fix(config-api): swagger update for enum and error handling (#2934)

* fix(config-api): client creation exception

* fix(config-api): client creations exception

* fix(config-api): issues fixed 2743, 2755 and 2689

* fix(config-api): change to use fido2 app config model

* fix(config-api): change to use fido2 app config model

* docs(config-api): swagger fix for script enum

* fix: avoid NPE when configuration is missing #2857 (#2863)

* Initial commit IDM, IAG, 2FA Portal (#2873)

initial commit

* fix(image): multiple dynamic scopes created when using 2 replicas (#2871)

* feat: for file based scripts check both script revision and file (#2878)

modification time #2877

Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat(jans-auth-server): added token exchange support to client #2518 (#2855)

And added native sso http test.

* feat: ssa revoke endpoint (#2865)

* docs: update ubuntu.md (#2870)

* docs: Helm install on GKE, AKS, and EKS (#2777)

* docs: Helm install on GKE

* docs: fix to yaml

* docs: remove unnecessary sudo,  kubeconfig flag and create namespace

Creating namespace initially makes more sense. Since it can be used during the database installation.

Also removing sudo makes kubeconfig flag unnecessary too

* docs: fix file name

* docs: fix

* docs: fix indentation

fix indentation so that copying is simpler

* docs: rephrase

* docs: Helm install on EKS


docs: Helm install on EKS

* fix: typo

* docs: EKS fix

* docs: fix mistake in GKE too

* docs: Helm install on AKS

* docs: fix

* fix(jans-auth-server): fix language metadata format (#2883)

* fix(jans-auth-server): fix language metadata format

* fix(jans-auth-server): fix language metadata format

* Initial checkin: RBAC, central authz (#2884)

Starting point for these topics

* fix(config-api): swagger update for enum and error handling

Co-authored-by: Jose <bonustrack310@gmail.com>
Co-authored-by: Mike Schwartz <mike@gluu.org>
Co-authored-by: Isman Firmansyah <iromli@users.noreply.github.com>
Co-authored-by: Yuriy M <95305560+yuremm@users.noreply.github.com>
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Co-authored-by: YuriyZ <yzabrovarniy@gmail.com>
Co-authored-by: Milton Ch <86965029+Milton-Ch@users.noreply.github.com>
Co-authored-by: mzico <mohib@gluu.org>
Co-authored-by: misba7 <amromisba7@gmail.com>
Co-authored-by: Javier Rojas <javier.rojas.blum@gmail.com>

Author: 11 people

jans-config-api/docs/jans-config-api-swagger-auto.yaml

@@ -7178,18 +7178,18 @@ components:
           $ref: '#/components/schemas/AttributeValidation'
         tooltip:
           type: string
+        adminCanAccess:
+          type: boolean
+        userCanAccess:
+          type: boolean
         adminCanEdit:
           type: boolean
         userCanView:
           type: boolean
-        adminCanAccess:
-          type: boolean
         userCanEdit:
           type: boolean
         adminCanView:
           type: boolean
-        userCanAccess:
-          type: boolean
         whitePagesCanView:
           type: boolean
         baseDn:
@@ -7370,14 +7370,24 @@ components:
         idTokenTokenBindingCnf:
           type: string
         clientName:
-          $ref: '#/components/schemas/LocalizedString'
+          type: string
         logoUri:
-          $ref: '#/components/schemas/LocalizedString'
+          type: string
         clientUri:
-          $ref: '#/components/schemas/LocalizedString'
+          type: string
         policyUri:
-          $ref: '#/components/schemas/LocalizedString'
+          type: string
         tosUri:
+          type: string
+        clientNameLocalized:
+          $ref: '#/components/schemas/LocalizedString'
+        logoUriLocalized:
+          $ref: '#/components/schemas/LocalizedString'
+        clientUriLocalized:
+          $ref: '#/components/schemas/LocalizedString'
+        policyUriLocalized:
+          $ref: '#/components/schemas/LocalizedString'
+        tosUriLocalized:
           $ref: '#/components/schemas/LocalizedString'
         jwksUri:
           type: string
@@ -7518,6 +7528,8 @@ components:
           format: int32
         displayName:
           type: string
+        tokenBindingSupported:
+          type: boolean
         authenticationMethod:
           type: string
           enum:
@@ -7529,8 +7541,6 @@ components:
           - tls_client_auth
           - self_signed_tls_client_auth
           - none
-        tokenBindingSupported:
-          type: boolean
         baseDn:
           type: string
         inum:
@@ -8333,8 +8343,6 @@ components:
           $ref: '#/components/schemas/EngineConfig'
         ssaConfiguration:
           $ref: '#/components/schemas/SsaConfiguration'
-        fapi:
-          type: boolean
         enabledFeatureFlags:
           uniqueItems: true
           type: array
@@ -8371,6 +8379,8 @@ components:
             - code
             - token
             - id_token
+        fapi:
+          type: boolean
     AuthenticationFilter:
       required:
       - baseDn

