diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java index b9515651759..1b68e71d69e 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiAccessConstants.java @@ -48,10 +48,6 @@ private ApiAccessConstants() { public static final String TOKEN_WRITE_ACCESS = "https://jans.io/oauth/config/token.write"; public static final String TOKEN_DELETE_ACCESS = "https://jans.io/oauth/config/token.delete"; - public static final String SESSION_READ_ACCESS = "https://jans.io/oauth/config/session.readonly"; - public static final String SESSION_WRITE_ACCESS = "https://jans.io/oauth/config/session.write"; - public static final String SESSION_DELETE_ACCESS = "https://jans.io/oauth/config/session.delete"; - public static final String UMA_RESOURCES_READ_ACCESS = "https://jans.io/oauth/config/uma/resources.readonly"; public static final String UMA_RESOURCES_WRITE_ACCESS = "https://jans.io/oauth/config/uma/resources.write"; public static final String UMA_RESOURCES_DELETE_ACCESS = "https://jans.io/oauth/config/uma/resources.delete"; diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java index 3df5b776b97..c0faf69737e 100644 --- a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java +++ b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java @@ -86,6 +86,8 @@ private ApiConstants() {} public static final String SERVICES = "/services"; public static final String ASSET_TYPE = "/asset-type"; public static final String SERVICE = "/service"; + public static final String SEARCH = "/search"; + public static final String JANSID_PATH = "/id"; public static final String APP_VERSION = "/app-version"; public static final String SERVER_STAT = "/server-stat"; @@ -107,7 +109,9 @@ private ApiConstants() {} public static final String USERID_PATH = "{userId}"; public static final String SERVICE_NAME_PARAM_PATH = "/{service-name}"; public static final String TOKEN_PATH = "/{token}"; - public static final String TOKEN_CODE_PATH = "/{tknCde}"; + public static final String TOKEN_CODE_PATH = "/tknCde"; + public static final String JANSID_PATH_PARAM = "/{jansId}"; + public static final String TOKEN_CODE_PATH_PARAM = "/{tknCde}"; public static final String USERID = "userId"; public static final String USERNAME = "username"; @@ -117,6 +121,8 @@ private ApiConstants() {} public static final String WITH_ASSOCIATED_CLIENTS = "withAssociatedClients"; public static final String STATUS = "status"; public static final String INUM = "inum"; + public static final String JANSID = "jansId"; + public static final String JANS_USR_DN = "jansUsrDN"; public static final String ID = "id"; public static final String SCOPE_INUM = "scope_inum"; public static final String TYPE = "type"; @@ -132,8 +138,10 @@ private ApiConstants() {} public static final String USERDN = "userDn"; public static final String PLUGIN_NAME = "pluginName"; public static final String SERVICE_NAME = "service-name"; - public static final String TOKEN_CODE_PARAM = "tknCde"; - + public static final String TOKEN_CODE = "tknCde"; + public static final String OUTSIDE_SID = "outsideSid"; + public static final String JANS_SESS_ATTR = "jansSessAttr"; + public static final String ALL = "all"; public static final String ACTIVE = "active"; diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index 20ef79cf80f..a9734d910be 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -40,8 +40,7 @@ tags: - name: Configuration – Config API - name: Client Authorization - name: Jans Assets -- name: Tokens -- name: Sessions +- name: Token paths: /api/v1/health/app-version: get: @@ -7515,8 +7514,8 @@ paths: get: tags: - Auth - Session Management - summary: Returns current session - description: Returns current session + summary: Return all session + description: Return all session operationId: get-sessions responses: "200": @@ -7527,6 +7526,90 @@ paths: type: array items: $ref: '#/components/schemas/SessionId' + examples: + Response json example: + description: Response json example + value: | + [ + { + "dn": "jansId=c0baae4d-3282-4d20-99d9-90c30a1b6e53,ou=sessions,o=jans", + "id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "outsideSid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "lastUsedAt": "2024-09-24T14:53:13", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:53:13", + "state": "authenticated", + "sessionState": "34d35953e0008389587369ab1be6d6c93aa6d9e103dc2da93c157fc1b8d12385.696be3a5-d30c-4401-831f-4cd9017e8772", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "puja", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "db06a1ad-fe41-4af1-b6a8-96eac8747b39", + "session_id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "sid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-11-25T14:53:06", + "deletable": true, + "creationDate": "2024-09-24T14:53:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5" + }, + { + "dn": "jansId=7cbad817-0b96-40ca-8667-1073bfa726c3,ou=sessions,o=jans", + "id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "outsideSid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "lastUsedAt": "2024-09-24T14:52:15", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:52:15", + "state": "authenticated", + "sessionState": "30288a431305c3fe91f716969837e809ae2c86982c8f0481c78c58f2db7dfd93.d3646d5e-62bf-421c-b1cf-51d6c4d6f64e", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "661fbf90-1ffc-4560-9f95-cb113791af38", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name jansAdminUIRole", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "xyz", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "84d59a22-e98b-41ab-a195-fe52efbc6cba", + "session_id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "sid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email jansAdminUIRole", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-10-25T14:52:06", + "deletable": true, + "creationDate": "2024-09-24T14:52:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "661fbf90-1ffc-4560-9f95-cb113791af38" + } + ] "401": description: Unauthorized "500": @@ -7562,6 +7645,161 @@ paths: - oauth2: - https://jans.io/oauth/jans-auth-server/session.delete - revoke_session + /api/v1/jans-auth-server/session/search: + get: + tags: + - Auth - Session Management + summary: Search session + description: Search session + operationId: search-session + parameters: + - name: limit + in: query + description: Search size - max size of the results to return + schema: + type: integer + format: int32 + default: 50 + - name: pattern + in: query + description: Search pattern + schema: + type: string + default: "" + - name: startIndex + in: query + description: The 1-based index of the first query result + schema: + type: integer + format: int32 + default: 0 + - name: sortBy + in: query + description: Attribute whose value will be used to order the returned response + schema: + type: string + default: jansId + - name: sortOrder + in: query + description: Order in which the sortBy param is applied. Allowed values are + "ascending" and "descending" + schema: + type: string + default: ascending + - name: fieldValuePair + in: query + description: Field and value pair for seraching + schema: + type: string + default: "" + examples: + Field value example: + description: Field value example + value: "applicationType=web,persistClientAuthorizations=true" + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/SessionPagedResult' + examples: + Response json example: + description: Response json example + value: | + { + "start": 0, + "totalEntriesCount": 2, + "entriesCount": 2, + "entries": [ + { + "dn": "jansId=7cbad817-0b96-40ca-8667-1073bfa726c3,ou=sessions,o=jans", + "id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "outsideSid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "lastUsedAt": "2024-09-24T14:52:15", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:52:15", + "state": "authenticated", + "sessionState": "30288a431305c3fe91f716969837e809ae2c86982c8f0481c78c58f2db7dfd93.d3646d5e-62bf-421c-b1cf-51d6c4d6f64e", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "661fbf90-1ffc-4560-9f95-cb113791af38", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name jansAdminUIRole", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "xyz", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "84d59a22-e98b-41ab-a195-fe52efbc6cba", + "session_id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "sid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email jansAdminUIRole", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-10-25T14:52:06", + "deletable": true, + "creationDate": "2024-09-24T14:52:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "661fbf90-1ffc-4560-9f95-cb113791af38" + }, + { + "dn": "jansId=c0baae4d-3282-4d20-99d9-90c30a1b6e53,ou=sessions,o=jans", + "id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "outsideSid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "lastUsedAt": "2024-09-24T14:53:13", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:53:13", + "state": "authenticated", + "sessionState": "34d35953e0008389587369ab1be6d6c93aa6d9e103dc2da93c157fc1b8d12385.696be3a5-d30c-4401-831f-4cd9017e8772", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "puja", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "db06a1ad-fe41-4af1-b6a8-96eac8747b39", + "session_id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "sid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-11-25T14:53:06", + "deletable": true, + "creationDate": "2024-09-24T14:53:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5" + } + ] + } + "401": + description: Unauthorized + "500": + description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/jans-auth-server/session.readonly + - revoke_session /api/v1/stat: get: tags: @@ -7617,14 +7855,14 @@ paths: /api/v1/token/client/{clientId}: get: tags: - - OAuth - OpenID Connect - Clients - summary: Get client token details - description: Get client token details - operationId: get-token-details + - Token + summary: Get token details by client. + description: Get token details by client. + operationId: get-token-by-client parameters: - name: clientId in: path - description: Script identifier + description: Client identifier required: true schema: type: string @@ -7634,16 +7872,52 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PagedResult' + $ref: '#/components/schemas/TokenEntityPagedResult' examples: Response example: description: Response example value: | { "start": 0, - "totalEntriesCount": 3, - "entriesCount": 3, + "totalEntriesCount": 8, + "entriesCount": 8, "entries": [ + { + "dn": "tknCde=280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286,ou=tokens,o=jans", + "grantId": "5e3d27ba-00a2-400e-be6d-b1424d1c1f33", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T15:03:50", + "expirationDate": "2024-10-23T15:03:50", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "4zdnUjyjRoWqqLCMtguvDA", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f,ou=tokens,o=jans", + "grantId": "f8bfb7d5-0dbc-4976-a0ec-ef82e90e4ab8", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete https://jans.io/auth/ssa.developer https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/saml-scope.write readonly https://jans.io/oauth/config/user.