diff --git a/Makefile b/Makefile index 75f5a9c6..e3cb2c6c 100644 --- a/Makefile +++ b/Makefile @@ -33,7 +33,7 @@ starttestcontainer: -p 9999:9999 \ --env-file "${HOME}/.pingidentity/config" \ -v $$(pwd)/server-profiles/shared-profile:/opt/in \ - -v $$(pwd)/server-profiles/12.1/data.json.subst:/opt/in/instance/bulk-config/data.json.subst \ + -v $$(pwd)/server-profiles/12.1/data.json:/opt/in/instance/bulk-config/data.json \ pingidentity/pingfederate:latest # Wait for the instance to become ready sleep 1 diff --git a/go.mod b/go.mod index 0a1264db..aa592975 100644 --- a/go.mod +++ b/go.mod @@ -4,12 +4,12 @@ go 1.23.3 require ( github.com/fatih/color v1.18.0 - github.com/golangci/golangci-lint v1.62.2 + github.com/golangci/golangci-lint v1.63.2 github.com/hashicorp/go-uuid v1.0.3 github.com/manifoldco/promptui v0.9.0 - github.com/patrickcping/pingone-go-sdk-v2 v0.12.4 - github.com/patrickcping/pingone-go-sdk-v2/management v0.44.0 - github.com/patrickcping/pingone-go-sdk-v2/risk v0.17.0 + github.com/patrickcping/pingone-go-sdk-v2 v0.12.5 + github.com/patrickcping/pingone-go-sdk-v2/management v0.45.0 + github.com/patrickcping/pingone-go-sdk-v2/risk v0.18.0 github.com/pavius/impi v0.0.3 github.com/pingidentity/pingfederate-go-client/v1210 v1210.0.5 github.com/rs/zerolog v1.33.0 @@ -22,10 +22,10 @@ require ( require ( 4d63.com/gocheckcompilerdirectives v1.2.1 // indirect 4d63.com/gochecknoglobals v0.2.1 // indirect - github.com/4meepo/tagalign v1.3.4 // indirect + github.com/4meepo/tagalign v1.4.1 // indirect github.com/Abirdcfly/dupword v0.1.3 // indirect github.com/Antonboom/errname v1.0.0 // indirect - github.com/Antonboom/nilnil v1.0.0 // indirect + github.com/Antonboom/nilnil v1.0.1 // indirect github.com/Antonboom/testifylint v1.5.2 // indirect github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c // indirect github.com/Crocmagnon/fatcontext v0.5.3 // indirect @@ -33,16 +33,17 @@ require ( github.com/GaijinEntertainment/go-exhaustruct/v3 v3.3.0 // indirect github.com/Masterminds/semver/v3 v3.3.1 // indirect github.com/OpenPeeDeeP/depguard/v2 v2.2.0 // indirect - github.com/alecthomas/go-check-sumtype v0.3.0 // indirect + github.com/alecthomas/go-check-sumtype v0.3.1 // indirect github.com/alexkohler/nakedret/v2 v2.0.5 // indirect github.com/alexkohler/prealloc v1.0.0 // indirect github.com/alingse/asasalint v0.0.11 // indirect + github.com/alingse/nilnesserr v0.1.1 // indirect github.com/ashanbrown/forbidigo v1.6.0 // indirect github.com/ashanbrown/makezero v1.2.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bkielbasa/cyclop v1.2.3 // indirect github.com/blizzy78/varnamelen v0.8.0 // indirect - github.com/bombsimon/wsl/v4 v4.4.1 // indirect + github.com/bombsimon/wsl/v4 v4.5.0 // indirect github.com/breml/bidichk v0.3.2 // indirect github.com/breml/errchkjson v0.4.0 // indirect github.com/butuzov/ireturn v0.3.1 // indirect @@ -78,9 +79,8 @@ require ( github.com/gofrs/flock v0.12.1 // indirect github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect github.com/golangci/go-printf-func-name v0.1.0 // indirect - github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9 // indirect + github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9 // indirect github.com/golangci/misspell v0.6.0 // indirect - github.com/golangci/modinfo v0.3.4 // indirect github.com/golangci/plugin-module-register v0.1.1 // indirect github.com/golangci/revgrep v0.5.3 // indirect github.com/golangci/unconvert v0.0.0-20240309020433-c5143eacb3ed // indirect @@ -99,7 +99,7 @@ require ( github.com/jgautheron/goconst v1.7.1 // indirect github.com/jingyugao/rowserrcheck v1.1.1 // indirect github.com/jjti/go-spancheck v0.6.4 // indirect - github.com/julz/importas v0.1.0 // indirect + github.com/julz/importas v0.2.0 // indirect github.com/karamaru-alpha/copyloopvar v1.1.0 // indirect github.com/kisielk/errcheck v1.8.0 // indirect github.com/kisielk/gotool v1.0.0 // indirect @@ -108,15 +108,17 @@ require ( github.com/kunwardeep/paralleltest v1.0.10 // indirect github.com/kyoh86/exportloopref v0.1.11 // indirect github.com/lasiar/canonicalheader v1.1.2 // indirect + github.com/ldez/exptostd v0.3.0 // indirect github.com/ldez/gomoddirectives v0.6.0 // indirect - github.com/ldez/grignotin v0.6.0 // indirect + github.com/ldez/grignotin v0.7.0 // indirect github.com/ldez/tagliatelle v0.7.1 // indirect + github.com/ldez/usetesting v0.4.1 // indirect github.com/leonklingele/grouper v1.1.2 // indirect github.com/macabu/inamedparam v0.1.3 // indirect github.com/magiconair/properties v1.8.9 // indirect github.com/maratori/testableexamples v1.0.0 // indirect github.com/maratori/testpackage v1.1.1 // indirect - github.com/matoous/godox v0.0.0-20241202171805-94d1edd68ebb // indirect + github.com/matoous/godox v0.0.0-20241227120647-72181c086b34 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.16 // indirect @@ -146,17 +148,17 @@ require ( github.com/quasilyte/gogrep v0.5.0 // indirect github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727 // indirect github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567 // indirect - github.com/raeperd/recvcheck v0.1.2 // indirect + github.com/raeperd/recvcheck v0.2.0 // indirect github.com/rivo/uniseg v0.4.7 // indirect - github.com/rogpeppe/go-internal v1.13.1 // indirect + github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a // indirect github.com/ryancurrah/gomodguard v1.3.5 // indirect github.com/ryanrolds/sqlclosecheck v0.5.1 // indirect github.com/sagikazarmark/locafero v0.6.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/sanposhiho/wastedassign/v2 v2.1.0 // indirect - github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect + github.com/santhosh-tekuri/jsonschema/v6 v6.0.1 // indirect github.com/sashamelentyev/interfacebloat v1.1.0 // indirect - github.com/sashamelentyev/usestdlibvars v1.27.0 // indirect + github.com/sashamelentyev/usestdlibvars v1.28.0 // indirect github.com/securego/gosec/v2 v2.21.4 // indirect github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect github.com/sirupsen/logrus v1.9.3 // indirect @@ -166,20 +168,20 @@ require ( github.com/sourcegraph/conc v0.3.0 // indirect github.com/sourcegraph/go-diff v0.7.0 // indirect github.com/spf13/afero v1.11.0 // indirect - github.com/spf13/cast v1.7.0 // indirect + github.com/spf13/cast v1.7.1 // indirect github.com/ssgreg/nlreturn/v2 v2.2.1 // indirect github.com/stbenjam/no-sprintf-host-port v0.2.0 // indirect github.com/stretchr/objx v0.5.2 // indirect github.com/stretchr/testify v1.10.0 // indirect github.com/subosito/gotenv v1.6.0 // indirect github.com/tdakkota/asciicheck v0.3.0 // indirect - github.com/tetafro/godot v1.4.18 // indirect - github.com/timakin/bodyclose v0.0.0-20241017074824-adbc21e6bf36 // indirect + github.com/tetafro/godot v1.4.20 // indirect + github.com/timakin/bodyclose v0.0.0-20241222091800-1db5c5ca4d67 // indirect github.com/timonwong/loggercheck v0.10.1 // indirect github.com/tomarrell/wrapcheck/v2 v2.10.0 // indirect github.com/tommy-muehle/go-mnd/v2 v2.5.1 // indirect - github.com/ultraware/funlen v0.1.0 // indirect - github.com/ultraware/whitespace v0.1.1 // indirect + github.com/ultraware/funlen v0.2.0 // indirect + github.com/ultraware/whitespace v0.2.0 // indirect github.com/uudashr/gocognit v1.2.0 // indirect github.com/uudashr/iface v1.3.0 // indirect github.com/xen0n/gosmopolitan v1.2.2 // indirect @@ -192,18 +194,18 @@ require ( go.uber.org/automaxprocs v1.6.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/exp v0.0.0-20241210194714-1829a127f884 // indirect - golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 // indirect + golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect + golang.org/x/exp/typeparams v0.0.0-20241217172543-b2144cdd0a67 // indirect golang.org/x/mod v0.22.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect golang.org/x/text v0.21.0 // indirect golang.org/x/tools v0.28.0 // indirect - google.golang.org/protobuf v1.35.2 // indirect + google.golang.org/protobuf v1.36.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect honnef.co/go/tools v0.5.1 // indirect mvdan.cc/gofumpt v0.7.0 // indirect - mvdan.cc/unparam v0.0.0-20240917084806-57a3b4290ba3 // indirect + mvdan.cc/unparam v0.0.0-20241226123437-447d509598f3 // indirect ) diff --git a/go.sum b/go.sum index 2be5e676..5e05861c 100644 --- a/go.sum +++ b/go.sum @@ -2,14 +2,14 @@ 4d63.com/gocheckcompilerdirectives v1.2.1/go.mod h1:yjDJSxmDTtIHHCqX0ufRYZDL6vQtMG7tJdKVeWwsqvs= 4d63.com/gochecknoglobals v0.2.1 h1:1eiorGsgHOFOuoOiJDy2psSrQbRdIHrlge0IJIkUgDc= 4d63.com/gochecknoglobals v0.2.1/go.mod h1:KRE8wtJB3CXCsb1xy421JfTHIIbmT3U5ruxw2Qu8fSU= -github.com/4meepo/tagalign v1.3.4 h1:P51VcvBnf04YkHzjfclN6BbsopfJR5rxs1n+5zHt+w8= -github.com/4meepo/tagalign v1.3.4/go.mod h1:M+pnkHH2vG8+qhE5bVc/zeP7HS/j910Fwa9TUSyZVI0= +github.com/4meepo/tagalign v1.4.1 h1:GYTu2FaPGOGb/xJalcqHeD4il5BiCywyEYZOA55P6J4= +github.com/4meepo/tagalign v1.4.1/go.mod h1:2H9Yu6sZ67hmuraFgfZkNcg5Py9Ch/Om9l2K/2W1qS4= github.com/Abirdcfly/dupword v0.1.3 h1:9Pa1NuAsZvpFPi9Pqkd93I7LIYRURj+A//dFd5tgBeE= github.com/Abirdcfly/dupword v0.1.3/go.mod h1:8VbB2t7e10KRNdwTVoxdBaxla6avbhGzb8sCTygUMhw= github.com/Antonboom/errname v1.0.0 h1:oJOOWR07vS1kRusl6YRSlat7HFnb3mSfMl6sDMRoTBA= github.com/Antonboom/errname v1.0.0/go.mod h1:gMOBFzK/vrTiXN9Oh+HFs+e6Ndl0eTFbtsRTSRdXyGI= -github.com/Antonboom/nilnil v1.0.0 h1:n+v+B12dsE5tbAqRODXmEKfZv9j2KcTBrp+LkoM4HZk= -github.com/Antonboom/nilnil v1.0.0/go.mod h1:fDJ1FSFoLN6yoG65ANb1WihItf6qt9PJVTn/s2IrcII= +github.com/Antonboom/nilnil v1.0.1 h1:C3Tkm0KUxgfO4Duk3PM+ztPncTFlOf0b2qadmS0s4xs= +github.com/Antonboom/nilnil v1.0.1/go.mod h1:CH7pW2JsRNFgEh8B2UaPZTEPhCMuFowP/e8Udp9Nnb0= github.com/Antonboom/testifylint v1.5.2 h1:4s3Xhuv5AvdIgbd8wOOEeo0uZG7PbDKQyKY5lGoQazk= github.com/Antonboom/testifylint v1.5.2/go.mod h1:vxy8VJ0bc6NavlYqjZfmp6EfqXMtBgQ4+mhCojwC1P8= github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs= @@ -26,8 +26,8 @@ github.com/OpenPeeDeeP/depguard/v2 v2.2.0 h1:vDfG60vDtIuf0MEOhmLlLLSzqaRM8EMcgJP github.com/OpenPeeDeeP/depguard/v2 v2.2.0/go.mod h1:CIzddKRvLBC4Au5aYP/i3nyaWQ+ClszLIuVocRiCYFQ= github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0= github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k= -github.com/alecthomas/go-check-sumtype v0.3.0 h1:yOw5oYjpa5eyKNztSfUr2xk2nvUrx7cUjFMbm6puybc= -github.com/alecthomas/go-check-sumtype v0.3.0/go.mod h1:I5AdgQAzhonsD7Bu2UYq8cjS8pzVML1gb3q8mcg/rpQ= +github.com/alecthomas/go-check-sumtype v0.3.1 h1:u9aUvbGINJxLVXiFvHUlPEaD7VDULsrxJb4Aq31NLkU= +github.com/alecthomas/go-check-sumtype v0.3.1/go.mod h1:A8TSiN3UPRw3laIgWEUOHHLPa6/r9MtoigdlP5h3K/E= github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc= github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4= github.com/alexkohler/nakedret/v2 v2.0.5 h1:fP5qLgtwbx9EJE8dGEERT02YwS8En4r9nnZ71RK+EVU= @@ -36,6 +36,8 @@ github.com/alexkohler/prealloc v1.0.0 h1:Hbq0/3fJPQhNkN0dR95AVrr6R7tou91y0uHG5pO github.com/alexkohler/prealloc v1.0.0/go.mod h1:VetnK3dIgFBBKmg0YnD9F9x6Icjd+9cvfHR56wJVlKE= github.com/alingse/asasalint v0.0.11 h1:SFwnQXJ49Kx/1GghOFz1XGqHYKp21Kq1nHad/0WQRnw= github.com/alingse/asasalint v0.0.11/go.mod h1:nCaoMhw7a9kSJObvQyVzNTPBDbNpdocqrSP7t/cW5+I= +github.com/alingse/nilnesserr v0.1.1 h1:7cYuJewpy9jFNMEA72Q1+3Nm3zKHzg+Q28D5f2bBFUA= +github.com/alingse/nilnesserr v0.1.1/go.mod h1:1xJPrXonEtX7wyTq8Dytns5P2hNzoWymVUIaKm4HNFg= github.com/ashanbrown/forbidigo v1.6.0 h1:D3aewfM37Yb3pxHujIPSpTf6oQk9sc9WZi8gerOIVIY= github.com/ashanbrown/forbidigo v1.6.0/go.mod h1:Y8j9jy9ZYAEHXdu723cUlraTqbzjKF1MUyfOKL+AjcU= github.com/ashanbrown/makezero v1.2.0 h1:/2Lp1bypdmK9wDIq7uWBlDF1iMUpIIS4A+pF6C9IEUU= @@ -46,8 +48,8 @@ github.com/bkielbasa/cyclop v1.2.3 h1:faIVMIGDIANuGPWH031CZJTi2ymOQBULs9H21HSMa5 github.com/bkielbasa/cyclop v1.2.3/go.mod h1:kHTwA9Q0uZqOADdupvcFJQtp/ksSnytRMe8ztxG8Fuo= github.com/blizzy78/varnamelen v0.8.0 h1:oqSblyuQvFsW1hbBHh1zfwrKe3kcSj0rnXkKzsQ089M= github.com/blizzy78/varnamelen v0.8.0/go.mod h1:V9TzQZ4fLJ1DSrjVDfl89H7aMnTvKkApdHeyESmyR7k= -github.com/bombsimon/wsl/v4 v4.4.1 h1:jfUaCkN+aUpobrMO24zwyAMwMAV5eSziCkOKEauOLdw= -github.com/bombsimon/wsl/v4 v4.4.1/go.mod h1:Xu/kDxGZTofQcDGCtQe9KCzhHphIe0fDuyWTxER9Feo= +github.com/bombsimon/wsl/v4 v4.5.0 h1:iZRsEvDdyhd2La0FVi5k6tYehpOR/R7qIUjmKk7N74A= +github.com/bombsimon/wsl/v4 v4.5.0/go.mod h1:NOQ3aLF4nD7N5YPXMruR6ZXDOAqLoM0GEpLwTdvmOSc= github.com/breml/bidichk v0.3.2 h1:xV4flJ9V5xWTqxL+/PMFF6dtJPvZLPsyixAoPe8BGJs= github.com/breml/bidichk v0.3.2/go.mod h1:VzFLBxuYtT23z5+iVkamXO386OB+/sVwZOpIj6zXGos= github.com/breml/errchkjson v0.4.0 h1:gftf6uWZMtIa/Is3XJgibewBm2ksAQSY/kABDNFTAdk= @@ -89,6 +91,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/denis-tingaikin/go-header v0.5.0 h1:SRdnP5ZKvcO9KKRP1KJrhFR3RrlGuD+42t4429eC9k8= github.com/denis-tingaikin/go-header v0.5.0/go.mod h1:mMenU5bWrok6Wl2UsZjy+1okegmwQ3UgWl4V1D8gjlY= +github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= +github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/ettle/strcase v0.2.0 h1:fGNiVF21fHXpX1niBgk0aROov1LagYsOwV/xqKDKR/Q= github.com/ettle/strcase v0.2.0/go.mod h1:DajmHElDSaX76ITe3/VHVyMin4LWSJN5Z909Wp+ED1A= github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= @@ -145,14 +149,12 @@ github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a h1:w8hkcTqaFpzKqonE9 github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a/go.mod h1:ryS0uhF+x9jgbj/N71xsEqODy9BN81/GonCZiOzirOk= github.com/golangci/go-printf-func-name v0.1.0 h1:dVokQP+NMTO7jwO4bwsRwLWeudOVUPPyAKJuzv8pEJU= github.com/golangci/go-printf-func-name v0.1.0/go.mod h1:wqhWFH5mUdJQhweRnldEywnR5021wTdZSNgwYceV14s= -github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9 h1:/1322Qns6BtQxUZDTAT4SdcoxknUki7IAoK4SAXr8ME= -github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9/go.mod h1:Oesb/0uFAyWoaw1U1qS5zyjCg5NP9C9iwjnI4tIsXEE= -github.com/golangci/golangci-lint v1.62.2 h1:b8K5K9PN+rZN1+mKLtsZHz2XXS9aYKzQ9i25x3Qnxxw= -github.com/golangci/golangci-lint v1.62.2/go.mod h1:ILWWyeFUrctpHVGMa1dg2xZPKoMUTc5OIMgW7HZr34g= +github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9 