jans-config-api) provides a central place to manage and configure jans modules. +[Jans Config Api](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-config-api) provides a central place to manage and configure jans modules. It helps in configuring auth-server, users, fido2 and scim modules. -Config API is a REST application that is developed using Weld 4.x (JSR-365) and JAX-RS. Its endpoints can be used to manage configuration and other properties of [Jans Auth Server](https://github.com/JanssenProject/jans/tree/main/jans-auth-server), which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS) +Config API is a REST application that is developed using Weld 4.x (JSR-365) and JAX-RS. Its endpoints can be used to manage configuration and other properties of [Jans Auth Server](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-auth-server), which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS) ![Config-API-Architecture](../../../assets/config-api-architecture.png) diff --git a/docs/admin/config-guide/config-api/config.md b/docs/admin/config-guide/config-api/config.md index fb0ba4d224f..9c40fcd2df1 100644 --- a/docs/admin/config-guide/config-api/config.md +++ b/docs/admin/config-guide/config-api/config.md @@ -7,9 +7,9 @@ tags: # Config-api-configuration ## Overview -[Jans Config Api](https://github.com/JanssenProject/jans/tree/main/jans-config-api) configuration enables to manage application-level configuration. +[Jans Config Api](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-config-api) configuration enables to manage application-level configuration. -![](https://github.com/JanssenProject/jans/raw/main/docs/assets/config-api-configuration.png) +![](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/assets/config-api-configuration.png) ### Existing Config-api dynamic configuration @@ -76,7 +76,7 @@ tags: ## Revision update `jansRevision` property of the configuration is used to manage any change -![](https://github.com/JanssenProject/jans/raw/main/docs/assets/config-api-configuration-revision) +![](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/assets/config-api-configuration-revision) ### Two options to make effect of the changes done to the configuration diff --git a/docs/admin/config-guide/config-api/plugins.md b/docs/admin/config-guide/config-api/plugins.md index 5d97bfd2f93..826228a9501 100644 --- a/docs/admin/config-guide/config-api/plugins.md +++ b/docs/admin/config-guide/config-api/plugins.md @@ -5,7 +5,7 @@ tags: --- ## Overview -[Jans Config Api](https://github.com/JanssenProject/jans/tree/main/jans-config-api) is a REST application that is developed using Weld 4.x (JSR-365) and JAX-RS. Its endpoint can be used to manage configuration and other properties of [Jans Auth Server](https://github.com/JanssenProject/jans/tree/main/jans-auth-server). +[Jans Config Api](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-config-api) is a REST application that is developed using Weld 4.x (JSR-365) and JAX-RS. Its endpoint can be used to manage configuration and other properties of [Jans Auth Server](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-auth-server). ## Jans Config API Plugins Jans Config API follow a flexible plugin architecture in which the new features can be added using extensions called plugins without altering the application itself. In this section, we will discuss the steps to develop and add plugins in Jans Config API. diff --git a/docs/admin/developer/scripts/person-authentication-faq.md b/docs/admin/developer/scripts/person-authentication-faq.md index 4cf4863a16b..635d388b1fc 100644 --- a/docs/admin/developer/scripts/person-authentication-faq.md +++ b/docs/admin/developer/scripts/person-authentication-faq.md @@ -14,7 +14,7 @@ tags: ### 1. Display error messages on a web page? -1.[FacesMessages](https://github.com/JanssenProject/jans/blob/main/jans-core/jsf-util/src/main/java/io/jans/jsf2/message/FacesMessages.java) bean is used for this purpose. +1.[FacesMessages](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/jsf-util/src/main/java/io/jans/jsf2/message/FacesMessages.java) bean is used for this purpose. ``` from org.jans.jsf2.message import FacesMessages from org.jans.service.cdi.util import CdiUtil @@ -32,7 +32,7 @@ tags: ... ``` - See an example [here](https://github.com/JanssenProject/jans/blob/685a1593fb53e2310cfa38fcd49db94f3453042f/jans-auth-server/server/src/main/webapp/WEB-INF/incl/layout/template.xhtml#L41) + See an example [here](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/server/src/main/webapp/WEB-INF/incl/layout/template.xhtml#L41) ### 2. Redirection to a third party application for authentication diff --git a/docs/admin/developer/scripts/ropc.md b/docs/admin/developer/scripts/ropc.md index 118a6e4e489..e44a7e2304a 100644 --- a/docs/admin/developer/scripts/ropc.md +++ b/docs/admin/developer/scripts/ropc.md @@ -12,7 +12,7 @@ Resource Owner Password Credentials script allows modifying the behavior of Reso The script is invoked after normal authentication and can either leave current result or change it - authenticate if not authenticated - it should return True and optionally set user (via `context.setUser(user)`). ## Interface -The ROPC script implements the [ResourceOwnerPasswordCredentialsType](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/owner/ResourceOwnerPasswordCredentialsType.java) interface. This extends methods from the base script type in addition to adding new method: +The ROPC script implements the [ResourceOwnerPasswordCredentialsType](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/script/src/main/java/io/jans/model/custom/script/type/owner/ResourceOwnerPasswordCredentialsType.java) interface. This extends methods from the base script type in addition to adding new method: ### Inherited Methods | Method header | Method description | @@ -29,10 +29,10 @@ The ROPC script implements the [ResourceOwnerPasswordCredentialsType](https://gi ### Objects | Object name | Object description | |:-----|:------| -|`customScript`| The custom script object. [Reference](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/model/CustomScript.java) | +|`customScript`| The custom script object. [Reference](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/script/src/main/java/io/jans/model/custom/script/model/CustomScript.java) | |`configurationAttributes`| `configurationProperties` passed in when adding custom script. `Map configurationAttributes` | -|`SimpleCustomProperty`| Map of configuration properties. [Reference](https://github.com/JanssenProject/jans/blob/main/jans-core/util/src/main/java/io/jans/model/SimpleCustomProperty.java) | -| `context` | [Reference](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/ExternalResourceOwnerPasswordCredentialsContext.java) | +|`SimpleCustomProperty`| Map of configuration properties. [Reference](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/util/src/main/java/io/jans/model/SimpleCustomProperty.java) | +| `context` | [Reference](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/ExternalResourceOwnerPasswordCredentialsContext.java) | ## Use case: Basic ROPC authentication script diff --git a/docs/admin/install/docker-install/compose.md b/docs/admin/install/docker-install/compose.md index ac68c702e86..e1380164739 100644 --- a/docs/admin/install/docker-install/compose.md +++ b/docs/admin/install/docker-install/compose.md @@ -49,7 +49,7 @@ Download the compose file ```bash -wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-mysql-compose.yml +wget