feat(config-api): fido2 endpoint

Signed-off-by: pujavs <pujas.works@gmail.com>

jans-config-api/docs/jans-config-api-swagger.yaml

@@ -8366,22 +8366,22 @@ components:
           $ref: '#/components/schemas/AttributeValidation'
         tooltip:
           type: string
+        whitePagesCanView:
+          type: boolean
         selected:
           type: boolean
         userCanView:
           type: boolean
-        adminCanView:
-          type: boolean
         adminCanEdit:
           type: boolean
+        adminCanView:
+          type: boolean
         userCanEdit:
           type: boolean
         adminCanAccess:
           type: boolean
         userCanAccess:
           type: boolean
-        whitePagesCanView:
-          type: boolean
         baseDn:
           type: string
     PatchRequest:
@@ -10805,10 +10805,10 @@ components:
         ttl:
           type: integer
           format: int32
-        persisted:
-          type: boolean
         opbrowserState:
           type: string
+        persisted:
+          type: boolean
     SessionIdAccessMap:
       type: object
       properties:

jans-config-api/plugins/docs/fido2-plugin-swagger.yaml

@@ -63,45 +63,15 @@ paths:
       security:
       - oauth2:
         - https://jans.io/oauth/config/fido2.write
-  /fido2/registration/userdevice/{username}/{uid}:
-    delete:
-      tags:
-      - Fido2 - Registration
-      summary: Delete Fido2 Device Data based on user name and device UID
-      description: Delete Fido2 Device Data based on user name and device UID
-      operationId: delete-fido2-device-by-username-uid
-      parameters:
-      - name: username
-        in: path
-        description: User name
-        required: true
-        schema:
-          type: string
-      - name: uid
-        in: path
-        description: Unique identifier string (UUID) assigned to device.
-        required: true
-        schema:
-          type: string
-      responses:
-        "204":
-          description: No Content
-        "401":
-          description: Unauthorized
-        "500":
-          description: InternalServerError
-      security:
-      - oauth2:
-        - https://jans.io/oauth/config/fido2.delete
-  /fido2/registration/device/{uid}:
+  /fido2/registration/device/{uuid}:
     delete:
       tags:
       - Fido2 - Registration
       summary: Delete Fido2 Device Data based on device UID
       description: Delete Fido2 Device Data based on device UID
       operationId: delete-fido2-device-data
       parameters:
-      - name: uid
+      - name: uuid
         in: path
         description: Unique identifier string (UUID) assigned to device.
         required: true
@@ -110,10 +80,26 @@ paths:
       responses:
         "204":
           description: No Content
+        "400":
+          description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "401":
           description: Unauthorized
+        "404":
+          description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "500":
           description: InternalServerError
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
       security:
       - oauth2:
         - https://jans.io/oauth/config/fido2.delete
@@ -147,6 +133,75 @@ paths:
       security:
       - oauth2:
         - https://jans.io/oauth/config/fido2.readonly
+  /fido2/registration:
+    get:
+      tags:
+      - Fido2 - Registration
+      summary: Get a list of Fido2RegistrationEntry.
+      description: Get a list of Fido2RegistrationEntry.
+      operationId: get-fido2-registration-data
+      parameters:
+      - name: limit
+        in: query
+        description: Search size - max size of the results to return
+        schema:
+          type: integer
+          format: int32
+          default: 50
+      - name: pattern
+        in: query
+        description: Search pattern
+        schema:
+          type: string
+          default: ""
+      - name: startIndex
+        in: query
+        description: The 1-based index of the first query result
+        schema:
+          type: integer
+          format: int32
+          default: 0
+      - name: sortBy
+        in: query
+        description: Data whose value will be used to order the returned response
+        schema:
+          type: string
+          default: inum
+      - name: sortOrder
+        in: query
+        description: Order in which the sortBy param is applied. Allowed values are
+          "ascending" and "descending"
+        schema:
+          type: string
+          default: ascending
+      - name: fieldValuePair
+        in: query
+        description: Field and value pair for seraching
+        schema:
+          type: string
+          default: ""
+        examples:
+          Field value example:
+            description: Field value example
+            value: "mail=abc@mail.com,jansStatus=true"
+      responses:
+        "200":
+          description: Ok
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Fido2RegistrationEntryPagedResult'
+              examples:
+                Response example:
+                  description: Response example
+                  value: ""
+        "401":
+          description: Unauthorized
+        "500":
+          description: InternalServerError
+      security:
+      - oauth2:
+        - https://jans.io/oauth/config/fido2.readonly
 components:
   schemas:
     AppConfiguration:
@@ -242,6 +297,15 @@ components:
           type: array
           items:
             type: string
+    ApiError:
+      type: object
+      properties:
+        code:
+          type: string
+        message:
+          type: string
+        description:
+          type: string
     Fido2DeviceData:
       type: object
       properties:
@@ -383,6 +447,22 @@ components:
           writeOnly: true
         baseDn:
           type: string
+    Fido2RegistrationEntryPagedResult:
+      type: object
+      properties:
+        start:
+          type: integer
+          format: int32
+        totalEntriesCount:
+          type: integer
+          format: int32
+        entriesCount:
+          type: integer
+          format: int32
+        entries:
+          type: array
+          items:
+            $ref: '#/components/schemas/Fido2RegistrationEntry'
   securitySchemes:
     oauth2:
       type: oauth2

