Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Interception Scripts to add extra authorization during client authentication #286

Closed
pujavs opened this issue Oct 12, 2021 · 4 comments
Closed

feat: Interception Scripts to add extra authorization during client authentication #286

pujavs opened this issue Oct 12, 2021 · 4 comments
Labels
comp-jans-config-api Component affected by issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review.

Comments

@pujavs
Copy link
Contributor

pujavs commented Oct 12, 2021

Requirement:

Currently jans-config-api uses basic authentication, requirement is to use an interception scripts which can enable custom business logic for authentication.
For example, a customer may want to pass an access token with a custom claim, like {"role": "manager", "infrastructure": "prod"}
The script should read that information from the access token, and then write custom rules about whether to allow or deny the client authentication.

Risk Level.

1 (Low risk)

Effort.

Medium

Priority.

MEDIUM
@pujavs pujavs self-assigned this Oct 12, 2021
@ossdhaval ossdhaval transferred this issue from another repository Jan 13, 2022
@ossdhaval ossdhaval added comp-jans-config-api Component affected by issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review. labels Jan 13, 2022
moabu pushed a commit that referenced this issue Jan 13, 2022
@yuriyz
Merge pull request #286 from JanssenProject/yuriyz_fixes
2880250 
chore: added more logs
moabu pushed a commit that referenced this issue Jan 13, 2022
@yuriyz
Merge pull request #286 from JanssenProject/yuriyz_fixes
492d116 
chore: added more logs
@pujavs
Copy link
Contributor Author

pujavs commented Jan 20, 2022
edited
Loading

Analysis: Following changes are expected
1) jans-core
1.1) New custom script definition in -> https://github.com/JanssenProject/jans-core/blob/master/script/src/main/java/io/jans/model/custom/script/CustomScriptType.java#L107
1.2) New custom script interface and dummy class under -> https://github.com/JanssenProject/jans-core/tree/master/script/src/main/java/io/jans/model/custom/script/type

2) jans-setup
2.1) New script to intercept and authenticate.

3) jans-config-api
3.1) CustomScript initializing on startup with script reload timer.
3.2) New CustomScript context with required parameter
3.3) New CustomScript service
3.4) Invocation of new custom-script after existing to API protection authorization code.

@pujavs
Copy link
Contributor Author

pujavs commented Feb 15, 2022
edited
Loading

Code branch : https://github.com/JanssenProject/jans/tree/jans-286
Related jans-setup issues/831 #831

This was referenced Feb 16, 2022
Closed
Closed
Merged
@pujavs
Copy link
Contributor Author

pujavs commented Feb 17, 2022
edited
Loading

PR 840 - #840
Python Custom Script logs
image

@pujavs
Copy link
Contributor Author

pujavs commented Feb 18, 2022

Code merged to main

@pujavs pujavs closed this as completed Feb 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
comp-jans-config-api Component affected by issue or PR kind-enhancement Issue or PR is an enhancement to an existing functionality needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ossdhaval @pujavs