diff --git a/.github/workflows/build-nightly-build.yml b/.github/workflows/build-nightly-build.yml index 92559bedfbd..a99219f5b53 100644 --- a/.github/workflows/build-nightly-build.yml +++ b/.github/workflows/build-nightly-build.yml @@ -2,6 +2,11 @@ name: Activate Nightly Build on: workflow_dispatch: + inputs: + branch: + description: 'The branch to build night release from' + required: false + default: 'main' schedule: - cron: "0 23 * * *" permissions: @@ -37,4 +42,4 @@ jobs: gh release delete ${NIGHTLY_VERSION} --cleanup-tag --yes || echo "v${NIGHTLY_VERSION}" does not exist gh release delete ${NIGHTLY_VERSION} --cleanup-tag --yes || echo "v${NIGHTLY_VERSION}" does not exist git push --delete origin ${NIGHTLY_VERSION} || echo "v${NIGHTLY_VERSION}" does not exist - gh release create ${NIGHTLY_VERSION} --generate-notes --prerelease --title "${NIGHTLY_VERSION}" \ No newline at end of file + gh release create ${NIGHTLY_VERSION} --generate-notes --prerelease --title "${NIGHTLY_VERSION}" --target ${{ github.event.inputs.branch }} \ No newline at end of file diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index 258caa392d2..21a527242b8 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -339,7 +339,7 @@ jobs: gh release upload $VER *.zip *.sha256sum --clobber build_cedarling_python: if: github.repository == 'JanssenProject/jans' - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - name: Harden Runner uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 @@ -375,8 +375,8 @@ jobs: TAG="0.0.0" fi cd ${{ github.workspace }}/jans-cedarling/target/wheels - sha256sum cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl > cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl.sha256sum - sha256sum cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl > cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl.sha256sum + sha256sum cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_31_x86_64.whl > cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_31_x86_64.whl.sha256sum + sha256sum cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_31_x86_64.whl > cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_31_x86_64.whl.sha256sum gpg --armor --detach-sign cedarling_python-"${TAG}"-cp311-cp311-manylinux_2_34_x86_64.whl || echo "Failed to sign" gpg --armor --detach-sign cedarling_python-"${TAG}"-cp310-cp310-manylinux_2_34_x86_64.whl || echo "Failed to sign" echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token diff --git a/jans-cedarling/flask-sidecar/Dockerfile b/jans-cedarling/flask-sidecar/Dockerfile index 2d6eb7ba994..3504f1e31da 100644 --- a/jans-cedarling/flask-sidecar/Dockerfile +++ b/jans-cedarling/flask-sidecar/Dockerfile @@ -76,7 +76,7 @@ EXPOSE 5000 LABEL org.opencontainers.image.url="ghcr.io/janssenproject/jans/cedarling-flask-sidecar" \ org.opencontainers.image.authors="Janssen Project " \ org.opencontainers.image.vendor="Janssen Project" \ - org.opencontainers.image.version="1.2.0-1" \ + org.opencontainers.image.version="0.0.0-nightly" \ org.opencontainers.image.title="AuthZen Flask API" \ org.opencontainers.image.description="Flask API that implements the [AuthZen](https://openid.github.io/authzen/) specification with the [cedarling](../) python binding." diff --git a/jans-cedarling/flask-sidecar/pyproject.toml b/jans-cedarling/flask-sidecar/pyproject.toml index 67ba2f3d6f3..0c30b0be9ea 100644 --- a/jans-cedarling/flask-sidecar/pyproject.toml +++ b/jans-cedarling/flask-sidecar/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "flask-sidecar" -version = "1.2.0" +version = "0.0.0" description = "Sidecar for cedarling" authors = ["SafinWasi <6601566+SafinWasi@users.noreply.github.com>"] license = "Apache-2.0" diff --git a/jans-keycloak-link/server/pom.xml b/jans-keycloak-link/server/pom.xml index 75a754de219..034ca6d63f9 100644 --- a/jans-keycloak-link/server/pom.xml +++ b/jans-keycloak-link/server/pom.xml @@ -33,16 +33,6 @@ io.jans jans-core-service - - - io.jans - jans-core-document-store - - - io.jans - jans-core-message - - diff --git a/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/server/service/ConfigurationService.java