Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-auth-server): allow invoke consent script by acr #10548

Closed
3 tasks
yuriyz opened this issue Jan 4, 2025 · 1 comment · Fixed by #10712
Closed
3 tasks

feat(jans-auth-server): allow invoke consent script by acr #10548

yuriyz opened this issue Jan 4, 2025 · 1 comment · Fixed by #10712
Assignees
@yuriyz
Milestone
next-release

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Jan 4, 2025

Description

Currently it's invoked based on client configuration. However it shouldn't be problem to introduce new AS configuration property and invoke it based on acr if needed. For example

1. acr1 - consentScript1
2. acr2 - consentScript2
...
n. acrN - consentScriptN

Test cases and code coverage

  • Write unit test to cover added/changed code
  • Update integration tests to cover added/changed code
  • documenation
@yuriyz yuriyz self-assigned this Jan 4, 2025
@moabu moabu added this to the next release milestone Jan 13, 2025
@jgomer2001 jgomer2001 mentioned this issue Jan 17, 2025
Open
@yuriyz
Copy link
Contributor Author

yuriyz commented Jan 17, 2025
edited
Loading

From #10686 (comment)

What if we add another configuration property that has mapping acr to consent flow like this

agama_io.jans.authn.sms - io.jans.consent.A
agama_io.jans.authn.fido2 - io.jans.consent.B

Algorithm is :

  1. AS got authorization request with acr_values=agama_io.jans.authn.sms
  2. io.jans.authn.sms is run
  3. AS identifies AgamaConsentBridge.py by configuration and also read another configuration property mapping and sets into session with consent_flow=io.jans.consent.A (it should be possible to load with context.getSessionAttributes().get("consent_flow")).

It means we will need two additional configuration mappings.

@moabu moabu modified the milestones: 1.3.0, next-release Jan 21, 2025
yuriyz added a commit that referenced this issue Jan 21, 2025
@yuriyz
feat(jans-auth-server): allow invoke consent script by acr #10548
680b0e6 
Signed-off-by: YuriyZ <[email protected]>
@yuriyz yuriyz mentioned this issue Jan 21, 2025
Merged
4 tasks
yuriyz added a commit that referenced this issue Jan 29, 2025
@yuriyz
feat(jans-auth-server): allow invoke consent script by acr #10548 (#1…
e1982e1 
…0712)

* feat(jans-auth-server): allow invoke consent script by acr #10548

Signed-off-by: YuriyZ <[email protected]>

* added consent script identification

Signed-off-by: YuriyZ <[email protected]>

* feat(jans-auth-server): agama consent script - set consent_flow into the session

Signed-off-by: YuriyZ <[email protected]>

* feat(jans-auth-server): agama consent script - added consetn gatherer service test

Signed-off-by: YuriyZ <[email protected]>

* doc(jans-auth-server): added documentation about consent script identification

Signed-off-by: YuriyZ <[email protected]>

---------

Signed-off-by: YuriyZ <[email protected]>
@jgomer2001 jgomer2001 mentioned this issue Jan 30, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
None yet
Projects
None yet
Milestone
next-release
Development

Successfully merging a pull request may close this issue.

feat(jans-auth-server): allow invoke consent script by acr #10548 JanssenProject/jans
2 participants
@yuriyz @moabu