h1:t5wybL6RtO83VwoMOb7U/Peqe3gGKQlPIC66wXmnkvM= +github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9/go.mod h1:Ag3L7sh7E28qAp/5xnpMMTuGYqxLZoSaEHZDkZB1RgU= +github.com/golangci/golangci-lint v1.63.2 h1:igdU9duGfb/TiON2SRuNh0SXK0qtx72jjApj1NbaJso= +github.com/golangci/golangci-lint v1.63.2/go.mod h1:O2+mo4qsJuG4cSXBzLbEV+5NAtntoNIbAv428zaEY/s= github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs= github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo= -github.com/golangci/modinfo v0.3.4 h1:oU5huX3fbxqQXdfspamej74DFX0kyGLkw1ppvXoJ8GA= -github.com/golangci/modinfo v0.3.4/go.mod h1:wytF1M5xl9u0ij8YSvhkEVPP3M5Mc7XLl1pxH3B2aUM= github.com/golangci/plugin-module-register v0.1.1 h1:TCmesur25LnyJkpsVrupv1Cdzo+2f7zX0H6Jkw1Ol6c= github.com/golangci/plugin-module-register v0.1.1/go.mod h1:TTpqoB6KkwOJMV8u7+NyXMrkwwESJLOkfl9TxR1DGFc= github.com/golangci/revgrep v0.5.3 h1:3tL7c1XBMtWHHqVpS5ChmiAAoe4PF/d5+ULzV9sLAzs= @@ -204,8 +206,8 @@ github.com/jingyugao/rowserrcheck v1.1.1 h1:zibz55j/MJtLsjP1OF4bSdgXxwL1b+Vn7Tjz github.com/jingyugao/rowserrcheck v1.1.1/go.mod h1:4yvlZSDb3IyDTUZJUmpZfm2Hwok+Dtp+nu2qOq+er9c= github.com/jjti/go-spancheck v0.6.4 h1:Tl7gQpYf4/TMU7AT84MN83/6PutY21Nb9fuQjFTpRRc= github.com/jjti/go-spancheck v0.6.4/go.mod h1:yAEYdKJ2lRkDA8g7X+oKUHXOWVAXSBJRv04OhF+QUjk= -github.com/julz/importas v0.1.0 h1:F78HnrsjY3cR7j0etXy5+TU1Zuy7Xt08X/1aJnH5xXY= -github.com/julz/importas v0.1.0/go.mod h1:oSFU2R4XK/P7kNBrnL/FEQlDGN1/6WoxXEjSSXO0DV0= +github.com/julz/importas v0.2.0 h1:y+MJN/UdL63QbFJHws9BVC5RpA2iq0kpjrFajTGivjQ= +github.com/julz/importas v0.2.0/go.mod h1:pThlt589EnCYtMnmhmRYY/qn9lCf/frPOK+WMx3xiJY= github.com/karamaru-alpha/copyloopvar v1.1.0 h1:x7gNyKcC2vRBO1H2Mks5u1VxQtYvFiym7fCjIP8RPos= github.com/karamaru-alpha/copyloopvar v1.1.0/go.mod h1:u7CIfztblY0jZLOQZgH3oYsJzpC2A7S6u/lfgSXHy0k= github.com/kisielk/errcheck v1.8.0 h1:ZX/URYa7ilESY19ik/vBmCn6zdGQLxACwjAcWbHlYlg= @@ -228,12 +230,16 @@ github.com/kyoh86/exportloopref v0.1.11 h1:1Z0bcmTypkL3Q4k+IDHMWTcnCliEZcaPiIe0/ github.com/kyoh86/exportloopref v0.1.11/go.mod h1:qkV4UF1zGl6EkF1ox8L5t9SwyeBAZ3qLMd6up458uqA= github.com/lasiar/canonicalheader v1.1.2 h1:vZ5uqwvDbyJCnMhmFYimgMZnJMjwljN5VGY0VKbMXb4= github.com/lasiar/canonicalheader v1.1.2/go.mod h1:qJCeLFS0G/QlLQ506T+Fk/fWMa2VmBUiEI2cuMK4djI= +github.com/ldez/exptostd v0.3.0 h1:iKdMtUedzov89jDvuwmo0qpo+ARpZJg9hMp3428WwNg= +github.com/ldez/exptostd v0.3.0/go.mod h1:iZBRYaUmcW5jwCR3KROEZ1KivQQp6PHXbDPk9hqJKCQ= github.com/ldez/gomoddirectives v0.6.0 h1:Jyf1ZdTeiIB4dd+2n4qw+g4aI9IJ6JyfOZ8BityWvnA= github.com/ldez/gomoddirectives v0.6.0/go.mod h1:TuwOGYoPAoENDWQpe8DMqEm5nIfjrxZXmxX/CExWyZ4= -github.com/ldez/grignotin v0.6.0 h1:i++3002hxD5TpVto0iLjLrfz1V+yEJ+BBk4glb3aqC8= -github.com/ldez/grignotin v0.6.0/go.mod h1:uaVTr0SoZ1KBii33c47O1M8Jp3OP3YDwhZCmzT9GHEk= +github.com/ldez/grignotin v0.7.0 h1:vh0dI32WhHaq6LLPZ38g7WxXuZ1+RzyrJ7iPG9JMa8c= +github.com/ldez/grignotin v0.7.0/go.mod h1:uaVTr0SoZ1KBii33c47O1M8Jp3OP3YDwhZCmzT9GHEk= github.com/ldez/tagliatelle v0.7.1 h1:bTgKjjc2sQcsgPiT902+aadvMjCeMHrY7ly2XKFORIk= github.com/ldez/tagliatelle v0.7.1/go.mod h1:3zjxUpsNB2aEZScWiZTHrAXOl1x25t3cRmzfK1mlo2I= +github.com/ldez/usetesting v0.4.1 h1:T/4Bk3YDX6XUBtdNDDFymlr5GBekKA4j7HUtrv1YaaI= +github.com/ldez/usetesting v0.4.1/go.mod h1:eEs46T3PpQ+9RgN9VjpY6qWdiw2/QmfiDeWmdZdrjIQ= github.com/leonklingele/grouper v1.1.2 h1:o1ARBDLOmmasUaNDesWqWCIFH3u7hoFlM84YrjT3mIY= github.com/leonklingele/grouper v1.1.2/go.mod h1:6D0M/HVkhs2yRKRFZUoGjeDy7EZTfFBE9gl4kjmIGkA= github.com/macabu/inamedparam v0.1.3 h1:2tk/phHkMlEL/1GNe/Yf6kkR/hkcUdAEY3L0hjYV1Mk= @@ -246,8 +252,8 @@ github.com/maratori/testableexamples v1.0.0 h1:dU5alXRrD8WKSjOUnmJZuzdxWOEQ57+7s github.com/maratori/testableexamples v1.0.0/go.mod h1:4rhjL1n20TUTT4vdh3RDqSizKLyXp7K2u6HgraZCGzE= github.com/maratori/testpackage v1.1.1 h1:S58XVV5AD7HADMmD0fNnziNHqKvSdDuEKdPD1rNTU04= github.com/maratori/testpackage v1.1.1/go.mod h1:s4gRK/ym6AMrqpOa/kEbQTV4Q4jb7WeLZzVhVVVOQMc= -github.com/matoous/godox v0.0.0-20241202171805-94d1edd68ebb h1:16vJua1jlCfNLTCcMREK9/rX6SYkD22pD2UnUBTi0jU= -github.com/matoous/godox v0.0.0-20241202171805-94d1edd68ebb/go.mod h1:jgE/3fUXiTurkdHOLT5WEkThTSuE7yxHv5iWPa80afs= +github.com/matoous/godox v0.0.0-20241227120647-72181c086b34 h1:EJiRbP3iVnGbBj9EnP+jOQqx/PI65WVByQRyk37fy4s= +github.com/matoous/godox v0.0.0-20241227120647-72181c086b34/go.mod h1:jgE/3fUXiTurkdHOLT5WEkThTSuE7yxHv5iWPa80afs= github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -290,18 +296,18 @@ github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJ github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= github.com/otiai10/mint v1.3.1/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= -github.com/patrickcping/pingone-go-sdk-v2 v0.12.4 h1:geen+q6junlsLmTG30KC7zdnTCQ11BzKu7GGc22Tj5U= -github.com/patrickcping/pingone-go-sdk-v2 v0.12.4/go.mod h1:I1WQE3pSKTrwOzlUuNSN1Tmm5FFIUJwepnDoILpestw= +github.com/patrickcping/pingone-go-sdk-v2 v0.12.5 h1:8z5qI7/Mvj7nxOuR7yPcTOKqUK3X+1nwg9DFfSlvCm4= +github.com/patrickcping/pingone-go-sdk-v2 v0.12.5/go.mod h1:4Qwo23Xz1+TYFl7gVqNDXwiLaszz6BdwAH4Wsy2T7yA= github.com/patrickcping/pingone-go-sdk-v2/authorize v0.7.0 h1:e36HmxvHy3zmt9oKHlTTgImSt1Q71RT05i6Kp4EwxWU= github.com/patrickcping/pingone-go-sdk-v2/authorize v0.7.0/go.mod h1:2PDrgC1ufXk2IDIk4JQHx6r34r2xpkbnzKIpXFv8gYs= github.com/patrickcping/pingone-go-sdk-v2/credentials v0.10.0 h1:NziAU4J3b18hw/4L+4TpCOBS+kd9srQR2R3xP0aEbNw= github.com/patrickcping/pingone-go-sdk-v2/credentials v0.10.0/go.mod h1:yRGf7+tsB3/AQYsNjIIs4ScJhR885mvDYMgwHiQeMl0= -github.com/patrickcping/pingone-go-sdk-v2/management v0.44.0 h1:NjEaHbefO6YrvxsRWoNGSpEsQN0WFV/LJHO+rQilNzk= -github.com/patrickcping/pingone-go-sdk-v2/management v0.44.0/go.mod h1:oLB/jjAkn4oEA60nC5/0KAobvcNJbflOWnVaS6lKxv8= +github.com/patrickcping/pingone-go-sdk-v2/management v0.45.0 h1:mGC9J52bR1+4plCWjfdWq6l6BdlUlemHWv0arzSyvsM= +github.com/patrickcping/pingone-go-sdk-v2/management v0.45.0/go.mod h1:oLB/jjAkn4oEA60nC5/0KAobvcNJbflOWnVaS6lKxv8= github.com/patrickcping/pingone-go-sdk-v2/mfa v0.21.0 h1:/cfl+PcocLDj2m4ZgE653m3UDdIk7VEB7iVwCQ1YSH4= github.com/patrickcping/pingone-go-sdk-v2/mfa v0.21.0/go.mod h1:Q+Ym6kktv5Y6VnVhDt//lWoOhmIKfyjo6ejRx5mLttY= -github.com/patrickcping/pingone-go-sdk-v2/risk v0.17.0 h1:sEJSGAFXhTB/Uy/ulxafLUnRqOE4W3PQoaaGMA1YaS4= -github.com/patrickcping/pingone-go-sdk-v2/risk v0.17.0/go.mod h1:ppwkDT/w2/2y2aFH+hFQgziLMsWvz2MEZvwYexREqRk= +github.com/patrickcping/pingone-go-sdk-v2/risk v0.18.0 h1:+Ogq2g0s0i+SU/NoJg9+pL5+3iPyK9tFUWrDC3scHR8= +github.com/patrickcping/pingone-go-sdk-v2/risk v0.18.0/go.mod h1:ppwkDT/w2/2y2aFH+hFQgziLMsWvz2MEZvwYexREqRk= github.com/patrickcping/pingone-go-sdk-v2/verify v0.8.0 h1:FsssxnJ/VSIxXtdvZlDn555nY+Yn1ndsg9IITyXYBbM= github.com/patrickcping/pingone-go-sdk-v2/verify v0.8.0/go.mod h1:bCq5fHv9mSdNsm/XiT5jb3YgYnQb8F824EYfq9eAJl4= github.com/pavius/impi v0.0.3 h1:DND6MzU+BLABhOZXbELR3FU8b+zDgcq4dOCNLhiTYuI= @@ -336,13 +342,13 @@ github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727 h1:TCg2WBOl github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727/go.mod h1:rlzQ04UMyJXu/aOvhd8qT+hvDrFpiwqp8MRXDY9szc0= github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567 h1:M8mH9eK4OUR4lu7Gd+PU1fV2/qnDNfzT635KRSObncs= github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567/go.mod h1:DWNGW8A4Y+GyBgPuaQJuWiy0XYftx4Xm/y5Jqk9I6VQ= -github.com/raeperd/recvcheck v0.1.2 h1:SjdquRsRXJc26eSonWIo8b7IMtKD3OAT2Lb5G3ZX1+4= -github.com/raeperd/recvcheck v0.1.2/go.mod h1:n04eYkwIR0JbgD73wT8wL4JjPC3wm0nFtzBnWNocnYU= +github.com/raeperd/recvcheck v0.2.0 h1:GnU+NsbiCqdC2XX5+vMZzP+jAJC5fht7rcVTAhX74UI= +github.com/raeperd/recvcheck v0.2.0/go.mod h1:n04eYkwIR0JbgD73wT8wL4JjPC3wm0nFtzBnWNocnYU= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a h1:w3tdWGKbLGBPtR/8/oO74W6hmz0qE5q0z9aqSAewaaM= +github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a/go.mod h1:S8kfXMp+yh77OxPD4fdM6YUknrZpQxLhvxzS4gDHENY= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= @@ -357,12 +363,12 @@ github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6g github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/sanposhiho/wastedassign/v2 v2.1.0 h1:crurBF7fJKIORrV85u9UUpePDYGWnwvv3+A96WvwXT0= github.com/sanposhiho/wastedassign/v2 v2.1.0/go.mod h1:+oSmSC+9bQ+VUAxA66nBb0Z7N8CK7mscKTDYC6aIek4= -github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 h1:lZUw3E0/J3roVtGQ+SCrUrg3ON6NgVqpn3+iol9aGu4= -github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY= +github.com/santhosh-tekuri/jsonschema/v6 v6.0.1 h1:PKK9DyHxif4LZo+uQSgXNqs0jj5+xZwwfKHgph2lxBw= +github.com/santhosh-tekuri/jsonschema/v6 v6.0.1/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU= github.com/sashamelentyev/interfacebloat v1.1.0 h1:xdRdJp0irL086OyW1H/RTZTr1h/tMEOsumirXcOJqAw= github.com/sashamelentyev/interfacebloat v1.1.0/go.mod h1:+Y9yU5YdTkrNvoX0xHc84dxiN1iBi9+G8zZIhPVoNjQ= -github.com/sashamelentyev/usestdlibvars v1.27.0 h1:t/3jZpSXtRPRf2xr0m63i32ZrusyurIGT9E5wAvXQnI= -github.com/sashamelentyev/usestdlibvars v1.27.0/go.mod h1:9nl0jgOfHKWNFS43Ojw0i7aRoS4j6EBye3YBhmAIRF8= +github.com/sashamelentyev/usestdlibvars v1.28.0 h1:jZnudE2zKCtYlGzLVreNp5pmCdOxXUzwsMDBkR21cyQ= +github.com/sashamelentyev/usestdlibvars v1.28.0/go.mod h1:9nl0jgOfHKWNFS43Ojw0i7aRoS4j6EBye3YBhmAIRF8= github.com/securego/gosec/v2 v2.21.4 h1:Le8MSj0PDmOnHJgUATjD96PaXRvCpKC+DGJvwyy0Mlk= github.com/securego/gosec/v2 v2.21.4/go.mod h1:Jtb/MwRQfRxCXyCm1rfM1BEiiiTfUOdyzzAhlr6lUTA= github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c h1:W65qqJCIOVP4jpqPQ0YvHYKwcMEMVWIzWC5iNQQfBTU= @@ -383,8 +389,8 @@ github.com/sourcegraph/go-diff v0.7.0 h1:9uLlrd5T46OXs5qpp8L/MTltk0zikUGi0sNNyCp github.com/sourcegraph/go-diff v0.7.0/go.mod h1:iBszgVvyxdc8SFZ7gm69go2KDdt3ag071iBaWPF6cjs= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= -github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w= -github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= +github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -417,20 +423,20 @@ github.com/tenntenn/modver v1.0.1 h1:2klLppGhDgzJrScMpkj9Ujy3rXPUspSjAcev9tSEBgA github.com/tenntenn/modver v1.0.1/go.mod h1:bePIyQPb7UeioSRkw3Q0XeMhYZSMx9B8ePqg6SAMGH0= github.com/tenntenn/text/transform v0.0.0-20200319021203-7eef512accb3 h1:f+jULpRQGxTSkNYKJ51yaw6ChIqO+Je8UqsTKN/cDag= github.com/tenntenn/text/transform v0.0.0-20200319021203-7eef512accb3/go.mod h1:ON8b8w4BN/kE1EOhwT0o+d62W65a6aPw1nouo9LMgyY= -github.com/tetafro/godot v1.4.18 h1:ouX3XGiziKDypbpXqShBfnNLTSjR8r3/HVzrtJ+bHlI= -github.com/tetafro/godot v1.4.18/go.mod h1:2oVxTBSftRTh4+MVfUaUXR6bn2GDXCaMcOG4Dk3rfio= -github.com/timakin/bodyclose v0.0.0-20241017074824-adbc21e6bf36 h1:BLrrwIAzisfgAzwJXJmDV13xxgP8S0ITQtc8vVFPRXY= -github.com/timakin/bodyclose v0.0.0-20241017074824-adbc21e6bf36/go.mod h1:mkjARE7Yr8qU23YcGMSALbIxTQ9r9QBVahQOBRfU460= +github.com/tetafro/godot v1.4.20 h1:z/p8Ek55UdNvzt4TFn2zx2KscpW4rWqcnUrdmvWJj7E= +github.com/tetafro/godot v1.4.20/go.mod h1:2oVxTBSftRTh4+MVfUaUXR6bn2GDXCaMcOG4Dk3rfio= +github.com/timakin/bodyclose v0.0.0-20241222091800-1db5c5ca4d67 h1:9LPGD+jzxMlnk5r6+hJnar67cgpDIz/iyD+rfl5r2Vk= +github.com/timakin/bodyclose v0.0.0-20241222091800-1db5c5ca4d67/go.mod h1:mkjARE7Yr8qU23YcGMSALbIxTQ9r9QBVahQOBRfU460= github.com/timonwong/loggercheck v0.10.1 h1:uVZYClxQFpw55eh+PIoqM7uAOHMrhVcDoWDery9R8Lg= github.com/timonwong/loggercheck v0.10.1/go.mod h1:HEAWU8djynujaAVX7QI65Myb8qgfcZ1uKbdpg3ZzKl8= github.com/tomarrell/wrapcheck/v2 v2.10.0 h1:SzRCryzy4IrAH7bVGG4cK40tNUhmVmMDuJujy4XwYDg= github.com/tomarrell/wrapcheck/v2 v2.10.0/go.mod h1:g9vNIyhb5/9TQgumxQyOEqDHsmGYcGsVMOx/xGkqdMo= github.com/tommy-muehle/go-mnd/v2 v2.5.1 h1:NowYhSdyE/1zwK9QCLeRb6USWdoif80Ie+v+yU8u1Zw= github.com/tommy-muehle/go-mnd/v2 v2.5.1/go.mod h1:WsUAkMJMYww6l/ufffCD3m+P7LEvr8TnZn9lwVDlgzw= -github.com/ultraware/funlen v0.1.0 h1:BuqclbkY6pO+cvxoq7OsktIXZpgBSkYTQtmwhAK81vI= -github.com/ultraware/funlen v0.1.0/go.mod h1:XJqmOQja6DpxarLj6Jj1U7JuoS8PvL4nEqDaQhy22p4= -github.com/ultraware/whitespace v0.1.1 h1:bTPOGejYFulW3PkcrqkeQwOd6NKOOXvmGD9bo/Gk8VQ= -github.com/ultraware/whitespace v0.1.1/go.mod h1:XcP1RLD81eV4BW8UhQlpaR+SDc2givTvyI8a586WjW8= +github.com/ultraware/funlen v0.2.0 h1:gCHmCn+d2/1SemTdYMiKLAHFYxTYz7z9VIDRaTGyLkI= +github.com/ultraware/funlen v0.2.0/go.mod h1:ZE0q4TsJ8T1SQcjmkhN/w+MceuatI6pBFSxxyteHIJA= +github.com/ultraware/whitespace v0.2.0 h1:TYowo2m9Nfj1baEQBjuHzvMRbp19i+RCcRYrSWoFa+g= +github.com/ultraware/whitespace v0.2.0/go.mod h1:XcP1RLD81eV4BW8UhQlpaR+SDc2givTvyI8a586WjW8= github.com/uudashr/gocognit v1.2.0 h1:3BU9aMr1xbhPlvJLSydKwdLN3tEUUrzPSSM8S4hDYRA= github.com/uudashr/gocognit v1.2.0/go.mod h1:k/DdKPI6XBZO1q7HgoV2juESI2/Ofj9AcHPZhBBdrTU= github.com/uudashr/iface v1.3.0 h1:zwPch0fs9tdh9BmL5kcgSpvnObV+yHjO4JjVBl8IA10= @@ -471,12 +477,12 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/exp v0.0.0-20241210194714-1829a127f884 h1:Y/Mj/94zIQQGHVSv1tTtQBDaQaJe62U9bkDZKKyhPCU= -golang.org/x/exp v0.0.0-20241210194714-1829a127f884/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c= +golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo= +golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c= golang.org/x/exp/typeparams v0.0.0-20220428152302-39d4317da171/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/exp/typeparams v0.0.0-20230203172020-98cc5a0785f9/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= -golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 h1:1xaZTydL5Gsg78QharTwKfA9FY9CZ1VQj6D/AZEvHR0= -golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= +golang.org/x/exp/typeparams v0.0.0-20241217172543-b2144cdd0a67 h1:aOkGQa5iWYZjkoBaUQ8KyQfznXDSSumUfxSlEWSnmIM= +golang.org/x/exp/typeparams v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -528,7 +534,6 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -580,7 +585,6 @@ golang.org/x/tools v0.0.0-20200329025819-fd4102a86c65/go.mod h1:Sl4aGygMT6LrqrWc golang.org/x/tools v0.0.0-20200724022722-7017fd6b1305/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200820010801-b793a1359eac/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20201023174141-c8cfbd0f21e6/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1-0.20210205202024-ef80cdb6ec6d/go.mod