fix: rename role_based_client as tui_client (#3657)

JanssenProject · Jan 23, 2023 · c393cb2 · c393cb2
1 parent 01525bb
commit c393cb2
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 36 deletions.
diff --git a/docker-jans-persistence-loader/Dockerfile b/docker-jans-persistence-loader/Dockerfile
@@ -24,7 +24,7 @@ RUN python3 -m ensurepip \
 # =====================
 
 # janssenproject/jans SHA commit
-ENV JANS_SOURCE_VERSION=a970d88d81f920973f3ba812db97448f135090a9
+ENV JANS_SOURCE_VERSION=b331ef32b49c870e0a972fc0463e954939317f88
 ARG JANS_SETUP_DIR=jans-linux-setup/jans_setup
 ARG JANS_SCRIPT_CATALOG_DIR=docs/script-catalog
 ARG JANS_CONFIG_API_RESOURCES=jans-config-api/server/src/main/resources

diff --git a/docker-jans-persistence-loader/scripts/utils.py b/docker-jans-persistence-loader/scripts/utils.py
@@ -197,22 +197,26 @@ def merge_auth_ctx(ctx):
 
 def merge_jans_cli_ctx(manager, ctx):
     # jans-cli-tui client
-    ctx["role_based_client_id"] = manager.config.get("role_based_client_id")
-    if not ctx["role_based_client_id"]:
-        ctx["role_based_client_id"] = f"2000.{uuid4()}"
-        manager.config.set("role_based_client_id", ctx["role_based_client_id"])
-
-    ctx["role_based_client_pw"] = manager.secret.get("role_based_client_pw")
-    if not ctx["role_based_client_pw"]:
-        ctx["role_based_client_pw"] = get_random_chars()
-        manager.secret.set("role_based_client_pw", ctx["role_based_client_pw"])
-
-    ctx["role_based_client_encoded_pw"] = manager.secret.get("role_based_client_encoded_pw")
-    if not ctx["role_based_client_encoded_pw"]:
-        ctx["role_based_client_encoded_pw"] = encode_text(
-            ctx["role_based_client_pw"], manager.secret.get("encoded_salt"),
-        ).decode()
-        manager.secret.set("role_based_client_encoded_pw", ctx["role_based_client_encoded_pw"])
+    ctx["tui_client_id"] = manager.config.get("tui_client_id")
+    if not ctx["tui_client_id"]:
+        # migrate from old configs/secrets (if any)
+        ctx["tui_client_id"] = manager.config.get("role_based_client_id", f"2000.{uuid4()}")
+        manager.config.set("tui_client_id", ctx["tui_client_id"])
+
+    ctx["tui_client_pw"] = manager.secret.get("tui_client_pw")
+    if not ctx["tui_client_pw"]:
+        # migrate from old configs/secrets (if any)
+        ctx["tui_client_pw"] = manager.secret.get("role_based_client_pw", get_random_chars())
+        manager.secret.set("tui_client_pw", ctx["tui_client_pw"])
+
+    ctx["tui_client_encoded_pw"] = manager.secret.get("tui_client_encoded_pw")
+    if not ctx["tui_client_encoded_pw"]:
+        # migrate from old configs/secrets (if any)
+        ctx["tui_client_encoded_pw"] = manager.secret.get(
+            "role_based_client_encoded_pw",
+            encode_text(ctx["tui_client_pw"], manager.secret.get("encoded_salt")).decode(),
+        )
+        manager.secret.set("tui_client_encoded_pw", ctx["tui_client_encoded_pw"])
     return ctx
 
 

diff --git a/docs/admin/config-guide/jans-cli/install.md b/docs/admin/config-guide/jans-cli/install.md
@@ -35,10 +35,10 @@ You will be prompted for credentials if you do not have ` ~/.config/jans-cli.ini
 Contact your administrator for credentials.
 
 ```
-cat /opt/jans/jans-setup/setup.properties.last | grep role
-role_based_client_encoded_pw=4jnkODv3KRV6xNm1oGQ8+g\=\=
-role_based_client_id=2000.eac308d1-95e3-4e38-87cf-1532af310a9e
-role_based_client_pw=GnEkCqg4Vsks
+cat /opt/jans/jans-setup/setup.properties.last | grep tui_client
+tui_client_encoded_pw=4jnkODv3KRV6xNm1oGQ8+g\=\=
+tui_client_id=2000.eac308d1-95e3-4e38-87cf-1532af310a9e
+tui_client_pw=GnEkCqg4Vsks
 ```
 
 ### Installing with pip from GitHub
@@ -56,10 +56,10 @@ config-cli-tui
 Obtain Credidentials for CLI from the Janssen server:
 
 ```
-# cat /opt/jans/jans-setup/setup.properties.last | grep role
-role_based_client_encoded_pw=dDpwNN3lv94JF+ibgVFT7A\=\=
-role_based_client_id=2000.076aa5d9-fa8d-42a0-90d2-b83b5ea535d5
-role_based_client_pw=mrF8tcBd6m9Q
+# cat /opt/jans/jans-setup/setup.properties.last | grep tui_client
+tui_client_encoded_pw=dDpwNN3lv94JF+ibgVFT7A\=\=
+tui_client_id=2000.076aa5d9-fa8d-42a0-90d2-b83b5ea535d5
+tui_client_pw=mrF8tcBd6m9Q
 ```
 