https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/docker-jans-monolith/jans-mysql-compose.yml ``` This docker compose file runs two containers, the janssen monolith container and mysql container. diff --git a/docs/admin/install/docker-install/quick-start.md b/docs/admin/install/docker-install/quick-start.md index 3da84807414..5a22ded6790 100644 --- a/docs/admin/install/docker-install/quick-start.md +++ b/docs/admin/install/docker-install/quick-start.md @@ -25,7 +25,7 @@ These environment variables can be set to customize installation as per the need Run this command to start the installation: ```bash -wget https://raw.githubusercontent.com/JanssenProject/jans/main/automation/startjanssenmonolithdemo.sh && chmod u+x startjanssenmonolithdemo.sh && sudo bash startjanssenmonolithdemo.sh demoexample.jans.io MYSQL +wget https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/automation/startjanssenmonolithdemo.sh && chmod u+x startjanssenmonolithdemo.sh && sudo bash startjanssenmonolithdemo.sh demoexample.jans.io MYSQL ``` Console messages like below confirms the successful installation: diff --git a/docs/admin/install/helm-install/local.md b/docs/admin/install/helm-install/local.md index bdc4d7d21f2..d5cd1d82fde 100644 --- a/docs/admin/install/helm-install/local.md +++ b/docs/admin/install/helm-install/local.md @@ -40,7 +40,7 @@ Start a fresh ubuntu `18.04` or `20.04` 4 CPU, 16 GB RAM, and 50GB SSD VM with p sudo su - ``` ```bash -wget https://raw.githubusercontent.com/JanssenProject/jans/main/automation/startjanssendemo.sh && chmod u+x startjanssendemo.sh && ./startjanssendemo.sh +wget https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/automation/startjanssendemo.sh && chmod u+x startjanssendemo.sh && ./startjanssendemo.sh ``` This will install docker, microk8s, helm and Janssen with the default settings that can be found inside [values.yaml](https://github.com/GluuFederation/flex/blob/flex/pygluu/kubernetes/templates/helm/gluu/values.yaml). diff --git a/docs/admin/install/vm-install/dynamic-download.md b/docs/admin/install/vm-install/dynamic-download.md index 5b1002aca2f..0d3234f58dd 100644 --- a/docs/admin/install/vm-install/dynamic-download.md +++ b/docs/admin/install/vm-install/dynamic-download.md @@ -26,7 +26,7 @@ System should meet [minimum VM system requirements](vm-requirements.md) 1. Download the installer ``` -curl https://raw.githubusercontent.com/JanssenProject/jans/main/jans-linux-setup/jans_setup/install.py > install.py +curl https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-linux-setup/jans_setup/install.py > install.py ``` 1. Execute Installer diff --git a/docs/admin/install/vm-install/rhel.md b/docs/admin/install/vm-install/rhel.md index 8e1cb6f2702..9a0336c1331 100644 --- a/docs/admin/install/vm-install/rhel.md +++ b/docs/admin/install/vm-install/rhel.md @@ -24,7 +24,7 @@ You can disbale SELinux temporarly by executing `setenforce 0`. To disable perma [Releases](https://github.com/JanssenProject/jans/releases) ``` -wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4-el8.x86_64.rpm -P ~/ +wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans-replace-janssen-image-version-el8.x86_64.rpm -P ~/ ``` - Verify integrity of the downloaded package using published `sha256sum`. @@ -32,13 +32,13 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4- Download `sha256sum` file for the package ```shell - wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4-el8.x86_64.rpm.sha256sum -P ~/ + wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans-replace-janssen-image-version-el8.x86_64.rpm.sha256sum -P ~/ ``` Check the hash if it is matching. ```shell - sha256sum -c jans-1.0.4-el8.x86_64.rpm.sha256sum + sha256sum -c jans-replace-janssen-image-version-el8.x86_64.rpm.sha256sum ``` Output similar to below should confirm the integrity of the downloaded package. @@ -50,7 +50,7 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4- - Install the package ``` -yum install ~/jans-1.0.4-el8.x86_64.rpm +yum install ~/jans-replace-janssen-image-version-el8.x86_64.rpm ``` ## Run the setup script diff --git a/docs/admin/install/vm-install/suse.md b/docs/admin/install/vm-install/suse.md index 9c12deb025f..236e4b2f0aa 100644 --- a/docs/admin/install/vm-install/suse.md +++ b/docs/admin/install/vm-install/suse.md @@ -19,11 +19,11 @@ Before you install, check the [VM system requirements](vm-requirements.md). ## Install the Package -- Download the release package from the Github Janssen Project +- Download the release package from the GitHub Janssen Project [Releases](https://github.com/JanssenProject/jans/releases) ``` -wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4-suse15.x86_64.rpm -P ~/ +wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans-replace-janssen-image-version-suse15.x86_64.rpm -P ~/ ``` - Verify integrity of the downloaded package using published `sha256sum`. @@ -31,13 +31,13 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4- Download `sha256sum` file for the package ```shell - wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4-suse15.x86_64.rpm.sha256sum -P ~/ + wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans-replace-janssen-image-version-suse15.x86_64.rpm.sha256sum -P ~/ ``` Check the hash if it is matching. ```shell - sha256sum -c jans-1.0.4-suse15.x86_64.rpm.sha256sum + sha256sum -c jans-replace-janssen-image-version-suse15.x86_64.rpm.sha256sum ``` Output similar to below should confirm the integrity of the downloaded package. @@ -49,7 +49,7 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans-1.0.4- - Install the package ``` -zypper install ~/jans-1.0.4-suse15.x86_64.rpm +zypper install ~/jans-replace-janssen-image-version-suse15.x86_64.rpm ``` ## Run the setup script diff --git a/docs/admin/install/vm-install/ubuntu.md b/docs/admin/install/vm-install/ubuntu.md index 68e9755a87f..2261078be97 100644 --- a/docs/admin/install/vm-install/ubuntu.md +++ b/docs/admin/install/vm-install/ubuntu.md @@ -19,7 +19,7 @@ Before you install, check the [VM system requirements](vm-requirements.md). [Releases](https://github.com/JanssenProject/jans/releases) ``` -wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans_1.0.4.ubuntu20.04_amd64.deb -P /tmp +wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans_replace-janssen-image-version.ubuntu20.04_amd64.deb -P /tmp ``` - Verify integrity of the downloaded package by verifying published `sha256sum`. @@ -27,13 +27,13 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans_1.0.4. Download `sha256sum` file for the package ```shell - wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans_1.0.4.ubuntu20.04_amd64.deb.sha256sum -P /tmp + wget https://github.com/JanssenProject/jans/releases/download/replace-janssen-version/jans_replace-janssen-image-version.ubuntu20.04_amd64.deb.sha256sum -P /tmp ``` Check the hash if it is matching. ```shell - sha256sum -c /tmp/jans_1.0.4.ubuntu20.04_amd64.deb.sha256sum + sha256sum -c /tmp/jans_replace-janssen-image-version.ubuntu20.04_amd64.deb.sha256sum ``` Output similar to below should confirm the integrity of the downloaded package. @@ -45,7 +45,7 @@ wget https://github.com/JanssenProject/jans/releases/download/v1.0.4/jans_1.0.4. - Install the package ``` -apt install -y /tmp/jans_1.0.4.ubuntu20.04_amd64.deb +apt install -y /tmp/jans_replace-janssen-image-version.ubuntu20.04_amd64.deb ``` ## Run the setup script @@ -136,7 +136,7 @@ The following packages will be REMOVED: After this operation, 1,257 MB disk space will be freed. Do you want to continue? [Y/n] y (Reading database ... 