docs: scim logs

.github/workflows/backport.yml

@@ -34,7 +34,7 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Create backport PRs
         # should be kept in sync with `version`
-        uses: zeebe-io/backport-action@v0.0.8
+        uses: zeebe-io/backport-action@v0.0.9
         with:
           # Config README: https://github.com/zeebe-io/backport-action#backport-action
           github_token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}

.github/workflows/build-docs.yml

@@ -56,7 +56,10 @@ jobs:
           cp janssen-*.tgz ../
 
       - name: Generate docs
-        run: echo "Custom work on generating docs can go here."
+        run: |
+         echo "Custom work on generating docs can go here."
+         chmod u+x automation/docs/generate-property-docs.sh
+         sudo bash ./automation/docs/generate-property-docs.sh
 
       - name: git config
         run: |

.github/workflows/build-wars.yml

@@ -48,7 +48,6 @@ jobs:
     - uses: actions/checkout@v3
       with:
           repository: ${{ github.repository }}
-          token: ${{ secrets.githubtoken }}
 
     - name: find changed directories
       run: |
@@ -88,4 +87,4 @@ jobs:
           pwd
           mvn clean install -DskipTests --file ${{ matrix.fldrpath }}
           mvn -B package --file ${{ matrix.fldrpath }}/pom.xml -Dmaven.test.skip=true
-          mvn --file ${{ matrix.fldrpath }}/pom.xml deploy -Dmaven.test.skip=true
+          mvn --file ${{ matrix.fldrpath }}/pom.xml deploy -Dmaven.test.skip=true

automation/docs/generate-property-docs.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+set -euo pipefail
+
+echo "Generate properties and feature flag documents from elements annotated with @DocFeatureFlag and @DocProperty"
+
+# Compile jans-core to pick-up any changes in annotation processors
+mvn -q -f jans-core/pom.xml -DskipTests clean compile install
+
+# Compile modules where classes that use these annotations exist.
+# This will generate markdown files under target/classes directory
+mvn -q -f jans-auth-server/pom.xml clean compile
+mvn -q -f jans-fido2/pom.xml clean compile
+mvn -q -f jans-scim/pom.xml clean compile
+
+# Move markdown files to appropriate locations under documentation root 'doc'
+mv -f jans-auth-server/model/target/classes/janssenauthserver-properties.md docs/admin/reference/json/properties
+mv -f jans-auth-server/model/target/classes/janssenauthserver-feature-flags.md docs/admin/reference/json/feature-flags
+mv -f jans-fido2/model/target/classes/fido2-properties.md docs/admin/reference/json/properties
+mv -f jans-scim/model/target/classes/scim-properties.md docs/admin/reference/json/properties

automation/startjanssendemo.sh

@@ -43,7 +43,7 @@ sudo pip3 install requests --upgrade
 sudo pip3 install shiv
 sudo snap install microk8s --classic
 sudo microk8s.status --wait-ready
-sudo microk8s.enable dns registry ingress storage
+sudo microk8s.enable dns registry ingress hostpath-storage
 sudo microk8s kubectl get daemonset.apps/nginx-ingress-microk8s-controller -n ingress -o yaml | sed -s "s@ingress-class=public@ingress-class=nginx@g" | microk8s kubectl apply -f -
 sudo apt-get update
 sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y

docker-jans-monolith/README.md

@@ -1,17 +1,27 @@
-# Overview
+---
+tags:
+- administration
+- installation
+- quick-start
+- docker compose
+---
 
-**This image is for testing and development purposes only! Use Janssen [helm charts](../charts) for production setups**
+> **Warning**
+> This image is for testing and development purposes only. Use Janssen [helm charts](https://github.com/JanssenProject/jans/tree/main/charts/janssen) for production setups.
 