jans-config-api/docs/jans-config-api-swagger.yaml

@@ -4441,9 +4441,6 @@ components:
           description: LDAP custom object class list for dynamic person enrolment.
           items:
             type: string
-          enum:
-            - gluuCustomPerson
-            - gluuPerson
         persistIdTokenInLdap:
           type: boolean
           description: Specifies whether to persist id_token into LDAP (otherwise saves into cache).
@@ -5020,42 +5017,42 @@ components:
           type: string
           description: Data Type of attribute.
           enum:
-            - STRING
-            - NUMERIC
-            - BOOLEAN
-            - BINARY
-            - CERTIFICATE
-            - DATE
-            - JSON
+            - string
+            - numeric
+            - boolean
+            - binary
+            - certificate
+            - date
+            - json
         editType:
           type: array
           description: GluuUserRole
           items:
             type: string
             enum:
-              - ADMIN
-              - OWNER
-              - MANAGER
-              - USER
-              - WHITEPAGES
+              - admin
+              - owner
+              - manager
+              - user
+              - whitepages
         viewType:
           type: array
           description: GluuUserRole
           items:
             type: string
             enum:
-              - ADMIN
-              - OWNER
-              - MANAGER
-              - USER
-              - WHITEPAGES
+              - admin
+              - owner
+              - manager
+              - user
+              - whitepages
         usageType:
           type: array
           description: GluuAttributeUsageType
           items:
             type: string
             enum:
-              - OPENID
+              - openid
         claimName:
           type: string
         seeAlso:
@@ -5064,10 +5061,10 @@ components:
           type: string
           description: Attrubute status
           enum:
-            - ACTIVE
-            - INACTIVE
-            - EXPIRED
-            - REGISTER
+            - active
+            - inactive
+            - expired
+            - register
         saml1Uri:
           type: string
         saml2Uri:
@@ -5224,10 +5221,10 @@ components:
           description: Scope creator type
           type: string
           enum:
-            - NONE
-            - CLIENT
-            - USER
-            - AUTO
+            - none
+            - client
+            - user
+            - auto
         creationDate:
           description: Scope creation date time.
           type: string
@@ -7434,8 +7431,8 @@ components:
           description: Session status
           type: string
           enum:
-            - AUTHENTICATED
-            - UNAUTHENTICATED
+            - authenticated
+            - unauthenticated
         sessionState:
           description: state of session.
           type: string

jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java

@@ -74,7 +74,7 @@ private class UserPagedResult extends PagedResult<CustomUser>{};
             "Configuration – User Management" }, security = @SecurityRequirement(name = "oauth2", scopes = {
                     ApiAccessConstants.USER_READ_ACCESS }))
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = UserPagedResult.class) , examples = @ExampleObject(name = "Response json example", value = "example/user/user-all.json"))),
+            @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = UserPagedResult.class), examples = @ExampleObject(name = "Response json example", value = "example/user/user-all.json"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "500", description = "InternalServerError") })
     @GET
@@ -101,7 +101,7 @@ public Response getUsers(
             "Configuration – User Management" }, security = @SecurityRequirement(name = "oauth2", scopes = {
                     ApiAccessConstants.USER_READ_ACCESS }))
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class, description = "CustomUser identified by inum") , examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))),
+            @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class, description = "CustomUser identified by inum"), examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "Not Found"),
             @ApiResponse(responseCode = "500", description = "InternalServerError") })
@@ -196,9 +196,13 @@ public Response updateUser(@Valid CustomUser customUser)
         List<String> excludeAttributes = List.of(USER_PWD);
         checkMissingAttributes(user, excludeAttributes);
         ignoreCustomObjectClassesForNonLDAP(user);
-
-        user = userMgmtSrv.updateUser(user);
-        logger.debug("Updated user:{}", user);
+        try {
+            user = userMgmtSrv.updateUser(user);
+            logger.debug("Updated user:{}", user);
+        } catch (Exception ex) {
+            logger.error("Error while updating user", ex);
+            thorwInternalServerException(ex);
+        }
 