h1:9bzcO0MWcOuT0tm1iBGzDVPshzfwoVvREIui8C+MHqU= golang.org/x/tools v0.1.1-0.20210302220138-2ac05c832e1a/go.mod h1:9bzcO0MWcOuT0tm1iBGzDVPshzfwoVvREIui8C+MHqU= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= @@ -599,8 +603,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= -google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= +google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= @@ -616,5 +620,5 @@ honnef.co/go/tools v0.5.1 h1:4bH5o3b5ZULQ4UrBmP+63W9r7qIkqJClEA9ko5YKx+I= honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs= mvdan.cc/gofumpt v0.7.0 h1:bg91ttqXmi9y2xawvkuMXyvAA/1ZGJqYAEGjXuP0JXU= mvdan.cc/gofumpt v0.7.0/go.mod h1:txVFJy/Sc/mvaycET54pV8SW8gWxTlUuGHVEcncmNUo= -mvdan.cc/unparam v0.0.0-20240917084806-57a3b4290ba3 h1:YkmTN1n5U60NM02j7TCSWRlW3fqNiuXe/eVXf0dLFN8= -mvdan.cc/unparam v0.0.0-20240917084806-57a3b4290ba3/go.mod h1:z5yboO1sP1Q9pcfvS597TpfbNXQjphDlkCJHzt13ybc= +mvdan.cc/unparam v0.0.0-20241226123437-447d509598f3 h1:OPdLMIX29kquQXSiXmnwzHP1bc+JlH0S2l8SfVK9yWE= +mvdan.cc/unparam v0.0.0-20241226123437-447d509598f3/go.mod h1:VQc4l9ccF55E7EwPxcGqwierxEf0KG8MRR8hJ9tpngw= diff --git a/internal/connector/pingfederate/pingfederate_connector.go b/internal/connector/pingfederate/pingfederate_connector.go index 8ff48ede..9a7ec18d 100644 --- a/internal/connector/pingfederate/pingfederate_connector.go +++ b/internal/connector/pingfederate/pingfederate_connector.go @@ -68,26 +68,50 @@ func (c *PingFederateConnector) Export(format, outputDir string, overwriteExport resources.KerberosRealmSettings(&c.clientInfo), resources.KeypairsOauthOpenidConnect(&c.clientInfo), resources.KeypairsOauthOpenidConnectAdditionalKeySet(&c.clientInfo), + resources.KeypairsSigningKeyRotationSettings(&c.clientInfo), + resources.KeypairsSslServerSettings(&c.clientInfo), resources.LocalIdentityProfile(&c.clientInfo), + resources.MetadataUrl(&c.clientInfo), + resources.NotificationPublisher(&c.clientInfo), resources.NotificationPublisherSettings(&c.clientInfo), resources.OAuthAccessTokenManager(&c.clientInfo), + resources.OAuthAccessTokenManagerSettings(&c.clientInfo), resources.OAuthAccessTokenMapping(&c.clientInfo), + resources.OAuthAuthenticationPolicyContractMapping(&c.clientInfo), + resources.OAuthCibaServerPolicyRequestPolicy(&c.clientInfo), resources.OAuthCIBAServerPolicySettings(&c.clientInfo), resources.OAuthClient(&c.clientInfo), + resources.OAuthClientRegistrationPolicy(&c.clientInfo), + resources.OAuthClientSettings(&c.clientInfo), + resources.OAuthIdpAdapterMapping(&c.clientInfo), resources.OAuthIssuer(&c.clientInfo), resources.OAuthServerSettings(&c.clientInfo), + resources.OAuthTokenExchangeGeneratorSettings(&c.clientInfo), + resources.OAuthTokenExchangeTokenGeneratorMapping(&c.clientInfo), resources.OpenIDConnectPolicy(&c.clientInfo), resources.OpenIDConnectSettings(&c.clientInfo), resources.PasswordCredentialValidator(&c.clientInfo), resources.PingOneConnection(&c.clientInfo), + resources.ProtocolMetadataLifetimeSettings(&c.clientInfo), + resources.ProtocolMetadataSigningSettings(&c.clientInfo), resources.RedirectValidation(&c.clientInfo), + resources.SecretManager(&c.clientInfo), resources.ServerSettings(&c.clientInfo), resources.ServerSettingsGeneral(&c.clientInfo), + resources.ServerSettingsLogging(&c.clientInfo), resources.ServerSettingsSystemKeysRotate(&c.clientInfo), + resources.ServerSettingsWsTrustStsSettings(&c.clientInfo), + resources.ServerSettingsWsTrustStsSettingsIssuerCertificate(&c.clientInfo), + resources.ServiceAuthentication(&c.clientInfo), resources.SessionApplicationPolicy(&c.clientInfo), resources.SessionAuthenticationPoliciesGlobal(&c.clientInfo), + resources.SessionAuthenticationPolicy(&c.clientInfo), resources.SessionSettings(&c.clientInfo), + resources.SpAdapter(&c.clientInfo), resources.SPAuthenticationPolicyContractMapping(&c.clientInfo), + resources.SpIdpConnection(&c.clientInfo), + resources.SpTargetUrlMappings(&c.clientInfo), + resources.TokenProcessorToTokenGeneratorMapping(&c.clientInfo), resources.VirtualHostNames(&c.clientInfo), } diff --git a/internal/connector/pingfederate/pingfederate_connector_test.go b/internal/connector/pingfederate/pingfederate_connector_test.go index 6a0590be..763d02fd 100644 --- a/internal/connector/pingfederate/pingfederate_connector_test.go +++ b/internal/connector/pingfederate/pingfederate_connector_test.go @@ -165,11 +165,31 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.KeypairsOauthOpenidConnectAdditionalKeySet(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateKeypairsSigningKeyRotationSettings", + resource: resources.KeypairsSigningKeyRotationSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateKeypairsSslServerSettings", + resource: resources.KeypairsSslServerSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateLocalIdentityProfile", resource: resources.LocalIdentityProfile(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateMetadataUrl", + resource: resources.MetadataUrl(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateNotificationPublisher", + resource: resources.NotificationPublisher(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateNotificationPublishersSettings", resource: resources.NotificationPublisherSettings(PingFederateClientInfo), @@ -180,11 +200,26 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.OAuthAccessTokenManager(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateOAuthAccessTokenManagerSettings", + resource: resources.OAuthAccessTokenManagerSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateOAuthAccessTokenMapping", resource: resources.OAuthAccessTokenMapping(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateOAuthAuthenticationPolicyContractMapping", + resource: resources.OAuthAuthenticationPolicyContractMapping(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateOAuthCibaServerPolicyRequestPolicy", + resource: resources.OAuthCibaServerPolicyRequestPolicy(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateOAuthCIBAServerPolicySettings", resource: resources.OAuthCIBAServerPolicySettings(PingFederateClientInfo), @@ -195,6 +230,21 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.OAuthClient(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateOAuthClientRegistrationPolicy", + resource: resources.OAuthClientRegistrationPolicy(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateOAuthClientSettings", + resource: resources.OAuthClientSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateOAuthIdpAdapterMapping", + resource: resources.OAuthIdpAdapterMapping(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateOAuthIssuer", resource: resources.OAuthIssuer(PingFederateClientInfo), @@ -205,6 +255,16 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.OAuthServerSettings(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateOAuthTokenExchangeGeneratorSettings", + resource: resources.OAuthTokenExchangeGeneratorSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateOAuthTokenExchangeTokenGeneratorMapping", + resource: resources.OAuthTokenExchangeTokenGeneratorMapping(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateOpenIDConnectPolicy", resource: resources.OpenIDConnectPolicy(PingFederateClientInfo), @@ -225,28 +285,63 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.PingOneConnection(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateProtocolMetadataLifetimeSettings", + resource: resources.ProtocolMetadataLifetimeSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateProtocolMetadataSigningSettings", + resource: resources.ProtocolMetadataSigningSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateRedirectValidation", resource: resources.RedirectValidation(PingFederateClientInfo), ignoredErrors: nil, }, { - name: "PingFederateServerSettings", - resource: resources.ServerSettings(PingFederateClientInfo), - ignoredErrors: []string{ - "Error: Invalid Attribute Value Length", - }, + name: "PingFederateSecretManager", + resource: resources.SecretManager(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateServerSettings", + resource: resources.ServerSettings(PingFederateClientInfo), + ignoredErrors: nil, }, { name: "PingFederateServerSettingsGeneral", resource: resources.ServerSettingsGeneral(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateServerSettingsLogging", + resource: resources.ServerSettingsLogging(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateServerSettingsSystemKeysRotate", resource: resources.ServerSettingsSystemKeysRotate(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateServerSettingsWsTrustStsSettings", + resource: resources.ServerSettingsWsTrustStsSettings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateServerSettingsWsTrustStsSettingsIssuerCertificate", + resource: resources.ServerSettingsWsTrustStsSettingsIssuerCertificate(PingFederateClientInfo), + ignoredErrors: []string{ + "Error: Missing Configuration for Required Attribute", + }, + }, + { + name: "PingFederateServiceAuthentication", + resource: resources.ServiceAuthentication(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateSessionApplicationPolicy", resource: resources.SessionApplicationPolicy(PingFederateClientInfo), @@ -257,16 +352,43 @@ func TestPingFederateTerraformPlan(t *testing.T) { resource: resources.SessionAuthenticationPoliciesGlobal(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateSessionAuthenticationPolicy", + resource: resources.SessionAuthenticationPolicy(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateSessionSettings", resource: resources.SessionSettings(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateSpAdapter", + resource: resources.SpAdapter(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateSPAuthenticationPolicyContractMapping", resource: resources.SPAuthenticationPolicyContractMapping(PingFederateClientInfo), ignoredErrors: nil, }, + { + name: "PingFederateSpIdpConnection", + resource: resources.SpIdpConnection(PingFederateClientInfo), + ignoredErrors: []string{ + "Error: Invalid Object Attribute Type", + }, + }, + { + name: "PingFederateSpTargetUrlMappings", + resource: resources.SpTargetUrlMappings(PingFederateClientInfo), + ignoredErrors: nil, + }, + { + name: "PingFederateTokenProcessorToTokenGeneratorMapping", + resource: resources.TokenProcessorToTokenGeneratorMapping(PingFederateClientInfo), + ignoredErrors: nil, + }, { name: "PingFederateVirtualHostNames", resource: resources.VirtualHostNames(PingFederateClientInfo), diff --git a/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings.go b/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings.go new file mode 100644 index 00000000..b9adfe93 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings.go @@ -0,0 +1,99 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateKeypairsSigningKeyRotationSettingsResource{} +) + +type PingFederateKeypairsSigningKeyRotationSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateKeypairsSigningKeyRotationSettingsResource +func KeypairsSigningKeyRotationSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateKeypairsSigningKeyRotationSettingsResource { + return &PingFederateKeypairsSigningKeyRotationSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateKeypairsSigningKeyRotationSettingsResource) ResourceType() string { + return "pingfederate_keypairs_signing_key_rotation_settings" +} + +func (r *PingFederateKeypairsSigningKeyRotationSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + signingKeyPairData, err := r.getSigningKeyPairData() + if err != nil { + return nil, err + } + + for signingKeyPairId, signingKeyPairInfo := range *signingKeyPairData { + signingKeyPairIssuerDN := signingKeyPairInfo[0] + signingKeyPairSerialNumber := signingKeyPairInfo[1] + + commentData := map[string]string{ + "Signing Keypair ID": signingKeyPairId, + "Signing Keypair Issuer DN": signingKeyPairIssuerDN, + "Signing Keypair Serial Number": signingKeyPairSerialNumber, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_%s_rotation_settings", signingKeyPairIssuerDN, signingKeyPairSerialNumber), + ResourceID: signingKeyPairId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateKeypairsSigningKeyRotationSettingsResource) getSigningKeyPairData() (*map[string][]string, error) { + signingKeyPairData := make(map[string][]string) + + signingKeyPairs, response, err := r.clientInfo.ApiClient.KeyPairsSigningAPI.GetSigningKeyPairs(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetSigningKeyPairs", r.ResourceType()) + if err != nil { + return nil, err + } + + if signingKeyPairs == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + signingKeyPairsItems, signingKeyPairsItemsOk := signingKeyPairs.GetItemsOk() + if !signingKeyPairsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, signingKeyPair := range signingKeyPairsItems { + _, signingKeyPairRotationSettingsOk := signingKeyPair.GetRotationSettingsOk() + + if signingKeyPairRotationSettingsOk { + signingKeyPairId, signingKeyPairIdOk := signingKeyPair.GetIdOk() + signingKeyPairIssuerDN, signingKeyPairIssuerDNOk := signingKeyPair.GetIssuerDNOk() + signingKeyPairSerialNumber, signingKeyPairSerialNumberOk := signingKeyPair.GetSerialNumberOk() + + if signingKeyPairIdOk && signingKeyPairIssuerDNOk && signingKeyPairSerialNumberOk { + signingKeyPairData[*signingKeyPairId] = []string{*signingKeyPairIssuerDN, *signingKeyPairSerialNumber} + } + } + } + + return &signingKeyPairData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings_test.go new file mode 100644 index 00000000..61e3d214 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_keypairs_signing_key_rotation_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateKeypairsSigningKeyRotationSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.KeypairsSigningKeyRotationSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_keypairs_signing_key_rotation_settings", + ResourceName: "CN=rotationTest, O=pingidentity, L=Denver, ST=CO, C=US_1735851845119_rotation_settings", + ResourceID: "9vgmnd36wykte1l2nm8s8uead", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings.go b/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings.go new file mode 100644 index 00000000..cf7e35af --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateKeypairsSslServerSettingsResource{} +) + +type PingFederateKeypairsSslServerSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateKeypairsSslServerSettingsResource +func KeypairsSslServerSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateKeypairsSslServerSettingsResource { + return &PingFederateKeypairsSslServerSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateKeypairsSslServerSettingsResource) ResourceType() string { + return "pingfederate_keypairs_ssl_server_settings" +} + +func (r *PingFederateKeypairsSslServerSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + keypairsSslServerSettingsId := "keypairs_ssl_server_settings_singleton_id" + keypairsSslServerSettingsName := "Keypairs SSL Server Settings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: keypairsSslServerSettingsName, + ResourceID: keypairsSslServerSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings_test.go new file mode 100644 index 00000000..36014527 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_keypairs_ssl_server_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateKeypairsSslServerSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.KeypairsSslServerSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_keypairs_ssl_server_settings", + ResourceName: "Keypairs SSL Server Settings", + ResourceID: "keypairs_ssl_server_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_metadata_url.go b/internal/connector/pingfederate/resources/pingfederate_metadata_url.go new file mode 100644 index 00000000..e60b343f --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_metadata_url.