-Docker monolith image packaging for Janssen.This image packs janssen services including, the auth-server, config-api, fido2, and scim.
+## Overview
 
-## Versions
+Docker monolith image packaging for Janssen. This image packs janssen services including the auth-server, config-api, fido2, and scim.
+
+## Pre-requisites
+
+- [Docker](https://docs.docker.com/install)
+- [Docker compose](https://docs.docker.com/compose/install/)
 
-See [Releases](https://github.com/JanssenProject/docker-jans-monolith/releases) for stable versions. This image should never be used in production.
-For bleeding-edge/unstable version, use `janssenproject/monolith:1.0.4_dev`.
 
 ## Environment Variables
 
-The following environment variables are supported by the container:
+Installation depends on the set of environment variables shown below. These environment variables can be set to customize installation as per the need. If not set, the installer uses default values.
 
 | ENV                     | Description                                      | Default                                          |
 |-------------------------|--------------------------------------------------|--------------------------------------------------|
@@ -32,35 +42,37 @@ The following environment variables are supported by the container:
 | `MYSQL_HOST`            | MySQL host.                                      | `mysql` which is the docker compose service name |
 
 
-## Pre-requisites
+## How to run
 
-- [Docker](https://docs.docker.com/install). Docker compose should be installed by default with Docker.
+Download the compose file 
 
-## How to run
+```bash
+
+wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-mysql-compose.yml 
+```
+
+This docker compose file runs two containers, the janssen monolith container and mysql container.
 
 ```bash
 docker compose -f jans-mysql-compose.yml up -d
 ```
 
-## Clean up
+To view the containers running
 
-Remove setup and volumes
+```bash
 
-```
-docker compose -f jans-mysql-compose.yml down && rm -rf jans-*
+docker compose -f jans-mysql-compose.yml ps
 ```
 
-## Test
+## Configure Janssen Server
 
 ```bash
-docker exec -ti docker-jans-monolith-jans-1 bash
-```
 
-Run 
-```bash
-/opt/jans/jans-cli/config-cli.py
-#or
-/opt/jans/jans-cli/scim-cli.py
+docker compose -f jans-mysql-compose.yml exec jans sh #This opens a bash terminal in the running container
+
+/opt/jans/jans-cli/config-cli.py #configure using the config-cli
+
+/opt/jans/jans-cli/scim-cli.py #configure using the scim-cli
 ```
 
 ## Access endpoints externally
@@ -74,11 +86,10 @@ Add to your `/etc/hosts` file the ip domain record which should be the ip of the
 
 After adding the record you can hit endpoints such as https://demoexample.jans.io/.well-known/openid-configuration
 
-## Quick start 
+## Clean up
 
-Grab a fresh ubuntu 22.04 lts VM and run:
+Remove setup and volumes
 
-```bash
-wget https://raw.githubusercontent.com/JanssenProject/jans/main/automation/startjanssenmonolithdemo.sh && chmod u+x startjanssenmonolithdemo.sh && sudo bash startjanssenmonolithdemo.sh demoexample.jans.io MYSQL
 ```
-
+docker compose -f jans-mysql-compose.yml down
+```