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/scim/fido2.read https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/message.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/scim/groups.read https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/scim/groups.write https://jans.io/oauth/config/database/couchbase.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/properties.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/saml-scope.readonly https://jans.io/scim/fido2.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/acrs.delete https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/jans_asset-read https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write https://jans.io/oauth/config/agama.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/openid/clients.write https://jans.io/scim/fido.read https://jans.io/scim/fido.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/jans-link.readonly https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/openid/clients.delete https://jans.io/idp/saml.delete https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/auth/ssa.admin https://jans.io/scim/config.readonly https://jans.io/oauth/config/database/couchbase.write https://jans.io/oauth/config/token.write https://jans.io/oauth/config/jans-link.write https://jans.io/oauth/config/session.delete https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/message.write https://jans.io/oauth/config/fido2.readonly https://jans.io/auth/ssa.portal https://jans.io/oauth/jans-auth-server/config/adminui/logging.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.write https://jans.io/oauth/config/cache.write https://jans.io/scim/all-resources.search https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/properties.readonly https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/scim/bulk https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "JNDJyQfEQTGP6xRllmScXA", + "attributes": { + "online_access": false, + "statusListIndex": 303 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, { "dn": "tknCde=4960533184fab18d8932045b70de17f827c916010ab5d5c86f7202ca6cf7c176,ou=tokens,o=jans", "grantId": "82736426-1a72-46bb-8e76-52f3bca2c614", @@ -7680,6 +7954,62 @@ paths: }, "tokenTypeEnum": "ACCESS_TOKEN" }, + { + "dn": "tknCde=82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d,ou=tokens,o=jans", + "grantId": "6915d12c-b5d3-4f56-a41c-64b3bff0e857", + "userId": "admin", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "openid profile offline_access email", + "tokenCode": "82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d", + "tokenType": "access_token", + "grantType": "urn:ietf:params:oauth:grant-type:device_code", + "referenceId": "uPnrBRVOTv6MKbHZ29oKMw", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599,ou=tokens,o=jans", + "grantId": "c664eb67-9911-40a7-a154-bb4b9b2c90b7", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:22:07", + "expirationDate": "2024-10-23T08:22:07", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "a9yYFUlxRzSh3MvoYGJJRQ", + "attributes": { + "online_access": false, + "statusListIndex": 300 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad,ou=tokens,o=jans", + "grantId": "b0b4315b-7cf1-4d63-ab6c-128bfacab9e3", + "clientId": "1800.3d73038f-2298-446a-a5e8-a43a579da9cc", + "creationDate": "2024-09-19T14:32:09", + "expirationDate": "2028-09-19T14:37:09", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/user.readonly https://jans.io/oauth/lock/read-all https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/config/uma-read https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/uma-delete https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/agama.write https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/scim/config.readonly https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "NXBmV1WjSU28EH8KNTghJw", + "attributes": { + "online_access": false, + "statusListIndex": 201 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, { "dn": "tknCde=f0977b8c359446ff7a5aa157a930c89506485b266d988507478e367f53fd5445,ou=tokens,o=jans", "grantId": "d0c427ec-0c6e-4fdf-83eb-43a19e633eec", @@ -7709,10 +8039,62 @@ paths: security: - oauth2: - https://jans.io/oauth/config/token.readonly + /api/v1/token/tknCde/{tknCde}: + get: + tags: + - Token + summary: Get token details by Id. + description: Get token details by Id. + operationId: get-token-by-id + parameters: + - name: tknCde + in: path + description: Token identifier + required: true + schema: + type: string + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/TokenEntity' + examples: + Response example: + description: Response example + value: | + { + "dn": "tknCde=3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f,ou=tokens,o=jans", + "grantId": "f8bfb7d5-0dbc-4976-a0ec-ef82e90e4ab8", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete https://jans.io/auth/ssa.developer https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/saml-scope.write readonly https://jans.io/oauth/config/user.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/scim/fido2.read https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/message.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/scim/groups.read https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/scim/groups.write https://jans.io/oauth/config/database/couchbase.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/properties.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/saml-scope.readonly https://jans.io/scim/fido2.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/acrs.delete https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/jans_asset-read https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write https://jans.io/oauth/config/agama.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/openid/clients.write https://jans.io/scim/fido.read https://jans.io/scim/fido.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/jans-link.readonly https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/openid/clients.delete https://jans.io/idp/saml.delete https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/auth/ssa.admin https://jans.io/scim/config.readonly https://jans.io/oauth/config/database/couchbase.write https://jans.io/oauth/config/token.write https://jans.io/oauth/config/jans-link.write https://jans.io/oauth/config/session.delete https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/message.write https://jans.io/oauth/config/fido2.readonly https://jans.io/auth/ssa.portal https://jans.io/oauth/jans-auth-server/config/adminui/logging.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.write https://jans.io/oauth/config/cache.write https://jans.io/scim/all-resources.search https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/properties.readonly https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/scim/bulk https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "JNDJyQfEQTGP6xRllmScXA", + "attributes": { + "online_access": false, + "statusListIndex": 303 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + } + "401": + description: Unauthorized + "404": + description: Not Found + "500": + description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/config/token.readonly /api/v1/token/revoke/{tknCde}: delete: tags: - - OAuth - OpenID Connect - Clients + - Token summary: Revoke client token. description: Revoke client token. operationId: revoke-token @@ -7737,6 +8119,230 @@ paths: security: - oauth2: - https://jans.io/oauth/config/token.delete + /api/v1/token/search: + get: + tags: + - Token + summary: Search tokens + description: Search tokens + operationId: search-token + parameters: + - name: limit + in: query + description: Search size - max size of the results to return + schema: + type: integer + format: int32 + default: 50 + - name: pattern + in: query + description: Search pattern + schema: + type: string + default: "" + - name: startIndex + in: query + description: The 1-based index of the first query result + schema: + type: integer + format: int32 + default: 0 + - name: sortBy + in: query + description: Attribute whose value will be used to order the returned response + schema: + type: string + default: tknCde + - name: sortOrder + in: query + description: Order in which the sortBy param is applied. Allowed values are + "ascending" and "descending" + schema: + type: string + default: ascending + - name: fieldValuePair + in: query + description: Field and value pair for seraching + schema: + type: string + default: "" + examples: + Field value example: + description: Field value example + value: "grtTyp=client_credentials,tknTyp=access_token" + responses: + "200": + description: Ok + content: + application/json: + schema: + $ref: '#/components/schemas/TokenEntityPagedResult' + examples: + Response example: + description: Response example + value: | + { + "start": 0, + "totalEntriesCount": 8, + "entriesCount": 8, + "entries": [ + { + "dn": "tknCde=280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286,ou=tokens,o=jans", + "grantId": "5e3d27ba-00a2-400e-be6d-b1424d1c1f33", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T15:03:50", + "expirationDate": "2024-10-23T15:03:50", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "4zdnUjyjRoWqqLCMtguvDA", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f,ou=tokens,o=jans", + "grantId": "f8bfb7d5-0dbc-4976-a0ec-ef82e90e4ab8", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete https://jans.io/auth/ssa.developer https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/saml-scope.write readonly https://jans.io/oauth/config/user.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/scim/fido2.read https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/message.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/scim/groups.read https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/scim/groups.write https://jans.io/oauth/config/database/couchbase.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/properties.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/saml-scope.readonly https://jans.io/scim/fido2.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/acrs.delete https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/jans_asset-read https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write https://jans.io/oauth/config/agama.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/openid/clients.write https://jans.io/scim/fido.read https://jans.io/scim/fido.