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateMetadataUrlResource{} +) + +type PingFederateMetadataUrlResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateMetadataUrlResource +func MetadataUrl(clientInfo *connector.PingFederateClientInfo) *PingFederateMetadataUrlResource { + return &PingFederateMetadataUrlResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateMetadataUrlResource) ResourceType() string { + return "pingfederate_metadata_url" +} + +func (r *PingFederateMetadataUrlResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + metadataUrlData, err := r.getMetadataUrlData() + if err != nil { + return nil, err + } + + for metadataUrlId, metadataUrlName := range *metadataUrlData { + commentData := map[string]string{ + "Metadata URL ID": metadataUrlId, + "Metadata URL Name": metadataUrlName, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: metadataUrlName, + ResourceID: metadataUrlId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateMetadataUrlResource) getMetadataUrlData() (*map[string]string, error) { + metadataUrlData := make(map[string]string) + + metadataUrls, response, err := r.clientInfo.ApiClient.MetadataUrlsAPI.GetMetadataUrls(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetMetadataUrls", r.ResourceType()) + if err != nil { + return nil, err + } + + if metadataUrls == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + metadataUrlsItems, metadataUrlsItemsOk := metadataUrls.GetItemsOk() + if !metadataUrlsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, metadataUrl := range metadataUrlsItems { + metadataUrlId, metadataUrlIdOk := metadataUrl.GetIdOk() + metadataUrlName, metadataUrlNameOk := metadataUrl.GetNameOk() + + if metadataUrlIdOk && metadataUrlNameOk { + metadataUrlData[*metadataUrlId] = *metadataUrlName + } + } + + return &metadataUrlData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_metadata_url_test.go b/internal/connector/pingfederate/resources/pingfederate_metadata_url_test.go new file mode 100644 index 00000000..0d8cc3bd --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_metadata_url_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateMetadataUrlExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.MetadataUrl(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_metadata_url", + ResourceName: "Test Metadata URL", + ResourceID: "i8uUHFDebYX7Z7gSfyhZ9yKUA", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_notification_publisher.go b/internal/connector/pingfederate/resources/pingfederate_notification_publisher.go new file mode 100644 index 00000000..3167ab09 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_notification_publisher.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateNotificationPublisherResource{} +) + +type PingFederateNotificationPublisherResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateNotificationPublisherResource +func NotificationPublisher(clientInfo *connector.PingFederateClientInfo) *PingFederateNotificationPublisherResource { + return &PingFederateNotificationPublisherResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateNotificationPublisherResource) ResourceType() string { + return "pingfederate_notification_publisher" +} + +func (r *PingFederateNotificationPublisherResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + notificationPublisherData, err := r.getNotificationPublisherData() + if err != nil { + return nil, err + } + + for notificationPublisherId, notificationPublisherName := range *notificationPublisherData { + commentData := map[string]string{ + "Notification Publisher ID": notificationPublisherId, + "Notification Publisher Name": notificationPublisherName, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: notificationPublisherName, + ResourceID: notificationPublisherId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateNotificationPublisherResource) getNotificationPublisherData() (*map[string]string, error) { + notificationPublisherData := make(map[string]string) + + notificationPublishers, response, err := r.clientInfo.ApiClient.NotificationPublishersAPI.GetNotificationPublishers(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetNotificationPublishers", r.ResourceType()) + if err != nil { + return nil, err + } + + if notificationPublishers == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + notificationPublishersItems, notificationPublishersItemsOk := notificationPublishers.GetItemsOk() + if !notificationPublishersItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, notificationPublisher := range notificationPublishersItems { + notificationPublisherId, notificationPublisherIdOk := notificationPublisher.GetIdOk() + notificationPublisherName, notificationPublisherNameOk := notificationPublisher.GetNameOk() + + if notificationPublisherIdOk && notificationPublisherNameOk { + notificationPublisherData[*notificationPublisherId] = *notificationPublisherName + } + } + + return ¬ificationPublisherData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_notification_publisher_test.go b/internal/connector/pingfederate/resources/pingfederate_notification_publisher_test.go new file mode 100644 index 00000000..4b7328c4 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_notification_publisher_test.go @@ -0,0 +1,31 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateNotificationPublisherExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.NotificationPublisher(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_notification_publisher", + ResourceName: "exampleSmtpPublisher", + ResourceID: "exampleSmtpPublisher", + }, + { + ResourceType: "pingfederate_notification_publisher", + ResourceName: "exampleSmtpPublisher2", + ResourceID: "exampleSmtpPublisher2", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings.go b/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings.go new file mode 100644 index 00000000..7363d688 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthAccessTokenManagerSettingsResource{} +) + +type PingFederateOAuthAccessTokenManagerSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthAccessTokenManagerSettingsResource +func OAuthAccessTokenManagerSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthAccessTokenManagerSettingsResource { + return &PingFederateOAuthAccessTokenManagerSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthAccessTokenManagerSettingsResource) ResourceType() string { + return "pingfederate_oauth_access_token_manager_settings" +} + +func (r *PingFederateOAuthAccessTokenManagerSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + oauthAccessTokenManagerSettingsId := "oauth_access_token_manager_settings_singleton_id" // #nosec G101 // These variables do not contain sensitive token information + oauthAccessTokenManagerSettingsName := "OAuth Access Token Manager Settings" // #nosec G101 // These variables do not contain sensitive token information + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: oauthAccessTokenManagerSettingsName, + ResourceID: oauthAccessTokenManagerSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings_test.go new file mode 100644 index 00000000..68650de0 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_access_token_manager_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthAccessTokenManagerSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthAccessTokenManagerSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_access_token_manager_settings", + ResourceName: "OAuth Access Token Manager Settings", + ResourceID: "oauth_access_token_manager_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping.go b/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping.go new file mode 100644 index 00000000..d51f20c4 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping.go @@ -0,0 +1,88 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthAuthenticationPolicyContractMappingResource{} +) + +type PingFederateOAuthAuthenticationPolicyContractMappingResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthAuthenticationPolicyContractMappingResource +func OAuthAuthenticationPolicyContractMapping(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthAuthenticationPolicyContractMappingResource { + return &PingFederateOAuthAuthenticationPolicyContractMappingResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthAuthenticationPolicyContractMappingResource) ResourceType() string { + return "pingfederate_oauth_authentication_policy_contract_mapping" +} + +func (r *PingFederateOAuthAuthenticationPolicyContractMappingResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + apcToPersistentGrantMappingData, err := r.getApcToPersistentGrantMappingData() + if err != nil { + return nil, err + } + + for _, mappingId := range *apcToPersistentGrantMappingData { + commentData := map[string]string{ + "Authentication Policy Contract Mapping ID": mappingId, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_mapping", mappingId), + ResourceID: mappingId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateOAuthAuthenticationPolicyContractMappingResource) getApcToPersistentGrantMappingData() (*[]string, error) { + apcToPersistentGrantMappingData := []string{} + + apcToPersistentGrantMappings, response, err := r.clientInfo.ApiClient.OauthAuthenticationPolicyContractMappingsAPI.GetApcMappings(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetApcMappings", r.ResourceType()) + if err != nil { + return nil, err + } + + if apcToPersistentGrantMappings == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + apcToPersistentGrantMappingsItems, apcToPersistentGrantMappingsItemsOk := apcToPersistentGrantMappings.GetItemsOk() + if !apcToPersistentGrantMappingsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, apcToPersistentGrantMapping := range apcToPersistentGrantMappingsItems { + apcToPersistentGrantMappingId, apcToPersistentGrantMappingIdOk := apcToPersistentGrantMapping.GetIdOk() + + if apcToPersistentGrantMappingIdOk { + apcToPersistentGrantMappingData = append(apcToPersistentGrantMappingData, *apcToPersistentGrantMappingId) + } + } + + return &apcToPersistentGrantMappingData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping_test.go new file mode 100644 index 00000000..109658c9 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_authentication_policy_contract_mapping_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthAuthenticationPolicyContractMappingExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthAuthenticationPolicyContractMapping(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_authentication_policy_contract_mapping", + ResourceName: "QGxlec5CX693lBQL_mapping", + ResourceID: "QGxlec5CX693lBQL", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy.go b/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy.go new file mode 100644 index 00000000..dbde5ba9 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthClientResource{} +) + +type PingFederateOAuthCibaServerPolicyRequestPolicyResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthCibaServerPolicyRequestPolicyResource +func OAuthCibaServerPolicyRequestPolicy(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthCibaServerPolicyRequestPolicyResource { + return &PingFederateOAuthCibaServerPolicyRequestPolicyResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthCibaServerPolicyRequestPolicyResource) ResourceType() string { + return "pingfederate_oauth_ciba_server_policy_request_policy" +} + +func (r *PingFederateOAuthCibaServerPolicyRequestPolicyResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + oauthClientData, err := r.getRequestPolicyData() + if err != nil { + return nil, err + } + + for requestPolicyId, requestPolicyName := range *oauthClientData { + commentData := map[string]string{ + "OAuth CIBA Server Policy Request Policy ID": requestPolicyId, + "OAuth CIBA Server Policy Request Policy Name": requestPolicyName, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: requestPolicyName, + ResourceID: requestPolicyId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateOAuthCibaServerPolicyRequestPolicyResource) getRequestPolicyData() (*map[string]string, error) { + requestPolicyData := make(map[string]string) + + requestPolicies, response, err := r.clientInfo.ApiClient.OauthCibaServerPolicyAPI.GetCibaServerPolicies(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetCibaServerPolicies", r.ResourceType()) + if err != nil { + return nil, err + } + + if requestPolicies == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + requestPoliciesItems, requestPoliciesItemsOk := requestPolicies.GetItemsOk() + if !requestPoliciesItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, requestPolicy := range requestPoliciesItems { + requestPolicyId, requestPolicyIdOk := requestPolicy.GetIdOk() + requestPolicyName, requestPolicyNameOk := requestPolicy.GetNameOk() + + if requestPolicyIdOk && requestPolicyNameOk { + requestPolicyData[*requestPolicyId] = *requestPolicyName + } + } + + return &requestPolicyData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy_test.go new file mode 100644 index 00000000..a85dd202 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_ciba_server_policy_request_policy_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthCibaServerPolicyRequestPolicyExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthCibaServerPolicyRequestPolicy(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_ciba_server_policy_request_policy", + ResourceName: "exampleCibaReqPolicy", + ResourceID: "exampleCibaReqPolicy", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy.go b/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy.go new file mode 100644 index 00000000..1fa09d58 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthClientRegistrationPolicyResource{} +) + +type PingFederateOAuthClientRegistrationPolicyResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthClientRegistrationPolicyResource +func OAuthClientRegistrationPolicy(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthClientRegistrationPolicyResource { + return &PingFederateOAuthClientRegistrationPolicyResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthClientRegistrationPolicyResource) ResourceType() string { + return "pingfederate_oauth_client_registration_policy" +} + +func (r *PingFederateOAuthClientRegistrationPolicyResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + clientRegistrationPolicyData, err := r.getClientRegistrationPolicyData() + if err != nil { + return nil, err + } + + for clientRegistrationPolicyId, clientRegistrationPolicyName := range *clientRegistrationPolicyData { + commentData := map[string]string{ + "OAuth Client Registration Policy ID": clientRegistrationPolicyId, + "OAuth Client Registration Policy Name": clientRegistrationPolicyName, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: clientRegistrationPolicyName, + ResourceID: clientRegistrationPolicyId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateOAuthClientRegistrationPolicyResource) getClientRegistrationPolicyData() (*map[string]string, error) { + clientRegistrationPolicyData := make(map[string]string) + + clientRegistrationPolicies, response, err := r.clientInfo.ApiClient.OauthClientRegistrationPoliciesAPI.GetDynamicClientRegistrationPolicies(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetDynamicClientRegistrationPolicies", r.ResourceType()) + if err != nil { + return nil, err + } + + if clientRegistrationPolicies == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + clientRegistrationPoliciesItems, clientRegistrationPoliciesItemsOk := clientRegistrationPolicies.GetItemsOk() + if !clientRegistrationPoliciesItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, clientRegistrationPolicy := range clientRegistrationPoliciesItems { + clientRegistrationPolicyId, clientRegistrationPolicyIdOk := clientRegistrationPolicy.GetIdOk() + clientRegistrationPolicyName, clientRegistrationPolicyNameOk := clientRegistrationPolicy.GetNameOk() + + if clientRegistrationPolicyIdOk && clientRegistrationPolicyNameOk { + clientRegistrationPolicyData[*clientRegistrationPolicyId] = *clientRegistrationPolicyName + } + } + + return &clientRegistrationPolicyData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy_test.go new file mode 100644 index 00000000..585ad8b3 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_client_registration_policy_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthClientRegistrationPolicyExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthClientRegistrationPolicy(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_client_registration_policy", + ResourceName: "Test Registration Policy", + ResourceID: "testRegistrationPolicy", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings.go b/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings.go new file mode 100644 index 00000000..e39a53b2 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthClientSettingsResource{} +) + +type PingFederateOAuthClientSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthClientSettingsResource +func OAuthClientSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthClientSettingsResource { + return &PingFederateOAuthClientSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthClientSettingsResource) ResourceType() string { + return "pingfederate_oauth_client_settings" +} + +func (r *PingFederateOAuthClientSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + oAuthClientSettingsId := "oauth_client_settings_singleton_id" + oAuthClientSettingsName := "OAuth Client Settings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: oAuthClientSettingsName, + ResourceID: oAuthClientSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings_test.go new file mode 100644 index 00000000..7f805f98 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_client_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthClientSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthClientSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_client_settings", + ResourceName: "OAuth Client Settings", + ResourceID: "oauth_client_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping.go b/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping.go new file mode 100644 index 00000000..5b0bf769 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping.go @@ -0,0 +1,88 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthIdpAdapterMappingResource{} +) + +type PingFederateOAuthIdpAdapterMappingResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthIdpAdapterMappingResource +func OAuthIdpAdapterMapping(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthIdpAdapterMappingResource { + return &PingFederateOAuthIdpAdapterMappingResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthIdpAdapterMappingResource) ResourceType() string { + return "pingfederate_oauth_idp_adapter_mapping" +} + +func (r *PingFederateOAuthIdpAdapterMappingResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + idpAdapterMappingData, err := r.getIdpAdapterMappingData() + if err != nil { + return nil, err + } + + for _, idpAdapterMappingId := range *idpAdapterMappingData { + commentData := map[string]string{ + "OAuth IDP Adapter Mapping ID": idpAdapterMappingId, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_mapping", idpAdapterMappingId), + ResourceID: idpAdapterMappingId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateOAuthIdpAdapterMappingResource) getIdpAdapterMappingData() (*[]string, error) { + idpAdapterMappingData := []string{} + + idpAdapterMappings, response, err := r.clientInfo.ApiClient.OauthIdpAdapterMappingsAPI.GetIdpAdapterMappings(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetIdpAdapterMappings", r.ResourceType()) + if err != nil { + return nil, err + } + + if idpAdapterMappings == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + idpAdapterMappingsItems, idpAdapterMappingsItemsOk := idpAdapterMappings.GetItemsOk() + if !idpAdapterMappingsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, idpAdapterMapping := range idpAdapterMappingsItems { + idpAdapterMappingId, idpAdapterMappingIdOk := idpAdapterMapping.GetIdOk() + + if idpAdapterMappingIdOk { + idpAdapterMappingData = append(idpAdapterMappingData, *idpAdapterMappingId) + } + } + + return &idpAdapterMappingData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping_test.go new file mode 100644 index 00000000..360307af --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_idp_adapter_mapping_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthIdpAdapterMappingExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthIdpAdapterMapping(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_idp_adapter_mapping", + ResourceName: "OTIdPJava_mapping", + ResourceID: "OTIdPJava", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings.go b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings.go new file mode 100644 index 00000000..3952ed53 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthTokenExchangeGeneratorSettingsResource{} +) + +type PingFederateOAuthTokenExchangeGeneratorSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthTokenExchangeGeneratorSettingsResource +func OAuthTokenExchangeGeneratorSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthTokenExchangeGeneratorSettingsResource { + return &PingFederateOAuthTokenExchangeGeneratorSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthTokenExchangeGeneratorSettingsResource) ResourceType() string { + return "pingfederate_oauth_token_exchange_generator_settings" +} + +func (r *PingFederateOAuthTokenExchangeGeneratorSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + oauthTokenExchangeGeneratorSettingsId := "oauth_token_exchange_generator_settings_singleton_id" // #nosec G101 // These variables do not contain sensitive token information + oauthTokenExchangeGeneratorSettingsName := "OAuth Token Exchange Generator Settings" // #nosec G101 // These variables do not contain sensitive token information + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: oauthTokenExchangeGeneratorSettingsName, + ResourceID: oauthTokenExchangeGeneratorSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings_test.go new file mode 100644 index 00000000..768eec3b --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_generator_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthTokenExchangeGeneratorSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthTokenExchangeGeneratorSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_token_exchange_generator_settings", + ResourceName: "OAuth Token Exchange Generator Settings", + ResourceID: "oauth_token_exchange_generator_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping.go b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping.go new file mode 100644 index 00000000..1bcba128 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping.go @@ -0,0 +1,95 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateOAuthTokenExchangeTokenGeneratorMappingResource{} +) + +type PingFederateOAuthTokenExchangeTokenGeneratorMappingResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateOAuthTokenExchangeTokenGeneratorMappingResource +func OAuthTokenExchangeTokenGeneratorMapping(clientInfo *connector.PingFederateClientInfo) *PingFederateOAuthTokenExchangeTokenGeneratorMappingResource { + return &PingFederateOAuthTokenExchangeTokenGeneratorMappingResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateOAuthTokenExchangeTokenGeneratorMappingResource) ResourceType() string { + return "pingfederate_oauth_token_exchange_token_generator_mapping" +} + +func (r *PingFederateOAuthTokenExchangeTokenGeneratorMappingResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + processorPolicyToGeneratorMappingData, err := r.getProcessorPolicyToGeneratorMappingData() + if err != nil { + return nil, err + } + + for mappingId, mappingInfo := range *processorPolicyToGeneratorMappingData { + sourceId := mappingInfo[0] + targetId := mappingInfo[1] + + commentData := map[string]string{ + "OAuth Token Exchange Token Generator Mapping ID": mappingId, + "Processor Policy ID": sourceId, + "Resource Type": r.ResourceType(), + "Token Generator ID": targetId, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_to_%s", sourceId, targetId), + ResourceID: mappingId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateOAuthTokenExchangeTokenGeneratorMappingResource) getProcessorPolicyToGeneratorMappingData() (*map[string][]string, error) { + processorPolicyToGeneratorMappingData := make(map[string][]string) + + processorPolicyToGeneratorMappings, response, err := r.clientInfo.ApiClient.OauthTokenExchangeTokenGeneratorMappingsAPI.GetTokenGeneratorMappings(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetTokenGeneratorMappings", r.ResourceType()) + if err != nil { + return nil, err + } + + if processorPolicyToGeneratorMappings == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + processorPolicyToGeneratorMappingsItems, processorPolicyToGeneratorMappingsItemsOk := processorPolicyToGeneratorMappings.GetItemsOk() + if !processorPolicyToGeneratorMappingsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, mapping := range processorPolicyToGeneratorMappingsItems { + mappingId, mappingIdOk := mapping.GetIdOk() + mappingSourceId, mappingSourceIdOk := mapping.GetSourceIdOk() + mappingTargetId, mappingTargetIdOk := mapping.GetTargetIdOk() + + if mappingIdOk && mappingSourceIdOk && mappingTargetIdOk { + processorPolicyToGeneratorMappingData[*mappingId] = []string{*mappingSourceId, *mappingTargetId} + } + } + + return &processorPolicyToGeneratorMappingData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping_test.go b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping_test.go new file mode 100644 index 00000000..012b3367 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_oauth_token_exchange_token_generator_mapping_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateOAuthTokenExchangeTokenGeneratorMappingExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.OAuthTokenExchangeTokenGeneratorMapping(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_oauth_token_exchange_token_generator_mapping", + ResourceName: "tokenexchangeprocessorpolicy_to_tokengenerator", + ResourceID: "tokenexchangeprocessorpolicy|tokengenerator", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings.go b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings.go new file mode 100644 index 00000000..b2bf24f4 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateProtocolMetadataLifetimeSettingsResource{} +) + +type PingFederateProtocolMetadataLifetimeSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateProtocolMetadataLifetimeSettingsResource +func ProtocolMetadataLifetimeSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateProtocolMetadataLifetimeSettingsResource { + return &PingFederateProtocolMetadataLifetimeSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateProtocolMetadataLifetimeSettingsResource) ResourceType() string { + return "pingfederate_protocol_metadata_lifetime_settings" +} + +func (r *PingFederateProtocolMetadataLifetimeSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + protocolMetadataLifetimeSettingsId := "protocol_metadata_lifetime_settings_singleton_id" + protocolMetadataLifetimeSettingsName := "Protocol Metadata Lifetime Settings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: protocolMetadataLifetimeSettingsName, + ResourceID: protocolMetadataLifetimeSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings_test.go new file mode 100644 index 00000000..b00ffcc3 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_lifetime_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateProtocolMetadataLifetimeSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ProtocolMetadataLifetimeSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_protocol_metadata_lifetime_settings", + ResourceName: "Protocol Metadata Lifetime Settings", + ResourceID: "protocol_metadata_lifetime_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings.go b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings.go new file mode 100644 index 00000000..995a92ca --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateProtocolMetadataSigningSettingsResource{} +) + +type PingFederateProtocolMetadataSigningSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateProtocolMetadataSigningSettingsResource +func ProtocolMetadataSigningSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateProtocolMetadataSigningSettingsResource { + return &PingFederateProtocolMetadataSigningSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateProtocolMetadataSigningSettingsResource) ResourceType() string { + return "pingfederate_protocol_metadata_signing_settings" +} + +func (r *PingFederateProtocolMetadataSigningSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + protocolMetadataSigningSettingsId := "protocol_metadata_signing_settings_singleton_id" + protocolMetadataSigningSettingsName := "Protocol Metadata Signing Settings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: protocolMetadataSigningSettingsName, + ResourceID: protocolMetadataSigningSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings_test.go new file mode 100644 index 00000000..b801bb38 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_protocol_metadata_signing_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateProtocolMetadataSigningSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ProtocolMetadataSigningSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_protocol_metadata_signing_settings", + ResourceName: "Protocol Metadata Signing Settings", + ResourceID: "protocol_metadata_signing_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_secret_manager.go b/internal/connector/pingfederate/resources/pingfederate_secret_manager.go new file mode 100644 index 00000000..cc3d630b --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_secret_manager.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateSecretManagerResource{} +) + +type PingFederateSecretManagerResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateSecretManagerResource +func SecretManager(clientInfo *connector.PingFederateClientInfo) *PingFederateSecretManagerResource { + return &PingFederateSecretManagerResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateSecretManagerResource) ResourceType() string { + return "pingfederate_secret_manager" +} + +func (r *PingFederateSecretManagerResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + secretManagerData, err := r.getSecretManagerData() + if err != nil { + return nil, err + } + + for secretManagerId, secretManagerName := range *secretManagerData { + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Secret Manager ID": secretManagerId, + "Secret Manager Name": secretManagerName, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: secretManagerName, + ResourceID: secretManagerId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateSecretManagerResource) getSecretManagerData() (*map[string]string, error) { + secretManagerData := make(map[string]string) + + secretManagers, response, err := r.clientInfo.ApiClient.SecretManagersAPI.GetSecretManagers(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetSecretManagers", r.ResourceType()) + if err != nil { + return nil, err + } + + if secretManagers == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + secretManagersItems, secretManagersItemsOk := secretManagers.GetItemsOk() + if !secretManagersItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, secretManager := range secretManagersItems { + secretManagerId, secretManagerIdOk := secretManager.GetIdOk() + secretManagerName, secretManagerNameOk := secretManager.GetNameOk() + + if secretManagerIdOk && secretManagerNameOk { + secretManagerData[*secretManagerId] = *secretManagerName + } + } + + return &secretManagerData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_secret_manager_test.go b/internal/connector/pingfederate/resources/pingfederate_secret_manager_test.go new file mode 100644 index 00000000..2922b570 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_secret_manager_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateSecretManagerExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.SecretManager(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_secret_manager", + ResourceName: "Test Secret Manager", + ResourceID: "testSecretManager", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_logging.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_logging.go new file mode 100644 index 00000000..c8db5bb6 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_logging.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateServerSettingsSystemKeysRotateResource{} +) + +type PingFederateServerSettingsLoggingResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateServerSettingsLoggingResource +func ServerSettingsLogging(clientInfo *connector.PingFederateClientInfo) *PingFederateServerSettingsLoggingResource { + return &PingFederateServerSettingsLoggingResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateServerSettingsLoggingResource) ResourceType() string { + return "pingfederate_server_settings_logging" +} + +func (r *PingFederateServerSettingsLoggingResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + serverSettingsLoggingId := "server_settings_logging_singleton_id" + serverSettingsLoggingName := "Server Settings Logging" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: serverSettingsLoggingName, + ResourceID: serverSettingsLoggingId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_logging_test.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_logging_test.go new file mode 100644 index 00000000..43428c1f --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_logging_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateServerSettingsLoggingExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ServerSettingsLogging(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_server_settings_logging", + ResourceName: "Server Settings Logging", + ResourceID: "server_settings_logging_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings.go new file mode 100644 index 00000000..e88fb73f --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateServerSettingsWsTrustStsSettingsResource{} +) + +type PingFederateServerSettingsWsTrustStsSettingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateServerSettingsWsTrustStsSettingsResource +func ServerSettingsWsTrustStsSettings(clientInfo *connector.PingFederateClientInfo) *PingFederateServerSettingsWsTrustStsSettingsResource { + return &PingFederateServerSettingsWsTrustStsSettingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateServerSettingsWsTrustStsSettingsResource) ResourceType() string { + return "pingfederate_server_settings_ws_trust_sts_settings" +} + +func (r *PingFederateServerSettingsWsTrustStsSettingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + serverSettingsWsTrustStsSettingsId := "server_settings_ws_trust_sts_settings_singleton_id" + serverSettingsWsTrustStsSettingsName := "Server Settings WS-Trust STS Settings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: serverSettingsWsTrustStsSettingsName, + ResourceID: serverSettingsWsTrustStsSettingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate.go new file mode 100644 index 00000000..47a3eb2a --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate.go @@ -0,0 +1,99 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource{} +) + +type PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource +func ServerSettingsWsTrustStsSettingsIssuerCertificate(clientInfo *connector.PingFederateClientInfo) *PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource { + return &PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource) ResourceType() string { + return "pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate" +} + +func (r *PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + issuerCertsData, err := r.getIssuerCertsData() + if err != nil { + return nil, err + } + + for issuerCertId, issuerCertInfo := range *issuerCertsData { + issuerCertDN := issuerCertInfo[0] + issuerCertSerialNumber := issuerCertInfo[1] + + commentData := map[string]string{ + "Issuer Certificate ID": issuerCertId, + "Issuer Certificate Issuer DN": issuerCertDN, + "Issuer Certificate Serial Number": issuerCertSerialNumber, + "Resource Type": r.ResourceType(), + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_%s", issuerCertDN, issuerCertSerialNumber), + ResourceID: issuerCertId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateServerSettingsWsTrustStsSettingsIssuerCertificateResource) getIssuerCertsData() (*map[string][]string, error) { + issuerCertsData := make(map[string][]string) + + issuerCerts, response, err := r.clientInfo.ApiClient.ServerSettingsAPI.GetCerts(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetCerts", r.ResourceType()) + if err != nil { + return nil, err + } + + if issuerCerts == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + issuerCertsItems, issuerCertsItemsOk := issuerCerts.GetItemsOk() + if !issuerCertsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, issuerCert := range issuerCertsItems { + issuerCertView, issuerCertViewOk := issuerCert.GetCertViewOk() + + if issuerCertViewOk { + issuerCertId, issuerCertIdOk := issuerCertView.GetIdOk() + issuerCertDN, issuerCertDNOk := issuerCertView.GetIssuerDNOk() + issuerCertSerialNumber, issuerCertSerialNumberOk := issuerCertView.GetSerialNumberOk() + + if issuerCertIdOk && issuerCertDNOk && issuerCertSerialNumberOk { + issuerCertsData[*issuerCertId] = []string{*issuerCertDN, *issuerCertSerialNumber} + } + } + } + + return &issuerCertsData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate_test.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate_test.go new file mode 100644 index 00000000..1ee24e87 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateServerSettingsWsTrustStsSettingsIssuerCertificateExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ServerSettingsWsTrustStsSettingsIssuerCertificate(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_server_settings_ws_trust_sts_settings_issuer_certificate", + ResourceName: "CN=test, O=Ping Identity Corporation, L=Denver, ST=CO, C=US_430421198347763948001683365009287878912609754790", + ResourceID: "ycrgw3j4ckw91gxdmd479qftb", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_test.go b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_test.go new file mode 100644 index 00000000..5e41baa5 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_server_settings_ws_trust_sts_settings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateServerSettingsWsTrustStsSettingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ServerSettingsWsTrustStsSettings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_server_settings_ws_trust_sts_settings", + ResourceName: "Server Settings WS-Trust STS Settings", + ResourceID: "server_settings_ws_trust_sts_settings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_service_authentication.go b/internal/connector/pingfederate/resources/pingfederate_service_authentication.go new file mode 100644 index 00000000..73248366 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_service_authentication.