Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(image): preserve attribute's values in jans-auth config #2990

Closed
iromli opened this issue Nov 15, 2022 · 1 comment · Fixed by #3013
Closed

feat(image): preserve attribute's values in jans-auth config #2990

iromli opened this issue Nov 15, 2022 · 1 comment · Fixed by #3013
Assignees
@iromli
Labels
comp-docker-jans-persistence-loader kind-feature Issue or PR is a new feature request

Comments

@iromli
Copy link
Contributor

iromli commented Nov 15, 2022
edited
Loading

Up to v1.0.4, janssenproject/persistence-loader entrypoint adds/removes attributes and/or its values to conform to janssenproject/auth-server configuration.

For illustration, the following code ensures missing private_key_jwt is added to tokenEndpointAuthMethodsSupported attribute.

if "private_key_jwt" not in conf["tokenEndpointAuthMethodsSupported"]:
    conf["tokenEndpointAuthMethodsSupported"].append("private_key_jwt")

However, sometime this behavior is unexpected, for example when users only want to use tls_client_auth for tokenEndpointAuthMethodsSupported attribute, the entrypoint will add missing value to the attribute.

Ref: ticket 10942

Possible solutions:

  1. The janssenproject/persistence-loader entrypoint should only adds/removes top-level attributes, not its values.
  2. Add flag/env var to skip updating jans-auth configuration automatically (manual updates can use Config API or jans-cli)
@iromli iromli self-assigned this Nov 15, 2022
@mo-auto mo-auto added the kind-feature Issue or PR is a new feature request label Nov 15, 2022
@iromli iromli changed the title feat(image): only allow updates on top-level attributes in jans-auth config feat(image): preserve attribute's values in jans-auth config Nov 16, 2022
@iromli
Copy link
Contributor Author

iromli commented Nov 16, 2022
edited
Loading

After several tests on possible solution no. 1, there are a couple of issues found so far:

  • specifying the old format "authorizationRequestCustomAllowedParameters": ["customParam1", "customParam2", "customParam3"] will break the app as the data type is no longer valid/conform to jans-auth
  • since v1.0.3, jans-cli requires urn:ietf:params:oauth:grant-type:device_code grant type (specified in grantTypesSupported and/or dynamicGrantTypeDefault attribute) to work properly

@iromli iromli mentioned this issue Nov 16, 2022
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iromli iromli

Labels
comp-docker-jans-persistence-loader kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(image): preserve attribute's values in jans-auth config JanssenProject/jans
2 participants
@iromli @mo-auto