8000 docs(jans-lock): add swagger by SafinWasi · Pull Request #8754 · JanssenProject/jans · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

docs(jans-lock): add swagger #8754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 23, 2024
Merged

docs(jans-lock): add swagger #8754

merged 2 commits into from
Jun 23, 2024

Conversation

SafinWasi
Copy link
Contributor
@SafinWasi SafinWasi commented Jun 20, 2024
edited by mo-auto
Loading

Prepare

Description

Target issue

closes #8753

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Closes #8762,

@SafinWasi
docs(jans-lock): add swagger
b37e089 
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
@SafinWasi SafinWasi requested a review from yurem as a code owner June 20, 8000 2024 19:39
@dryrunsecurity DryRunSecurity
Copy link
dryrunsecurity bot commented Jun 20, 2024
edited
Loading

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Server-Side Request Forgery Analyzer 0 findings
Configured Codepaths Analyzer 0 findings
Secrets Analyzer 0 findings
Authn/Authz Analyzer 0 findings
SQL Injection Analyzer 0 findings
Sensitive Files Analyzer 0 findings
IDOR Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The provided code changes appear to be an OpenAPI specification for the "Lock Master" application, which is part of the Jans platform. The specification defines various endpoints and their corresponding functionality, security requirements, and response schemas. From an application security perspective, the specification includes several security-focused features, such as the use of OAuth 2.0 client credentials flow for authentication and authorization, standardized error handling, audit logging capabilities, and configuration management endpoints. These security practices are commendable and demonstrate a security-conscious approach to the application's design. However, it's important to ensure that the actual implementation of the application aligns with the security considerations outlined in the specification.

Files Changed:

  • jans-lock/lock-master.yaml: This file contains the OpenAPI specification for the "Lock Master" application. The specification defines the following key security-related aspects:
    1. Security Schemes: The specification defines two security schemes - "Bearer" and "Client Credentials". The "Client Credentials" scheme is used for accessing various endpoints, requiring a valid access token obtained from the Jans Auth Server.
    2. Error Handling: The specification defines two custom error response schemas - "DEFAULT_ERROR" and "UNPROCESSABLE_ENTITY", which help to provide consistent and informative error information to clients.
    3. Audit Logging: The specification includes several endpoints ("/audit/health", "/audit/log", and "/audit/telemetry") that allow clients to send audit-related data to the application, enabling logging and monitoring of various events and activities.
    4. Configuration Management: The specification includes endpoints ("/config", "/config/issuers", "/config/policy", and "/config/schema") that allow clients to retrieve configuration-related data, such as policy stores and trusted issuer information.
    5. Server-Sent Events (SSE): The specification includes an endpoint ("/lock_sse") that allows clients to subscribe to a real-time event stream, which may be used for various purposes, such as monitoring or notifications.

Powered by DryRun Security

@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Jun 20, 2024
@nynymike nynymike self-requested a review June 21, 2024 21:34
nynymike
nynymike approved these changes Jun 21, 2024
View reviewed changes
Copy link
Contributor
@nynymike nynymike left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok

@moabu moabu closed this Jun 23, 2024
@moabu moabu reopened this Jun 23, 2024
@moabu moabu merged commit 8e3b573 into main Jun 23, 2024
9 checks passed
@moabu moabu deleted the docs-lock-master-swagger branch June 23, 2024 13:20
@mo-auto
Copy link
Member
mo-auto commented Jun 23, 2024

Error: Hi @SafinWasi, You did not reference an open issue in your PR. I attempted to create an issue for you.
Please update that issues' title and body and make sure I correctly referenced it in the above PRs body.

@mo-auto mo-auto mentioned this pull request Jun 23, 2024
Closed
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@SafinWasi @moabu
docs(jans-lock): add swagger (#8754)
fd53571 
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
Former-commit-id: 8e3b573
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nynymike nynymike nynymike approved these changes

@moabu moabu moabu approved these changes

@yurem yurem Awaiting requested review from yurem yurem is a code owner

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix: docs(jans-lock): add swagger -autocreated docs(jans-lock): add swagger for lock master
4 participants
@SafinWasi @mo-auto @nynymike @moabu
0