docs/admin/auth-server/client-management/configuration/client-config.md

@@ -0,0 +1,46 @@
+---
+tags:
+  - administration
+  - client
+  - configuration
+---
+
+# Client Configuration
+
+## ACR client configuration
+
+There are 4 client configuration properties related to ACR:
+
+- `default_acr_values` - string array, default acr values which are set when `acr_values` is missed in authorization request.
+- `minimumAcrLevel` - integer value which sets minimum acr level.
+- `minimumAcrLevelAutoresolve` - boolean value, if `false` and `minimumAcrLevel` is higher then current `acr_values` then reject request. If `true` - resolve acr according to either client's `minimumAcrPriorityList` or AS `auth_level_mapping`
+- `minimumAcrPriorityList` - string array, enables client to specify the acr order of preference, rather then just the next lowest integer value
+
+AS process properties in following order:
+1. if `acr_values` is absent, set `acr_values` from `default_acr_values`
+2. Otherwise if present, checking minimum acr level:
+- check `minimumAcrLevel`, if current acr level is higher or equals to `minimumAcrLevel` then proceed request processing without changes
+- if `minimumAcrLevel` is less then current acr level and `minimumAcrLevelAutoresolve=false` -> reject request (return bad request error)
+- if `minimumAcrLevel` is less then current acr level and `minimumAcrLevelAutoresolve=true` -> pickup value from `minimumAcrPriorityList` or if it's empty take nearest acr value that satisfy `minimumAcrLevel` 
+
+For example, given:
+1. `minimumAcrLevel` = 14
+1. `default_acr_values` = "basic"
+1. `minimumAcrPriorityList` = ["u2f", "passkey", "usb_fido_key", "super_gluu"]
+1. OP `auth_level_mapping` :
+```
+"auth_level_mapping": {
+        "1": ["basic"],
+        "5": ["otp"],
+        "10": ["u2f"],
+        "11": ["super_gluu"],
+        "20": ["passkey"],
+        "30": ["usb_fido_key"]      
+    }
+```
+
+- if current `acr_values=u2f` and `minimumAcrLevelAutoresolve=false` -> request is rejected
+- if current `acr_values=u2f` and `minimumAcrLevelAutoresolve=true` -> `acr_values` set to `acr_values=passkey` and request continue processing
+- if current `acr_values=usb_fido_key` -> current acr is higher then minimum. Thus nothing to do.
+
+If `minimumAcrPriorityList` is missing, then the AS can pick the next highest acr in the `auth_level_mapping`. In the example above, that would be `passkey`. 

docs/admin/install/docker-install/compose.md

@@ -0,0 +1,95 @@
+---
+tags:
+- administration
+- installation
+- quick-start
+- docker compose
+---
+
+!!! Warning 
+    **This image is for testing and development purposes only. Use Janssen [helm charts](https://github.com/JanssenProject/jans/tree/main/charts/janssen) for production setups.**
+
+## Overview
+
+Docker monolith image packaging for Janssen. This image packs janssen services including the auth-server, config-api, fido2, and scim.
+
+## Pre-requisites
+
+- [Docker](https://docs.docker.com/install)
+- [Docker compose](https://docs.docker.com/compose/install/)
+
+
+## Environment Variables
+
+Installation depends on the set of environment variables shown below. These environment variables can be set to customize installation as per the need. If not set, the installer uses default values.
+
+| ENV                     | Description                                      | Default                                          |
+|-------------------------|--------------------------------------------------|--------------------------------------------------|
+| `CN_HOSTNAME`           | Hostname to install janssen with.                | `demoexample.jans.io`                            |
+| `CN_ADMIN_PASS`         | Password of the admin user.                      | `1t5Fin3#security`                               |
+| `CN_ORG_NAME`           | Organization name. Used for ssl cert generation. | `Janssen`                                        |
+| `CN_EMAIL`              | Email. Used for ssl cert generation.             | `support@jans.io`                                |
+| `CN_CITY`               | City. Used for ssl cert generation.              | `Austin`                                         |
+| `CN_STATE`              | State. Used for ssl cert generation              | `TX`                                             |
+| `CN_COUNTRY`            | Country. Used for ssl cert generation.           | `US`                                             |
+| `CN_INSTALL_LDAP`       | **NOT SUPPORRTED YET**                           | `false`                                          |
+| `CN_INSTALL_CONFIG_API` | Installs the Config API service.                 | `true`                                           |
+| `CN_INSTALL_SCIM`       | Installs the SCIM  API service.                  | `true`                                           |
+| `CN_INSTALL_FIDO2`      | Installs the FIDO2 API service.                  | `true`                                           |
+| `MYSQL_DATABASE`        | MySQL jans database.                             | `jans`                                           |
+| `MYSQL_USER`            | MySQL database user.                             | `jans`                                           |
+| `MYSQL_PASSWORD`        | MySQL database user password.                    | `1t5Fin3#security`                               |
+| `MYSQL_HOST`            | MySQL host.                                      | `mysql` which is the docker compose service name |
+
+
+## How to run
+
+Download the compose file 
+
+```bash
+
+wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-mysql-compose.yml 
+```
+
+This docker compose file runs two containers, the janssen monolith container and mysql container.
+
+```bash
+docker compose -f jans-mysql-compose.yml up -d
+```
+
+To view the containers running
+
+```bash
+
+docker compose -f jans-mysql-compose.yml ps
+```
+
+## Configure Janssen Server
+
+```bash
+
+docker compose -f jans-mysql-compose.yml exec jans sh #This opens a bash terminal in the running container
+
+/opt/jans/jans-cli/config-cli.py #configure using the config-cli
+
+/opt/jans/jans-cli/scim-cli.py #configure using the scim-cli
+```
+
+## Access endpoints externally
+
+Add to your `/etc/hosts` file the ip domain record which should be the ip of the instance docker is installed at and the domain used in the env above `CN_HOSTNAME`.
+
+```bash
+# For-example
+172.22.0.3      demoexample.jans.io
+```
+
+After adding the record you can hit endpoints such as https://demoexample.jans.io/.well-known/openid-configuration
+
+## Clean up
+
+Remove setup and volumes
+
+```
+docker compose -f jans-mysql-compose.yml down
+```