jans-config-api/plugins/fido2-plugin/src/main/java/io/jans/configapi/plugin/fido2/rest/Fido2RegistrationResource.java

@@ -1,17 +1,24 @@
 package io.jans.configapi.plugin.fido2.rest;
 
+import io.jans.as.common.model.common.User;
+import io.jans.configapi.core.model.ApiError;
 import io.jans.configapi.core.rest.BaseResource;
 import io.jans.configapi.core.rest.ProtectedApi;
 import io.jans.configapi.plugin.fido2.service.Fido2RegistrationService;
 import io.jans.configapi.plugin.fido2.util.Constants;
+import io.jans.configapi.util.ApiAccessConstants;
 import io.jans.configapi.util.ApiConstants;
+import io.jans.model.JansAttribute;
+import io.jans.model.SearchRequest;
+import io.jans.orm.model.PagedResult;
 import io.jans.orm.model.fido2.Fido2DeviceData;
 import io.jans.orm.model.fido2.Fido2RegistrationEntry;
 
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.ArraySchema;
 import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
@@ -24,6 +31,9 @@
 import jakarta.ws.rs.core.Response;
 import org.slf4j.Logger;
 
+import static io.jans.as.model.util.Util.escapeLog;
+
+import java.lang.reflect.InvocationTargetException;
 import java.util.List;
 
 @Path(Constants.REGISTRATION)
@@ -37,6 +47,41 @@ public class Fido2RegistrationResource extends BaseResource {
     @Inject
     Fido2RegistrationService fido2RegistrationService;
 
+    private class Fido2RegistrationEntryPagedResult extends PagedResult<Fido2RegistrationEntry> {
+    };
+
+    @Operation(summary = "Get a list of Fido2RegistrationEntry.", description = "Get a list of Fido2RegistrationEntry.", operationId = "get-fido2-registration-data", tags = {
+            "Fido2 - Registration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
+                    Constants.FIDO2_CONFIG_READ_ACCESS }))
+    @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Fido2RegistrationEntryPagedResult.class), examples = @ExampleObject(name = "Response example", value = "example/fido2/get-all-fido2-data.json"))),
+            @ApiResponse(responseCode = "401", description = "Unauthorized"),
+            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+    @GET
+    @ProtectedApi(scopes = { Constants.FIDO2_CONFIG_READ_ACCESS }, groupScopes = {
+            Constants.FIDO2_CONFIG_WRITE_ACCESS }, superScopes = { ApiAccessConstants.SUPER_ADMIN_READ_ACCESS })
+    public Response getFido2RegistrationEntry(
+            @Parameter(description = "Search size - max size of the results to return") @DefaultValue(ApiConstants.DEFAULT_LIST_SIZE) @QueryParam(value = ApiConstants.LIMIT) int limit,
+            @Parameter(description = "Search pattern") @DefaultValue("") @QueryParam(value = ApiConstants.PATTERN) String pattern,
+            @Parameter(description = "The 1-based index of the first query result") @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex,
+            @Parameter(description = "Data whose value will be used to order the returned response") @DefaultValue(ApiConstants.INUM) @QueryParam(value = ApiConstants.SORT_BY) String sortBy,
+            @Parameter(description = "Order in which the sortBy param is applied. Allowed values are \"ascending\" and \"descending\"") @DefaultValue(ApiConstants.ASCENDING) @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder,
+            @Parameter(description = "Field and value pair for seraching", examples = @ExampleObject(name = "Field value example", value = "mail=abc@mail.com,jansStatus=true")) @DefaultValue("") @QueryParam(value = ApiConstants.FIELD_VALUE_PAIR) String fieldValuePair) {
+
+        if (logger.isInfoEnabled()) {
+            logger.info(
+                    "Fido2RegistrationEntry search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}, fieldValuePair:{}",
+                    escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy),
+                    escapeLog(sortOrder), escapeLog(fieldValuePair));
+        }
+
+        SearchRequest searchReq = createSearchRequest(fido2RegistrationService.getDnFido2RegistrationEntry(null),
+                pattern, sortBy, sortOrder, startIndex, limit, null, null, fido2RegistrationService.getRecordMaxCount(),
+                fieldValuePair, Fido2RegistrationEntry.class);
+
+        return Response.ok(this.doSearch(searchReq)).build();
+    }
+
     @Operation(summary = "Get details of connected FIDO2 devices registered to user", description = "Get details of connected FIDO2 devices registered to user", operationId = "get-registration-entries-fido2", tags = {
             "Fido2 - Registration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
                     Constants.FIDO2_CONFIG_READ_ACCESS }))
@@ -54,42 +99,49 @@ public Response findAllRegisteredByUsername(
         return Response.ok(entries).build();
     }
 