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/jans-link.readonly https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/openid/clients.delete https://jans.io/idp/saml.delete https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/auth/ssa.admin https://jans.io/scim/config.readonly https://jans.io/oauth/config/database/couchbase.write https://jans.io/oauth/config/token.write https://jans.io/oauth/config/jans-link.write https://jans.io/oauth/config/session.delete https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/message.write https://jans.io/oauth/config/fido2.readonly https://jans.io/auth/ssa.portal https://jans.io/oauth/jans-auth-server/config/adminui/logging.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.write https://jans.io/oauth/config/cache.write https://jans.io/scim/all-resources.search https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/properties.readonly https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/scim/bulk https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "JNDJyQfEQTGP6xRllmScXA", + "attributes": { + "online_access": false, + "statusListIndex": 303 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=4960533184fab18d8932045b70de17f827c916010ab5d5c86f7202ca6cf7c176,ou=tokens,o=jans", + "grantId": "82736426-1a72-46bb-8e76-52f3bca2c614", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:30", + "expirationDate": "2024-10-30T12:55:30", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "4960533184fab18d8932045b70de17f827c916010ab5d5c86f7202ca6cf7c176", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "uIw3N7qeRiKR1pvzE1OmxQ", + "attributes": { + "online_access": false, + "statusListIndex": 1101 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=5495ac7fedd47f57a10f314896fe88d415dbec067c7cea5d57138e2723b73e84,ou=tokens,o=jans", + "grantId": "2c4123dd-886f-447e-a65d-207bf60c3307", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:37", + "expirationDate": "2024-10-30T12:55:37", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "5495ac7fedd47f57a10f314896fe88d415dbec067c7cea5d57138e2723b73e84", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "bgPvtouST66zHFaH4vrWhA", + "attributes": { + "online_access": false, + "statusListIndex": 1102 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d,ou=tokens,o=jans", + "grantId": "6915d12c-b5d3-4f56-a41c-64b3bff0e857", + "userId": "admin", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "openid profile offline_access email", + "tokenCode": "82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d", + "tokenType": "access_token", + "grantType": "urn:ietf:params:oauth:grant-type:device_code", + "referenceId": "uPnrBRVOTv6MKbHZ29oKMw", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599,ou=tokens,o=jans", + "grantId": "c664eb67-9911-40a7-a154-bb4b9b2c90b7", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:22:07", + "expirationDate": "2024-10-23T08:22:07", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "a9yYFUlxRzSh3MvoYGJJRQ", + "attributes": { + "online_access": false, + "statusListIndex": 300 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad,ou=tokens,o=jans", + "grantId": "b0b4315b-7cf1-4d63-ab6c-128bfacab9e3", + "clientId": "1800.3d73038f-2298-446a-a5e8-a43a579da9cc", + "creationDate": "2024-09-19T14:32:09", + "expirationDate": "2028-09-19T14:37:09", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/user.readonly https://jans.io/oauth/lock/read-all https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/config/uma-read https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/uma-delete https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/agama.write https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/scim/config.readonly https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "NXBmV1WjSU28EH8KNTghJw", + "attributes": { + "online_access": false, + "statusListIndex": 201 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=f0977b8c359446ff7a5aa157a930c89506485b266d988507478e367f53fd5445,ou=tokens,o=jans", + "grantId": "d0c427ec-0c6e-4fdf-83eb-43a19e633eec", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:37", + "expirationDate": "2024-10-20T12:55:37", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "f0977b8c359446ff7a5aa157a930c89506485b266d988507478e367f53fd5445", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "1DnmKY6pS1S6XeKSHAj2Ag", + "attributes": { + "online_access": false, + "statusListIndex": 1103 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + } + ] + } + "401": + description: Unauthorized + "404": + description: Not Found + "500": + description: InternalServerError + security: + - oauth2: + - https://jans.io/oauth/config/token.readonly /api/v1/uma/resources: get: tags: @@ -8495,19 +9101,19 @@ components: type: string selected: type: boolean - userCanEdit: + whitePagesCanView: + type: boolean + adminCanView: type: boolean adminCanEdit: type: boolean userCanView: type: boolean - adminCanView: - type: boolean - userCanAccess: + userCanEdit: type: boolean adminCanAccess: type: boolean - whitePagesCanView: + userCanAccess: type: boolean baseDn: type: string @@ -9168,7 +9774,7 @@ components: type: boolean fapiCompatibility: type: boolean - forceIdTokenHintPrecense: + forceIdTokenHintPresence: type: boolean rejectEndSessionIfIdTokenExpired: type: boolean @@ -11006,6 +11612,124 @@ components: type: array items: $ref: '#/components/schemas/UserAuthenticator' + SessionPagedResult: + type: object + properties: + start: + type: integer + format: int32 + totalEntriesCount: + type: integer + format: int32 + entriesCount: + type: integer + format: int32 + entries: + type: array + items: + $ref: '#/components/schemas/SessionId' + TokenAttributes: + type: object + properties: + x5cs256: + type: string + online_access: + type: boolean + attributes: + type: object + additionalProperties: + type: string + dpopJkt: + type: string + authorizationDetails: + type: string + statusListIndex: + type: integer + format: int32 + TokenEntity: + type: object + properties: + dn: + type: string + grantId: + type: string + userId: + type: string + userDn: + type: string + clientId: + type: string + creationDate: + type: string + format: date-time + expirationDate: + type: string + format: date-time + deletable: + type: boolean + authenticationTime: + type: string + format: date-time + scope: + type: string + tokenCode: + type: string + tokenType: + type: string + grantType: + type: string + jwtRequest: + type: string + authorizationCode: + type: string + nonce: + type: string + codeChallenge: + type: string + codeChallengeMethod: + type: string + claims: + type: string + tokenBindingHash: + type: string + referenceId: + type: string + authMode: + type: string + sessionDn: + type: string + ttl: + type: integer + format: int32 + attributes: + $ref: '#/components/schemas/TokenAttributes' + dpop: + type: string + tokenTypeEnum: + type: string + enum: + - ID_TOKEN + - ACCESS_TOKEN + - LONG_LIVED_ACCESS_TOKEN + - REFRESH_TOKEN + - AUTHORIZATION_CODE + - TX_TOKEN + TokenEntityPagedResult: + type: object + properties: + start: + type: integer + format: int32 + totalEntriesCount: + type: integer + format: int32 + entriesCount: + type: integer + format: int32 + entries: + type: array + items: + $ref: '#/components/schemas/TokenEntity' UmaResource: required: - name @@ -11139,6 +11863,3 @@ components: https://jans.io/oauth/config/token.readonly: View Token details https://jans.io/oauth/config/token.write: Manage Token details https://jans.io/oauth/config/token.delete: Delete Token details - https://jans.io/oauth/config/session.readonly: View Session details - https://jans.io/oauth/config/session.write: Manage Session details - https://jans.io/oauth/config/session.delete: Delete Session details diff --git a/jans-config-api/profiles/default/config-api-test.properties b/jans-config-api/profiles/default/config-api-test.properties index 695a67eebfa..15557297376 100644 --- a/jans-config-api/profiles/default/config-api-test.properties +++ b/jans-config-api/profiles/default/config-api-test.properties @@ -1,7 +1,7 @@ # The URL of your Jans installation test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/session.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/jans-ui.jans.io/test.properties b/jans-config-api/profiles/jans-ui.jans.io/test.properties index bbccec18e75..4c8e8e5b093 100644 --- a/jans-config-api/profiles/jans-ui.jans.io/test.properties +++ b/jans-config-api/profiles/jans-ui.jans.io/test.properties @@ -1,4 +1,4 @@ -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/session.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete # Test env Setting token.endpoint=https://jans-ui.jans.io/jans-auth/restv1/token diff --git a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties index f329fc0a1d8..641b24c002c 100644 --- a/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties +++ b/jans-config-api/profiles/jenkins-config-api.gluu.org/test.properties @@ -1,6 +1,6 @@ test.server=https://jenkins-config-api.gluu.org -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/session.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete token.endpoint=https://jenkins-config-api.gluu.org/jans-auth/restv1/token token.grant.type=client_credentials diff --git a/jans-config-api/profiles/local/test.properties b/jans-config-api/profiles/local/test.properties index 9c4a0518418..f3160ab4272 100644 --- a/jans-config-api/profiles/local/test.properties +++ b/jans-config-api/profiles/local/test.properties @@ -1,5 +1,5 @@ #LOCAL -test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/session.delete +test.scopes=https://jans.io/oauth/config/acrs.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/attributes.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/smtp.readonly https://jans.io/oauth/config/smtp.write https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/fido2.write https://jans.io/oauth/config/fido2.delete https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/jwks.write https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/database/ldap.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/uma/resources.delete https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/config/database/sql.delete https://jans.io/oauth/config/stats.readonly jans_stat https://jans.io/scim/users.read https://jans.io/scim/users.write https://jans.io/oauth/config/scim/users.read https://jans.io/oauth/config/scim/users.write https://jans.io/scim/config.readonly https://jans.io/scim/config.write https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/user.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/agama.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/session.delete revoke_session https://jans.io/oauth/config/read-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/uma-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/config/uma-delete https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/cacherefresh.readonly https://jans.io/oauth/config/cacherefresh.