166839 files and directories currently installed.) -Removing jans (1.0.2~ubuntu20.04) ... +Removing jans (replace-janssen-image-version~ubuntu20.04) ... Checking to make sure service is down... ``` diff --git a/docs/admin/kubernetes-ops/backup-restore.md b/docs/admin/kubernetes-ops/backup-restore.md index 2a7dfec8e86..473a37b3281 100644 --- a/docs/admin/kubernetes-ops/backup-restore.md +++ b/docs/admin/kubernetes-ops/backup-restore.md @@ -38,7 +38,7 @@ kubectl get secret cn -n -o yaml > secret-backup.yaml helm list -n ``` -Keep note of the chart version. For example: `1.0.5` +Keep note of the chart version. For example: `replace-janssen-image-version` ### Manual Restore diff --git a/docs/admin/kubernetes-ops/cert-management.md b/docs/admin/kubernetes-ops/cert-management.md index 2456ca7aacb..52cb8964696 100644 --- a/docs/admin/kubernetes-ops/cert-management.md +++ b/docs/admin/kubernetes-ops/cert-management.md @@ -40,7 +40,7 @@ Rotating Certificates and Keys in Kubernetes setup restartPolicy: Never containers: - name: web-key-rotation - image: janssenproject/certmanager:1.0.5-1 + image: janssenproject/certmanager:replace-janssen-image-version-1 envFrom: - configMapRef: name: janssen-config-cm # This may be differnet in Helm @@ -92,7 +92,7 @@ Rotating Certificates and Keys in Kubernetes setup path: web_https.key containers: - name: load-web-key-rotation - image: janssenproject/certmanager:1.0.5-1 + image: janssenproject/certmanager:replace-janssen-image-version-1 envFrom: - configMapRef: name: janssen-config-cm #This may be differnet in Helm @@ -141,7 +141,7 @@ kubectl apply -f load-web-key-rotation.yaml -n spec: containers: - name: auth-key-rotation - image: janssenproject/certmanager:1.0.5-1 + image: janssenproject/certmanager:replace-janssen-image-version-1 resources: requests: memory: "300Mi" @@ -191,7 +191,7 @@ kubectl apply -f load-web-key-rotation.yaml -n restartPolicy: Never containers: - name: ldap-key-rotation - image: janssenproject/certmanager:1.0.5-1 + image: janssenproject/certmanager:replace-janssen-image-version-1 envFrom: - configMapRef: name: janssen-config-cm diff --git a/docs/admin/recipes/benchmark.md b/docs/admin/recipes/benchmark.md index 4ccd4969e08..2899a36a208 100644 --- a/docs/admin/recipes/benchmark.md +++ b/docs/admin/recipes/benchmark.md @@ -85,7 +85,7 @@ A Kubernetes cluster can be created with three nodes or more in one region and t 3. Make sure [helm](https://helm.sh/docs/intro/install/) is installed. -4. Prepare your [override.yaml](../install/helm-install/README.md). Copy the below into a file named override.yaml. At the time of writing this we are using image tags `1.0.6_dev` which are the bleeding edge images for release `1.0.6`. Stable images such as `1.0.6-1` should be used. +4. Prepare your [override.yaml](../install/helm-install/README.md). Copy the below into a file named override.yaml. At the time of writing this we are using image tags `replace-janssen-image-version_dev` which are the bleeding edge images for release `replace-janssen-image-version`. Stable images such as `replace-janssen-image-version-1` should be used. ```yaml config: @@ -178,7 +178,7 @@ Loading users requires a hefty but temporary amount of resources. By default, th ```bash mkdir add_users && cd add_users ``` -2. Copy the following [yaml](https://github.com/JanssenProject/jans/blob/main/demos/benchmarking/docker-jans-loadtesting-jmeter/yaml/load-users/load_users_rdbms_job.yaml) into the folder under the name `load_users.yaml`. +2. Copy the following [yaml](https://github.com/JanssenProject/jans/blob/replace-janssen-version/demos/benchmarking/docker-jans-loadtesting-jmeter/yaml/load-users/load_users_rdbms_job.yaml) into the folder under the name `load_users.yaml`. 3. Open the file and modify the sql connection parameters. To speed the loading process increase the CPU requests and limits. @@ -257,7 +257,7 @@ Create the client needed to run the test by executing the following. Make sure t } EOF ``` -3. Copy the following [yaml](https://github.com/JanssenProject/jans/blob/main/demos/benchmarking/docker-jans-loadtesting-jmeter/yaml/load-test/load_test_auth_code.yaml) into the folder. +3. Copy the following [yaml](https://github.com/JanssenProject/jans/blob/replace-janssen-version/demos/benchmarking/docker-jans-loadtesting-jmeter/yaml/load-test/load_test_auth_code.yaml) into the folder. 4. Download or build [config-cli-tui](../config-guide/tui.md) and run: diff --git a/docs/admin/reference/kubernetes/docker-jans-certmanager.md b/docs/admin/reference/kubernetes/docker-jans-certmanager.md index 7c1bc0eb6ed..dbcdc86abb1 100644 --- a/docs/admin/reference/kubernetes/docker-jans-certmanager.md +++ b/docs/admin/reference/kubernetes/docker-jans-certmanager.md @@ -235,7 +235,7 @@ spec: spec: containers: - name: auth-key-rotation - image: janssenproject/certmanager:1.0.4-1 + image: janssenproject/certmanager:replace-janssen-image-version-1 resources: requests: memory: "300Mi" diff --git a/docs/admin/reference/kubernetes/docker-jans-monolith.md b/docs/admin/reference/kubernetes/docker-jans-monolith.md index ac68c702e86..e1380164739 100644 --- a/docs/admin/reference/kubernetes/docker-jans-monolith.md +++ b/docs/admin/reference/kubernetes/docker-jans-monolith.md @@ -49,7 +49,7 @@ Download the compose file ```bash -wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-mysql-compose.yml +wget https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/docker-jans-monolith/jans-mysql-compose.yml ``` This docker compose file runs two containers, the janssen monolith container and mysql container. diff --git a/docs/admin/reference/openapi.md b/docs/admin/reference/openapi.md index 9196534e424..d0ad7107767 100644 --- a/docs/admin/reference/openapi.md +++ b/docs/admin/reference/openapi.md @@ -12,8 +12,8 @@ Follow the links below to access respective documentation. | Service | REST API | Java API | | --- |-------------------------------------------------------------------------------------------------------------------------------------------------------------------| --- | -| Jans Auth Server | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/main/jans-auth-server/docs/swagger.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-auth/main/)| -| Jans Config API | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/main/jans-config-api/docs/jans-config-api-swagger.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-config-api/main/) | +| Jans Auth Server | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-auth-server/docs/swagger.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-auth/main/)| +| Jans Config API | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-config-api/docs/jans-config-api-swagger.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-config-api/main/) | | Jans Core | NA | [Javadoc](https://jenkins.jans.io/javadocs/jans-core/main/)| -| Jans FIDO 2 | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/main/jans-fido2/docs/jansFido2Swagger.yaml) | | -| Jans SCIM API | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/main/jans-scim/server/src/main/resources/jans-scim-openapi.