-    @Operation(summary = "Delete Fido2 Device Data based on user name and device UID", description = "Delete Fido2 Device Data based on user name and device UID", operationId = "delete-fido2-device-by-username-uid", tags = {
+    @Operation(summary = "Delete Fido2 Device Data based on device UID", description = "Delete Fido2 Device Data based on device UID", operationId = "delete-fido2-device-data", tags = {
             "Fido2 - Registration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
                     Constants.FIDO2_CONFIG_DELETE_ACCESS }))
     @ApiResponses(value = { @ApiResponse(responseCode = "204", description = "No Content"),
+            @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+            @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))),
+            @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))), })
     @DELETE
-    @Path(Constants.USER_DEVICE + Constants.USERNAME_PATH + Constants.UID_PATH)
+    @Path(Constants.DEVICE + Constants.UID_PATH)
     @ProtectedApi(scopes = { Constants.FIDO2_CONFIG_DELETE_ACCESS })
-    public Response deleteFido2DeviceByUserAndDevice(
-            @Parameter(description = "User name") @PathParam("username") @NotNull String username,
-            @Parameter(description = "Unique identifier string (UUID) assigned to device.") @PathParam("uid") @NotNull String uid) {
-        logger.debug("Request to delete Fido2 device identified by username:{}, uid:{}", username, uid);
+    public Response deleteFido2DeviceData(
+            @Parameter(description = "Unique identifier string (UUID) assigned to device.") @PathParam("uuid") @NotNull String uuid) {
+        logger.debug("Request to delete Fido2 device identified by uuid:{}", uuid);
 
         // delete device
-        fido2RegistrationService.removeFido2DeviceData(username, uid);
+        fido2RegistrationService.removeFido2RegistrationEntry(uuid);
 
+        logger.info("Successfully deleted Fido2 Device with uuid:{}", uuid);
         return Response.noContent().build();
     }
 
-    @Operation(summary = "Delete Fido2 Device Data based on device UID", description = "Delete Fido2 Device Data based on device UID", operationId = "delete-fido2-device-data", tags = {
-            "Fido2 - Registration" }, security = @SecurityRequirement(name = "oauth2", scopes = {
-                    Constants.FIDO2_CONFIG_DELETE_ACCESS }))
-    @ApiResponses(value = { @ApiResponse(responseCode = "204", description = "No Content"),
-            @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
-    @DELETE
-    @Path(Constants.DEVICE + Constants.UID_PATH)
-    @ProtectedApi(scopes = { Constants.FIDO2_CONFIG_DELETE_ACCESS })
-    public Response deleteFido2DeviceData(
-            @Parameter(description = "Unique identifier string (UUID) assigned to device.") @PathParam("uid") @NotNull String uid) {
-        logger.debug("Request to delete Fido2 device identified by uid:{}", uid);
+    private Fido2RegistrationEntryPagedResult doSearch(SearchRequest searchReq) {
+        if (logger.isInfoEnabled()) {
+            logger.info("User search params - searchReq:{}", escapeLog(searchReq));
+        }
 
-        // delete device
-        fido2RegistrationService.removeFido2DeviceData(uid);
+        PagedResult<Fido2RegistrationEntry> pagedResult = fido2RegistrationService.searchFido2Registration(searchReq);
+        if (logger.isDebugEnabled()) {
+            logger.debug("Fido2RegistrationEntry  - pagedResult:{}", pagedResult);
+        }
+
+        Fido2RegistrationEntryPagedResult pagedFido2Registration = new Fido2RegistrationEntryPagedResult();
+        if (pagedResult != null) {
+            logger.debug("Users fetched  - pagedResult.getEntries():{}", pagedResult.getEntries());
+            pagedFido2Registration.setStart(pagedResult.getStart());
+            pagedFido2Registration.setEntriesCount(pagedResult.getEntriesCount());
+            pagedFido2Registration.setTotalEntriesCount(pagedResult.getTotalEntriesCount());
+            pagedFido2Registration.setEntries(pagedResult.getEntries());
+        }
+
+        logger.info("Fido2RegistrationEntry pagedFido2Registration:{}", pagedFido2Registration);
+        return pagedFido2Registration;
 
-        return Response.noContent().build();
     }
 }