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/saml-client-scope.readonly https://jans.io/oauth/config/saml-client-scope.write https://jans.io/idp/config.readonly https://jans.io/idp/config.write https://jans.io/idp/realm.readonly https://jans.io/idp/realm.write https://jans.io/idp/realm.write https://jans.io/idp/saml.readonly https://jans.io/idp/saml.write https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://pujavs-definite-dory.gluu.info/jans-config-api/api/v1/jans-assets/upload-asset https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/lock/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/lock/audit.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/lock/health.write https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/token.write https://jans.io/oauth/config/token.delete # jans.server token.endpoint=https://jans.server3/jans-auth/restv1/token diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java index 1e169cb086c..b358176178c 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/ApiApplication.java @@ -52,8 +52,7 @@ @Tag(name = "Auth Server Health - Check"), @Tag(name = "Plugins"), @Tag(name = "Configuration – Config API"), @Tag(name = "Client Authorization"), @Tag(name = "Jans Assets"), - @Tag(name = "Tokens"), - @Tag(name = "Sessions"), + @Tag(name = "Token"), }, servers = { @Server(url = "https://jans.local.io", description = "The Jans server") }) @@ -118,10 +117,7 @@ @OAuthScope(name = ApiAccessConstants.JANS_ASSET_DELETE_ACCESS, description = "Delete Jans Assets"), @OAuthScope(name = ApiAccessConstants.TOKEN_READ_ACCESS, description = "View Token details"), @OAuthScope(name = ApiAccessConstants.TOKEN_WRITE_ACCESS, description = "Manage Token details"), - @OAuthScope(name = ApiAccessConstants.TOKEN_DELETE_ACCESS, description = "Delete Token details"), - @OAuthScope(name = ApiAccessConstants.SESSION_READ_ACCESS, description = "View Session details"), - @OAuthScope(name = ApiAccessConstants.SESSION_WRITE_ACCESS, description = "Manage Session details"), - @OAuthScope(name = ApiAccessConstants.SESSION_DELETE_ACCESS, description = "Delete Session details") + @OAuthScope(name = ApiAccessConstants.TOKEN_DELETE_ACCESS, description = "Delete Token details") } ))) @@ -170,9 +166,7 @@ public Set> getClasses() { log.info("appConfiguration:{}",appConfiguration ); if(appConfiguration!=null && appConfiguration.getAssetMgtConfiguration()!=null && appConfiguration.getAssetMgtConfiguration().isAssetMgtEnabled()) { classes.add(AssetResource.class); - } - - log.error("\n\n All classes:{}",classes+"\n\n\n"); + } return classes; } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java index a1ac93082ba..06113379360 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/SessionResource.java @@ -8,14 +8,16 @@ import io.jans.as.common.model.session.SessionId; import io.jans.configapi.core.rest.ProtectedApi; - import io.jans.configapi.service.auth.SessionService; import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; +import io.jans.model.SearchRequest; +import io.jans.orm.model.PagedResult; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.media.ArraySchema; import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.ExampleObject; import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; @@ -27,6 +29,8 @@ import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; +import static io.jans.as.model.util.Util.escapeLog; + import java.util.List; import org.slf4j.Logger; @@ -36,43 +40,113 @@ @Consumes(MediaType.APPLICATION_JSON) public class SessionResource extends ConfigBaseResource { + private class SessionPagedResult extends PagedResult { + }; + @Inject Logger log; @Inject SessionService sessionService; - @Operation(summary = "Returns current session", description = "Returns current session", operationId = "get-sessions", tags = { + @Operation(summary = "Return all session", description = "Return all session", operationId = "get-sessions", tags = { "Auth - Session Management" }, security = @SecurityRequirement(name = "oauth2", scopes = { - ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS , "revoke_session" })) + ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS, "revoke_session" })) @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, array = @ArraySchema(schema = @Schema(implementation = SessionId.class)))), + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, array = @ArraySchema(schema = @Schema(implementation = SessionId.class)), examples = @ExampleObject(name = "Response json example", value = "example/session/get-session.json"))), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @GET - @ProtectedApi(scopes = { ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS } , groupScopes = {}, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @ProtectedApi(scopes = { ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS }, groupScopes = {}, superScopes = { + ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) public Response getAllSessions() { final List sessions = sessionService.getSessions(); logger.debug("sessions:{}", sessions); return Response.ok(sessions).build(); } + @Operation(summary = "Search session", description = "Search session", operationId = "search-session", tags = { + "Auth - Session Management" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS, "revoke_session" })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = SessionPagedResult.class), examples = @ExampleObject(name = "Response json example", value = "example/session/search-session.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.JANS_AUTH_SESSION_READ_ACCESS }, groupScopes = {}, superScopes = { + ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Path(ApiConstants.SEARCH) + public Response searchSessionEntries( + @Parameter(description = "Search size - max size of the results to return") @DefaultValue(ApiConstants.DEFAULT_LIST_SIZE) @QueryParam(value = ApiConstants.LIMIT) int limit, + @Parameter(description = "Search pattern") @DefaultValue("") @QueryParam(value = ApiConstants.PATTERN) String pattern, + @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, + @Parameter(description = "Attribute whose value will be used to order the returned response") @DefaultValue(ApiConstants.JANSID) @QueryParam(value = ApiConstants.SORT_BY) String sortBy, + @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder, + @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "applicationType=web,persistClientAuthorizations=true")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) { + if (logger.isInfoEnabled()) { + logger.info( + "Session serach param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}, fieldValuePair:{}", + escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy), + escapeLog(sortOrder), escapeLog(fieldValuePair)); + } + + SearchRequest searchReq = createSearchRequest(sessionService.getDnForSession(null), pattern, sortBy, sortOrder, + startIndex, limit, null, null, this.getMaxCount(), fieldValuePair, SessionId.class); + + SessionPagedResult sessionPagedResult = searchSession(searchReq); + logger.info("Session fetched based on name are:{}", sessionPagedResult); + return Response.ok(sessionPagedResult).build(); + + } + @Operation(summary = "Revoke all sessions by userDn", description = "Revoke all sessions by userDn", operationId = "revoke-user-session", tags = { "Auth - Session Management" }, security = @SecurityRequirement(name = "oauth2", scopes = { - ApiAccessConstants.JANS_AUTH_SESSION_DELETE_ACCESS, - ApiAccessConstants.JANS_AUTH_REVOKE_SESSION })) + ApiAccessConstants.JANS_AUTH_SESSION_DELETE_ACCESS, ApiAccessConstants.JANS_AUTH_REVOKE_SESSION })) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Ok"), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @POST @ProtectedApi(scopes = { ApiAccessConstants.JANS_AUTH_SESSION_DELETE_ACCESS, - ApiAccessConstants.JANS_AUTH_REVOKE_SESSION } , groupScopes = {}, superScopes = { ApiAccessConstants.SUPER_ADMIN_DELETE_ACCESS }) + ApiAccessConstants.JANS_AUTH_REVOKE_SESSION }, groupScopes = {}, superScopes = { + ApiAccessConstants.SUPER_ADMIN_DELETE_ACCESS }) @Path(ApiConstants.USERDN_PATH) - public Response getAppConfiguration(@Parameter(description = "User domain name") @PathParam(ApiConstants.USERDN) @NotNull String userDn) { + public Response getAppConfiguration( + @Parameter(description = "User domain name") @PathParam(ApiConstants.USERDN) @NotNull String userDn) { logger.debug("userDn:{}", userDn); sessionService.revokeSession(userDn); return Response.ok().build(); } + private SessionPagedResult searchSession(SearchRequest searchReq) { + + logger.debug("Search Token by name params - searchReq:{} ", searchReq); + SessionPagedResult sessionPagedResult = null; + PagedResult pagedResult = sessionService.searchSession(searchReq); + + logger.debug("PagedResult - pagedResult:{}", pagedResult); + if (pagedResult != null) { + logger.debug( + "Token fetched - pagedResult.getTotalEntriesCount():{}, pagedResult.getEntriesCount():{}, pagedResult.getEntries():{}", + pagedResult.getTotalEntriesCount(), pagedResult.getEntriesCount(), pagedResult.getEntries()); + sessionPagedResult = getSessionPagedResult(pagedResult); + } + + logger.debug("sessionPagedResult:{} ", sessionPagedResult); + return sessionPagedResult; + } + + private SessionPagedResult getSessionPagedResult(PagedResult pagedResult) { + SessionPagedResult sessionPagedResult = null; + if (pagedResult != null) { + List sessionList = pagedResult.getEntries(); + sessionPagedResult = new SessionPagedResult(); + sessionPagedResult.setStart(pagedResult.getStart()); + sessionPagedResult.setEntriesCount(pagedResult.getEntriesCount()); + sessionPagedResult.setTotalEntriesCount(pagedResult.getTotalEntriesCount()); + sessionPagedResult.setEntries(sessionList); + } + return sessionPagedResult; + } + } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/TokenResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/TokenResource.java index 9113cc314a4..153e7145dac 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/TokenResource.