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-scim/main/) | \ No newline at end of file +| Jans FIDO 2 | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-fido2/docs/jansFido2Swagger.yaml) | | +| Jans SCIM API | [Swagger](https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-scim/server/src/main/resources/jans-scim-openapi.yaml) | [Javadoc](https://jenkins.jans.io/javadocs/jans-scim/main/) | \ No newline at end of file diff --git a/docs/agama-catalog/jans/inboundID/README.md b/docs/agama-catalog/jans/inboundID/README.md index ba6cfee7e65..32d56a718b5 100644 --- a/docs/agama-catalog/jans/inboundID/README.md +++ b/docs/agama-catalog/jans/inboundID/README.md @@ -42,7 +42,7 @@ To facilitate administrators' work, the following flows are already implemented: ### Main flow -The actual process of inbound identity occurs here. This flow is already [implemented](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/io.jans.inbound.ExternalSiteLogin) and ready to use. The following is a summary of the steps involved: +The actual process of inbound identity occurs here. This flow is already [implemented](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/io.jans.inbound.ExternalSiteLogin) and ready to use. The following is a summary of the steps involved: 1. A provider selection page is displayed. The list includes all (*enabled*) providers defined in the configuration of this flow. Additionally an option to use an existing local account is displayed (i.e. no inbound identity) @@ -75,7 +75,7 @@ To start, let's add the required libraries to the authentication server: The basic authentication flow is employed when no provider is picked from the list (step 1 [here](#main-flow)) but the option to use an existing local account is taken. This flow is detailed in the Agama sample flows [page](https://jans.io/docs/admin/developer/agama/samples/#basic-authentication), however those contents can be skipped for the purpose of this setup. -- Ensure Agama engine is [enabled](https://jans.io/docs/admin/developer/agama/quick-start/#enable-the-engine). Download the basic flow [source](https://github.com/JanssenProject/jans/raw/main/docs/admin/developer/agama/basic/io.jans.flow.sample.basic) file +- Ensure Agama engine is [enabled](https://jans.io/docs/admin/developer/agama/quick-start/#enable-the-engine). Download the basic flow [source](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/admin/developer/agama/basic/io.jans.flow.sample.basic) file - Use the API for adding flows as explained [here](https://jans.io/docs/admin/developer/agama/quick-start/#getting-an-access-token) and [here](https://jans.io/docs/admin/developer/agama/quick-start/#add-the-flow-to-the-server). A sample `curl` command would look like this: @@ -86,17 +86,17 @@ The basic authentication flow is employed when no provider is picked from the li ``` - In the server, navigate to `/opt/jans/jetty/jans-auth/agama/ftl`. Create the folder hierarchy `samples/basic` there -- Download the login [template](https://github.com/JanssenProject/jans/raw/main/docs/admin/developer/agama/basic/login.ftlh) to `basic` directory +- Download the login [template](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/admin/developer/agama/basic/login.ftlh) to `basic` directory ### Add the main inbound flow -- Download the flow [source](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/io.jans.inbound.ExternalSiteLogin) and add it as you did with the basic flow, ensure you use `io.jans.inbound.ExternalSiteLogin` this time +- Download the flow [source](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/io.jans.inbound.ExternalSiteLogin) and add it as you did with the basic flow, ensure you use `io.jans.inbound.ExternalSiteLogin` this time - In the server, navigate to `/opt/jans/jetty/jans-auth/agama`. Create folders named `inboundID` inside existing `ftl` and `fl` subdirectories -- Download the default [logo](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/none.png) and place it inside `/opt/jans/jetty/jans-auth/agama/fl/inboundID` folder +- Download the default [logo](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/none.png) and place it inside `/opt/jans/jetty/jans-auth/agama/fl/inboundID` folder -- Download the provider selector [template](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/login-chooser.ftlh) and place it inside `/opt/jans/jetty/jans-auth/agama/ftl/inboundID` folder. Note templates go under **ftl**, not **fl**. Do the same with the e-mail prompt [template](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/email-prompt.ftlh) +- Download the provider selector [template](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/login-chooser.ftlh) and place it inside `/opt/jans/jetty/jans-auth/agama/ftl/inboundID` folder. Note templates go under **ftl**, not **fl**. Do the same with the e-mail prompt [template](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/email-prompt.ftlh) ### Add a provider flow @@ -104,9 +104,9 @@ For simplicity, we'll illustrate here how to add one of the already implemented - Download the [utility flows](#utility-flows). Add them to the server as you did with the main flow -- Download the Facebook flow [code](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/facebook/io.jans.inbound.Facebook). Add it using the API as well +- Download the Facebook flow [code](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/facebook/io.jans.inbound.Facebook). Add it using the API as well -- Download the [logo](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/facebook/facebook.png) image and place it in `/opt/jans/jetty/jans-auth/agama/fl/inboundID` +- Download the [logo](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/facebook/facebook.png) image and place it in `/opt/jans/jetty/jans-auth/agama/fl/inboundID` - Login to Facebook and [register](https://developers.facebook.com/docs/development/register) as developer. Create an application with *Facebook login* capabilities. In the *Facebook login* settings add `https:///jans-auth/fl/callback` as a valid OAuth redirect URI. Finally grab the app Id and secret from the app settings page @@ -180,7 +180,7 @@ Launch the main flow (learn about this topic [here](https://jans.io/docs/admin/d ### Main flow configurations -Configuration is supplied in a JSON object whose keys are the identifiers of the existing identity providers. The associated value for a key is a JSON object itself and follows the structure represented by [this](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/agama/inboundID/src/main/java/io/jans/inbound/Provider.java) Java class. +Configuration is supplied in a JSON object whose keys are the identifiers of the existing identity providers. The associated value for a key is a JSON object itself and follows the structure represented by [this](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/agama/inboundID/src/main/java/io/jans/inbound/Provider.java) Java class. This is an example of a configuration for a couple of identity providers: diff --git a/docs/agama-catalog/jans/inboundID/apple/README.md b/docs/agama-catalog/jans/inboundID/apple/README.md index 3f49fb1dc22..e7b7c8a921f 100644 --- a/docs/agama-catalog/jans/inboundID/apple/README.md +++ b/docs/agama-catalog/jans/inboundID/apple/README.md @@ -12,7 +12,7 @@ Please follow the [inbound identity guide](../README.md) **entirely** before pro ## Flow and assets -Find this flow source code [here](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/apple/io.jans.inbound.Apple). Copy the [logo](https://github.com/JanssenProject/jans/raw/main/docs/script-catalog/agama/inboundID/apple/apple.png) to your server at `/opt/jans/jetty/jans-auth/agama/fl/inboundID` directory, if desired. +Find this flow source code [here](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/apple/io.jans.inbound.Apple). Copy the [logo](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/script-catalog/agama/inboundID/apple/apple.png) to your server at `/opt/jans/jetty/jans-auth/agama/fl/inboundID` directory, if