config-api does not populate displayName if backend MySQL

[devrimyatar]

Describe the bug
config-api does not populate displayName if backend MySQL

To Reproduce

1. intall jans with MySQL backend
2. request list of OpenID Connect Clients

displayName exists in customAttributes, but in swagger yaml we marked it required.

Here is MySQL Backend output

[{
	"dn": "inum=1800.d694e30e-55f2-4f94-bd45-241a190ee498,ou=clients,o=jans",
	"deletable": false,
	"clientSecret": "7zQgHJcqBACk",
	"frontChannelLogoutUri": "null",
	"frontChannelLogoutSessionRequired": false,
	"redirectUris": ["https://snap.gluu.org/admin-ui", "http://localhost:4100"],
	"claimRedirectUris": [],
	"responseTypes": ["code"],
	"grantTypes": ["authorization_code", "refresh_token", "client_credentials"],
	"applicationType": "web",
	"contacts": [],
	"clientName": {},
	"logoUri": {},
	"clientUri": {},
	"policyUri": {},
	"tosUri": {},
	"subjectType": "pairwise",
	"idTokenSignedResponseAlg": "RS256",
	"tokenEndpointAuthMethod": "client_secret_basic",
	"requireAuthTime": false,
	"defaultAcrValues": [],
	"postLogoutRedirectUris": [],
	"requestUris": [],
	"scopes": ["inum=C4F7,ou=scopes,o=jans", "inum=1200.3D1C5D,ou=scopes,o=jans", "inum=1200.3D52BA,ou=scopes,o=jans", "inum=1800.EA9682,ou=scopes,o=jans", "inum=1800.79538B,ou=scopes,o=jans", "inum=1800.649FD3,ou=scopes,o=jans", "inum=1800.BD5769,ou=scopes,o=jans", "inum=1800.D1823E,ou=scopes,o=jans", "inum=1800.9F362F,ou=scopes,o=jans", "inum=1800.B1D789,ou=scopes,o=jans", "inum=1800.295886,ou=scopes,o=jans", "inum=1800.30DEB1,ou=scopes,o=jans", "inum=1800.E0106C,ou=scopes,o=jans", "inum=1800.BAC7A7,ou=scopes,o=jans", "inum=1800.6DC9DD,ou=scopes,o=jans", "inum=1800.B4C6FC,ou=scopes,o=jans", "inum=1800.DE963B,ou=scopes,o=jans", "inum=1800.7152B2,ou=scopes,o=jans", "inum=1800.D1E58D,ou=scopes,o=jans", "inum=1800.B69195,ou=scopes,o=jans", "inum=1800.4751A8,ou=scopes,o=jans", "inum=1800.5C0100,ou=scopes,o=jans", "inum=1800.A52841,ou=scopes,o=jans", "inum=1800.D52B0C,ou=scopes,o=jans", "inum=1800.9B0ECF,ou=scopes,o=jans", "inum=1800.ACFBC4,ou=scopes,o=jans", "inum=1800.57212F,ou=scopes,o=jans", "inum=1800.00B2F1,ou=scopes,o=jans", "inum=1800.3E3A82,ou=scopes,o=jans", "inum=1800.D59360,ou=scopes,o=jans", "inum=1800.43F09D,ou=scopes,o=jans", "inum=1800.352199,ou=scopes,o=jans", "inum=1800.028326,ou=scopes,o=jans", "inum=1800.22AEE4,ou=scopes,o=jans", "inum=1800.7853D5,ou=scopes,o=jans", "inum=1800.CBBF71,ou=scopes,o=jans", "inum=1800.E96131,ou=scopes,o=jans", "inum=1800.1A5F12,ou=scopes,o=jans", "inum=1800.902DE2,ou=scopes,o=jans", "inum=1800.933C63,ou=scopes,o=jans", "inum=1800.C07EDC,ou=scopes,o=jans", "inum=1800.A9C6F5,ou=scopes,o=jans", "inum=1800.194B4E,ou=scopes,o=jans", "inum=1800.B1FB43,ou=scopes,o=jans", "inum=1800.306E42,ou=scopes,o=jans", "inum=1800.E29799,ou=scopes,o=jans", "inum=1800.659275,ou=scopes,o=jans", "inum=1800.221CAA,ou=scopes,o=jans", "inum=1800.75841E,ou=scopes,o=jans", "inum=1800.F76355,ou=scopes,o=jans", "inum=1800.00225E,ou=scopes,o=jans", "inum=1800.BF5ABF,ou=scopes,o=jans"],
	"claims": [],
	"trustedClient": false,
	"persistClientAuthorizations": true,
	"includeClaimsInIdToken": false,
	"customAttributes": [{
		"name": "displayName",
		"multiValued": false,
		"values": ["Jans Config Api Client"],
		"displayValue": "Jans Config Api Client",
		"value": "Jans Config Api Client"
	}],
	"rptAsJwt": false,
	"accessTokenAsJwt": false,
	"accessTokenSigningAlg": "RS256",
	"disabled": false,
	"authorizedOrigins": [],
	"attributes": {
		"runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims": false,
		"keepClientAuthorizationAfterExpiration": false,
		"allowSpontaneousScopes": false,
		"backchannelLogoutSessionRequired": false,
		"parLifetime": 600,
		"requirePar": false,
		"jansDefaultPromptLogin": false
	},
	"authenticationMethod": "client_secret_basic",
	"tokenBindingSupported": false,
	"baseDn": "inum=1800.d694e30e-55f2-4f94-bd45-241a190ee498,ou=clients,o=jans",
	"inum": "1800.d694e30e-55f2-4f94-bd45-241a190ee498"
}]