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/TokenResource.java @@ -9,11 +9,10 @@ import static io.jans.as.model.util.Util.escapeLog; import io.jans.as.common.model.registration.Client; import io.jans.configapi.core.rest.ProtectedApi; -import io.jans.model.JansAttribute; import io.jans.model.SearchRequest; import io.jans.model.token.TokenEntity; import io.jans.orm.model.PagedResult; -import io.jans.configapi.service.auth.ClientAuthService; +import io.jans.configapi.service.auth.TokenService; import io.jans.configapi.service.auth.ClientService; import io.jans.configapi.util.ApiAccessConstants; import io.jans.configapi.util.ApiConstants; @@ -46,16 +45,43 @@ private class TokenEntityPagedResult extends PagedResult { }; @Inject - ClientAuthService clientAuthService; + TokenService tokenService; @Inject ClientService clientService; - @Operation(summary = "Get client token details", description = "Get client token details", operationId = "get-token-details", tags = { - "OAuth - OpenID Connect - Clients" }, security = @SecurityRequirement(name = "oauth2", scopes = { + @Operation(summary = "Get token details by Id.", description = "Get token details by Id.", operationId = "get-token-by-id", tags = { + "Token" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.TOKEN_READ_ACCESS })) @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/token/token-get.json"))), + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = TokenEntity.class), examples = @ExampleObject(name = "Response example", value = "example/token/get-token.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.TOKEN_READ_ACCESS }, groupScopes = { + ApiAccessConstants.TOKEN_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Path(ApiConstants.TOKEN_CODE_PATH + ApiConstants.TOKEN_CODE_PATH_PARAM) + public Response getTokenById( + @Parameter(description = "Token identifier") @PathParam(ApiConstants.TOKEN_CODE) @NotNull String tknCde) { + + if (logger.isInfoEnabled()) { + logger.info("Serach tokens by id:{}", escapeLog(tknCde)); + } + checkNotNull(tknCde, ApiConstants.TOKEN_CODE); + + TokenEntity tokenEntity = this.tokenService.getTokenEntityByCode(tknCde); + + logger.info("Token fetched tokenEntity:{}", tokenEntity); + return Response.ok(tokenEntity).build(); + + } + + @Operation(summary = "Get token details by client.", description = "Get token details by client.", operationId = "get-token-by-client", tags = { + "Token" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.TOKEN_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = TokenEntityPagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/token/get-all-token.json"))), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "InternalServerError") }) @@ -64,8 +90,8 @@ private class TokenEntityPagedResult extends PagedResult { ApiAccessConstants.TOKEN_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) @Path(ApiConstants.CLIENT + ApiConstants.CLIENTID_PATH) public Response getClientToken( - @Parameter(description = "Script identifier") @PathParam(ApiConstants.CLIENTID) @NotNull String clientId) { - + @Parameter(description = "Client identifier") @PathParam(ApiConstants.CLIENTID) @NotNull String clientId) { + if (logger.isInfoEnabled()) { logger.info("Serach tokens by clientId:{}", escapeLog(clientId)); } @@ -76,19 +102,56 @@ public Response getClientToken( checkResourceNotNull(client, "Client"); logger.debug("Serach tokens by client:{}", client); - SearchRequest searchReq = createSearchRequest(clientAuthService.geTokenDn(null), clientId, "tknCde", - ApiConstants.ASCENDING, Integer.parseInt(ApiConstants.DEFAULT_LIST_START_INDEX), - Integer.parseInt(ApiConstants.DEFAULT_LIST_SIZE), null, null, this.getMaxCount(), null, - JansAttribute.class); + String fieldValuePair = "clnId=" + clientId; + SearchRequest searchReq = createSearchRequest(tokenService.getDnForTokenEntity(null), null, + ApiConstants.TOKEN_CODE, ApiConstants.ASCENDING, + Integer.parseInt(ApiConstants.DEFAULT_LIST_START_INDEX), + Integer.parseInt(ApiConstants.DEFAULT_LIST_SIZE), null, null, this.getMaxCount(), fieldValuePair, + TokenEntity.class); + + TokenEntityPagedResult tokenEntityPagedResult = searchTokens(searchReq); + logger.info("Token fetched are:{}", tokenEntityPagedResult); + return Response.ok(tokenEntityPagedResult).build(); + + } + + @Operation(summary = "Search tokens", description = "Search tokens", operationId = "search-token", tags = { + "Token" }, security = @SecurityRequirement(name = "oauth2", scopes = { + ApiAccessConstants.TOKEN_READ_ACCESS })) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = TokenEntityPagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/token/get-all-token.json"))), + @ApiResponse(responseCode = "401", description = "Unauthorized"), + @ApiResponse(responseCode = "404", description = "Not Found"), + @ApiResponse(responseCode = "500", description = "InternalServerError") }) + @GET + @ProtectedApi(scopes = { ApiAccessConstants.TOKEN_READ_ACCESS }, groupScopes = { + ApiAccessConstants.TOKEN_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS }) + @Path(ApiConstants.SEARCH) + public Response searchTokenEntries( + @Parameter(description = "Search size - max size of the results to return") @DefaultValue(ApiConstants.DEFAULT_LIST_SIZE) @QueryParam(value = ApiConstants.LIMIT) int limit, + @Parameter(description = "Search pattern") @DefaultValue("") @QueryParam(value = ApiConstants.PATTERN) String pattern, + @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, + @Parameter(description = "Attribute whose value will be used to order the returned response") @DefaultValue(ApiConstants.TOKEN_CODE) @QueryParam(value = ApiConstants.SORT_BY) String sortBy, + @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder, + @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "grtTyp=client_credentials,tknTyp=access_token")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) { + if (logger.isInfoEnabled()) { + logger.info( + "Token serach param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}, fieldValuePair:{}", + escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy), + escapeLog(sortOrder), escapeLog(fieldValuePair)); + } + + SearchRequest searchReq = createSearchRequest(tokenService.getDnForTokenEntity(null), pattern, sortBy, + sortOrder, startIndex, limit, null, null, this.getMaxCount(), fieldValuePair, TokenEntity.class); - TokenEntityPagedResult tokenEntityPagedResult = searchTokenByClientId(searchReq); - logger.info("Asset fetched based on name are:{}", tokenEntityPagedResult); + TokenEntityPagedResult tokenEntityPagedResult = searchTokens(searchReq); + logger.info("Token fetched are:{}", tokenEntityPagedResult); return Response.ok(tokenEntityPagedResult).build(); } @Operation(summary = "Revoke client token.", description = "Revoke client token.", operationId = "revoke-token", tags = { - "OAuth - OpenID Connect - Clients" }, security = @SecurityRequirement(name = "oauth2", scopes = { + "Token" }, security = @SecurityRequirement(name = "oauth2", scopes = { ApiAccessConstants.TOKEN_DELETE_ACCESS })) @ApiResponses(value = { @ApiResponse(responseCode = "204", description = "No Content"), @ApiResponse(responseCode = "400", description = "Bad Request"), @@ -98,35 +161,35 @@ public Response getClientToken( @DELETE @ProtectedApi(scopes = { ApiAccessConstants.TOKEN_DELETE_ACCESS }, groupScopes = { ApiAccessConstants.OPENID_DELETE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_DELETE_ACCESS }) - @Path(ApiConstants.REVOKE + ApiConstants.TOKEN_CODE_PATH) + @Path(ApiConstants.REVOKE + ApiConstants.TOKEN_CODE_PATH_PARAM) public Response revokeClientToken( - @Parameter(description = "Token Code") @PathParam(ApiConstants.TOKEN_CODE_PARAM) @NotNull String tknCde) { + @Parameter(description = "Token Code") @PathParam(ApiConstants.TOKEN_CODE) @NotNull String tknCde) { if (logger.isInfoEnabled()) { logger.info("Revoke token - tknCde():{}", escapeLog(tknCde)); } - checkResourceNotNull(tknCde, ApiConstants.TOKEN_CODE_PARAM); - clientAuthService.revokeTokenEntity(tknCde); + checkResourceNotNull(tknCde, ApiConstants.TOKEN_CODE); + tokenService.revokeTokenEntity(tknCde); logger.info(" Successfully deleted token identified by tknCde:{}", tknCde); return Response.noContent().build(); } - private TokenEntityPagedResult searchTokenByClientId(SearchRequest searchReq) { + private TokenEntityPagedResult searchTokens(SearchRequest searchReq) { - logger.debug("Search asset by name params - searchReq:{} ", searchReq); + logger.debug("Search Token by name params - searchReq:{} ", searchReq); TokenEntityPagedResult tokenEntityPagedResult = null; - PagedResult pagedResult = clientAuthService.getTokenOfClient(searchReq); + PagedResult pagedResult = tokenService.searchToken(searchReq); logger.debug("PagedResult - pagedResult:{}", pagedResult); if (pagedResult != null) { logger.debug( - "Asset fetched - pagedResult.getTotalEntriesCount():{}, pagedResult.getEntriesCount():{}, pagedResult.getEntries():{}", + "Token fetched - pagedResult.getTotalEntriesCount():{}, pagedResult.getEntriesCount():{}, pagedResult.getEntries():{}", pagedResult.getTotalEntriesCount(), pagedResult.getEntriesCount(), pagedResult.getEntries()); tokenEntityPagedResult = getTokenEntityPagedResult(pagedResult); } - logger.debug("Asset tokenEntityPagedResult:{} ", tokenEntityPagedResult); + logger.debug("Token tokenEntityPagedResult:{} ", tokenEntityPagedResult); return tokenEntityPagedResult; } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ClientAuthService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ClientAuthService.java index edadb14244c..0751d4a4cb5 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ClientAuthService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/ClientAuthService.java @@ -4,15 +4,11 @@ import io.jans.util.StringHelper; import io.jans.as.persistence.model.ClientAuthorization; import io.jans.orm.PersistenceEntryManager; -import io.jans.orm.model.PagedResult; -import io.jans.orm.model.SortOrder; import io.jans.as.common.model.registration.Client; import io.jans.as.common.service.OrganizationService; import io.jans.as.model.config.StaticConfiguration; import io.jans.as.persistence.model.Scope; import io.jans.configapi.core.model.Token; -import io.jans.model.SearchRequest; -import io.jans.model.token.TokenEntity; import static io.jans.as.model.util.Util.escapeLog; @@ -21,7 +17,6 @@ import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; -import jakarta.ws.rs.NotFoundException; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; @@ -192,41 +187,4 @@ public List getScopeList(List clientAuthorizations) } - public PagedResult getTokenOfClient(SearchRequest searchRequest) { - logger.info(" Fetch token with searchRequest:{}", searchRequest); - - Filter searchFilter = Filter.createEqualityFilter("clnId", searchRequest.getFilter()); - logger.debug("Search Token searchFilter:{}", searchFilter); - - return persistenceEntryManager.findPagedEntries(geTokenDn(null), TokenEntity.class, searchFilter, null, - searchRequest.getSortBy(), SortOrder.getByValue(searchRequest.getSortOrder()), - searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getMaxCount()); - - } - - public void revokeTokenEntity(String tknCde) { - if (logger.isInfoEnabled()) { - logger.info(" Revoke token - tknCde:{}", escapeLog(tknCde)); - } - - TokenEntity tokenEntity = this.getTokenEntityByCode(tknCde); - logger.debug("Token to be revoked identified by tknCde:{} is:{}", tokenEntity, tknCde); - - if (tokenEntity == null) { - throw new NotFoundException("Could not find Token identified by - " + tknCde); - } - - persistenceEntryManager.removeRecursively(tokenEntity.getDn(), TokenEntity.class); - } - - public TokenEntity getTokenEntityByCode(String tknCde) { - TokenEntity tokenEntity = null; - try { - tokenEntity = persistenceEntryManager.find(TokenEntity.class, geTokenDn(tknCde)); - } catch (Exception ex) { - logger.error("Failed to get Token identified by tknCde:{" + tknCde + "}", ex); - } - return tokenEntity; - } - } diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/SessionService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/SessionService.java index 6350436dad2..ead83480c17 100644 --- a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/SessionService.java +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/SessionService.java @@ -6,18 +6,26 @@ package io.jans.configapi.service.auth; -import io.jans.service.CacheService; import io.jans.as.common.model.session.SessionId; import io.jans.as.common.model.session.SessionIdState; import io.jans.as.model.config.StaticConfiguration; +import io.jans.configapi.util.ApiConstants; +import io.jans.model.SearchRequest; import io.jans.orm.PersistenceEntryManager; +import io.jans.orm.model.PagedResult; +import io.jans.orm.model.SortOrder; import io.jans.orm.search.filter.Filter; +import io.jans.service.CacheService; import io.jans.util.StringHelper; + import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import jakarta.ws.rs.NotFoundException; + +import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.Map; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; @@ -37,7 +45,7 @@ public class SessionService { @Inject private Logger logger; - private String getDnForSession(String sessionId) { + public String getDnForSession(String sessionId) { if (StringHelper.isEmpty(sessionId)) { return staticConfiguration.getBaseDn().getSessions(); } @@ -76,6 +84,46 @@ public List getSessions() { return sessionList; } + public PagedResult searchSession(SearchRequest searchRequest) { + logger.info("Search Session with searchRequest:{}", searchRequest); + + Filter searchFilter = null; + List filters = new ArrayList<>(); + if (searchRequest.getFilterAssertionValue() != null && !searchRequest.getFilterAssertionValue().isEmpty()) { + + for (String assertionValue : searchRequest.getFilterAssertionValue()) { + String[] targetArray = new String[] { assertionValue }; + Filter userFilter = Filter.createSubstringFilter(ApiConstants.JANS_USR_DN, null, targetArray, null); + Filter sidFilter = Filter.createSubstringFilter(ApiConstants.OUTSIDE_SID, null, targetArray, null); + Filter sessAttrFilter = Filter.createSubstringFilter(ApiConstants.JANS_SESS_ATTR, null, targetArray, + null); + Filter permissionFilter = Filter.createSubstringFilter("jansPermissionGrantedMap", null, targetArray, null); + Filter idFilter = Filter.createSubstringFilter(ApiConstants.JANSID, null, targetArray, null); + filters.add(Filter.createORFilter(userFilter, sidFilter, sessAttrFilter, permissionFilter, idFilter)); + } + searchFilter = Filter.createORFilter(filters); + } + + logger.trace("Session pattern searchFilter:{}", searchFilter); + List fieldValueFilters = new ArrayList<>(); + if (searchRequest.getFieldValueMap() != null && !searchRequest.getFieldValueMap().isEmpty()) { + for (Map.Entry entry : searchRequest.getFieldValueMap().entrySet()) { + Filter dataFilter = Filter.createEqualityFilter(entry.getKey(), entry.getValue()); + logger.trace("Session dataFilter:{}", dataFilter); + fieldValueFilters.add(Filter.createANDFilter(dataFilter)); + } + searchFilter = Filter.createANDFilter(Filter.createORFilter(filters), + Filter.createANDFilter(fieldValueFilters)); + } + + logger.info("Session searchFilter:{}", searchFilter); + + return persistenceEntryManager.findPagedEntries(getDnForSession(null), SessionId.class, searchFilter, null, + searchRequest.getSortBy(), SortOrder.getByValue(searchRequest.getSortOrder()), + searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getMaxCount()); + + } + public void revokeSession(String userDn) { logger.debug("Revoke session userDn:{}, cacheService:{}", userDn, cacheService); diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/TokenService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/TokenService.java new file mode 100644 index 00000000000..6180b37df21 --- /dev/null +++ b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/TokenService.java @@ -0,0 +1,111 @@ +package io.jans.configapi.service.auth; + +import io.jans.as.common.service.OrganizationService; +import io.jans.model.SearchRequest; +import io.jans.model.token.TokenEntity; +import io.jans.orm.PersistenceEntryManager; +import io.jans.orm.model.PagedResult; +import io.jans.orm.model.SortOrder; +import io.jans.orm.search.filter.Filter; +import io.jans.util.StringHelper; +import static io.jans.as.model.util.Util.escapeLog; + +import java.util.*; +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; +import jakarta.ws.rs.NotFoundException; + +import org.slf4j.Logger; + +@ApplicationScoped +public class TokenService { + + @Inject + private Logger logger; + + @Inject + private PersistenceEntryManager persistenceEntryManager; + + @Inject + private OrganizationService organizationService; + + public String getDnForTokenEntity(String tknCde) { + String orgDn = organizationService.getDnForOrganization(); + if (StringHelper.isEmpty(tknCde)) { + return String.format("ou=tokens,%s", orgDn); + } + return String.format("tknCde=%s,ou=tokens,%s", tknCde, orgDn); + } + + public TokenEntity getTokenEntityByCode(String tknCde) { + TokenEntity tokenEntity = null; + try { + tokenEntity = persistenceEntryManager.find(TokenEntity.class, getDnForTokenEntity(tknCde)); + } catch (Exception ex) { + logger.error("Failed to get Token identified by tknCde:{" + tknCde + "}", ex); + } + return tokenEntity; + } + + public PagedResult searchToken(SearchRequest searchRequest) { + logger.info("Search Token with searchRequest:{}", searchRequest); + + Filter searchFilter = null; + List filters = new ArrayList<>(); + if (searchRequest.getFilterAssertionValue() != null && !searchRequest.getFilterAssertionValue().isEmpty()) { + logger.trace("Search Token searchRequest.getFilterAssertionValue() :{}", + searchRequest.getFilterAssertionValue()); + for (String assertionValue : searchRequest.getFilterAssertionValue()) { + String[] targetArray = new String[] { assertionValue }; + Filter grantIdFilter = Filter.createSubstringFilter("grtId", null, targetArray, null); + Filter userIdFilter = Filter.createSubstringFilter("usrId", null, targetArray, null); + Filter userDnFilter = Filter.createSubstringFilter("jansUsrDN", null, targetArray, null); + Filter clientIdFilter = Filter.createSubstringFilter("clnId", null, targetArray, null); + Filter scopeFilter = Filter.createSubstringFilter("scp", null, targetArray, null); + Filter tokenTypeFilter = Filter.createSubstringFilter("tknTyp", null, targetArray, null); + Filter grantTypeFilter = Filter.createSubstringFilter("grtTyp", null, targetArray, null); + Filter inumFilter = Filter.createSubstringFilter("jansId", null, targetArray, null); + filters.add(Filter.createORFilter(grantIdFilter, userIdFilter, userDnFilter, clientIdFilter, + scopeFilter, tokenTypeFilter, grantTypeFilter, inumFilter)); + } + searchFilter = Filter.createORFilter(filters); + logger.trace("Search Token searchFilter :{}", searchFilter); + } + + logger.debug("Token pattern searchFilter:{}", searchFilter); + List fieldValueFilters = new ArrayList<>(); + if (searchRequest.getFieldValueMap() != null && !searchRequest.getFieldValueMap().isEmpty()) { + for (Map.Entry entry : searchRequest.getFieldValueMap().entrySet()) { + Filter dataFilter = Filter.createSubstringFilter(entry.getKey(), null, + new String[] { entry.getValue() }, null); + logger.trace("Token dataFilter:{}", dataFilter); + fieldValueFilters.add(Filter.createANDFilter(dataFilter)); + } + searchFilter = Filter.createANDFilter(Filter.createORFilter(filters), + Filter.createANDFilter(fieldValueFilters)); + } + + logger.info("Token final searchFilter:{}", searchFilter); + + return persistenceEntryManager.findPagedEntries(getDnForTokenEntity(null), TokenEntity.class, searchFilter, + null, searchRequest.getSortBy(), SortOrder.getByValue(searchRequest.getSortOrder()), + searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getMaxCount()); + + } + + public void revokeTokenEntity(String tknCde) { + if (logger.isInfoEnabled()) { + logger.info(" Revoke token - tknCde:{}", escapeLog(tknCde)); + } + + TokenEntity tokenEntity = this.getTokenEntityByCode(tknCde); + logger.debug("Token to be revoked identified by tknCde:{} is:{}", tokenEntity, tknCde); + + if (tokenEntity == null) { + throw new NotFoundException("Could not find Token identified by - " + tknCde); + } + + persistenceEntryManager.removeRecursively(tokenEntity.getDn(), TokenEntity.class); + } + +} diff --git a/jans-config-api/server/src/main/resources/config-api-rs-protect.json b/jans-config-api/server/src/main/resources/config-api-rs-protect.json index a50e2d2251c..3676e7897a1 100644 --- a/jans-config-api/server/src/main/resources/config-api-rs-protect.json +++ b/jans-config-api/server/src/main/resources/config-api-rs-protect.json @@ -3267,82 +3267,6 @@ ] } ] - }, - { - "path": "/jans-config-api/api/v1/session", - "conditions": [ - { - "httpMethods": [ - "GET" - ], - "scopes": [ - { - "inum": "1800.01.90", - "name": "https://jans.io/oauth/config/session.readonly" - } - ], - "groupScopes": [ - { - "inum": "1800.01.91", - "name": "https://jans.io/oauth/config/session.write" - } - ], - "superScopes": [ - { - "inum": "1800.03.1", - "name": "https://jans.io/oauth/config/read-all" - } - ] - }, - { - "httpMethods": [ - "PATCH", - "POST", - "PUT" - ], - "scopes": [ - { - "inum": "1800.01.91", - "name": "https://jans.io/oauth/config/session.write" - } - ], - "groupScopes": [ - { - "inum": "1800.02.2", - "name": "https://jans.io/oauth/config/openid-write" - } - ], - "superScopes": [ - { - "inum": "1800.03.2", - "name": "https://jans.io/oauth/config/write-all" - } - ] - }, - { - "httpMethods": [ - "DELETE" - ], - "scopes": [ - { - "inum": "1800.01.92", - "name": "https://jans.io/oauth/config/session.delete" - } - ], - "groupScopes": [ - { - "inum": "1800.02.3", - "name": "https://jans.io/oauth/config/openid-delete" - } - ], - "superScopes": [ - { - "inum": "1800.03.3", - "name": "https://jans.io/oauth/config/delete-all" - } - ] - } - ] } ] } \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/session/get-session.json b/jans-config-api/server/src/main/resources/example/session/get-session.json new file mode 100644 index 00000000000..751727dbc4b --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/session/get-session.json @@ -0,0 +1,80 @@ +[ + { + "dn": "jansId=c0baae4d-3282-4d20-99d9-90c30a1b6e53,ou=sessions,o=jans", + "id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "outsideSid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "lastUsedAt": "2024-09-24T14:53:13", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:53:13", + "state": "authenticated", + "sessionState": "34d35953e0008389587369ab1be6d6c93aa6d9e103dc2da93c157fc1b8d12385.696be3a5-d30c-4401-831f-4cd9017e8772", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "puja", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "db06a1ad-fe41-4af1-b6a8-96eac8747b39", + "session_id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "sid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-11-25T14:53:06", + "deletable": true, + "creationDate": "2024-09-24T14:53:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5" + }, + { + "dn": "jansId=7cbad817-0b96-40ca-8667-1073bfa726c3,ou=sessions,o=jans", + "id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "outsideSid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "lastUsedAt": "2024-09-24T14:52:15", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:52:15", + "state": "authenticated", + "sessionState": "30288a431305c3fe91f716969837e809ae2c86982c8f0481c78c58f2db7dfd93.d3646d5e-62bf-421c-b1cf-51d6c4d6f64e", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "661fbf90-1ffc-4560-9f95-cb113791af38", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name jansAdminUIRole", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "xyz", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "84d59a22-e98b-41ab-a195-fe52efbc6cba", + "session_id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "sid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email jansAdminUIRole", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-10-25T14:52:06", + "deletable": true, + "creationDate": "2024-09-24T14:52:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "661fbf90-1ffc-4560-9f95-cb113791af38" + } +] \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/session/search-session.json b/jans-config-api/server/src/main/resources/example/session/search-session.json new file mode 100644 index 00000000000..8aebffc5767 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/session/search-session.json @@ -0,0 +1,85 @@ +{ + "start": 0, + "totalEntriesCount": 2, + "entriesCount": 2, + "entries": [ + { + "dn": "jansId=7cbad817-0b96-40ca-8667-1073bfa726c3,ou=sessions,o=jans", + "id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "outsideSid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "lastUsedAt": "2024-09-24T14:52:15", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:52:15", + "state": "authenticated", + "sessionState": "30288a431305c3fe91f716969837e809ae2c86982c8f0481c78c58f2db7dfd93.d3646d5e-62bf-421c-b1cf-51d6c4d6f64e", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "661fbf90-1ffc-4560-9f95-cb113791af38", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name jansAdminUIRole", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "xyz", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "84d59a22-e98b-41ab-a195-fe52efbc6cba", + "session_id": "7cbad817-0b96-40ca-8667-1073bfa726c3", + "sid": "5c306424-462c-4b2d-8827-61c93dee54ce", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email jansAdminUIRole", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-10-25T14:52:06", + "deletable": true, + "creationDate": "2024-09-24T14:52:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "661fbf90-1ffc-4560-9f95-cb113791af38" + }, + { + "dn": "jansId=c0baae4d-3282-4d20-99d9-90c30a1b6e53,ou=sessions,o=jans", + "id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "outsideSid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "lastUsedAt": "2024-09-24T14:53:13", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "authenticationTime": "2024-09-24T14:53:13", + "state": "authenticated", + "sessionState": "34d35953e0008389587369ab1be6d6c93aa6d9e103dc2da93c157fc1b8d12385.696be3a5-d30c-4401-831f-4cd9017e8772", + "permissionGrantedMap": { + "permissionGranted": { + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9": true + } + }, + "sessionAttributes": { + "acr": "simple_password_auth", + "remote_ip": "123.201.169.114", + "opbs": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5", + "acr_values": "simple_password_auth", + "scope": "openid profile email user_name", + "response_type": "code", + "redirect_uri": "https://pujavs-hopeful-colt.gluu.info/admin", + "state": "abc", + "nonce": "puja", + "client_id": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "auth_user": "admin", + "old_session_id": "db06a1ad-fe41-4af1-b6a8-96eac8747b39", + "session_id": "c0baae4d-3282-4d20-99d9-90c30a1b6e53", + "sid": "652dc5e2-d95b-416e-b1ca-34b7dfb441d9", + "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9_authz_scopes": "openid user_name profile email", + "successful_rp_redirect_count": "1" + }, + "expirationDate": "2024-11-25T14:53:06", + "deletable": true, + "creationDate": "2024-09-24T14:53:06", + "persisted": false, + "ttl": 0, + "opbrowserState": "355386a7-8e51-488b-ab1d-b65fa9f5a6d5" + } + ] +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/token/get-all-token.json b/jans-config-api/server/src/main/resources/example/token/get-all-token.json new file mode 100644 index 00000000000..da4853aaa26 --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/token/get-all-token.json @@ -0,0 +1,153 @@ +{ + "start": 0, + "totalEntriesCount": 8, + "entriesCount": 8, + "entries": [ + { + "dn": "tknCde=280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286,ou=tokens,o=jans", + "grantId": "5e3d27ba-00a2-400e-be6d-b1424d1c1f33", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T15:03:50", + "expirationDate": "2024-10-23T15:03:50", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "280c8e7055fb51cee1fdd6442fe7fdba98dfd319f0e931ac0756a19936722286", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "4zdnUjyjRoWqqLCMtguvDA", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f,ou=tokens,o=jans", + "grantId": "f8bfb7d5-0dbc-4976-a0ec-ef82e90e4ab8", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete https://jans.io/auth/ssa.developer https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/saml-scope.write readonly https://jans.io/oauth/config/user.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/scim/fido2.read https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/message.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/scim/groups.read https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/scim/groups.write https://jans.io/oauth/config/database/couchbase.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/properties.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/saml-scope.readonly https://jans.io/scim/fido2.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/acrs.delete https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/jans_asset-read https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write https://jans.io/oauth/config/agama.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/openid/clients.write https://jans.io/scim/fido.read https://jans.io/scim/fido.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/jans-link.readonly https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/openid/clients.delete https://jans.io/idp/saml.delete https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/auth/ssa.admin https://jans.io/scim/config.readonly https://jans.io/oauth/config/database/couchbase.write https://jans.io/oauth/config/token.write https://jans.io/oauth/config/jans-link.write https://jans.io/oauth/config/session.delete https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/message.write https://jans.io/oauth/config/fido2.readonly https://jans.io/auth/ssa.portal https://jans.io/oauth/jans-auth-server/config/adminui/logging.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.write https://jans.io/oauth/config/cache.write https://jans.io/scim/all-resources.search https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/properties.readonly https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/scim/bulk https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "JNDJyQfEQTGP6xRllmScXA", + "attributes": { + "online_access": false, + "statusListIndex": 303 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=4960533184fab18d8932045b70de17f827c916010ab5d5c86f7202ca6cf7c176,ou=tokens,o=jans", + "grantId": "82736426-1a72-46bb-8e76-52f3bca2c614", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:30", + "expirationDate": "2024-10-30T12:55:30", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "4960533184fab18d8932045b70de17f827c916010ab5d5c86f7202ca6cf7c176", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "uIw3N7qeRiKR1pvzE1OmxQ", + "attributes": { + "online_access": false, + "statusListIndex": 1101 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=5495ac7fedd47f57a10f314896fe88d415dbec067c7cea5d57138e2723b73e84,ou=tokens,o=jans", + "grantId": "2c4123dd-886f-447e-a65d-207bf60c3307", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:37", + "expirationDate": "2024-10-30T12:55:37", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "5495ac7fedd47f57a10f314896fe88d415dbec067c7cea5d57138e2723b73e84", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "bgPvtouST66zHFaH4vrWhA", + "attributes": { + "online_access": false, + "statusListIndex": 1102 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d,ou=tokens,o=jans", + "grantId": "6915d12c-b5d3-4f56-a41c-64b3bff0e857", + "userId": "admin", + "userDn": "inum=122ff2df-911d-424b-bbfe-891a43a70e95,ou=people,o=jans", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "openid profile offline_access email", + "tokenCode": "82f8a251b94e7191c0708e2651c06c5242f61972cbd37120ab83403ac32ab77d", + "tokenType": "access_token", + "grantType": "urn:ietf:params:oauth:grant-type:device_code", + "referenceId": "uPnrBRVOTv6MKbHZ29oKMw", + "attributes": { + "online_access": false, + "statusListIndex": 301 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599,ou=tokens,o=jans", + "grantId": "c664eb67-9911-40a7-a154-bb4b9b2c90b7", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:22:07", + "expirationDate": "2024-10-23T08:22:07", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "bef882e1f07bbc718dfa38f19410f5d3452d7effc040052bd7f7751dd3de1599", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "a9yYFUlxRzSh3MvoYGJJRQ", + "attributes": { + "online_access": false, + "statusListIndex": 300 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad,ou=tokens,o=jans", + "grantId": "b0b4315b-7cf1-4d63-ab6c-128bfacab9e3", + "clientId": "1800.3d73038f-2298-446a-a5e8-a43a579da9cc", + "creationDate": "2024-09-19T14:32:09", + "expirationDate": "2028-09-19T14:37:09", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/user.readonly https://jans.io/oauth/lock/read-all https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/config/openid-read