desired. ## Supply configurations diff --git a/docs/developer/developer-faq.md b/docs/developer/developer-faq.md index bb3f314f446..5ca945f2ea9 100644 --- a/docs/developer/developer-faq.md +++ b/docs/developer/developer-faq.md @@ -35,7 +35,7 @@ This installation uses Gluu Testing certificate. ### Download Installer ``` -wget https://raw.githubusercontent.com/JanssenProject/jans/main/jans-linux-setup/jans_setup/install.py -O install.py +wget https://raw.githubusercontent.com/JanssenProject/jans/replace-janssen-version/jans-linux-setup/jans_setup/install.py -O install.py ``` ### Execute Installer diff --git a/docs/script-catalog/client_registration/OpenBanking/Registration.py b/docs/script-catalog/client_registration/OpenBanking/Registration.py index 6da6b3f0b8e..b9b437586e5 100644 --- a/docs/script-catalog/client_registration/OpenBanking/Registration.py +++ b/docs/script-catalog/client_registration/OpenBanking/Registration.py @@ -141,7 +141,7 @@ def destroy(self, configurationAttributes): print "Client registration. Destroyed successfully" return True - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def createClient(self, context): print "Client registration. CreateClient method" client = context.getClient() @@ -207,7 +207,7 @@ def validateDCR(self, registerRequest, client, configurationAttributes): - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def updateClient(self, context): print "Client registration. UpdateClient method" return True @@ -219,7 +219,7 @@ def getSoftwareStatementHmacSecret(self, context): return "" # cert - java.security.cert.X509Certificate - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def isCertValidForClient(self, cert, context): return False diff --git a/docs/script-catalog/client_registration/OpenBanking/client-registration.md b/docs/script-catalog/client_registration/OpenBanking/client-registration.md index 52360c1f704..a7e9f38cf59 100644 --- a/docs/script-catalog/client_registration/OpenBanking/client-registration.md +++ b/docs/script-catalog/client_registration/OpenBanking/client-registration.md @@ -5,7 +5,7 @@ The Janssen Authorization Server uses **interception scripts** to enable you to ## Configuration Prerequisites - A Janssen Authorization Server installation -- [Client Registration script](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/openbanking/static/extension/client_registration/Registration.py) - included in the default Janssen OpenBanking distribution +- [Client Registration script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-linux-setup/jans_setup/openbanking/static/extension/client_registration/Registration.py) - included in the default Janssen OpenBanking distribution - Setting configuration parameters - Setting third party library (Jose4j) in classpath diff --git a/docs/script-catalog/client_registration/sample-script/SampleScript.py b/docs/script-catalog/client_registration/sample-script/SampleScript.py index c2cfd96d77a..c83da6949a4 100644 --- a/docs/script-catalog/client_registration/sample-script/SampleScript.py +++ b/docs/script-catalog/client_registration/sample-script/SampleScript.py @@ -30,7 +30,7 @@ def destroy(self, configurationAttributes): return True # Update client entry before persistent it - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def createClient(self, context): print "Client registration. CreateClient method" registerRequest = context.getRegisterRequest() @@ -62,7 +62,7 @@ def createClient(self, context): return True # Update client entry before persistent it - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def updateClient(self, context): print "Client registration. UpdateClient method" return True @@ -106,7 +106,7 @@ def getSoftwareStatementJwks(self, context): return "" # cert - java.security.cert.X509Certificate - # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/e083818272ac48813eca8525e94f7bd73a7a9f1b/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 + # context refers to io.jans.as.server.service.external.context.DynamicClientRegistrationContext - see https://github.com/JanssenProject/jans-auth-server/blob/replace-janssen-version/server/src/main/java/io/jans/as/server/service/external/context/DynamicClientRegistrationContext.java#L24 def isCertValidForClient(self, cert, context): return False diff --git a/docs/script-catalog/idp/sample-script/SampleScript.py b/docs/script-catalog/idp/sample-script/SampleScript.py index cc313bc254e..c957b9535e5 100644 --- a/docs/script-catalog/idp/sample-script/SampleScript.py +++ b/docs/script-catalog/idp/sample-script/SampleScript.py @@ -94,7 +94,7 @@ def translateAttributes(self, context, configurationAttributes): return False # Update attributes before releasing them - # context is io.jans.idp.consent.processor.PostProcessAttributesContext (https://github.com/JanssenFederation/shib-oxauth-authn3/blob/master/src/main/java/io.jans.idp/consent/processor/PostProcessAttributesContext.java) + # context is io.jans.idp.consent.processor.PostProcessAttributesContext (https://github.com/JanssenProject/shib-oxauth-authn3/blob/replace-janssen-version/src/main/java/io.jans.idp/consent/processor/PostProcessAttributesContext.java) # configurationAttributes is java.util.Map def updateAttributes(self, context, configurationAttributes): print "Idp extension. Method: updateAttributes" diff --git a/docs/script-catalog/person_authentication/apple-external-authenticator/README.md b/docs/script-catalog/person_authentication/apple-external-authenticator/README.md index eb6711611b5..0425184d764 100644 --- a/docs/script-catalog/person_authentication/apple-external-authenticator/README.md +++ b/docs/script-catalog/person_authentication/apple-external-authenticator/README.md @@ -34,7 +34,7 @@ The custom script has the following properties: |`apple_client_id` |Name of Service ID on developer.apple.com. | `com.company.name`| |`apple_jwks` | Apple’s public JWK to validate Apple Identity Token | `https://appleid.apple.com/auth/keys`| -To update this setting in Jans persistence, follow this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) +To update this setting in Jans persistence, follow this [link](https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) ### Enable Sign-in with Apple Authentication script By default, users will get the default authentication mechanism as specified above. However, using the OpenID Connect acr_values parameter, web and mobile clients can request any enabled authentication mechanism. @@ -50,7 +50,7 @@ Now Sign-in with Apple is an available authentication mechanism for your Janssen ### Make Sign-in with Apple Script as default authentication script: -Use this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-default-authentication-method.md) as a reference. +Use this [link](https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/docs/cli/cli-default-authentication-method.md) as a reference. Steps: 1. Create a file say `apple-auth-default.json` with the following contents diff --git a/docs/script-catalog/person_authentication/duo-external-authenticator/README.md b/docs/script-catalog/person_authentication/duo-external-authenticator/README.md index 9945bb54c9e..cf32e687b8e 100644 --- a/docs/script-catalog/person_authentication/duo-external-authenticator/README.md +++ b/docs/script-catalog/person_authentication/duo-external-authenticator/README.md @@ -2,7 +2,7 @@ ## Integrating DUO's Universal Prompt as an authentication method in Janssen server -[Duo Security](https://duosecurity.com) is a SaaS authentication provider. This document will explain how to use