Merge branch 'main' into cn-aes-conf-hilevel

JanssenProject · Jan 14, 2025 · 4d1da5d · 4d1da5d
2 parents ca0b645 + 721b8fe
commit 4d1da5d
Show file tree

Hide file tree

Showing 7 changed files with 159 additions and 16 deletions.
diff --git a/.github/workflows/build-nightly-build.yml b/.github/workflows/build-nightly-build.yml
@@ -2,6 +2,11 @@ name: Activate Nightly Build
 
 on:
   workflow_dispatch:
+    inputs:
+      branch:
+        description: 'The branch to build night release from'
+        required: false
+        default: 'main'
   schedule:
     - cron: "0 23 * * *"
 permissions:
@@ -37,4 +42,4 @@ jobs:
         gh release delete ${NIGHTLY_VERSION} --cleanup-tag --yes || echo "v${NIGHTLY_VERSION}" does not exist
         gh release delete ${NIGHTLY_VERSION} --cleanup-tag --yes || echo "v${NIGHTLY_VERSION}" does not exist
         git push --delete origin ${NIGHTLY_VERSION} || echo "v${NIGHTLY_VERSION}" does not exist
-        gh release create ${NIGHTLY_VERSION} --generate-notes --prerelease --title "${NIGHTLY_VERSION}"
+        gh release create ${NIGHTLY_VERSION} --generate-notes --prerelease --title "${NIGHTLY_VERSION}" --target ${{ github.event.inputs.branch }}
diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml
@@ -339,7 +339,7 @@ jobs:
         gh release upload $VER *.zip *.sha256sum --clobber
   build_cedarling_python:
     if: github.repository == 'JanssenProject/jans'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
     - name: Harden Runner
       uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
@@ -375,8 +375,8 @@ jobs:
           TAG="0.0.0"
         fi
         cd ${{ github.workspace }}/jans-cedarling/target/wheels
-        sha256sum cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl > cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl.sha256sum
-        sha256sum cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl > cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl.sha256sum
+        sha256sum cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_31_x86_64.whl > cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_31_x86_64.whl.sha256sum
+        sha256sum cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_31_x86_64.whl > cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_31_x86_64.whl.sha256sum
         gpg --armor --detach-sign cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl || echo "Failed to sign"
         gpg --armor --detach-sign cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl || echo "Failed to sign"
         echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token

diff --git a/jans-cedarling/flask-sidecar/Dockerfile b/jans-cedarling/flask-sidecar/Dockerfile
@@ -76,7 +76,7 @@ EXPOSE 5000
 LABEL org.opencontainers.image.url="ghcr.io/janssenproject/jans/cedarling-flask-sidecar" \
     org.opencontainers.image.authors="Janssen Project <[email protected]>" \
     org.opencontainers.image.vendor="Janssen Project" \
-    org.opencontainers.image.version="1.2.0-1" \
+    org.opencontainers.image.version="0.0.0-nightly" \
     org.opencontainers.image.title="AuthZen Flask API" \
     org.opencontainers.image.description="Flask API that implements the [AuthZen](https://openid.github.io/authzen/) specification with the [cedarling](../) python binding."
 

diff --git a/jans-cedarling/flask-sidecar/pyproject.toml b/jans-cedarling/flask-sidecar/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "flask-sidecar"
-version = "1.2.0"
+version = "0.0.0"
 description = "Sidecar for cedarling"
 authors = ["SafinWasi <[email protected]>"]
 license = "Apache-2.0"

diff --git a/jans-keycloak-link/server/pom.xml b/jans-keycloak-link/server/pom.xml
@@ -33,16 +33,6 @@
         <dependency>
             <groupId>io.jans</groupId>
             <artifactId>jans-core-service</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>io.jans</groupId>
-                    <artifactId>jans-core-document-store</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>io.jans</groupId>
-                    <artifactId>jans-core-message</artifactId>
-                </exclusion>
-            </exclusions>
         </dependency>
     </dependencies>
     <build>

