8000 docs(jans-lock): add latest schema by SafinWasi · Pull Request #9081 · JanssenProject/jans · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

docs(jans-lock): add latest schema #9081

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 2, 2024
Merged

docs(jans-lock): add latest schema #9081

merged 2 commits into from
Aug 2, 2024

Conversation

SafinWasi
Copy link
Contributor

Prepare

Description

Target issue

closes #9080

Implementation Details

Test and Document the changes

N/A

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@SafinWasi
docs(jans-lock): add latest schema
01512b3 
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
@SafinWasi SafinWasi requested a review from yurem as a code owner August 1, 2024 15:40
@dryrunsecurity DryRunSecurity
Copy link
dryrunsecurity bot commented Aug 1, 2024
edited
Loading

DryRun Security Summary

The provided code changes focus on updating the schema definitions for the "jans-lock" application, a security and access control system, by restructuring and reorganizing the schema definitions for various entity types and introducing a set of new actions to enhance the access control and authorization mechanisms of the system, with a strong emphasis on fine-grained access control and the ability to adapt to different user and environmental contexts.

Expand for full summary

Summary:

The provided code changes appear to be focused on updating the schema definitions for the "jans-lock" application, which is an application security and access control system. The changes primarily involve restructuring and reorganizing the schema definitions for various entity types, such as Clients, Applications, Users, and Access Tokens, as well as introducing a set of new actions that can be performed on these entities.

From a security perspective, the changes seem to be aimed at enhancing the access control and authorization mechanisms of the system. The introduction of the new actions, which include operations like "Compare", "Execute", "Monitor", "Read", "Search", "Share", "Tag", and "Write", suggests that the system is being designed to support a wide range of security-related operations. Additionally, the use of the "Context" type to capture information about the user's network, device, and location indicates that the system may be employing risk-based or context-aware authentication and authorization mechanisms.

Overall, the changes appear to be focused on improving the security and flexibility of the application security system, with a strong emphasis on fine-grained access control and the ability to adapt to different user and environmental contexts. As an application security engineer, it's important to ensure that the access control rules defined in the "actions" section are aligned with the application's security requirements and that the data types and structures defined for the various entity types are appropriate and do not introduce any potential security vulnerabilities.

Files Changed:

  1. jans-lock/schema/cedarling_core_schema.json:

    • The changes primarily involve restructuring and reorganizing the schema definitions for various entity types, such as "Client", "id_token", "Userinfo_token", "Access_token", "Application", and "User".
    • The changes also introduce a set of "actions" that define the permissions and access control rules for the application, including operations like "Execute", "Search", "Compare", "Monitor", "Tag", "Read", "Share", and "Write".
    • It's important to ensure that the access control rules defined in the "actions" section are aligned with the application's security requirements and that they adequately restrict access to sensitive resources or operations.

  2. jans-lock/schema/cedarling_core_schema.schema:

    • The changes include updates to the definitions of various types, such as "Url", "email_address", and "Context".
    • The changes also include updates to the definitions of various entities, such as "TrustedIssuer", "Client", "Application", "User", "Access_token", "id_token", and "Userinfo_token".
    • The most significant change is the introduction of a set of new actions that can be performed on the "Application" entity, including "Compare", "Execute", "Monitor", "Read", "Search", "Share", "Tag", and "Write".
    • The use of the "Context" type to capture information about the user's network, device, and location suggests that the system may be employing risk-based or context-aware authentication and authorization mechanisms.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Aug 1, 2024
@yurem yurem enabled auto-merge (squash) August 1, 2024 17:59
@yurem yurem merged commit da60eab into main Aug 2, 2024
5 of 6 checks passed
@yurem yurem deleted the docs-jans-lock-schema branch August 2, 2024 16:46
@sonarqubecloud SonarQubeCloud
Copy link
sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link
sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link
sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-core'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link
sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@SafinWasi
docs(jans-lock): add latest schema (#9081)
7b29b7c 
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Former-commit-id: da60eab
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ossdhaval ossdhaval ossdhaval approved these changes

@yurem yurem yurem approved these changes

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

docs(jans-lock): latest schema for lock
4 participants
@SafinWasi @ossdhaval @yurem @mo-auto
0