Janssen's [Duo interception script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/person_authentication/duo-external-authenticator/DuoExternalAuthenticator.py) to configure the Janssen Server for a two-step authentication process with username and password as the first step, and Duo as the second step. The script invokes the Universal Prompt which is a redesign of Duo’s traditional authentication prompt. +[Duo Security](https://duosecurity.com) is a SaaS authentication provider. This document will explain how to use Janssen's [Duo interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/person_authentication/duo-external-authenticator/DuoExternalAuthenticator.py) to configure the Janssen Server for a two-step authentication process with username and password as the first step, and Duo as the second step. The script invokes the Universal Prompt which is a redesign of Duo’s traditional authentication prompt. ## Authentication flow ```mermaid @@ -29,7 +29,7 @@ Jans AS->>RP: 10. write Jans session cookie ``` ## Administrator prerequisites -- [Duo interception script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/person_authentication/duo-external-authenticator/DuoExternalAuthenticator.py) (included in the default Janssen Server distribution); +- [Duo interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/person_authentication/duo-external-authenticator/DuoExternalAuthenticator.py) (included in the default Janssen Server distribution); - An account with [Duo Security](https://duo.com/). ## User prerequisites @@ -143,7 +143,7 @@ Now Duo is an available authentication mechanism for your Janssen Server. This m To make sure Duo has been enabled successfully, you can check your Janssen Server's OpenID Connect configuration by navigating to the following URL: `https:///.well-known/openid-configuration`. Find `"acr_values_supported":` and you should see `"duo"`. ## Make Duo the Default Authentication Mechanism -For CURL commands, use this [link](https://github.com/JanssenProject/jans/blob/main/docs/admin/config-guide/curl.md#2-enable-an-authentication-script) as a reference. +For CURL commands, use this [link](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/admin/config-guide/curl.md#2-enable-an-authentication-script) as a reference. Steps: 1. Create a file say `duo-auth-default.json` with the following contents diff --git a/docs/script-catalog/person_authentication/fido2-external-authenticator/README.md b/docs/script-catalog/person_authentication/fido2-external-authenticator/README.md index 6b8836e0c72..baf5907f960 100644 --- a/docs/script-catalog/person_authentication/fido2-external-authenticator/README.md +++ b/docs/script-catalog/person_authentication/fido2-external-authenticator/README.md @@ -6,12 +6,12 @@ FIDO2 is comprised of the [W3C’s Web Authentication specification (WebAuthn)](https://www.w3.org/TR/webauthn/) and FIDO’s corresponding [Client-to-Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-ps-20170927/fido-client-to-authenticator-protocol-v2.0-ps-20170927.html). WebAuthn defines a standard web API that can be built into browsers and related web platform infrastructure to enable online services to use FIDO Authentication. CTAP enables external devices such as mobile handsets or FIDO Security Keys to work with WebAuthn and serve as authenticators to desktop applications and web services. This document explains how to use the Janssen Auth Server's built-in -[FIDO2 interception script](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/extension/person_authentication/Fido2ExternalAuthenticator.py) +[FIDO2 interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-linux-setup/jans_setup/static/extension/person_authentication/Fido2ExternalAuthenticator.py) to implement a two-step, two-factor authentication (2FA) with username / password as the first step, and any FIDO2 device as the second step. ## Prerequisites - A Janssen Server ([installation instructions](https://github.com/JanssenProject/jans#installation)) -- [FIDO2 interception script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/person_authentication/fido2-external-authenticator/Fido2ExternalAuthenticator.py) (included in the default Janssen Server distribution); +- [FIDO2 interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/person_authentication/fido2-external-authenticator/Fido2ExternalAuthenticator.py) (included in the default Janssen Server distribution); - At least one FIDO2 device for testing, like one of the devices [listed below](#fido2-devices). ### FIDO2 devices @@ -41,7 +41,7 @@ By default, users will get the default authentication mechanism as specified abo e.g : `/opt/jans/jans-cli/config-cli.py --operation-id get-config-scripts-by-type --url-suffix type:PERSON_AUTHENTICATION` , `/opt/jans/jans-cli/config-cli.py --operation-id get-config-scripts-by-inum --url-suffix inum:6122281b-b55d-4dd0-8115-b098eeeee2b7` -2. [Update the custom script](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) and change the `enabled` attribute to `true` +2. [Update the custom script](https://github.com/JanssenProject/jans-cli/blob/replace-janssen-version/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) and change the `enabled` attribute to `true` Now FIDO2 is an available authentication mechanism for your Janssen Server. This means that, using OpenID Connect `acr_values`, applications can now request FIDO2 authentication for users. @@ -51,7 +51,7 @@ Now FIDO2 is an available authentication mechanism for your Janssen Server. This Find `"acr_values_supported":` and you should see `"fido2"`. ## Enable FIDO2 Script as default authentication script: -Use this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-default-authentication-method.md) as a reference. +Use this [link](https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/docs/cli/cli-default-authentication-method.md) as a reference. Follow the steps below to enable FIDO2 authentication: 1. Create a file say `fido2-auth-default.json` with the following contents ``` @@ -81,9 +81,9 @@ https:///jans-auth/authorize.htm?response_type=code&redirect_u ## FIDO2 login page Below is an illustration of the Janssen Server's default FIDO2 login page: -![fido2](https://github.com/JanssenProject/jans/raw/main/docs/assets/image_fido2.png) +![fido2](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/assets/image_fido2.png) -The design is being rendered from the [FIDO2 xhtml page](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/webapp/auth/fido2/login.xhtml). To customize the look and feel of this page, follow the [customization guide](https://jans.io/docs/admin/developer/customization/customize-web-pages/). +The design is being rendered from the [FIDO2 xhtml page](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/server/src/main/webapp/auth/fido2/login.xhtml). To customize the look and feel of this page, follow the [customization guide](https://jans.io/docs/admin/developer/customization/customize-web-pages/). ## Using FIDO2 tokens @@ -96,7 +96,7 @@ All subsequent FIDO2 authentications for that user account will require the enro ### FIDO2 credential management A user's FIDO2 devices can be removed by a Janssen administrator in LDAP under the user entry as shown in the below screenshot. -![fido2](https://github.com/JanssenProject/jans/raw/main/docs/assets/image-fido2-ldap-structure.png) +![fido2](https://github.com/JanssenProject/jans/raw/replace-janssen-version/docs/assets/image-fido2-ldap-structure.png) Diagram source in mermaid.live ``` graph TD diff --git a/docs/script-catalog/person_authentication/google-external-authenticator/README.md b/docs/script-catalog/person_authentication/google-external-authenticator/README.md index daae4d9a94c..88d80ab0551 100644 --- a/docs/script-catalog/person_authentication/google-external-authenticator/README.md +++ b/docs/script-catalog/person_authentication/google-external-authenticator/README.md @@ -10,8 +10,8 @@ An out-of-the-box feature, the Google Authentication script is a `PersonAuthenti ## Prerequisites -- A Jans-auth Server (installation instructions [here](https://github.com/JanssenProject/jans/tree/main/jans-linux-setup#readme)) -- The [Google authentication script](https://github.com/JanssenProject/jans/tree/main/jans-linux-setup/jans_setup/static/extension/person_authentication/GoogleExternalAuthenticator.py) (included in the default Jans-auth Server distribution); +- A Jans-auth Server (installation instructions [here](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-linux-setup#readme)) +- The [Google authentication script](https://github.com/JanssenProject/jans/tree/replace-janssen-version/jans-linux-setup/jans_setup/static/extension/person_authentication/GoogleExternalAuthenticator.py) (included in the default Jans-auth Server distribution); - A [Google account](https://accounts.google.com/). - Google API jars namely [google-api-client](https://repo1.maven.org/maven2/com/google/api-client/google-api-client/1.33.2/google-api-client-1.33.2.jar), [google-oauth-client](https://repo1.maven.org/maven2/com/google/oauth-client/google-oauth-client/1.33.1/google-oauth-client-1.33.1.jar) and [google-http-client-jackson2](https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson2/1.41.5/google-http-client-jackson2-1.41.5.jar) added to jans-auth-server @@ -60,7 +60,7 @@ The custom script has the following properties: |-----------------------|-------------------------------|---------------| |`google_creds_file` |Details of the client created on https://console.cloud.google.com/apis/credentials. See [this](https://github.com/maduvena/jans-docs/wiki/Google-Authentication-Script/_edit#download-google-client-json-file) step. | `/etc/certs/google_client_secret.json`| -To update this setting in Jans persistence, follow this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) +To update this setting in Jans persistence, follow this [link](https://github.com/JanssenProject/jans-cli/blob/replace-janssen-version/docs/cli/cli-custom-scripts.md#update-an-existing-custom-script) ### Enable Sign-in with Google Authentication script By default, users will get the default authentication mechanism as specified above. However, using the OpenID Connect acr_values parameter, web and mobile clients can request any enabled authentication mechanism. @@ -76,7 +76,7 @@ Now Google is an available authentication mechanism for your Janssen Server. Thi ### Make Sign-in with Google Script as default authentication script: -Use this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-default-authentication-method.md) as a reference. +Use this [link](https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/docs/cli/cli-default-authentication-method.md) as a reference. Steps: 1. Create a file say `google-auth-default.json` with the following contents diff --git a/docs/script-catalog/person_authentication/other/obconnect/README.me b/docs/script-catalog/person_authentication/other/obconnect/README.me index e4a43898728..02683163921 100644 --- a/docs/script-catalog/person_authentication/other/obconnect/README.me +++ b/docs/script-catalog/person_authentication/other/obconnect/README.me @@ -74,4 +74,4 @@ The mandatory properties in the obconnect authentication script are as follows Now applications can request obconnect's authentication and consent flow. To make obconnect your default authentication mechanism, follow these instructions in this document set the default authentication mechanism to "obconnect" -https://github.com/JanssenProject/jans-cli/blob/main/README.md \ No newline at end of file +https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/README.md \ No newline at end of file diff --git a/docs/script-catalog/person_authentication/other/obconnect/documentation/README.txt b/docs/script-catalog/person_authentication/other/obconnect/documentation/README.txt index e4a43898728..02683163921 100644 --- a/docs/script-catalog/person_authentication/other/obconnect/documentation/README.txt +++ b/docs/script-catalog/person_authentication/other/obconnect/documentation/README.txt @@ -74,4 +74,4 @@ The mandatory properties in the obconnect authentication script are as follows Now applications can request obconnect's authentication and consent flow. To make obconnect your default authentication mechanism, follow these instructions in this document set the default authentication mechanism to "obconnect" -https://github.com/JanssenProject/jans-cli/blob/main/README.md \ No newline at end of file +https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/README.md \ No newline at end of file diff --git a/docs/script-catalog/person_authentication/other/uaf/Properties description.md b/docs/script-catalog/person_authentication/other/uaf/Properties description.md index b1e0cf25d66..90e07120f68 100644 --- a/docs/script-catalog/person_authentication/other/uaf/Properties description.md +++ b/docs/script-catalog/person_authentication/other/uaf/Properties description.md @@ -1,4 +1,4 @@ -Script contents [here](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/extension/person_authentication/other/uaf/UafExternalAuthenticator.py) +Script contents [here](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-linux-setup/jans_setup/static/extension/person_authentication/other/uaf/UafExternalAuthenticator.py) This is a person authentication script for jans-auth-server that enables [UAF](https://www.noknok.com) for user authentication. diff --git a/docs/script-catalog/person_authentication/other/uaf/README.md b/docs/script-catalog/person_authentication/other/uaf/README.md index b1e0cf25d66..90e07120f68 100644 --- a/docs/script-catalog/person_authentication/other/uaf/README.md +++ b/docs/script-catalog/person_authentication/other/uaf/README.md @@ -1,4 +1,4 @@ -Script contents [here](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/extension/person_authentication/other/uaf/UafExternalAuthenticator.py) +Script contents [here](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-linux-setup/jans_setup/static/extension/person_authentication/other/uaf/UafExternalAuthenticator.py) This is a person authentication script for jans-auth-server that enables [UAF](https://www.noknok.com) for user authentication. diff --git a/docs/script-catalog/person_authentication/super-gluu-external-authenticator/README.md b/docs/script-catalog/person_authentication/super-gluu-external-authenticator/README.md index 6f3b3b701c2..e08f24251d0 100644 --- a/docs/script-catalog/person_authentication/super-gluu-external-authenticator/README.md +++ b/docs/script-catalog/person_authentication/super-gluu-external-authenticator/README.md @@ -12,7 +12,7 @@ User and Developer Guides can be found on the [Super Gluu docs site](https://glu ### Prerequisites - An Internet accessible (non-internal or localhost) Janssen Server with DNS pointing at the public Internet address of the server -- [Super Gluu interception script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/person_authentication/super-gluu-external-authenticator/SuperGluuExternalAuthenticator.py) (included in the default Janssen Server distribution) +- [Super Gluu interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/person_authentication/super-gluu-external-authenticator/SuperGluuExternalAuthenticator.py) (included in the default Janssen Server distribution) - An Android or iOS device with Super Gluu installed - [Super Gluu for iOS](https://itunes.apple.com/us/app/super-gluu/id1093479646?mt=8) @@ -24,7 +24,7 @@ User and Developer Guides can be found on the [Super Gluu docs site](https://glu The Janssen Server and Super Gluu can work in the same network, without a DNS server hostname and with a self-signed certificate. There is only one limitation: both components should belong to the same network. Instead of assigning a hostname during Janssen Server installation, an IP address can be specified. In the Super Gluu mobile app, enable `Trust all (SSL)`. ### Authentication Workflows -The authentication workflow for Super Gluu is defined in the [Super Gluu interception script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/person_authentication/super-gluu-external-authenticator/SuperGluuExternalAuthenticator.py) (included in the default Janssen Server distribution). +The authentication workflow for Super Gluu is defined in the [Super Gluu interception script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/person_authentication/super-gluu-external-authenticator/SuperGluuExternalAuthenticator.py) (included in the default Janssen Server distribution). ### A. Default Two step flow: #### Enrollment: By default, users are put through a two-step, two-factor authentication process with username and password first, and then push notification via Super Gluu second. @@ -181,7 +181,7 @@ Now Sign-in with Super-Gluu is an available authentication mechanism for your Ja ### Make Sign-in with Super-Gluu Script as default authentication script: -Use this [link](https://github.com/JanssenProject/jans-cli/blob/main/docs/cli/cli-default-authentication-method.md) as a reference. +Use this [link](https://github.com/JanssenProject/jans-cli-tui/blob/replace-janssen-version/docs/cli/cli-default-authentication-method.md) as a reference. Steps: 1. Create a file say `sg-auth-default.json` with the following contents @@ -205,9 +205,9 @@ https:///jans-auth/authorize.htm?response_type=code&redirect_u ### Customizations to Super Gluu Login Pages -The Gluu Server includes a [default public-facing pages for Super Gluu ](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/webapp/auth/super-gluu/login.xhtml) for enrollment and authentication. +The Gluu Server includes a [default public-facing pages for Super Gluu ](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/server/src/main/webapp/auth/super-gluu/login.xhtml) for enrollment and authentication. -To customize the look and feel of the pages, follow the [customization guide](https://github.com/JanssenProject/jans/blob/main/docs/admin/developer/customization/customize-web-pages.md). +To customize the look and feel of the pages, follow the [customization guide](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/admin/developer/customization/customize-web-pages.md). ### Self-service To offer end-users a portal where they can manage their own account security preferences, including two-factor authentication credentials like Super Gluu, check out our new app, [Gluu Casa](https://casa.gluu.org). diff --git a/docs/script-catalog/update_token/README.md b/docs/script-catalog/update_token/README.md index 229d9d703d0..43c9fa389ee 100644 --- a/docs/script-catalog/update_token/README.md +++ b/docs/script-catalog/update_token/README.md @@ -1,5 +1,5 @@ ## Overview -By overriding the interface methods in [`UpdateTokenType`](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/token/UpdateTokenType.java) inside a custom script you can +By overriding the interface methods in [`UpdateTokenType`](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/script/src/main/java/io/jans/model/custom/script/type/token/UpdateTokenType.java) inside a custom script you can 1. Enable transformation of claims and values in id_token and Access token e.g. add a custom claim to an `id_token`, change a token expiry, change the `sub` value, or remove the `nonce`.
Example use-case: @@ -35,7 +35,7 @@ Jans AS->>RP: return token(s) (Access token, ID token or Refresh Token) reflecti * Configure any parameters that the script may use. * `name` field should reflect the use case * `script_type` should be `UPDATE_TOKEN` - * `script.py` can have contents similar to [Sample Script](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/update_token/sample-script/sample_script.py)) and is present in jans-cli's host machine. + * `script.py` can have contents similar to [Sample Script](https://github.com/JanssenProject/jans/blob/replace-janssen-version/docs/script-catalog/update_token/sample-script/sample_script.py)) and is present in jans-cli's host machine. ``` @@ -149,7 +149,7 @@ Pseudocode and example : #### a. Granularity of access control: An UpdateTokenType script is great for adding scopes or removing scopes to/from the Access token. By doing so you can tailor build the granularity of access control according to business need. -[`context.overwriteAccessTokenScopes`](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/ExternalUpdateTokenContext.java) is ready to use method of the `context` variable +[`context.overwriteAccessTokenScopes`](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/server/src/main/java/io/jans/as/server/service/external/context/ExternalUpdateTokenContext.java) is ready to use method of the `context` variable ``` def modifyAccessToken(self, accessToken, context): @@ -225,7 +225,7 @@ Used to modify claims in a Refresh Token ``` ## IntrospectionType script vs UpdateTokenType script -| | [`IntrospectionType`](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/introspection/IntrospectionType.java)| [`UpdateTokenType`](https://github.com/JanssenProject/jans/blob/main/jans-core/script/src/main/java/io/jans/model/custom/script/type/token/UpdateTokenType.java) | +| | [`IntrospectionType`](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/script/src/main/java/io/jans/model/custom/script/type/introspection/IntrospectionType.java)| [`UpdateTokenType`](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-core/script/src/main/java/io/jans/model/custom/script/type/token/UpdateTokenType.java) | |---|---|---| | Client configuration parameter |Introspection script is invoked only when **`accessTokenAsJwt`=`true`** | Update token script is invoked irrespective of whether `accessTokenAsJwt` is `true` or `false` | | Core Purpose | Used to return access token meta information like current validity, approved scopes, and information about the context in which the token was issued when a Resource Server which queries the [Introspection endpoint](https://datatracker.ietf.org/doc/html/rfc7662) | used to enable transformation of claims and values in id_token and Access token, set a specific token lifetime, change granularity of access control (up-scoping, down-scoping), audit logging for each token response, forbid the creation of AT based on a criteria. | @@ -235,7 +235,7 @@ Used to modify claims in a Refresh Token ## Testing -1. Use this: [Reference for testing](https://github.com/JanssenProject/jans/blob/main/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java) +1. Use this: [Reference for testing](https://github.com/JanssenProject/jans/blob/replace-janssen-version/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java) 2. Inspect the tokens. Use [jwt.io](https://jwt.io) to inspect the contents of a JWT. ## FAQ