Skip to content

Commit

Permalink
Merge branch 'master' into reboot/fix/attls-missingblock
Browse files Browse the repository at this point in the history
  • Loading branch information
pablocarle authored Nov 19, 2024
2 parents 586ac53 + cf7e633 commit dba55ab
Show file tree
Hide file tree
Showing 21 changed files with 1,068 additions and 480 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -259,7 +259,7 @@ Use the following curl command to make a REST request with the OIDC token to the
curl --location 'https://"$HOSTNAME:$PORT"/gateway/api/v1/auth/oidc-token/validate --data '{"token": "$OIDC_TOKEN","serviceId": "$SERVICE_ID"}'
```

An HTTP `200` code is returned if the validation passes. Failure to validate returns an HTTP `40x` error.
An HTTP `204` code is returned if the validation passes. Failure to validate returns an HTTP `40x` error.
:::

:::note Azure Entra ID OIDC notes:
Expand Down
108 changes: 67 additions & 41 deletions docs/extend/extend-apiml/zaas-client.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ public interface ZaasClient {
String login(String authorizationHeader) throws ZaasClientException;
ZaasToken query(String token) throws ZaasClientException;
ZaasToken query(HttpServletRequest request) throws ZaasClientException;
ZaasOidcValidationResult validateOidc(String token) throws ZaasClientException;
String passTicket(String jwtToken, String applicationId) throws ZaasClientException, ZaasConfigurationException;
void logout(String token) throws ZaasClientException, ZaasConfigurationException;
}
Expand Down Expand Up @@ -88,6 +89,21 @@ cookie or in an Authorization header. You then receive the `ZaasToken` Object in
ZaasToken query(HttpServletRequest request) throws ZaasClientException;
```

### Validate the OIDC token (`validateOidc`)

Use the `validateOidc` method to get the validity information about the OIDC token.

Call the `validateOidc` method from your API in the following format:

```java
ZaasOidcValidationResult validateOidc(String token) throws ZaasClientException;
```

In return, you receive the `ZaasOidcValidationResult` Object in JSON format.

This method automatically uses the truststore file to add a security layer, which you configured in the `ConfigProperties` class.


### Invalidate a JWT token (`logout`)

The `logout` method is used to invalidate the JWT token. The token must be provided in the Cookie header and must follow the format accepted by the API ML.
Expand Down Expand Up @@ -124,65 +140,75 @@ To use this library, use the procedure described in this section.
1. Add `zaas-client` as a dependency in your project.
You will need to specify the version of the `zaas-client` you want. `zaas-client` versioning following the semantic versioning format of `major.minor.patch`. For example, `1.22.0`.

<details>
<summary>Click here for procedural details using Gradle.</summary>

**Gradle:**

1. Create a `gradle.properties` file in the root of your project if one does not already exist.
1. Create a `gradle.properties` file in the root of your project if one does not already exist.

2. In the `gradle.properties` file, set the URL of the specific Artifactory containing the _SpringEnabler_ artifact.
2. In the `gradle.properties` file, set the URL of the specific Artifactory containing the _SpringEnabler_ artifact.

```
# Repository URL for getting the enabler-java artifact
artifactoryMavenRepo=https://zowe.jfrog.io/zowe/libs-release/
```
```
# Repository URL for getting the enabler-java artifact
artifactoryMavenRepo=https://zowe.jfrog.io/zowe/libs-release/
```

3. Add the following _Gradle_ code block to the `repositories` section of your `build.gradle` file:
3. Add the following _Gradle_ code block to the `repositories` section of your `build.gradle` file:

```gradle
repositories {
...
```gradle
repositories {
...

maven {
maven {
url artifactoryMavenRepo
}
}
```
}
```

4. Add the following _Gradle_ dependency:
4. Add the following _Gradle_ dependency:

```groovy
dependencies {
compile 'org.zowe.apiml.sdk:zaas-client:{{version}}'
}
```
```groovy
dependencies {
compile 'org.zowe.apiml.sdk:zaas-client:{{version}}'
}
```

</details>

<details>
<summary>Click here for procedural details using Maven.</summary>

**Maven:**

1. Add the following _XML_ tags within the newly created `pom.xml` file:

```xml
<repositories>
<repository>
<id>libs-release</id>
<name>libs-release</name>
<url>https://zowe.jfrog.io/zowe/libs-release/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
```
1. Add the following _XML_ tags within the newly created `pom.xml` file:

```xml
<repositories>
<repository>
<id>libs-release</id>
<name>libs-release</name>
<url>https://zowe.jfrog.io/zowe/libs-release/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
```

**Tip:** If you want to use snapshot version, replace libs-release with libs-snapshot in the repository url and change snapshots->enabled to true.
2. Then add the following _Maven_ dependency:
2. Then add the following _Maven_ dependency:

```xml
<dependency>
<groupId>org.zowe.apiml.sdk</groupId>
<artifactId>zaas-client</artifactId>
<version>{{version}}</version>
</dependency>
```
```xml
<dependency>
<groupId>org.zowe.apiml.sdk</groupId>
<artifactId>zaas-client</artifactId>
<version>{{version}}</version>
</dependency>
```

</details>

2. In your application, create your Java class which will be used to create an instance of `ZaasClient`, which enables you to use its method to login, query, and to issue a PassTicket.

Expand Down
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
29 changes: 29 additions & 0 deletions docs/troubleshoot/cli/known-cli.md
Original file line number Diff line number Diff line change
Expand Up @@ -211,3 +211,32 @@ When the `zowe zos-files search data-sets` command is issued with the `--mainfra
**Solution:**
Issue the `zowe files search ds` command without the `--mainframe-search` option. This returns results that include data sets in binary format.
## Error message with PowerShell scripts
**Valid on Windows**
**Symptom:**
PowerShell users on Windows can encounter an error when they try to run Zowe CLI with certain execution policies in place.
Example of an error message:
```
PS C:\> zowe
zowe : File C:\Users\user\AppData\Roaming\npm\zowe.ps1 cannot be loaded because running scripts is disabled on this
system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
At line:1 char:1
+ zowe
+ ~~~~
+ CategoryInfo : SecurityError: (:) [], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess
```
**Solutions:**
- Update developer settings in Windows to enable running local scripts without signing:
![PowerShell setting](../../images/troubleshoot/cli/PowerShell_developer_setting.png)
- Run PowerShell as an administrator and use the `Set-ExecutionPolicy` command to change the execution policy to a less-restrictive setting, for example: `Set-ExecutionPolicy RemoteSigned -scope CurrentUser`.
Loading

0 comments on commit dba55ab

Please sign in to comment.