feat: changes in admin-ui plugin to allow agama-developer-studio to u…

…se its OAuth2 apis #3085 (#3298)

* feat: changes in admin-ui plugin to allow agama-developer-studio to use its OAuth2 apis #3085

* feat: changes in admin-ui plugin to allow agama-developer-studio to use its OAuth2 apis #3085

jans-auth-server/model/src/main/java/io/jans/as/model/config/adminui/AdminConf.java

@@ -17,7 +17,7 @@
  * @version 0.9, 03/01/2013
  */
 @DataEntry
-@ObjectClass(value = "jansAdminConfDyn")
+@ObjectClass(value = "jansAppConf")
 public class AdminConf {
     @DN
     private String dn;
@@ -26,6 +26,10 @@ public class AdminConf {
     @AttributeName(name = "jansConfDyn")
     private DynamicConfig dynamic;
 
+    @JsonObject
+    @AttributeName(name = "jansConfApp")
+    private MainSettings mainSettings;
+
     @AttributeName(name = "jansRevision")
     private long revision;
 
@@ -53,6 +57,13 @@ public void setDynamic(DynamicConfig dynamic) {
         this.dynamic = dynamic;
     }
 
+    public MainSettings getMainSettings() {
+        return mainSettings;
+    }
+
+    public void setMainSettings(MainSettings mainSettings) {
+        this.mainSettings = mainSettings;
+    }
     @Override
     public String toString() {
         final StringBuilder sb = new StringBuilder();

jans-auth-server/model/src/main/java/io/jans/as/model/config/adminui/MainSettings.java

@@ -0,0 +1,18 @@
+package io.jans.as.model.config.adminui;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class MainSettings {
+
+    private OIDCSettings oidcConfig;
+
+    public OIDCSettings getOidcConfig() {
+        return oidcConfig;
+    }
+
+    public void setOidcConfig(OIDCSettings oidcConfig) {
+        this.oidcConfig = oidcConfig;
+    }
+}

jans-auth-server/model/src/main/java/io/jans/as/model/config/adminui/OIDCClientSettings.java

@@ -0,0 +1,99 @@
+package io.jans.as.model.config.adminui;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.List;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class OIDCClientSettings {
+
+    private String opHost;
+    private String clientId;
+    private String clientSecret;
+    private String tokenEndpoint;
+    private String redirectUri;
+    private String postLogoutUri;
+    private String frontchannelLogoutUri;
+    private List<String> scopes;
+    private List<String> acrValues;
+
+    public OIDCClientSettings() {
+        //Do not remove
+    }
+
+    public OIDCClientSettings(String opHost, String clientId, String clientSecret) {
+
+        this.opHost = opHost;
+        this.clientId = clientId;
+        this.clientSecret = clientSecret;
+    }
+
+    public OIDCClientSettings(String opHost, String clientId, String clientSecret, String tokenEndpoint) {
+
+        this.opHost = opHost;
+        this.clientId = clientId;
+        this.clientSecret = clientSecret;
+        this.tokenEndpoint = tokenEndpoint;
+    }
+
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
+    public String getOpHost() {
+        return opHost;
+    }
+
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
+    public String getClientId() {
+        return clientId;
+    }
+
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
+    public String getClientSecret() {
+        return clientSecret;
+    }
+
+    public String getTokenEndpoint() {
+        return tokenEndpoint;
+    }
+
+    public String getRedirectUri() {
+        return redirectUri;
+    }
+
+    public void setRedirectUri(String redirectUri) {
+        this.redirectUri = redirectUri;
+    }
+
+    public String getPostLogoutUri() {
+        return postLogoutUri;
+    }
+
+    public void setPostLogoutUri(String postLogoutUri) {
+        this.postLogoutUri = postLogoutUri;
+    }
+
+    public List<String> getScopes() {
+        return scopes;
+    }
+
+    public void setScopes(List<String> scopes) {
+        this.scopes = scopes;
+    }
+
+    public List<String> getAcrValues() {
+        return acrValues;
+    }
+
+    public void setAcrValues(List<String> acrValues) {
+        this.acrValues = acrValues;
+    }
+
+    public String getFrontchannelLogoutUri() {
+        return frontchannelLogoutUri;
+    }
+
+    public void setFrontchannelLogoutUri(String frontchannelLogoutUri) {
+        this.frontchannelLogoutUri = frontchannelLogoutUri;
+    }
+}

jans-auth-server/model/src/main/java/io/jans/as/model/config/adminui/OIDCSettings.java