b/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/server/service/ConfigurationService.java new file mode 100644 index 00000000000..4f8a766e64a --- /dev/null +++ b/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/server/service/ConfigurationService.java @@ -0,0 +1,97 @@ +/* + * Copyright [2024] [Janssen Project] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package io.jans.keycloak.link.server.service; + +import io.jans.config.GluuConfiguration; +import io.jans.keycloak.link.model.config.StaticConfiguration; +import io.jans.model.SmtpConfiguration; +import io.jans.orm.PersistenceEntryManager; +import io.jans.service.EncryptionService; +import io.jans.util.StringHelper; +import io.jans.util.security.StringEncrypter.EncryptionException; +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; +import org.slf4j.Logger; + +/** + * + * @author Yuriy Movchan Date: 12/12/2023 + */ +@ApplicationScoped +public class ConfigurationService { + + @Inject + private Logger log; + + @Inject + private PersistenceEntryManager persistenceEntryManager; + + @Inject + private StaticConfiguration staticConfiguration; + + @Inject + private EncryptionService encryptionService; + + public GluuConfiguration getConfiguration() { + String configurationDn = staticConfiguration.getBaseDn().getConfiguration(); + if (StringHelper.isEmpty(configurationDn)) { + return null; + } + + return persistenceEntryManager.find(GluuConfiguration.class, configurationDn); + } + + /** + * Build DN string for configuration + * + * @param inum Inum + * @return DN string for specified configuration or DN for configurations branch if inum is null + * @throws Exception + */ + public String getDnForConfiguration(String inum) { + String baseDn = staticConfiguration.getBaseDn().getConfiguration(); + if (StringHelper.isEmpty(inum)) { + return baseDn; + } + + return String.format("inum=%s,%s", inum, baseDn); + } + + public void decryptSmtpPasswords(SmtpConfiguration smtpConfiguration) { + if (smtpConfiguration == null) { + return; + } + String password = smtpConfiguration.getSmtpAuthenticationAccountPassword(); + if (StringHelper.isNotEmpty(password)) { + try { + smtpConfiguration.setSmtpAuthenticationAccountPasswordDecrypted(encryptionService.decrypt(password)); + } catch (EncryptionException ex) { + log.error("Failed to decrypt SMTP user password", ex); + } + } + password = smtpConfiguration.getKeyStorePassword(); + if (StringHelper.isNotEmpty(password)) { + try { + smtpConfiguration.setKeyStorePasswordDecrypted(encryptionService.decrypt(password)); + } catch (EncryptionException ex) { + log.error("Failed to decrypt Kestore password", ex); + } + } + } + +} + diff --git a/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java b/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java index 63e8978275d..4804abbd9ae 100644 --- a/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java +++ b/jans-keycloak-link/server/src/main/java/io/jans/keycloak/link/service/config/ApplicationFactory.java @@ -6,6 +6,14 @@ package io.jans.keycloak.link.service.config; +import io.jans.config.GluuConfiguration; +import io.jans.keycloak.link.server.service.ConfigurationService; +import io.jans.service.document.store.conf.DocumentStoreConfiguration; +import io.jans.service.document.store.conf.LocalDocumentStoreConfiguration; +import io.jans.service.message.model.config.MessageConfiguration; +import io.jans.service.message.model.config.MessageProviderType; +import io.jans.service.message.model.config.NullMessageConfiguration; +import jakarta.enterprise.inject.Produces; import org.slf4j.Logger; import io.jans.keycloak.link.model.config.AppConfiguration; @@ -35,6 +43,9 @@ public class ApplicationFactory { @Inject private AppConfiguration appConfiguration; + @Inject + private ConfigurationService сonfigurationService; + public static final String PERSISTENCE_ENTRY_MANAGER_FACTORY_NAME = "persistenceEntryManagerFactory"; public static final String PERSISTENCE_ENTRY_MANAGER_NAME = "persistenceEntryManager"; @@ -57,4 +68,44 @@ public PersistenceEntryManagerFactory getPersistenceEntryManagerFactory(Class