docs/admin/install/vm-install/quick-start-install.md → docs/admin/install/docker-install/quick-start.md

@@ -6,38 +6,37 @@ tags:
 - docker
 ---
 
-# Docker Based Quick Start Installation
+!!! Warning 
+    **This image is for testing and development purposes only. Use Janssen [helm charts](https://github.com/JanssenProject/jans/tree/main/charts/janssen) for production setups.**
 
-The quickest way to get a Janssen Server up and running is to install a Docker container-based fully featured Janssen Server.
-
-!!! Note
+## Overview
 
-    This method of installation is suitable only for testing, development, or feature exploration purposes. Not for production deployments.  
+The quickest way to get a Janssen Server up and running is to install a Docker container-based fully featured Janssen Server.
 
 ## System Requirements
 
 System should meet [minimum VM system requirements](vm-requirements.md)
 
 ## Install
 
-Run the command given below to start the installation.
-
 Installation depends on a [set of environment variables](https://github.com/JanssenProject/jans/tree/main/docker-jans-monolith#environment-variables).
 These environment variables can be set to customize installation as per the need. If not set, the installer uses default values.
 
+Run this command to start the installation:
+
 ```bash
 wget https://raw.githubusercontent.com/JanssenProject/jans/main/automation/startjanssenmonolithdemo.sh && chmod u+x startjanssenmonolithdemo.sh && sudo bash startjanssenmonolithdemo.sh demoexample.jans.io MYSQL
 ```
 
-At the end of the process, following messages will confirm that the Janssen server and related services are up and running in respective Docker containers.
+Console messages like below confirms the successful installation:
 
 ```
 [+] Running 3/3
  ⠿ Network docker-jans-monolith_cloud_bridge  Created                      0.0s
  ⠿ Container docker-jans-monolith-mysql-1     Started                      0.6s
  ⠿ Container docker-jans-monolith-jans-1      Started                      0.9s
 
-Waiting for the Janssen server to come up. Depending on the  resources it may take 3-5 mins for the services to be up.
+Waiting for the Janssen server to come up. Depending on the resources it may take 3-5 mins for the services to be up.
 Testing openid-configuration endpoint.. 
 ```
 
@@ -77,13 +76,13 @@ And then use CLI tools to configure Janssen Server as needed.
 
 ## Uninstall / Remove the Janssen Server
 
-This docker based installation uses `docker compose` under the hood to create containers. Hence to uninstalling Janssen server involves invoking `docker compose` with appropriate yml file. Run command below to stop and remove containers.
+This docker based installation uses `docker compose` under the hood to create containers. Hence uninstalling Janssen server involves invoking `docker compose` with appropriate yml file. Run command below to stop and remove containers.
 
 ```
 docker compose -f /tmp/jans/docker-jans-monolith/jans-mysql-compose.yml down && rm -rf jans-*
 ```
 
-Console messages like below confirms the successful removal.
+Console messages like below confirms the successful removal:
 
 ```
 [+] Running 3/3