nevis
/
adn-agov-iam-inventory
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new configuration version

This commit is contained in:
haburger 2025-01-09 11:38:15 +00:00
parent ab7301ab7c
commit 3424f7a2f8
4 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
View File

@ -45,7 +45,7 @@ spec:
podDisruptionBudget: podDisruptionBudget:
maxUnavailable: "50%" maxUnavailable: "50%"
git: git:
tag: "r-9f6d84e979285818b66af10c90377f35c4518538" tag: "r-3df620313bf4e6a321e01eb9fba01e25a6c03379"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth" dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
credentials: "git-credentials" credentials: "git-credentials"
keystores: keystores:

2
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
View File

@ -2336,7 +2336,7 @@
<!-- source: pattern://584964c837512845d7940809 --> <!-- source: pattern://584964c837512845d7940809 -->
<property name="sess:agov.recovery.codeStatus" value="skipped"/> <property name="sess:agov.recovery.codeStatus" value="skipped"/>
<!-- source: pattern://584964c837512845d7940809 --> <!-- source: pattern://584964c837512845d7940809 -->
<property name="!${sess:agov.recovery.codeDetailStatus}?sess:agov.recovery.codeDetailStatus" value="directly skipped by user"/> <property name="${sess:agov.recovery.codeDetailStatus}==n/a?sess:agov.recovery.codeDetailStatus" value="directly skipped by user"/>
</AuthState> </AuthState>
<AuthState name="Auth_Realm_Recovery_Recovery_Auth_codeVerified" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false"> <AuthState name="Auth_Realm_Recovery_Recovery_Auth_codeVerified" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
<!-- source: pattern://584964c837512845d7940809 --> <!-- source: pattern://584964c837512845d7940809 -->

2
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/handleRedirectRecovery.groovy
View File

@ -8,7 +8,7 @@ if(outargs.containsKey('saml.SAMLResponse')) {
def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown' def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown' def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
LOG.info("Event='GOTORECOVERY', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', AccountAq='${session['agov.recovery.currentAgovAq']}', AuthCtxClass='${session['agov.recovery.authnContextClassRef']}', RecoveryCodeStatus='${session['agov.recovery.codeStatus']}', RecoveryCodeStatus='${session['agov.recovery.codeDetailStatus']}'") LOG.info("Event='GOTORECOVERY', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', AccountAq='${session['agov.recovery.currentAgovAq']}', AuthCtxClass='${session['agov.recovery.authnContextClassRef']}', RecoveryCodeStatus='${session['agov.recovery.codeStatus']}', RecoveryCodeDetailStatus='${session['agov.recovery.codeDetailStatus']}'")
// Redirect // Redirect
response.addOutArg('nevis.transfer.destination', parameters.get('agovmedirecturl')) response.addOutArg('nevis.transfer.destination', parameters.get('agovmedirecturl'))

4
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/recovery-processing.groovy
View File

@ -110,6 +110,10 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
def idVerification = null def idVerification = null
def agovAqValidFrom = null def agovAqValidFrom = null
if (maxLoi) { if (maxLoi) {
if (maxLoi != 'level100') {
session.setAttribute('agov.recovery.codeDetailStatus', '' + maxLoi)
}
idVerification = userDto.'**'.find { node -> node.name() == 'properties' && node.name.text() == 'idVerification' && node.scopeName.text() == 'AGOV-Loi,' + maxLoi}?.value?.text() idVerification = userDto.'**'.find { node -> node.name() == 'properties' && node.name.text() == 'idVerification' && node.scopeName.text() == 'AGOV-Loi,' + maxLoi}?.value?.text()
idVerification = idVerification ?: 'None' idVerification = idVerification ?: 'None'
agovAqValidFrom = userDto.'**'.find { node -> node.name() == 'authorizations' && node.role.name.text() == maxLoi}?.validFrom?.text() agovAqValidFrom = userDto.'**'.find { node -> node.name() == 'authorizations' && node.role.name.text() == maxLoi}?.validFrom?.text()