chore: fully migrate account linking plugin to Agama

[jgomer2001]

Prepare

• Read PR guidelines
• Read license information

---

Description

Target issue

closes #8847

Implementation Details

---

Test and Document the changes

• Static code analysis has been run locally and issues have been fixed
• Relevant unit and integration tests have been added/updated
• Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

• I confirm that there is no impact on the docs due to the code changes in this PR.

[dryrunsecurity]

DryRun Security Summary

The provided code changes focus on updating and enhancing the account linking and authentication functionality of the Jans Casa application, with a strong emphasis on security considerations such as input validation, secure authentication and authorization, sensitive data handling, configuration management, dependency management, and logging and monitoring.

Expand for full summary

Summary:

The provided code changes cover a wide range of updates and enhancements to the Jans Casa application, with a focus on the account linking and authentication functionality. The changes include updates to documentation, configuration, and implementation of various components related to user authentication, account linking, and provider integration.

From an application security perspective, the key considerations are:

1. Input Validation and Sanitization: Ensure that all user inputs, such as usernames, passwords, and provider-specific data, are properly validated and sanitized to prevent vulnerabilities like SQL injection and cross-site scripting (XSS).

2. Secure Authentication and Authorization: Verify that the authentication and authorization mechanisms, including the integration with external identity providers, are implemented securely and follow best practices.

3. Sensitive Data Handling: Review the handling of sensitive user data, such as location information and platform details, to ensure that it is properly secured and not exposed to unauthorized parties.

4. Secure Configuration Management: Ensure that the configuration, including provider credentials and other sensitive settings, is properly secured and access to it is restricted.

5. Dependency and Library Management: Keep all dependencies and libraries up-to-date and monitor for any security vulnerabilities that may be discovered in the future.

6. Logging and Monitoring: Implement comprehensive logging and monitoring mechanisms to detect and respond to any security-related issues or suspicious activities.

Overall, the changes appear to be focused on improving the functionality and user experience of the Jans Casa application, with a strong emphasis on security and extensibility. However, it's crucial to thoroughly review the entire codebase and implementation to ensure that the application is secure and resilient to potential attacks.

Files Changed:

1. docs/casa/plugins/accts-linking/accts-linking-agama.md: This file has been updated to reflect changes in the configuration object for the accounts linking feature.
2. docs/admin/developer/agama/advanced-usages.md: The documentation for the "Advanced usages" section has been enhanced, providing more details on template overrides and flow cancellation.
3. docs/casa/plugins/accts-linking/account-linking-index.md: The documentation for the accounts linking feature has been updated, including details on the deployment and configuration of the various components involved.
4. docs/agama/language-reference.md: The documentation for the "Override templates" feature in the Agama language has been improved, with additional examples and clarifications.
5. jans-casa/agama/project/web/main.ftlh: The login functionality has been updated to include the capture of location and platform information.
6. jans-casa/app/src/main/webapp/admin-api.yaml: The version and title of the Jans Casa admin API have been updated.
7. jans-casa/app/src/main/webapp/enrollment-api.yaml: The version and title of the Jans Casa credentials enrollment API have been updated.
8. jans-casa/agama/project/web/authn/sms_prompt.ftlh: Minor changes have been made to the user interface for selecting a phone number to receive an SMS prompt for authentication.
9. jans-casa/plugins/acct-linking/agama/pom.xml: The pom.xml file for the acct-linking-agama Maven project has been updated.
10. jans-casa/plugins/acct-linking/agama/project/lib/io/jans/casa/acctlinking/Mappings.java: Changes have been made to the Mappings class, which defines the mapping of user profile information from various identity providers.
11. jans-casa/plugins/acct-linking/agama/project/lib/io/jans/casa/acctlinking/ProvidersCacher.java: A new implementation of a caching mechanism for provider information has been introduced.
12. jans-casa/plugins/acct-linking/agama/project/code/io.jans.casa.authn.acctlinking.flow: The "Account Linking" flow has been updated, with changes to the handling of authentication and account linking.
13. jans-casa/plugins/acct-linking/agama/project/project.json: The configuration for the account linking feature has been updated, including changes to the provider settings.
14. `jans-casa/plugins/acct-linking/src/main/java/io/jans/

Code Analysis

We ran 9 analyzers against 26 files and 2 analyzers had findings. 7 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	2 findings
Authn/Authz Analyzer	3 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[sonarqubecloud]

Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'jans-core'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'Jans-Keycloak-Link'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'SCIM API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'Fido2 API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud