Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TUI Docs update #3391

Merged
merged 1 commit into from
Dec 22, 2022
Merged

TUI Docs update #3391

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 42 additions & 24 deletions docs/admin/config-guide/tui.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,58 +7,76 @@ tags:
- tui
---

# Configuration Text-Based User Interface (TUI)

## Overview

## Installation
The "Text User Interface" or "TUI" is a tool for admins to perform *ad
hoc* configuration of the Janssen Project software components.

Installation of a Jans TUI ( Text-Based User Interface ) need a Jans server to be installed as base. After that download and build Jans-ClI-TUI and make it.
You can run it by executing:

### Build:
```
/opt/jans/jans-cli/jans_cli_tui.py

- `pip3 install shiv`
- `wget https://github.com/JanssenProject/jans/archive/refs/heads/jans-cli-tui-works.zip`
- `unzip jans-cli-tui-works.zip`
- `cd jans-jans-cli-tui-works/jans-cli-tui/`
- `make zipapp`
```

### Run
The TUI calls the Jans Config API. A TUI client is configured out of the
box when you run either the VM or container Jans setup. The TUI utilizes the
OAuth Device Flow for user authentication--the default `admin` user created
during setup has the correct roles to use all the TUI features. Client
credentials, tokens and other data is stored in file `~/.config/jans-cli.ini` in
encoded format. The user-role mappings roles are defined in a Jans Auth Server
[introspection scrip](https://github.com/JanssenProject/jans/blob/main/docs/script-catalog/introspection/introspection-role-based-scope/introspection_role_based_scope.py)

- `./config-cli-tui.pyz`
```
~/.config/jans-cli.ini
```

## Administration

It's possible to manage Janssen server with Jans-Cli-TUI. There are lot of available options here which administrator can use for daily activities.
Some of them are stated below.

This is what it looks like when run `config-cli-tui.pyz`, this is the main panel. ![image](../../assets/Jans_TUI_Main_panel.png)
When you run the TUI, this is the home panel:
![image](../../assets/Jans_TUI_Main_panel.png)

### Auth Server

With "Auth Server" option, administrator can operate openid client configuration in their Janssen server.
The most complicated configuration belongs to Auth Server. This should be no
surprise, because this component is responsible for the implementation of
OpenID Provider, OAuth Authorization Server, and UMA Authorization Server
endpoints.

- In below screenshot, we are getting the list of existing clients. ![image](../../assets/Jans_TUI_Auth_Server_Get_client_list.png)
- It's possible to get details of any client as well. Just hit enter on any client and you will see information like this. ![image](../../assets/Jans_TUI_Auth_Server_Client_detail.png)
- With the button which is located on right upper side named "Add Client", it's possible to create new client. ![image](../../assets/Jans_TUI_Auth_Server_Add_new_client.png)

### FIDO

Janssen includes a FIDO2 component to implement a two-step, two-factor authentication (2FA) with a username/password as the first step, and any FIDO2 device as the second step. During Janssen installation, the administrator will have an option to install the FIDO2 component.
The Janssen FIDO Server implements FIDO 2 and FIDO U2F endpoints. Using the
TUI, you can view/update details of the FIDO configuration.

Using Janssen CLI-TUI, you can view/update details of the FIDO2 configuration.

There are two configurations included here:
There are two configurations included here:

- Dynamic Configuration ![image](../../assets/Jans_TUI_Fido_Dynamic_Configuration.png)
- Static Configuration ![image](../../assets/Jans_TUI_Fido_Static_Configuration.png)

### SCIM

System for Cross-domain Identity Management, in short SCIM, is a specification that simplifies the exchange of user identity information across different domains. The Janssen Server provides implementation for the SCIM specification.
System for Cross-domain Identity Management, in short SCIM, is a specification
that simplifies the exchange of user identity information across different
domains. The Janssen Server provides implementation for the SCIM specification.

With Janssen CLI-TUI, it's possible to view / update SCIM configuration. ![image](../../assets/Janssen_TUI_SCIM_1.png)

### Scripts
## Standalone Installation

Installation of a Jans TUI ( Text-Based User Interface ) need a Jans server to be installed as base. After that download and build Jans-ClI-TUI and make it.

### Build:

- `pip3 install shiv`
- `wget https://github.com/JanssenProject/jans/archive/refs/heads/jans-cli-tui-works.zip`
- `unzip jans-cli-tui-works.zip`
- `cd jans-jans-cli-tui-works/jans-cli-tui/`
- `make zipapp`

### Run

### Users
- `./config-cli-tui.pyz`