Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-linux-setup): remove saml_scim_client #9048

Merged
merged 1 commit into from
Jul 29, 2024
Merged

fix(jans-linux-setup): remove saml_scim_client #9048

merged 1 commit into from
Jul 29, 2024

Conversation

devrimyatar
Copy link
Contributor

closes #9047

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@devrimyatar
fix(jans-linux-setup): remove saml_scim_client
886e0e1 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-linux-setup Component affected by issue or PR labels Jul 29, 2024
@devrimyatar devrimyatar requested a review from uprightech July 29, 2024 09:22
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 29, 2024
edited
Loading

DryRun Security Summary

The pull request removes a client configuration for the "Jans SCIM Client for SAML" from the clients.json file, which was used for SCIM integration with SAML, and it's important to review the remaining client configurations to ensure that the authorization methods, grant types, and scopes are appropriate and aligned with the application's security requirements.

Expand for full summary

Summary:

The code changes in this pull request involve the removal of a client configuration from the clients.json file. The removed client was the "Jans SCIM Client for SAML," which was used for SCIM (System for Cross-domain Identity Management) integration with SAML (Security Assertion Markup Language). From an application security perspective, the removal of this client configuration does not seem to introduce any immediate security concerns. However, it's important to consider the overall context and the potential impact of this change on the application's security posture. The removal of the SCIM client may be part of a larger architectural or functional change, and it's essential to ensure that the application's SCIM integration is properly handled and that any potential security implications are thoroughly assessed. Additionally, it's worth reviewing the remaining client configurations to ensure that the authorization methods, grant types, and scopes are appropriate and aligned with the application's security requirements.

Files Changed:

  • jans-linux-setup/jans_setup/templates/jans-saml/clients.json: This file has been updated to remove the "Jans SCIM Client for SAML" client configuration, which had the client prefix "2100." and was used for SCIM integration with SAML. The remaining client configurations appear to be for Keycloak-related clients, which are used for SAML authentication, API access, and master realm authentication. It's recommended to review these remaining client configurations to ensure that the authorization methods, grant types, and scopes are appropriate and aligned with the application's security requirements, especially for the "kc_scheduler_api" client, which has a broad set of scopes.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuriyz yuriyz merged commit 093f63e into main Jul 29, 2024
12 checks passed
@yuriyz yuriyz deleted the jans-linux-setup-remove-saml-scim-client branch July 29, 2024 09:46
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
fix(jans-linux-setup): remove saml_scim_client (#9048)
bd9fef5 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: 093f63e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@uprightech uprightech uprightech approved these changes

@yurem yurem Awaiting requested review from yurem yurem is a code owner

@yuriyzz yuriyzz Awaiting requested review from yuriyzz yuriyzz is a code owner

Assignees
No one assigned
Labels
comp-jans-linux-setup Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-linux-setup): remove saml_scim_client
3 participants
@devrimyatar @uprightech @yuriyz