@@ -0,0 +1,28 @@
+package io.jans.as.model.config.adminui;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.List;
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class OIDCSettings {
+
+    private OIDCClientSettings authServerClient;
+    private OIDCClientSettings tokenServerClient;
+
+    public OIDCClientSettings getAuthServerClient() {
+        return authServerClient;
+    }
+
+    public void setAuthServerClient(OIDCClientSettings authServerClient) {
+        this.authServerClient = authServerClient;
+    }
+
+    public OIDCClientSettings getTokenServerClient() {
+        return tokenServerClient;
+    }
+
+    public void setTokenServerClient(OIDCClientSettings tokenServerClient) {
+        this.tokenServerClient = tokenServerClient;
+    }
+}

jans-config-api/plugins/admin-ui-plugin/pom.xml

@@ -16,6 +16,11 @@
             <groupId>io.jans</groupId>
             <artifactId>jans-config-api-shared</artifactId>
             <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.jans</groupId>
+            <artifactId>jans-config-api-server</artifactId>
+            <scope>compile</scope>
         </dependency>
 		<dependency>
 			<groupId>io.jans</groupId>

jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/AUIConfiguration.java

@@ -2,6 +2,7 @@
 
 public class AUIConfiguration {
 
+    private String appType;
     //auth server
     private String authServerHost;
     private String authServerClientId;
@@ -30,6 +31,13 @@ public class AUIConfiguration {
     private String tokenServerUserInfoEndpoint;
     private String tokenServerEndSessionEndpoint;
 
+    public String getAppType() {
+        return appType;
+    }
+
+    public void setAppType(String appType) {
+        this.appType = appType;
+    }
     // LicenseSpring
     private LicenseConfiguration licenseConfiguration;
 

jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/auth/OAuth2Resource.java

@@ -23,13 +23,13 @@
 import jakarta.ws.rs.core.Response;
 
 @Hidden
-@Path("/admin-ui/oauth2")
+@Path("/app")
 public class OAuth2Resource {
-
-    static final String OAUTH2_CONFIG = "/config";
-    static final String OAUTH2_ACCESS_TOKEN = "/access-token";
-    static final String OAUTH2_API_PROTECTION_TOKEN = "/api-protection-token";
-    static final String OAUTH2_API_USER_INFO = "/user-info";
+    //appType: admin-ui, ads
+    static final String OAUTH2_CONFIG = "/{appType}/oauth2/config";
+    static final String OAUTH2_ACCESS_TOKEN = "/{appType}/oauth2/access-token";
+    static final String OAUTH2_API_PROTECTION_TOKEN = "/{appType}/oauth2/api-protection-token";
+    static final String OAUTH2_API_USER_INFO = "/{appType}/oauth2/user-info";
 
     public static final String SCOPE_OPENID = "openid";
 
@@ -46,9 +46,9 @@ public class OAuth2Resource {
     @Path(OAUTH2_CONFIG)
     @Produces(MediaType.APPLICATION_JSON)
     @ProtectedApi(scopes = {SCOPE_OPENID})
-    public Response getOAuth2Config() {
+    public Response getOAuth2Config(@PathParam("appType") String appType) {
 
-        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
+        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
 
         OAuth2ConfigResponse oauth2Config = new OAuth2ConfigResponse();
         oauth2Config.setAuthzBaseUrl(auiConfiguration.getAuthServerAuthzBaseUrl());
@@ -67,11 +67,11 @@ public Response getOAuth2Config() {
     @GET
     @Path(OAUTH2_ACCESS_TOKEN)
     @Produces(MediaType.APPLICATION_JSON)
-    public Response getAccessToken(@QueryParam("code") String code) {
+    public Response getAccessToken(@QueryParam("code") String code, @PathParam("appType") String appType) {
 
