feat(config-api): session and token endpoint #9595
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
…9187 Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
Signed-off-by: pujavs <pujas.works@gmail.com>
DryRun Security SummaryThe pull request covers a wide range of updates to the Jans Config API application, with a strong focus on enhancing the security and management of sessions, tokens, and OAuth-related functionalities, including improvements to session management, token management, OAuth scope management, input validation, error handling, and logging and monitoring. Expand for full summarySummary: The code changes in this pull request cover a wide range of updates to the Jans Config API application, with a strong focus on enhancing the security and management of sessions, tokens, and OAuth-related functionalities. Key security-related changes include:
Overall, the changes in this pull request appear to be focused on improving the security and manageability of the Jans Config API application, particularly in the areas of session, token, and OAuth-related functionality. Continued vigilance and a security-minded approach are recommended when reviewing and implementing such changes. Files Changed:
Code AnalysisWe ran
Riskiness🟢 Risk threshold not exceeded. |
mo-auto
added
comp-docs
yuriyz
approved these changes
Sep 25, 2024
yuriyzz
approved these changes
Sep 25, 2024
|
imShakil
pushed a commit
that referenced
this pull request
Oct 3, 2024
* fix(config-api): asset mgt endpoint fixes Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): asset upload Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): lock review comments Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock code review comments Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 delete functionality Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): acr validation Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): doc(config-api): IDP schema attribute descriptions #9187 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): uploading assets via API generates 2 entries #9178 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset mgt, fido and IDP changes Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 device endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): resolved sonar review issues Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sonar review comment fix Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): swagger spec Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): saml config attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * doc(config-api): added SAML attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * doc(config-api): added SAML attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * fix(jans-lock): code review comment fix isssue#9305 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(jans-lock): code review comment fix isssue#9305 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock review point Signed-off-by: pujavs <pujas.works@gmail.com> * fix(lock): code review comment Signed-off-by: pujavs <pujas.works@gmail.com> * fix(lock): code review comment Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock endpoint fixes and SAML IDP NPE Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset enhancement Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): implement timer for asset mgt to fetch and deploy assets forconfig-api #9403 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): scope validation issue #9426 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): asset delete error fix Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sysnc with main Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-ap): lock audit endpoint parameter declaration error#9460 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token functionality Signed-off-by: pujavs <pujas.works@gmail.com> * fix(Config-api): lock audit endpoint path param rectification Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): clint token endpoint - wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): clint token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session ednpoint wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session ednpoint wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session and token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> --------- Signed-off-by: pujavs <pujas.works@gmail.com> Co-authored-by: YuriyZ <yzabrovarniy@gmail.com>
yuriyz
added a commit
that referenced
this pull request
Nov 7, 2024
* fix(config-api): asset mgt endpoint fixes Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset upload mgt ehancement and fido Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): asset upload Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): lock review comments Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock code review comments Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock master renamed to lock server Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 delete functionality Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): acr validation Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): doc(config-api): IDP schema attribute descriptions #9187 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): uploading assets via API generates 2 entries #9178 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset mgt, fido and IDP changes Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 device endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): fido2 endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): resolved sonar review issues Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sonar review comment fix Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): swagger spec Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): saml config attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * doc(config-api): added SAML attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * doc(config-api): added SAML attribute description Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * fix(jans-lock): code review comment fix isssue#9305 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(jans-lock): code review comment fix isssue#9305 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock review point Signed-off-by: pujavs <pujas.works@gmail.com> * fix(lock): code review comment Signed-off-by: pujavs <pujas.works@gmail.com> * fix(lock): code review comment Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): sync with main Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): lock endpoint fixes and SAML IDP NPE Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): asset enhancement Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): implement timer for asset mgt to fetch and deploy assets forconfig-api #9403 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): scope validation issue #9426 Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-api): asset delete error fix Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): sysnc with main Signed-off-by: pujavs <pujas.works@gmail.com> * fix(config-ap): lock audit endpoint parameter declaration error#9460 Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token functionality Signed-off-by: pujavs <pujas.works@gmail.com> * fix(Config-api): lock audit endpoint path param rectification Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): clint token endpoint - wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): clint token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): client token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session ednpoint wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session ednpoint wip Signed-off-by: pujavs <pujas.works@gmail.com> * feat(config-api): session and token endpoint Signed-off-by: pujavs <pujas.works@gmail.com> --------- Signed-off-by: pujavs <pujas.works@gmail.com> Co-authored-by: YuriyZ <yzabrovarniy@gmail.com> Former-commit-id: e04e105
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prepare
Description
Target issue
closes #9412, #9413
Implementation Details
Test and Document the changes
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:to indicate documentation changes or if the below checklist is not selected.