Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support add, update and delete for client jwt configuration #125

Merged
merged 2 commits into from
Oct 19, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cf-uaac.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ Gem::Specification.new do |s|
s.require_paths = ['lib']

# dependencies
s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.3'
s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.4'
s.add_development_dependency 'rake', '~> 13.0'
s.add_development_dependency 'rspec', '~> 3.12'
s.add_development_dependency 'simplecov', '~> 0.22.0'
Expand Down
25 changes: 25 additions & 0 deletions lib/uaa/cli/client_reg.rb
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,31 @@ def client_info(defaults)
}
end

define_option :jwks_uri, '--jwks_uri <token_keys endpoint>', 'JWKS token key endpoint'
define_option :jwks, '--jwks <json token key set>', 'JWKS token key'
desc 'client jwt add [id]', 'Add client jwt trust', :jwks_uri, :jwks do |id|
pp scim_request { |cr|
###change_clientjwt(client_id, jwks_uri = nil, jwks = nil, kid = nil, changeMode = nil)
cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'ADD')
'client jwt successfully added'
}
end

desc 'client jwt update [id]', 'Update client jwt trust', :jwks_uri, :jwks do |id|
pp scim_request { |cr|
cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'UPDATE')
'client jwt successfully set'
}
end

define_option :kid, '--kid <key id in json token keys>', 'JWKS token key'
desc 'client jwt delete [id]', 'Delete client jwt trust', :kid do |id|
pp scim_request { |cr|
cr.change_clientjwt(clientid(id), '*', nil, opts[:kid], 'DELETE')
'client jwt successfully deleted'
}
end

private

def update_client(cr, info)
Expand Down
7 changes: 7 additions & 0 deletions lib/uaa/stub/uaa.rb
Original file line number Diff line number Diff line change
Expand Up @@ -414,6 +414,13 @@ def scim_to_client(info)
reply.json(status: 'ok', message: 'secret updated')
end

route :put, %r{^/oauth/clients/([^/]+)/clientjwt$}, 'content-type' => %r{application/json} do
info = Util.json_parse(request.body, :down)
return not_found(match[1]) unless id = server.scim.id(match[1], :client)
return bad_request('no client_id given') unless info['client_id']
reply.json(status: 'ok', message: 'client jwt updated')
end

#----------------------------------------------------------------------------
# users and groups endpoints
#
Expand Down
8 changes: 8 additions & 0 deletions spec/client_reg_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,14 @@ module CF::UAA
Cli.output.string.should include 'access_denied'
end

it "changes it's client jwt" do
Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
Cli.run('token decode').should be
Cli.run("client jwt add #{@test_client} --jwks_uri http://localhost:8080/uaa/token_keys").should be
Cli.run("client jwt update #{@test_client} --jwks_uri http://localhost:8080/uaa/token_keys").should be
Cli.run("client jwt delete #{@test_client} ").should be
end

context 'as updated client' do

before :all do
Expand Down