         // excludedAttributes
         user = excludeUserAttributes(user);
@@ -208,6 +212,7 @@ public Response updateUser(@Valid CustomUser customUser)
         logger.debug("updated customUser:{}", customUser);
 
         return Response.ok(customUser).build();
+
     }
 
     @Operation(summary = "Patch user properties by Inum", description = "Patch user properties by Inum", operationId = "patch-user-by-inum", tags = {
@@ -270,8 +275,7 @@ public Response deleteUser(@PathParam(ApiConstants.INUM) @NotNull String inum) {
         return Response.noContent().build();
     }
 
-    private UserPagedResult doSearch(SearchRequest searchReq)
-            throws IllegalAccessException, InvocationTargetException {
+    private UserPagedResult doSearch(SearchRequest searchReq) throws IllegalAccessException, InvocationTargetException {
         if (logger.isDebugEnabled()) {
             logger.debug("User search params - searchReq:{} ", escapeLog(searchReq));
         }

jans-config-api/shared/src/main/java/io/jans/configapi/core/rest/BaseResource.java

@@ -28,7 +28,7 @@
 import org.slf4j.LoggerFactory;
 
 public class BaseResource {
-    
+
     @Inject
     Util util;
 
@@ -37,7 +37,7 @@ public class BaseResource {
     public static final String MISSING_ATTRIBUTE_CODE = "OCA001";
     public static final String MISSING_ATTRIBUTE_MESSAGE = "A required attribute is missing.";
     public static final String TOKEN_DELIMITER = ",";
-    
+
     public static <T> void checkResourceNotNull(T resource, String objectName) {
         if (resource == null) {
             throw new NotFoundException(getNotFoundError(objectName));
@@ -101,6 +101,13 @@ public static void thorwInternalServerException(String msg) {
         throw new InternalServerErrorException(getInternalServerException(msg));
     }
 
+    public static void thorwInternalServerException(Throwable throwable) {
+        throwable = findRootError(throwable);
+        if (throwable != null) {
+            throw new InternalServerErrorException(getInternalServerException(throwable.getMessage()));
+        }
+    }
+
     /**
      * @param attributeName
      * @return
@@ -173,7 +180,7 @@ protected SearchRequest createSearchRequest(String schemas, String filter, Strin
         if (StringUtils.isEmpty(sortOrder) || !sortOrder.equals(SortOrder.DESCENDING.getValue())) {
             sortOrder = SortOrder.ASCENDING.getValue();
         }
-        log.debug(" util.getTokens(filter,TOKEN_DELIMITER):{} ", util.getTokens(filter,TOKEN_DELIMITER));
+        log.debug(" util.getTokens(filter,TOKEN_DELIMITER):{} ", util.getTokens(filter, TOKEN_DELIMITER));
         searchRequest.setSchemas(schemas);
         searchRequest.setAttributes(attrsList);
         searchRequest.setExcludedAttributes(excludedAttrsList);
@@ -183,9 +190,20 @@ protected SearchRequest createSearchRequest(String schemas, String filter, Strin
         searchRequest.setStartIndex(startIndex);
         searchRequest.setCount(count);
         searchRequest.setMaxCount(maximumRecCount);
-        searchRequest.setFilterAssertionValue(util.getTokens(filter,TOKEN_DELIMITER));
+        searchRequest.setFilterAssertionValue(util.getTokens(filter, TOKEN_DELIMITER));
         return searchRequest;
 
     }
 
+    public static Throwable findRootError(Throwable throwable) {
+        if (throwable == null) {
+            return throwable;
+        }
+        Throwable rootCause = throwable;
+        while (rootCause.getCause() != null && rootCause.getCause() != rootCause) {
+            rootCause = rootCause.getCause();
+        }
+        return rootCause;
+    }
+
 }