fix(terraform-provider-jans): update terraform module

[moabu]

Bug Fixes

• documentation
• update API and sync with jans updates
  Closes fix(terraform-provider-jans): update terraform module with the API changes for 1.1.5 #9465,

[dryrunsecurity]

DryRun Security Summary

The provided code changes cover a wide range of updates and improvements to the terraform-provider-jans project, which is a Terraform provider for the Jans open-source identity and access management (IAM) platform, addressing various aspects such as CHANGELOG updates, configuration parameter additions, documentation improvements, and test suite enhancements, while also highlighting the importance of secure configuration management, input validation, secure communication, and logging and monitoring to ensure the continued security and reliability of the Jans integration.

Expand for full summary

Summary:

The provided code changes cover a wide range of updates and improvements to the terraform-provider-jans project, which is a Terraform provider for the Jans open-source identity and access management (IAM) platform. The changes span across various files and address different aspects of the provider, including CHANGELOG updates, configuration parameter additions, documentation improvements, and test suite enhancements.

From an application security perspective, the changes generally do not introduce any obvious security vulnerabilities. However, there are a few areas that require attention to ensure the continued security and reliability of the Jans integration:

1. Secure Configuration Management: The provider handles sensitive information, such as client IDs, client secrets, and authentication-related parameters. Ensure that these values are properly secured and not exposed in any logs or outputs.
2. Input Validation: Thoroughly review the code to ensure that all user-supplied input is properly validated and sanitized to prevent potential injection attacks (e.g., SQL injection, XML injection).
3. Secure Communication: Verify that all communication with the Jans API endpoints is done over a secure channel (e.g., HTTPS) to prevent man-in-the-middle attacks.
4. Logging and Monitoring: Implement robust logging and monitoring mechanisms to detect and respond to any suspicious activities or configuration changes related to the Jans integration.

Overall, the changes appear to be focused on improving the functionality and usability of the Terraform provider, while maintaining a reasonable level of security. However, it is essential to continue reviewing the codebase and the broader context of the application to ensure that the integration with the Jans platform remains secure and resilient.

Files Changed:

1. terraform-provider-jans/CHANGELOG.md: Updates to the CHANGELOG, including bug fixes and API updates.
2. terraform-provider-jans/docs/resources/app_configuration.md: Addition of new configuration parameters related to the "Status List" feature.
3. terraform-provider-jans/README.md: Updates to the "Tests" section, including information about custom attribute tests and the "insecure_client" option.
4. terraform-provider-jans/docs/resources/api_app_configuration.md: Addition of new optional attributes for ACR validation and custom attribute validation.
5. terraform-provider-jans/docs/resources/default_authentication_method.md: Update to the default_acr field, changing the default authentication method.
6. terraform-provider-jans/docs/resources/kc_saml_configuration.md: Addition of new optional attributes related to SAML configuration.
7. terraform-provider-jans/docs/resources/scim_app_configuration.md: Addition of new optional attributes to control the audit logger and logger timer.
8. terraform-provider-jans/examples/resources/jans_smtp_configuration/resource.tf: Renaming of the user_name and password fields to more descriptive names.
9. terraform-provider-jans/jans/agama_deployment_test.go: Update to the expected number of deployments in the test cases.
10. terraform-provider-jans/jans/api_app_configuration.go: Addition of new configuration options related to asset management and API application validation.
11. terraform-provider-jans/jans/app_configuration.go: Addition of new configuration parameters related to the "Status List" feature.
12. terraform-provider-jans/jans/attributes.go: Changes to the response structure for the GetAttributes function.
13. terraform-provider-jans/jans/client_test.go: Update to the skipKnownFailures variable.
14. terraform-provider-jans/jans/attributes_test.go: Changes to the custom user attribute testing.
15. terraform-provider-jans/jans/default_authentication_method_test.go: Update to the default authentication method in the test case.
16. terraform-provider-jans/jans/kc_saml_config_test.go: Addition of a new field to the KCSAMLConfiguration struct.
17. terraform-provider-jans/jans/kc_saml_config.go: Addition of a new field to the KCSAMLConfiguration struct.
18. terraform-provider-jans/jans/jans_asset_test.go: Test case for the CreateJansAsset function.

Code Analysis

We ran 9 analyzers against 30 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Authn/Authz Analyzer	9 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mo-auto]

Error: Hi @moabu, You did not reference an open issue in your PR. I attempted to create an issue for you.
Please update that issues' title and body and make sure I correctly referenced it in the above PRs body.

[iromli]

Shouldn't it be acrValidationEnabled?

jans/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json

Line 7 in e9e9808

"acrValidationEnabled": true,

[iromli]

The json:"assetDirMappings" likely need to be rename to json:"assetDirMapping"?

jans/jans-linux-setup/jans_setup/templates/jans-config-api/dynamic-conf.json

Line 94 in e9e9808

"assetDirMapping":[