And here is OpenDJ backend output

[{
	"dn": "inum=1800.c30e5c61-f636-4daa-a811-426a80a9a6c9,ou=clients,o=jans",
	"deletable": false,
	"clientSecret": "kF4IAZf5ZQda",
	"frontChannelLogoutSessionRequired": false,
	"redirectUris": ["https://snap.gluu.org/admin-ui", "http://localhost:4100"],
	"responseTypes": ["code"],
	"grantTypes": ["authorization_code", "refresh_token", "client_credentials"],
	"applicationType": "web",
	"clientName": {
		"values": {
			"": "Jans Config Api Client"
		},
		"languageTags": [""],
		"value": "Jans Config Api Client"
	},
	"logoUri": {},
	"clientUri": {},
	"policyUri": {},
	"tosUri": {},
	"subjectType": "pairwise",
	"idTokenSignedResponseAlg": "RS256",
	"tokenEndpointAuthMethod": "client_secret_basic",
	"requireAuthTime": false,
	"scopes": ["inum=C4F7,ou=scopes,o=jans", "inum=1200.98A667,ou=scopes,o=jans", "inum=1200.6F7D71,ou=scopes,o=jans", "inum=1800.7E44C0,ou=scopes,o=jans", "inum=1800.03463A,ou=scopes,o=jans", "inum=1800.5B4F12,ou=scopes,o=jans", "inum=1800.6BF022,ou=scopes,o=jans", "inum=1800.4092DB,ou=scopes,o=jans", "inum=1800.C2BA9E,ou=scopes,o=jans", "inum=1800.02960D,ou=scopes,o=jans", "inum=1800.36C81B,ou=scopes,o=jans", "inum=1800.07CDC6,ou=scopes,o=jans", "inum=1800.4F58B2,ou=scopes,o=jans", "inum=1800.78490D,ou=scopes,o=jans", "inum=1800.7DCB01,ou=scopes,o=jans", "inum=1800.09B41C,ou=scopes,o=jans", "inum=1800.3C71D6,ou=scopes,o=jans", "inum=1800.80B393,ou=scopes,o=jans", "inum=1800.D17859,ou=scopes,o=jans", "inum=1800.F7FE05,ou=scopes,o=jans", "inum=1800.3DE769,ou=scopes,o=jans", "inum=1800.620199,ou=scopes,o=jans", "inum=1800.2C3024,ou=scopes,o=jans", "inum=1800.1BAC79,ou=scopes,o=jans", "inum=1800.F64DAE,ou=scopes,o=jans", "inum=1800.537E5C,ou=scopes,o=jans", "inum=1800.6D9311,ou=scopes,o=jans", "inum=1800.6B3A8F,ou=scopes,o=jans", "inum=1800.A7F4C4,ou=scopes,o=jans", "inum=1800.227696,ou=scopes,o=jans", "inum=1800.C3F5E8,ou=scopes,o=jans", "inum=1800.020D36,ou=scopes,o=jans", "inum=1800.95A0BB,ou=scopes,o=jans", "inum=1800.BE2CAF,ou=scopes,o=jans", "inum=1800.76D31B,ou=scopes,o=jans", "inum=1800.678F7C,ou=scopes,o=jans", "inum=1800.6440F0,ou=scopes,o=jans", "inum=1800.286F13,ou=scopes,o=jans", "inum=1800.859769,ou=scopes,o=jans", "inum=1800.7EEBCD,ou=scopes,o=jans", "inum=1800.F2A2FF,ou=scopes,o=jans", "inum=1800.0C8D82,ou=scopes,o=jans", "inum=1800.40F161,ou=scopes,o=jans", "inum=1800.CA0556,ou=scopes,o=jans", "inum=1800.CE96CE,ou=scopes,o=jans", "inum=1800.E00FAB,ou=scopes,o=jans", "inum=1800.91E946,ou=scopes,o=jans", "inum=1800.1F4288,ou=scopes,o=jans", "inum=1800.C0B2F8,ou=scopes,o=jans", "inum=1800.D89FEC,ou=scopes,o=jans", "inum=1800.0E4BBA,ou=scopes,o=jans", "inum=1800.E001EE,ou=scopes,o=jans"],
	"trustedClient": false,
	"persistClientAuthorizations": true,
	"includeClaimsInIdToken": false,
	"customAttributes": [{
		"name": "displayName",
		"multiValued": false,
		"values": ["Jans Config Api Client"],
		"displayValue": "Jans Config Api Client",
		"value": "Jans Config Api Client"
	}],
	"customObjectClasses": ["top"],
	"rptAsJwt": false,
	"accessTokenAsJwt": false,
	"accessTokenSigningAlg": "RS256",
	"disabled": false,
	"attributes": {
		"runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims": false,
		"keepClientAuthorizationAfterExpiration": false,
		"allowSpontaneousScopes": false,
		"backchannelLogoutSessionRequired": false,
		"parLifetime": 600,
		"requirePar": false,
		"jansDefaultPromptLogin": false
	},
	"displayName": "Jans Config Api Client",
	"authenticationMethod": "client_secret_basic",
	"tokenBindingSupported": false,
	"baseDn": "inum=1800.c30e5c61-f636-4daa-a811-426a80a9a6c9,ou=clients,o=jans",
	"inum": "1800.c30e5c61-f636-4daa-a811-426a80a9a6c9"
}]