         try {
             log.info("Access token request to Auth Server.");
-            TokenResponse tokenResponse = oAuth2Service.getAccessToken(code);
+            TokenResponse tokenResponse = oAuth2Service.getAccessToken(code, appType);
             log.info("Access token received from Auth Server.");
             return Response.ok(tokenResponse).build();
         } catch (ApplicationException e) {
@@ -86,10 +86,10 @@ public Response getAccessToken(@QueryParam("code") String code) {
     @GET
     @Path(OAUTH2_API_PROTECTION_TOKEN)
     @Produces(MediaType.APPLICATION_JSON)
-    public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt) {
+    public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt, @PathParam("appType") String appType) {
         try {
             log.info("Api protection token request to Auth Server.");
-            TokenResponse tokenResponse = oAuth2Service.getApiProtectionToken(ujwt);
+            TokenResponse tokenResponse = oAuth2Service.getApiProtectionToken(ujwt, appType);
             log.info("Api protection token received from Auth Server.");
             return Response.ok(tokenResponse).build();
         } catch (ApplicationException e) {
@@ -104,10 +104,10 @@ public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt) {
     @POST
     @Path(OAUTH2_API_USER_INFO)
     @Produces(MediaType.APPLICATION_JSON)
-    public Response getUserInfo(@Valid @NotNull UserInfoRequest userInfoRequest) {
+    public Response getUserInfo(@Valid @NotNull UserInfoRequest userInfoRequest, @PathParam("appType") String appType) {
         try {
             log.info("Get User-Info request to Auth Server.");
-            UserInfoResponse userInfoResponse = oAuth2Service.getUserInfo(userInfoRequest);
+            UserInfoResponse userInfoResponse = oAuth2Service.getUserInfo(userInfoRequest, appType);
             log.info("Get User-Info received from Auth Server.");
             return Response.ok(userInfoResponse).build();
         } catch (ApplicationException e) {

jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/auth/OAuth2Service.java

@@ -48,14 +48,14 @@ public class OAuth2Service {
     /**
      * Calls token endpoint from the Identity Provider and returns a valid Access Token.
      */
-    public TokenResponse getAccessToken(String code) throws ApplicationException {
+    public TokenResponse getAccessToken(String code, String appType) throws ApplicationException {
         try {
             log.debug("Getting access token with code");
             if (Strings.isNullOrEmpty(code)) {
                 log.error(ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
                 throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
             }
-            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
+            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
 
             TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
             tokenRequest.setCode(code);
@@ -85,11 +85,11 @@ public TokenResponse getAccessToken(String code) throws ApplicationException {
     /**
      * Calls token endpoint from the Identity Provider and returns a valid Access Token.
      */
-    public TokenResponse getApiProtectionToken(String userInfoJwt) throws ApplicationException {
+    public TokenResponse getApiProtectionToken(String userInfoJwt, String appType) throws ApplicationException {
         try {
             log.debug("Getting api-protection token");
 
-            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
+            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
 
             TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
             tokenRequest.setAuthUsername(auiConfiguration.getTokenServerClientId());
@@ -134,9 +134,9 @@ public TokenResponse getApiProtectionToken(String userInfoJwt) throws Applicatio
         }
     }
 
-    public Map<String, Object> introspectToken(String accessToken) {
+    public Map<String, Object> introspectToken(String accessToken, String appType) {
         log.info("Token introspection from auth-server.");
-        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
+        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
         Invocation.Builder request = ClientFactory.instance().getClientBuilder(auiConfiguration.getAuthServerIntrospectionEndpoint());
         request.header("Authorization", "Bearer " + accessToken);
 
@@ -154,10 +154,10 @@ public Map<String, Object> introspectToken(String accessToken) {
         }
         return null;
     }
-    public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest) throws ApplicationException {
+    public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest, String appType) throws ApplicationException {
         try {
             log.debug("Getting User-Info from auth-server: {}", userInfoRequest.getAccessToken());
-            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
+            AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
 
             String accessToken = org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getAccessToken()) ? userInfoRequest.getAccessToken() : null;
 
@@ -167,11 +167,11 @@ public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest) throws Appl
             }
 
             if (org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getCode()) && org.apache.logging.log4j.util.Strings.isBlank(accessToken)) {
-                TokenResponse tokenResponse = getAccessToken(userInfoRequest.getCode());
+                TokenResponse tokenResponse = getAccessToken(userInfoRequest.getCode(), appType);
                 accessToken = tokenResponse.getAccessToken();
             }
             log.debug("Access Token : {}", accessToken);
-            Map<String, Object> introspectionResponse = introspectToken(accessToken);
+            Map<String, Object> introspectionResponse = introspectToken(accessToken, appType);
 
             MultivaluedMap<String, String> body = new MultivaluedHashMap<>();
             body.putSingle("access_token", accessToken);