-`role_based_client_id` is the **Client ID** and `role_based_client_pw` is the **Client Secret**
+`tui_client_id` is the **Client ID** and `tui_client_pw` is the **Client Secret**
diff --git a/docs/admin/recipes/benchmark.md b/docs/admin/recipes/benchmark.md
@@ -263,10 +263,10 @@ Create the client needed to run the test by executing the following. Make sure t
 
     ```bash
     # Notice the namespace is jans here . Change it if it was changed during installation of janssen previously
-    ROLE_BASED_CLIENT_ID=$(kubectl get cm cn -o json -n jans | grep '"role_based_client_id":' | sed -e 's#.*:\(\)#\1#' | tr -d '"' | tr -d "," | tr -d '[:space:]')
-    ROLE_BASED_CLIENT_SECRET=$(kubectl get secret cn -o json -n jans | grep '"role_based_client_pw":' | sed -e 's#.*:\(\)#\1#' | tr -d '"' | tr -d "," | tr -d '[:space:]' | base64 -d)
+    TUI_CLIENT_ID=$(kubectl get cm cn -o json -n jans | grep '"tui_client_id":' | sed -e 's#.*:\(\)#\1#' | tr -d '"' | tr -d "," | tr -d '[:space:]')
+    TUI_CLIENT_SECRET=$(kubectl get secret cn -o json -n jans | grep '"tui_client_pw":' | sed -e 's#.*:\(\)#\1#' | tr -d '"' | tr -d "," | tr -d '[:space:]' | base64 -d)
     # add -noverify if your fqdn is not registered
-    ./config-cli-tui.pyz --host $FQDN --client-id $ROLE_BASED_CLIENT_ID --client-secret $ROLE_BASED_CLIENT_SECRET --no-tui --operation-id=post-oauth-openid-client --data=auth_code_client.json
+    ./config-cli-tui.pyz --host $FQDN --client-id $TUI_CLIENT_ID --client-secret $TUI_CLIENT_SECRET --no-tui --operation-id=post-oauth-openid-client --data=auth_code_client.json
     ```
 
 5. Save the client id and secret from the response and enter them along with your FQDN in the yaml file `load_test_auth_code.yaml`  under `AUTHZ_CLIENT_ID`, `AUTHZ_CLIENT_SECRET` and `FQDN` respectively then execute :

diff --git a/docs/admin/reference/kubernetes/config-secret-keys.md b/docs/admin/reference/kubernetes/config-secret-keys.md
@@ -51,7 +51,7 @@ kubectl get secret -n jans -o yaml
 | `ldaps_port`                                  | `1636`                                             |
 | `optional_scopes`                             | `["fido2", "scim", "sql"]`                         |
 | `orgName`                                     | `Janssen`                                          |
-| `role_based_client_id`                        | `2000.4a8f3e8b-96b0-435a-8427-a287c242f4d9`        |
+| `tui_client_id`                               | `2000.4a8f3e8b-96b0-435a-8427-a287c242f4d9`        |
 | `scim_client_id`                              | `12`                                               |
 | `state`                                       | `TX`                                               |
 
@@ -79,8 +79,8 @@ kubectl get secret -n jans -o yaml
 | `otp_configuration`                       | base64                  |                                   |
 | `pairwiseCalculationKey`                  | base64                  |                                   |
 | `pairwiseCalculationSalt`                 | base64                  |                                   |
-| `role_based_client_encoded_pw`            | pyDes + base64          | /etc/certs/jans-radius.jks        |
-| `role_based_client_pw`                    | pyDes + base64          |                                   |
+| `tui_client_encoded_pw`                   | pyDes + base64          |                                   |
+| `tui_client_pw`                           | pyDes + base64          |                                   |
 | `scim_client_encoded_pw`                  | pyDes + base64          |                                   |
 | `scim_client_pw`                          | pyDes + base64          |                                   |
 | `sql_password`                            | base64                  |                                   |
@@ -143,4 +143,4 @@ kubectl get secret -n jans -o yaml
     ```bash
     keytool -list -v -keystore /etc/certs/opendj.pkcs12 --storepass ldap_truststore_pass_decoded
     ```
-
+
diff --git a/jans-cli-tui/docs/build.md b/jans-cli-tui/docs/build.md
@@ -17,7 +17,7 @@ It will ask credentials unless you have no ~/.config/jans-cli.ini. Login to Jans
 credentials:
 ```
 cat /opt/jans/jans-setup/setup.properties.last | grep role
-role_based_client_encoded_pw=4jnkODv3KRV6xNm1oGQ8+g\=\=
-role_based_client_id=2000.eac308d1-95e3-4e38-87cf-1532af310a9e
-role_based_client_pw=GnEkCqg4Vsks
+tui_client_encoded_pw=4jnkODv3KRV6xNm1oGQ8+g\=\=
+tui_client_id=2000.eac308d1-95e3-4e38-87cf-1532af310a9e
+tui_client_pw=GnEkCqg4Vsks
 ```