[pujavs]

@yurem this issue seems to be because of difference in attribute name and object property name. Request you to please chk
https://github.com/JanssenProject/jans/blob/main/jans-auth-server/common/src/main/java/io/jans/as/common/model/registration/Client.java#L81

[qbert2k]

Hello @pujavs

Sorry for the inconvenients, I have added a new feature for language metadata for client_name (displayName), logo_uri (jansLogoURI), client_uri (jansClntURI), policy_uri (jansPolicyURI), and tos_uri (jansTosURI). This feature is the reason of the issue reported here.

There are more details at: #1057

[pujavs]

@qbert2k, no worries, do i have have to make any change in config-api code to handle this?

[duttarnab]

Hi @pujavs @yurem @qbert2k , could you please provide an update on this issue.
The admin-ui oidc client not working as expected due to this issue.

[pujavs]

@yurem @qbert2k
There are three issues related to LocalizedString

1. 1482
2. 1724
3. 1765

The values of LocalizedString needs to be returned in String format rather than object.
I need to fix these issues today, In config-api I have only one option that is to create a new covering DTO for Client.java which will be a overhead.

Can we have new getter and setter to take and return value in String format directly in Client.java ?

[pujavs]

Fix being worked by @qbert2k, details in 1765

[yurem]

We have issue with indexes for @LanguageTag in CB/Spanner/MySQL/PostgresSQL too.

According to output above we store them in next format:

	"clientName": {
		"values": {
			"": "Jans Config Api Client"
		},
		"languageTags": [""],
		"value": "Jans Config Api Client"
	},

It's possible to add indexes for such JSON values (except Spanner). But we need to use another definitions than for multi-values attributes now.
Also our filter API build queries for multivalues attributes for all DB. But case with@LanguageTagwe should handle separately.

[yurem]

From my point of view clientName should be simple attribute.
If we need to store localized client names we can use another attribute like:

    @AttributeName(name = "displayNameLocalized")
    @JsonObject
    private LocalizedString clientNameLocalized = new LocalizedString();

ORM in this case should convert LocalizedString object from object to JSON and back automatically without additional code.

Alternative idea is to store them as customAttribute. In this case it will be application responsibility to convert them to string/json

[yurem]

Third option is to fix @LanguageTag implementation and resolve issues mentioned above

[yurem]

Link to original issue: #1057

[pujavs]

@devrimyatar , this seem to have resolved, below is the test evidence from my-sql environment.
Request you to please verify and reopen the issue if required