https://jans.io/oauth/config/uma-write https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/config/uma-read https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/uma-delete https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/config/openid-write https://jans.io/oauth/config/agama.write https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/read-all https://jans.io/oauth/lock/write-all https://jans.io/oauth/config/write-all https://jans.io/oauth/config/openid/clients.write https://jans.io/oauth/jans-auth-server/config/adminui/write-all https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/delete-all https://jans.io/oauth/config/openid/clients.delete https://jans.io/oauth/jans-auth-server/config/adminui/delete-all https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/scim/config.readonly https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/fido2.readonly https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/config/cache.write https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/oauth/jans-auth-server/config/adminui/read-all https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/openid-delete https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "c3b62d651c9424bed9167a7cd05ea4e6fedc62f20d5fe98b0672fee0a43603ad", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "NXBmV1WjSU28EH8KNTghJw", + "attributes": { + "online_access": false, + "statusListIndex": 201 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + }, + { + "dn": "tknCde=f0977b8c359446ff7a5aa157a930c89506485b266d988507478e367f53fd5445,ou=tokens,o=jans", + "grantId": "d0c427ec-0c6e-4fdf-83eb-43a19e633eec", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-20T12:55:37", + "expirationDate": "2024-10-20T12:55:37", + "deletable": true, + "scope": "jans_stat openid https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly", + "tokenCode": "f0977b8c359446ff7a5aa157a930c89506485b266d988507478e367f53fd5445", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "1DnmKY6pS1S6XeKSHAj2Ag", + "attributes": { + "online_access": false, + "statusListIndex": 1103 + }, + "tokenTypeEnum": "ACCESS_TOKEN" + } + ] +} \ No newline at end of file diff --git a/jans-config-api/server/src/main/resources/example/token/get-token.json b/jans-config-api/server/src/main/resources/example/token/get-token.json new file mode 100644 index 00000000000..870001febfc --- /dev/null +++ b/jans-config-api/server/src/main/resources/example/token/get-token.json @@ -0,0 +1,18 @@ +{ + "dn": "tknCde=3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f,ou=tokens,o=jans", + "grantId": "f8bfb7d5-0dbc-4976-a0ec-ef82e90e4ab8", + "clientId": "2000.cc8b29ae-cb4a-49ea-b176-8695e53919d9", + "creationDate": "2024-09-23T08:23:50", + "expirationDate": "2024-10-23T08:23:50", + "deletable": true, + "scope": "https://jans.io/oauth/config/jwks.delete https://jans.io/oauth/jans-auth-server/session.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly https://jans.io/oauth/config/scopes.readonly https://jans.io/oauth/config/saml.write https://jans.io/oauth/lock/health.readonly https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete https://jans.io/auth/ssa.developer https://jans.io/oauth/config/saml-config.readonly https://jans.io/oauth/config/smtp.delete https://jans.io/oauth/config/cache.readonly https://jans.io/oauth/config/saml-scope.write readonly https://jans.io/oauth/config/user.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly https://jans.io/oauth/lock/audit.readonly https://jans.io/oauth/config/acrs.write https://jans.io/scim/fido2.read https://jans.io/oauth/config/token.readonly https://jans.io/oauth/config/message.readonly https://jans.io/oauth/lock-config.write https://jans.io/oauth/config/uma/resources.readonly https://jans.io/oauth/jans-auth-server/config/properties.write https://jans.io/oauth/config/fido2.write https://jans.io/idp/config.readonly https://jans.io/scim/groups.read https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete https://jans.io/oauth/lock/log.readonly https://jans.io/oauth/config/jwks.write jans_stat https://jans.io/idp/saml.readonly https://jans.io/oauth/jans-auth-server/config/properties.readonly https://jans.io/oauth/config/jans_asset-delete https://jans.io/scim/groups.write https://jans.io/oauth/config/database/couchbase.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.write https://jans.io/oauth/config/properties.write https://jans.io/oauth/config/fido2.delete https://jans.io/idp/saml.write https://jans.io/oauth/config/saml-scope.readonly https://jans.io/scim/fido2.write https://jans.io/oauth/config/scripts.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly https://jans.io/oauth/config/session.write https://jans.io/oauth/config/acrs.delete https://jans.io/oauth/client/authorizations.readonly https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly https://jans.io/oauth/config/jans_asset-read https://jans.io/oauth/config/logging.readonly https://jans.io/oauth/config/jans_asset-write https://jans.io/oauth/lock/telemetry.write https://jans.io/oauth/config/plugin.readonly https://jans.io/oauth/lock/telemetry.readonly https://jans.io/oauth/config/stats.readonly https://jans.io/oauth/config/user.write https://jans.io/oauth/config/agama.readonly https://jans.io/oauth/config/openid/clients.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write https://jans.io/oauth/config/agama.write https://jans.io/oauth/lock/health.write https://jans.io/oauth/config/logging.write https://jans.io/oauth/config/database/sql.write https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write https://jans.io/oauth/config/scopes.write https://jans.io/oauth/config/openid/clients.write https://jans.io/scim/fido.read https://jans.io/scim/fido.write https://jans.io/oauth/lock-config.readonly https://jans.io/oauth/config/organization.write https://jans.io/oauth/config/database/ldap.delete https://jans.io/oauth/config/jans-link.readonly https://jans.io/oauth/config/database/sql.readonly https://jans.io/oauth/config/session.readonly https://jans.io/oauth/config/openid/clients.delete https://jans.io/idp/saml.delete https://jans.io/idp/realm.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete https://jans.io/auth/ssa.admin https://jans.io/scim/config.readonly https://jans.io/oauth/config/database/couchbase.write https://jans.io/oauth/config/token.write https://jans.io/oauth/config/jans-link.write https://jans.io/oauth/config/session.delete https://jans.io/oauth/config/app-version.readonly https://jans.io/oauth/config/scripts.delete https://jans.io/oauth/config/uma/resources.delete https://jans.io/scim/users.read https://jans.io/oauth/config/message.write https://jans.io/oauth/config/fido2.readonly https://jans.io/auth/ssa.portal https://jans.io/oauth/jans-auth-server/config/adminui/logging.write https://jans.io/oauth/config/user.delete https://jans.io/oauth/kc-link-config.write https://jans.io/oauth/config/token.delete https://jans.io/oauth/lock/audit.write https://jans.io/oauth/config/database/ldap.readonly https://jans.io/oauth/jans-auth-server/config/adminui/properties.write https://jans.io/oauth/config/cache.write https://jans.io/scim/all-resources.search https://jans.io/oauth/config/attributes.readonly https://jans.io/oauth/config/smtp.readonly https://jans.io/scim/users.write https://jans.io/oauth/config/agama.delete https://jans.io/idp/config.write https://jans.io/oauth/config/uma/resources.write https://jans.io/oauth/config/saml.readonly https://jans.io/oauth/config/organization.readonly https://jans.io/oauth/lock/log.write https://jans.io/oauth/config/attributes.delete https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write https://jans.io/oauth/config/properties.readonly https://jans.io/oauth/config/jwks.readonly https://jans.io/oauth/config/scopes.delete https://jans.io/oauth/config/scripts.write https://jans.io/oauth/config/database/ldap.write https://jans.io/scim/config.write https://jans.io/oauth/jans-auth-server/session.delete https://jans.io/oauth/client/authorizations.delete https://jans.io/oauth/config/acrs.readonly https://jans.io/scim/bulk https://jans.io/idp/realm.readonly https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete https://jans.io/oauth/config/saml-config.write https://jans.io/oauth/config/smtp.write https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly https://jans.io/oauth/kc-link-config.readonly https://jans.io/oauth/config/attributes.write", + "tokenCode": "3d4e9ea9ff6fe85f25dc4fa98cf672c885d30b58fd2f64f8e7c630113d7e568f", + "tokenType": "access_token", + "grantType": "client_credentials", + "referenceId": "JNDJyQfEQTGP6xRllmScXA", + "attributes": { + "online_access": false, + "statusListIndex": 303 + }, + "tokenTypeEnum": "ACCESS_TOKEN" +} \ No newline at end of file diff --git a/jans-config-api/server/src/test/resources/feature/session/session.feature b/jans-config-api/server/src/test/resources/feature/session/session.feature index e065087d7ca..fe87ff6969c 100644 --- a/jans-config-api/server/src/test/resources/feature/session/session.feature +++ b/jans-config-api/server/src/test/resources/feature/session/session.feature @@ -20,6 +20,18 @@ Scenario: Fetch all session And print response +Scenario: Fetch all session +Given url mainUrl +And header Authorization = 'Bearer ' + accessToken +When method GET +Then status 200 +Given url mainUrl + '/search' +And header Authorization = 'Bearer ' + accessToken +When method GET +Then status 200 +And print response + + @ignore Scenario: Revoke user session Given url mainUrl diff --git a/jans-config-api/server/src/test/resources/feature/token/client-token.feature b/jans-config-api/server/src/test/resources/feature/token/client-token.feature index abc28521807..024f30b1ccf 100644 --- a/jans-config-api/server/src/test/resources/feature/token/client-token.feature +++ b/jans-config-api/server/src/test/resources/feature/token/client-token.feature @@ -3,30 +3,25 @@ Feature: Token flow Background: * def mainUrl = token_url -* def client_Url = openidclients_url @ignore Scenario: Fetch all client token - Given url mainUrl - When method GET - Then status 401 - And print response +Given url mainUrl +When method GET +Then status 401 +And print response -@ignore -Scenario: Fetch all client token - Given url client_Url - And header Authorization = 'Bearer ' + accessToken - When method GET - Then status 200 - And print response - Given url mainUrl - And header Authorization = 'Bearer ' + accessToken - And param clientId = response.entries[0].inum - And print 'clientId = '+clientId - When method GET - Then status 200 - And print response +Scenario: Fetch all token +Given url mainUrl +And header Authorization = 'Bearer ' + accessToken +When method GET +Then status 200 +Given url mainUrl + '/search' +And header Authorization = 'Bearer ' + accessToken +When method GET +Then status 200 +And print response