diff --git a/...-link/server/src/main/java/io/jans/keycloak/link/server/service/ConfigurationService.java b/...-link/server/src/main/java/io/jans/keycloak/link/server/service/ConfigurationService.java
@@ -0,0 +1,97 @@
+/*
+ * Copyright [2024] [Janssen Project]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.jans.keycloak.link.server.service;
+
+import io.jans.config.GluuConfiguration;
+import io.jans.keycloak.link.model.config.StaticConfiguration;
+import io.jans.model.SmtpConfiguration;
+import io.jans.orm.PersistenceEntryManager;
+import io.jans.service.EncryptionService;
+import io.jans.util.StringHelper;
+import io.jans.util.security.StringEncrypter.EncryptionException;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import org.slf4j.Logger;
+
+/**
+ *
+ * @author Yuriy Movchan Date: 12/12/2023
+ */
+@ApplicationScoped
+public class ConfigurationService {
+
+    @Inject
+    private Logger log;
+
+    @Inject
+    private PersistenceEntryManager persistenceEntryManager;
+
+    @Inject
+    private StaticConfiguration staticConfiguration;
+
+    @Inject
+    private EncryptionService encryptionService;
+
+    public GluuConfiguration getConfiguration() {
+        String configurationDn = staticConfiguration.getBaseDn().getConfiguration();
+        if (StringHelper.isEmpty(configurationDn)) {
+            return null;
+        }
+
+        return persistenceEntryManager.find(GluuConfiguration.class, configurationDn);
+    }
+
+    /**
+     * Build DN string for configuration
+     *
+     * @param inum Inum
+     * @return DN string for specified configuration or DN for configurations branch if inum is null
+     * @throws Exception
+     */
+    public String getDnForConfiguration(String inum) {
+        String baseDn = staticConfiguration.getBaseDn().getConfiguration();
+        if (StringHelper.isEmpty(inum)) {
+            return baseDn;
+        }
+
+        return String.format("inum=%s,%s", inum, baseDn);
+    }
+
+    public void decryptSmtpPasswords(SmtpConfiguration smtpConfiguration) {
+        if (smtpConfiguration == null) {
+            return;
+        }
+        String password = smtpConfiguration.getSmtpAuthenticationAccountPassword();
+        if (StringHelper.isNotEmpty(password)) {
+            try {
+                smtpConfiguration.setSmtpAuthenticationAccountPasswordDecrypted(encryptionService.decrypt(password));
+            } catch (EncryptionException ex) {
+                log.error("Failed to decrypt SMTP user password", ex);
+            }
+        }
+        password = smtpConfiguration.getKeyStorePassword();
+        if (StringHelper.isNotEmpty(password)) {
+            try {
+                smtpConfiguration.setKeyStorePasswordDecrypted(encryptionService.decrypt(password));
+            } catch (EncryptionException ex) {
+                log.error("Failed to decrypt Kestore password", ex);
+            }
+        }
+    }
+
+}
+
diff --git a/...ak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java b/...ak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java
@@ -6,6 +6,14 @@
 
 package io.jans.keycloak.link.service.config;
 
+import io.jans.config.GluuConfiguration;
+import io.jans.keycloak.link.server.service.ConfigurationService;
+import io.jans.service.document.store.conf.DocumentStoreConfiguration;
+import io.jans.service.document.store.conf.LocalDocumentStoreConfiguration;
+import io.jans.service.message.model.config.MessageConfiguration;
+import io.jans.service.message.model.config.MessageProviderType;
+import io.jans.service.message.model.config.NullMessageConfiguration;
+import jakarta.enterprise.inject.Produces;
 import org.slf4j.Logger;
 
 import io.jans.keycloak.link.model.config.AppConfiguration;
@@ -35,6 +43,9 @@ public class ApplicationFactory {
     @Inject
     private AppConfiguration appConfiguration;
 
+    @Inject
+    private ConfigurationService сonfigurationService;
+
     public static final String PERSISTENCE_ENTRY_MANAGER_FACTORY_NAME = "persistenceEntryManagerFactory";
 
     public static final String PERSISTENCE_ENTRY_MANAGER_NAME = "persistenceEntryManager";
@@ -57,4 +68,44 @@ public PersistenceEntryManagerFactory getPersistenceEntryManagerFactory(Class<?
         return persistanceFactoryService.getPersistenceEntryManagerFactory(persistenceEntryManagerFactoryClass);
     }
 
+    @Produces
+    @ApplicationScoped
+    public DocumentStoreConfiguration getDocumentStoreConfiguration() {
+        GluuConfiguration jansConf = сonfigurationService.getConfiguration();
+        DocumentStoreConfiguration documentStoreConfiguration = jansConf.getDocumentStoreConfiguration();
+        if ((documentStoreConfiguration == null) || (documentStoreConfiguration.getDocumentStoreType() == null)) {
+            log.error("Failed to read document store configuration from DB. Please check configuration jsDocStoreConf attribute " +
+                    "that must contain document store configuration JSON represented by DocumentStoreConfiguration.class. Appliance DN: {0}", jansConf.getDn());
+            log.info("Creating fallback LOCAL document store configuration ... ");
+
+            documentStoreConfiguration = new DocumentStoreConfiguration();
+            documentStoreConfiguration.setLocalConfiguration(new LocalDocumentStoreConfiguration());
+
+            log.info("LOCAL document store configuration is created.");
+        }
+
+        log.info("Document store configuration: {0}" , documentStoreConfiguration);
+        return documentStoreConfiguration;
+    }
+
+    @Produces
+    @ApplicationScoped
+    public MessageConfiguration getMessageConfiguration() {
+        GluuConfiguration jansConf = сonfigurationService.getConfiguration();
+        MessageConfiguration messageConfiguration = jansConf.getMessageConfiguration();
+        if (messageConfiguration == null || messageConfiguration.getMessageProviderType() == null) {
+            log.error("Failed to read message configuration from DB. Please check configuration jsMessageConf attribute " +
+                    "that must contain message configuration JSON represented by MessageConfiguration.class. Appliance DN: {0}" , jansConf.getDn());
+            log.info("Creating fallback Null message configuration ... ");
+
+            messageConfiguration = new MessageConfiguration();
+            messageConfiguration.setMessageProviderType(MessageProviderType.DISABLED);
+            messageConfiguration.setNullConfiguration(new NullMessageConfiguration());
+
+            log.info("NULL message configuration is created.");
+        }
+
+        log.info("Message configuration: {0}" , messageConfiguration);
+        return messageConfiguration;
+    }
 }