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateServiceAuthenticationResource{} +) + +type PingFederateServiceAuthenticationResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateServiceAuthenticationResource +func ServiceAuthentication(clientInfo *connector.PingFederateClientInfo) *PingFederateServiceAuthenticationResource { + return &PingFederateServiceAuthenticationResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateServiceAuthenticationResource) ResourceType() string { + return "pingfederate_service_authentication" +} + +func (r *PingFederateServiceAuthenticationResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + serviceAuthenticationId := "service_authentication_singleton_id" + serviceAuthenticationName := "Service Authentication" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: serviceAuthenticationName, + ResourceID: serviceAuthenticationId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_service_authentication_test.go b/internal/connector/pingfederate/resources/pingfederate_service_authentication_test.go new file mode 100644 index 00000000..97a3eb2e --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_service_authentication_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateServiceAuthenticationExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.ServiceAuthentication(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_service_authentication", + ResourceName: "Service Authentication", + ResourceID: "service_authentication_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy.go b/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy.go new file mode 100644 index 00000000..6203b8e0 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy.go @@ -0,0 +1,103 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateSessionAuthenticationPolicyResource{} +) + +type PingFederateSessionAuthenticationPolicyResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateSessionAuthenticationPolicyResource +func SessionAuthenticationPolicy(clientInfo *connector.PingFederateClientInfo) *PingFederateSessionAuthenticationPolicyResource { + return &PingFederateSessionAuthenticationPolicyResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateSessionAuthenticationPolicyResource) ResourceType() string { + return "pingfederate_session_authentication_policy" +} + +func (r *PingFederateSessionAuthenticationPolicyResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + authenticationSessionPolicyData, err := r.getAuthenticationSessionPolicyData() + if err != nil { + return nil, err + } + + for policyId, policyInfo := range *authenticationSessionPolicyData { + authSourceType := policyInfo[0] + authSourceRefId := policyInfo[1] + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Session Authentication Policy ID": policyId, + "Session Authentication Source Type": authSourceType, + "Session Authentication Source ID": authSourceRefId, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_%s_%s", policyId, authSourceType, authSourceRefId), + ResourceID: policyId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateSessionAuthenticationPolicyResource) getAuthenticationSessionPolicyData() (*map[string][]string, error) { + authenticationSessionPolicyData := make(map[string][]string) + + authenticationSessionPolicies, response, err := r.clientInfo.ApiClient.SessionAPI.GetSourcePolicies(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetSourcePolicies", r.ResourceType()) + if err != nil { + return nil, err + } + + if authenticationSessionPolicies == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + authenticationSessionPoliciesItems, authenticationSessionPoliciesItemsOk := authenticationSessionPolicies.GetItemsOk() + if !authenticationSessionPoliciesItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, authenticationSessionPolicy := range authenticationSessionPoliciesItems { + policyId, policyIdOk := authenticationSessionPolicy.GetIdOk() + authSource, authSourceOk := authenticationSessionPolicy.GetAuthenticationSourceOk() + + if policyIdOk && authSourceOk { + authSourceType, authSourceTypeOk := authSource.GetTypeOk() + authSourceRef, authSourceRefOk := authSource.GetSourceRefOk() + + if authSourceTypeOk && authSourceRefOk { + authSourceRefId, authSourceRefIdOk := authSourceRef.GetIdOk() + + if authSourceRefIdOk { + authenticationSessionPolicyData[*policyId] = []string{*authSourceType, *authSourceRefId} + } + } + } + } + + return &authenticationSessionPolicyData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy_test.go b/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy_test.go new file mode 100644 index 00000000..bf2a56ee --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_session_authentication_policy_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateSessionAuthenticationPolicyExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.SessionAuthenticationPolicy(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_session_authentication_policy", + ResourceName: "UfdnqYjWycSeo2vZZgSYB3gpw_IDP_ADAPTER_OTIdPJava", + ResourceID: "UfdnqYjWycSeo2vZZgSYB3gpw", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_adapter.go b/internal/connector/pingfederate/resources/pingfederate_sp_adapter.go new file mode 100644 index 00000000..09a21a7e --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_adapter.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateSpAdapterResource{} +) + +type PingFederateSpAdapterResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateSpAdapterResource +func SpAdapter(clientInfo *connector.PingFederateClientInfo) *PingFederateSpAdapterResource { + return &PingFederateSpAdapterResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateSpAdapterResource) ResourceType() string { + return "pingfederate_sp_adapter" +} + +func (r *PingFederateSpAdapterResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + spAdaptersData, err := r.getSpAdaptersData() + if err != nil { + return nil, err + } + + for spAdapterId, spAdapterName := range *spAdaptersData { + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "SP Adapter ID": spAdapterId, + "SP Adapter Name": spAdapterName, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: spAdapterName, + ResourceID: spAdapterId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateSpAdapterResource) getSpAdaptersData() (*map[string]string, error) { + spAdaptersData := make(map[string]string) + + spAdapters, response, err := r.clientInfo.ApiClient.SpAdaptersAPI.GetSpAdapters(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetSpAdapters", r.ResourceType()) + if err != nil { + return nil, err + } + + if spAdapters == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + spAdaptersItems, spAdaptersItemsOk := spAdapters.GetItemsOk() + if !spAdaptersItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, spAdapter := range spAdaptersItems { + spAdapterId, spAdapterIdOk := spAdapter.GetIdOk() + spAdapterName, spAdapterNameOk := spAdapter.GetNameOk() + + if spAdapterIdOk && spAdapterNameOk { + spAdaptersData[*spAdapterId] = *spAdapterName + } + } + + return &spAdaptersData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_adapter_test.go b/internal/connector/pingfederate/resources/pingfederate_sp_adapter_test.go new file mode 100644 index 00000000..7bd56c7d --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_adapter_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateSpAdapterExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.SpAdapter(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_sp_adapter", + ResourceName: "SpAdapter", + ResourceID: "spadapter", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection.go b/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection.go new file mode 100644 index 00000000..dc277678 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection.go @@ -0,0 +1,88 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateSpIdpConnectionResource{} +) + +type PingFederateSpIdpConnectionResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateSpIdpConnectionResource +func SpIdpConnection(clientInfo *connector.PingFederateClientInfo) *PingFederateSpIdpConnectionResource { + return &PingFederateSpIdpConnectionResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateSpIdpConnectionResource) ResourceType() string { + return "pingfederate_sp_idp_connection" +} + +func (r *PingFederateSpIdpConnectionResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + idpConnectionData, err := r.getIdpConnectionData() + if err != nil { + return nil, err + } + + for idpConnectionId, idpConnectionName := range *idpConnectionData { + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "SP IDP Connection ID": idpConnectionId, + "SP IDP Connection Name": idpConnectionName, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: idpConnectionName, + ResourceID: idpConnectionId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateSpIdpConnectionResource) getIdpConnectionData() (*map[string]string, error) { + idpConnectionData := make(map[string]string) + + idpConnections, response, err := r.clientInfo.ApiClient.SpIdpConnectionsAPI.GetConnections(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetConnections", r.ResourceType()) + if err != nil { + return nil, err + } + + if idpConnections == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + idpConnectionsItems, idpConnectionsItemsOk := idpConnections.GetItemsOk() + if !idpConnectionsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, idpConnection := range idpConnectionsItems { + idpConnectionId, idpConnectionIdOk := idpConnection.GetIdOk() + idpConnectionName, idpConnectionNameOk := idpConnection.GetNameOk() + + if idpConnectionIdOk && idpConnectionNameOk { + idpConnectionData[*idpConnectionId] = *idpConnectionName + } + } + + return &idpConnectionData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection_test.go b/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection_test.go new file mode 100644 index 00000000..42193f2d --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_idp_connection_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateSpIdpConnectionExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.SpIdpConnection(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_sp_idp_connection", + ResourceName: "testConnection", + ResourceID: "n26SCl49a8lB_ifAaLF_MyUbquv", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings.go b/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings.go new file mode 100644 index 00000000..f9d7b3ed --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings.go @@ -0,0 +1,53 @@ +package resources + +import ( + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateSpTargetUrlMappingsResource{} +) + +type PingFederateSpTargetUrlMappingsResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateSpTargetUrlMappingsResource +func SpTargetUrlMappings(clientInfo *connector.PingFederateClientInfo) *PingFederateSpTargetUrlMappingsResource { + return &PingFederateSpTargetUrlMappingsResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateSpTargetUrlMappingsResource) ResourceType() string { + return "pingfederate_sp_target_url_mappings" +} + +func (r *PingFederateSpTargetUrlMappingsResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + spTargetUrlMappingsId := "sp_target_url_mappings_singleton_id" + spTargetUrlMappingsName := "SP Target URL Mappings" + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Singleton ID": common.SINGLETON_ID_COMMENT_DATA, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: spTargetUrlMappingsName, + ResourceID: spTargetUrlMappingsId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + + return &importBlocks, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings_test.go b/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings_test.go new file mode 100644 index 00000000..c5a8a791 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_sp_target_url_mappings_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateSpTargetUrlMappingsExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.SpTargetUrlMappings(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_sp_target_url_mappings", + ResourceName: "SP Target URL Mappings", + ResourceID: "sp_target_url_mappings_singleton_id", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping.go b/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping.go new file mode 100644 index 00000000..1371598f --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping.go @@ -0,0 +1,95 @@ +package resources + +import ( + "fmt" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/common" + "github.com/pingidentity/pingcli/internal/logger" +) + +// Verify that the resource satisfies the exportable resource interface +var ( + _ connector.ExportableResource = &PingFederateTokenProcessorToTokenGeneratorMappingResource{} +) + +type PingFederateTokenProcessorToTokenGeneratorMappingResource struct { + clientInfo *connector.PingFederateClientInfo +} + +// Utility method for creating a PingFederateTokenProcessorToTokenGeneratorMappingResource +func TokenProcessorToTokenGeneratorMapping(clientInfo *connector.PingFederateClientInfo) *PingFederateTokenProcessorToTokenGeneratorMappingResource { + return &PingFederateTokenProcessorToTokenGeneratorMappingResource{ + clientInfo: clientInfo, + } +} + +func (r *PingFederateTokenProcessorToTokenGeneratorMappingResource) ResourceType() string { + return "pingfederate_token_processor_to_token_generator_mapping" +} + +func (r *PingFederateTokenProcessorToTokenGeneratorMappingResource) ExportAll() (*[]connector.ImportBlock, error) { + l := logger.Get() + l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType()) + + importBlocks := []connector.ImportBlock{} + + tokenToTokenMappingsData, err := r.getTokenToTokenMappingsData() + if err != nil { + return nil, err + } + + for tokenToTokenMappingId, tokenToTokenMappingInfo := range *tokenToTokenMappingsData { + tokenToTokenMappingSourceId := tokenToTokenMappingInfo[0] + tokenToTokenMappingTargetId := tokenToTokenMappingInfo[1] + + commentData := map[string]string{ + "Resource Type": r.ResourceType(), + "Token Processor to Token Generator Mapping ID": tokenToTokenMappingId, + "Token Processor ID": tokenToTokenMappingSourceId, + "Token Generator ID": tokenToTokenMappingTargetId, + } + + importBlock := connector.ImportBlock{ + ResourceType: r.ResourceType(), + ResourceName: fmt.Sprintf("%s_to_%s", tokenToTokenMappingSourceId, tokenToTokenMappingTargetId), + ResourceID: tokenToTokenMappingId, + CommentInformation: common.GenerateCommentInformation(commentData), + } + + importBlocks = append(importBlocks, importBlock) + } + + return &importBlocks, nil +} + +func (r *PingFederateTokenProcessorToTokenGeneratorMappingResource) getTokenToTokenMappingsData() (*map[string][]string, error) { + tokenToTokenMappingsData := make(map[string][]string) + + tokenToTokenMappings, response, err := r.clientInfo.ApiClient.TokenProcessorToTokenGeneratorMappingsAPI.GetTokenToTokenMappings(r.clientInfo.Context).Execute() + err = common.HandleClientResponse(response, err, "GetTokenToTokenMappings", r.ResourceType()) + if err != nil { + return nil, err + } + + if tokenToTokenMappings == nil { + return nil, common.DataNilError(r.ResourceType(), response) + } + + tokenToTokenMappingsItems, tokenToTokenMappingsItemsOk := tokenToTokenMappings.GetItemsOk() + if !tokenToTokenMappingsItemsOk { + return nil, common.DataNilError(r.ResourceType(), response) + } + + for _, tokenToTokenMapping := range tokenToTokenMappingsItems { + tokenToTokenMappingId, tokenToTokenMappingIdOk := tokenToTokenMapping.GetIdOk() + tokenToTokenMappingSourceId, tokenToTokenMappingSourceIdOk := tokenToTokenMapping.GetSourceIdOk() + tokenToTokenMappingTargetId, tokenToTokenMappingTargetIdOk := tokenToTokenMapping.GetTargetIdOk() + + if tokenToTokenMappingIdOk && tokenToTokenMappingSourceIdOk && tokenToTokenMappingTargetIdOk { + tokenToTokenMappingsData[*tokenToTokenMappingId] = []string{*tokenToTokenMappingSourceId, *tokenToTokenMappingTargetId} + } + } + + return &tokenToTokenMappingsData, nil +} diff --git a/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping_test.go b/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping_test.go new file mode 100644 index 00000000..9ddf97d5 --- /dev/null +++ b/internal/connector/pingfederate/resources/pingfederate_token_processor_to_token_generator_mapping_test.go @@ -0,0 +1,26 @@ +package resources_test + +import ( + "testing" + + "github.com/pingidentity/pingcli/internal/connector" + "github.com/pingidentity/pingcli/internal/connector/pingfederate/resources" + "github.com/pingidentity/pingcli/internal/testing/testutils" +) + +func TestPingFederateTokenProcessorToTokenGeneratorMappingExport(t *testing.T) { + // Get initialized apiClient and resource + PingFederateClientInfo := testutils.GetPingFederateClientInfo(t) + resource := resources.TokenProcessorToTokenGeneratorMapping(PingFederateClientInfo) + + // Defined the expected ImportBlocks for the resource + expectedImportBlocks := []connector.ImportBlock{ + { + ResourceType: "pingfederate_token_processor_to_token_generator_mapping", + ResourceName: "tokenprocessor_to_tokengenerator", + ResourceID: "tokenprocessor|tokengenerator", + }, + } + + testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks) +} diff --git a/server-profiles/12.1/data.json.subst b/server-profiles/12.1/data.json similarity index 66% rename from server-profiles/12.1/data.json.subst rename to server-profiles/12.1/data.json index ed39ef82..e1c28e2c 100644 --- a/server-profiles/12.1/data.json.subst +++ b/server-profiles/12.1/data.json @@ -1,49 +1,263 @@ { "metadata": { - "pfVersion": "10.1.2.0" + "pfVersion": "12.1.4.0" }, "operations": [ { + "resourceType": "/configStore", "operationType": "SAVE", + "subResource": "cert-time-tracking", "items": [ { - "accepted": true, - "licenseAgreementUrl": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/license-agreement" + "id": "9vgmnd36wykte1l2nm8s8uead", + "type": "STRING", + "stringValue": "1735851845" + }, + { + "id": "sslservercert", + "type": "STRING", + "stringValue": "1735840761" + }, + { + "id": "tiq4n26axjircjk30oz5zf6k3", + "type": "STRING", + "stringValue": "1735851641" } - ], - "resourceType": "/license/agreement" + ] }, { + "resourceType": "/configStore", "operationType": "SAVE", + "subResource": "org.sourceid.oauth20.domain.ClientManagerXmlFileImpl", "items": [ { - "password": "${administrativeAccounts_items_Administrator_password}", - "roles": [ - "CRYPTO_ADMINISTRATOR", - "ADMINISTRATOR", - "EXPRESSION_ADMINISTRATOR", - "USER_ADMINISTRATOR" + "id": "MigrationComplete8.4", + "type": "STRING", + "stringValue": "true" + } + ] + }, + { + "resourceType": "/configStore", + "operationType": "SAVE", + "subResource": "org.sourceid.saml20.domain.LoggingMode", + "items": [ + { + "id": "IdPOverrideOn", + "type": "STRING", + "stringValue": "false" + }, + { + "id": "SPOverrideOn", + "type": "STRING", + "stringValue": "false" + } + ] + }, + { + "resourceType": "/configStore", + "operationType": "SAVE", + "subResource": "org.sourceid.saml20.domain.mgmt.AdminUserManager", + "items": [ + { + "id": "isEaRoleUpdated", + "type": "STRING", + "stringValue": "true" + } + ] + }, + { + "resourceType": "/configStore", + "operationType": "SAVE", + "subResource": "org.sourceid.saml20.domain.mgmt.impl.PartnerCertMigrator", + "items": [ + { + "id": "partner.cert.migration.complete", + "type": "STRING", + "stringValue": "true" + } + ] + }, + { + "resourceType": "/configStore", + "operationType": "SAVE", + "subResource": "org.sourceid.saml20.metadata.partner.impl.MetadataDirectoryHybridDbImpl", + "items": [ + { + "id": "MigrationComplete8.4", + "type": "STRING", + "stringValue": "true" + } + ] + }, + { + "resourceType": "/license/agreement", + "operationType": "SAVE", + "items": [ + { + "licenseAgreementUrl": "https://localhost:9999/pf-admin-api/license-agreement", + "accepted": true + } + ] + }, + { + "resourceType": "/certificates/ca", + "operationType": "SAVE", + "items": [ + { + "id": "sslservercert", + "fileData": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURVekNDQWoyZ0F3SUJBZ0lRSFJOTEZ3a0RRTHc3WGZ6NVZKTlJnekFMQmdrcWhraUc5dzBCQVFzd1N6RU9NQXdHQTFVRUNBd0YKVkVWWVFWTXhEekFOQmdOVkJBY01Ca0ZWVTFSSlRqRU5NQXNHQTFVRUN3d0VVRWxPUnpFTU1Bb0dBMVVFQ2d3RFEwUlNNUXN3Q1FZRApWUVFHREFKVlV6QWVGdzB5TkRBNE1USXhPVFEzTVRkYUZ3MDBOREE0TURjeE9UUTNNVGRhTUVzeERqQU1CZ05WQkFnTUJWUkZXRUZUCk1ROHdEUVlEVlFRSERBWkJWVk5VU1U0eERUQUxCZ05WQkFzTUJGQkpUa2N4RERBS0JnTlZCQW9NQTBORVVqRUxNQWtHQTFVRUJnd0MKVlZNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUNodTE3Z1FiYnZNdnBsbkJ0YnBLOTNVVTMvYjRUZApKamJ5dXJNRDRQOFMrakNWeER4cDF4ZGxUeGJxbFphcVRuaE8yOG1GRHdFRFlhdVgyZHdENmUwTUxkNEV5aWQ3eUp5T2ViZmdQUzRMClJrc3ZVb3RlUlUxV2RoZ1I4NDdyRFNOZnFha3JQUkRaVWZJOUpmY0pqMG4rWElJT2hobEhQZXB4bE56aDRyK0xUY3ZqcXIvTWgxMEgKNzhteG1xZUhvUWlZYmhydExpaGgxN2N2cGVJWlhPT3dVU0JvV1pDWkcreXlYVXNGd2RHU3VoV1l0clNPbE1TZnZlTm5rbk41amh5aApVZWJRQ05vVUhTdEs1cW9YeTFVVU1HRE5IcEFHSDNWNHJpWmhCNkxhTkszZ3gwbmF5d3RvcDF0WkpaNXg0ZllJMFQvVTVreTlGZWxlCkE2SEMzZmR4QWdNQkFBR2pOekExTUIwR0ExVWREZ1FXQkJSWVBlRkVtTkxHcURGQ2pOcWhBUVc3NThZT3FqQVVCZ05WSFJFRURUQUwKZ2dsc2IyTmhiR2h2YzNRd0N3WUpLb1pJaHZjTkFRRUxBNElCQVFBVVBRM1hKSmtJZ3JNSU5xVjJPdnB4bUR2c0JsVEVjQmE4Z2JRcwpTMXZuQUdDNFRsKzV2QWpwa0Z4VFhUbnBHaWtJU25POVp3SWJRYTJ1RlZRMjZFbkNKazF3Z3JMWFRkY0FXQjRLQmZRYWRKUTdVQzltCmE3RTZYaW5FSjBUWGd5UXNSc3R4cldVNldLWGV1d3lYZEFidGE1ZWhzRjZZUDNPYzNZZTBqR201L1FtaWZhVmwzWUJNQ3JxOUVGdkwKUzQ1MUVTcVJMaDA4QUZjZ3RaWlc4RGo1MHNyUGlWbDZidVVQOWd3YWxqamhYV01FTDBNVWtKMlgweHlVMHlGMytNV2lMMU9oaThURwpNeEw5YzliN3JScUQyWk9mU2xXVGN1Sm83OXM1ZkNFOG1leDU3VGdlSEh5eC9GVEIrUzhpMWYvT1J5WTl0ZlErbjJvQk1obnRzN2pkCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ] + }, + { + "resourceType": "/keyPairs/sslServer", + "operationType": "SAVE", + "items": [ + { + "id": "sslservercert", + "fileData": "MIIKgAIBAzCCCioGCSqGSIb3DQEHAaCCChsEggoXMIIKEzCCBaoGCSqGSIb3DQEHAaCCBZsEggWXMIIFkzCCBY8GCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFPuABWO8ptmKcJXs9b-XgaOinzp5AgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQcBBm_TEmBVYlVvaLeZXhvASCBNDP863DClAhDO7dQZVVeTjcbwSdV9g63w5peKhdpIBiC3TctBs5ziJQqaAa_Owpvuj6WX4OSL1_h7SIpIDtfsRkDda8WWS9WNe6RW5Gi7PIP48cEJPU5d4MpzkHtK3dJwmItP-IqquUIzL5YGjacjHYO62mY8GLA3H2sjREjAuUafeolAnE8qmv0hAWmAk-RGAjZe1jAeaTwBrTIfNlN3BJYBZJj18KINsVOpPEYwSe3EJk8bGMZPpQJJkVfmAfauSMfMHDUVsWoOu5SJ8ZQ_WKbxm6z0fPPeJlmPfgeNhnSQnTCYnZ-mAXRVfz4SaNUS2ZLI89uZJ-ZXzky5e9-cFwC_mWe7LobPc9rEJ09uIhLUmwc2QoMcLuX1JxJ-Od0C8OszHjlNtm_qe8kaQUt6Xt7BPGTnci5rwuC2EQ9Yvc173cEOpSUWdH4pmVYuOCfyB9tJvqcDQn_OTzKnJ3w0YqQJcBhf6z04NLgw9hruow_dX8nzXMMGlK2OrJwUqaJ9AvS3EK7JZaeL5Ulk5cIErPlwqv2yJP0WDjFoaP3Wl62p1KVthl27S4M6tW533bCi-fp8zZVecVL1RkYU33_ahTI2H40hqRyB2cx7CIvauR_pRFhhQzBg1Q3tq8kLjJ4xlAkKWcjSesu3-nmneO38EOcd7aZmpcleW0L0M7EJbm0rknaCTJG0jDERAVTTa2lxOQ-ve1Pian3IofTpNj29D4lXZ2ITUWJv5QBDptWaoguhLLlZh-bFv97DdJlpU6tSmaN6FfSm1sdWivDrPdg6FcQDpmKIbnZ6nTMVlcnRNQjlI-yMg3hz5eQsXJ4dNY-8jyPiHYofmDD52k5Rt1Nl53E_HZlmpqxTNTi9gK0ERDSqJs-5G_2BKRR_bs9bt7VuQ8aGDkgd6EGTzsfXJatwcEJVp5WSZL0l0vB_n0SindZyWb3gTCZupR_i2zvUKC1mPKIHnm6Zz2jTxJcILkSXDWqOM4y87wmrf5E_TnDt8uylMmbV34TFLx5UiKR16MhWvXt6WIwSWdxNg5RxHoOtKpN19UKiy3I3xqQPk5omaU4D_8AuhRShSJ2fG21L4i0zbvS-T5V2v4AWCgToD9GGsNQk9lC4re5fiyNSXiGFvePbuHOtCA1DsPRDVXG_aYLU-WDTZo5crtGVPWv7Ef8ftMJ0QMjA9QDa5ylY2BLE1PCLklrfwIHS1CJvGvoCYlxT6OmWzsh1D2ZIxfUhEfKh0EJwqnFAwFDEz8o-6ven0LuqErITI6ABB6FlN25FXDOGHW8LaLDPmCwv5ClBjOpzSwTl5KcNjPDxH-0cQ9UUhOWt5K0hbjTYtThFQw4uP3vKojWHl3epc52BypGCXPJ-xwfxYWNLLgNieFprmBPQv55o0fDWtqw2dXM7ZOMHaqGyU0h7C57ERQ4u1bL1UPmkymupROhfcUv12CWks2YHy37Y728PdBfH3LUtAU7JUj3pdUVEajoDEZx_GPa-VkbVommt_FQ3Mm0Mae2Lrdxs3WEegrTcQED-QBX1M6yBvPlL4hXM32ui_7mqjyAevN8e1BbtYoPEly0aMKAG4nnn-_Tojn3QngAs8BFxszhRH-HoxjSRNarnMHZn5FtFIkSjrB1brCytbX3bARkd_K2oiavDE8MBcGCSqGSIb3DQEJFDEKHggAcABpAG4AZzAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzM1ODUxODg4Njk5MIIEYQYJKoZIhvcNAQcGoIIEUjCCBE4CAQAwggRHBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFHY4D_fBrMhfQNs4Lg9K95j9YlzlAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQVry1YbQR-2P2nSrmsq6YYoCCA9C3PPFwQt7y6i9hvd8RDCSGy4gRUHwU-CXYqmL5y7lkNStpdHpg1MliRGR6PMYO-t8pbCllhTU8Bh8rpfBthgye2FqQIAhYRd3qPL9ZT15kxgEXu2R72Bgxlq9_7dRI-YOLpyWryeTNYxUjL-MBN6g29QqKUn4i8MNKADaRmihT3W1mEsnXe_1z2qJ0U99pcQz6hs5FySq6WcwtQkyC_paoxLk3GQkqggzYP5357KaDuHpMoGEUGl_aRVvHu-LTUchcDC2PmJnzJ2aYVHTNdroBOqyYFk3NqJaUZsBtdA3RvXOqWvMgdEuWgrjFtu85LWMV3-9SSpN5ZUy3lAl2BKhoTDoeMz2Ntv6JhxFSi9521L5U5fvXGSgubEXtKYz79zVWr25lFhTC3az0CfhriIEnuzB4JeVTm_0WeO_FHKooIczEmv6C9BZI-8g9w4dH0CHTQp2wDDQCMuyF1kP3qN5KEGnMVz2kikBUMrs7kOGZUCA9EF8QqH3KGrxEcXtFCUItOeb80vuojCu2cH1dra3PCGbdIt5ihrQFbKvluQous_Ya1nlpodseCvnCYibDP9REqLPKrkYGMy1r8gmnU5a01trWS8Wtum63bl0AoYZ4nIxLnvJi2z_GKWAPxnI6QJY-CXj1jQTvA8rg107NDKgKuzYHQyGPMTteG0JvMKg_mCBXbcvf2jODey81ISWuP92uJKdZjlmbjyPyd-fsb4oxj9Tksr0VCshrH9QVa9clwXB7DLrcADcNcwlAL222khRAfaAXrZxS-ohNccJR__KRpnwzAiYjX-CEAnUlz9tGuBhuQoKUhzfrFXDAEXumrvaT30uSGrWLK0Ng068zR85p7kDf7z2kaTUjYUDU1wKlXKlSGOMdyGX5u6wiEgVKx8QnESCW6q8IAVks9zDQw56YqC_A19AY8piAPsYKjrpV49Vi2VhYqCK5rrmW1ndo_nJGyHO2m-2QiQhQGc9KY4nSm7jGSKb5oTf1casGECuct4RvMy4Rh4RYugknVnOeho9qpBxnSo9NAwrNVGsJK2hoXNrMpwMgxgtjaOtwk-qCEu1TP8evZFnL10c6Z-VPY-XSJU9LM4hUyprI_66kRPmUGnIYLqRFyG9bQgp8YynrQ2C1I4FIMB6rpugxMW1lPZ3Y5RwV2bN0gqlvymd-1K3pHgVg2IxnOAZC0oIfzOvfEs49VKy_LUqqJWV24MSEgwcERx4G1nsDSehcUO58BPeKXtYz2fLj-0TbixSdk3rvRQodg8KjW2Xr_IbxAhVupkU2mCcU8jsmgWeqcvJW5Xk2ME0wMTANBglghkgBZQMEAgEFAAQgRwd9qggqKC8aIdiNRaz8heGvmlm-fObce-VjP7HeZCAEFJsFQbD7XTEmnb64EY4aVgn2HrXQAgInEA==", + "format": "PKCS12", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..nh0iT6ggPLhQCMgMxwqr3Q.qGBGQ_3CtkTar-wyD2099VW787Wo1-HbGR-mQLccgfU.BNZbBgfA9wppAcOYXjw7Lg" + } + ] + }, + { + "resourceType": "/keyPairs/sslServer/settings", + "operationType": "SAVE", + "items": [ + { + "runtimeServerCertRef": { + "id": "sslservercert", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/sslServer/sslservercert" + }, + "adminConsoleCertRef": { + "id": "sslservercert", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/sslServer/sslservercert" + }, + "activeRuntimeServerCerts": [ + { + "id": "sslservercert", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/sslServer/sslservercert" + } ], - "auditor": false, - "description": "Initial administrator user.", - "active": true, - "username": "Administrator" + "activeAdminConsoleCerts": [ + { + "id": "sslservercert", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/sslServer/sslservercert" + } + ] } - ], - "resourceType": "/administrativeAccounts" + ] }, { + "resourceType": "/keyPairs/signing", "operationType": "SAVE", "items": [ { - "id": "myauthenticationapiapplication", - "name": "myauthenticationapiapplication", - "additionalAllowedOrigins": [], - "url": "https://example.com", - "description": "example" + "id": "9vgmnd36wykte1l2nm8s8uead", + "fileData": "MIIKYAIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBaoGCSqGSIb3DQEHAaCCBZsEggWXMIIFkzCCBY8GCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFO4EbhtEqcxLaUv_fc60-2VMF1A2AgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQBw3TwL4CGSHaXYcMNJwZkwSCBNCLjN9KOUJeHcYD4qG7NLB7d7WYkjsXDWx59kgTd_5e1JEyRqyiJ6MJ-9U9KNbW_rZme3-eF3lrGz_Gi4kV75MmB0gZD9oUUM582TCvk9iNVXsHVgR4lTbGhYGpNFKEJ4CdUnKAXlM0Daqm4aWZuhnPm2amWtRkcxJiQ7VPPSGRiZpC2h0SMZvgR4qK5F8i46AEFFCfvj167eZdnuiR4g3cEGq6ecCwy1C8KnXo0S2bc6vpgB8gODYK1MotwbEm2lNKlsXOrRzbJade9gODb49gBeeZK04yZnS5B1pWuQMGS9AUa6RozIqEdloPnymRqOQ4IIBSwrfcCZvwFVoLjggATJiD-Z6HG1s1o1vJR3ucbcc-1OS-xnWrfqzlvZRfQDkpQHrXF1Z0aHXbbWyKGMWASZaofpDhs8z2jAMg5TDYD16qNCe6dr1w6Wv24KWNcgmzsKZAzGCvBGMOlBy7FfnCzKCo-KBpEiJt_KosEzdTDQCkwX1RCDfcyxZJBvprLsouUpZNJYbmF18LAHh92cSgFwKizwLfYahxKcCh2WwoHi5PTN4rkp5iif08JG9JjBPW4PkficWUOCkidyGiOf8UYNHgaV_AZcYqvpq0Es9yvBpb1QFkcLWWCvISqSLMg0xz8ATUjvzDFuoaif_gr9ou5NGI4eXeS3ZSyFeLR7SxTXyd8m6zACjkWnf0Bkkk6TmSAz-SgLm7twBXg20HYOIyuHslntH4OWdG_lGCzHvG9Rvg75ORRYIzyuqd4ZhNzarVJXS3kshDr01ldZ8LlMGEunM-s8zmz_yIBQbvt4m9T7ijfOuySzShAvccZzM_x2aQQk1ZTl5w3uTW_637iov5Un1Eo9ZPglNhjPjVCSkfjmoHxa3B4jVUGpU-UueRWz1hiHwnGrf7qwe0OJ4RcFiG3JvflrYcf-gZw7hVcC1dAXNBfK5eBFFdrISlp6PNQs42tWGfsdwtn72f1EyDnXnB8gyHv21NByjahth6TC-0nOuZiFdjv6RNQHHletji2LL3OVu3rxNCpC1TOlpf2U-1ow0pdAf2IJblLjkKeUWwkiEp_3dxEoYCBFUtNlfTVuMTTxWiHZlmAA-TCWExBl42KQ8Vx9DD5xxxV8OmYfeGdzfUSTZ_qmsNGCP7wuypumYKYvagPmFos-4kgSnN5UYj4cx4_YKZqKH8avwZJfnja4lPMp9X_2lIrCdWeig9pYVAkDTfdf0jtSLIZ_fJY-MIMdCZCof0sHTmQHoVHZHDiTbqYMU7XwZws0SjYpwmSnDQhZ0A-njyglWZjuinxGqsI09zjIA-ZUV5g-WNbNfwm3RJ9xhmbKSns6XBzkDaQKQIIgWWP-qswEP7cMpa9JdQJVzzGzDhHwVbC5X5jpcZhOpQRLFlgtIHoNdWTR3yTLm7FlQXBXrDZc4QM9Q3SyYVNtaUNx2YmliHtmT2APoSMMlh624Mnbb2BHampKquN3P643-CgS-3wtDw0L_kb7_5HvGQlGqD3SRG6kF5BOfDU71uP0YncrzLMMSmJJRYxCkGe_hXmN4aAAOsFJ7YlX481ZHmFF5X3sIR8CLiIeDKzhXOwQi-ROEqvZwq_D7JDTNkKG0s7tjmp0CuxSPlMF-dYImt5DHgQtNnxFc7pjjSvjE8MBcGCSqGSIb3DQEJFDEKHggAcABpAG4AZzAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzM1ODUxODg4NzYyMIIEQQYJKoZIhvcNAQcGoIIEMjCCBC4CAQAwggQnBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFIQVlcb11NV71Xob726EKV4iQOg2AgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ-m25PwxVJLdRRqyDH618LoCCA7AQcptAIhfvFUOl2B5pVSEBocX66xnyTXAn0uiwgrkIKgNakDBq_5TgFAQaoyXw3CksXmpjOfnWCNxeBDQ88RU_lyLgFwLl6_abB9eRR9nf17VkGwmw9I56SkXO0-QV-aEvBoOkMD-Kd6dtShskg7kI52Tr0_OmOuTtpyg_NNR93J6QCLYrb-PjQdwq5-BbFTU5r3zL9HhK9QWIOSZjqw9LHsvx7NQMbYCXWk7Vd7HP0a7vdcp6TYtgPecsRAomtlVzxQ0aOcLjhTtIu6tDC1wH9rtSbNxSMoDDwsPTNnpSeN3-Yzbp8qqEFhi4eJq9H5-HGgaowbfukrrUk6tlEiVU2GanMndJriRIhE9PvmDdcVy3lunZ1x_jozY-MpqgYuutWGhRHP58Q9wwZleVeeIdjZOm2ADseb27bWgbF4SR0pvOx7Gf7ZZHAESTpkPMutRic7Lt0TInGyYd1-LYay1HvSuY-SGpkkHDjaNClBQ4LZ4N8misgEfP4pmbEH_DxKjVQEpDhnad1SR2pg6ThMjPYL1XZVrcZXdouCPTGft8k_lMFqs6ZcCgza1ueRhy4jzNF8kMJ_zMeOX3kHhwISanNEBUe0aSqpNaCGN2x3as3UULOBDWwAmQTM_M3AzEX3NKv4ZmfzX5VlOd5GraQvdjbdlckdGC93_mOpt2AsZs_L3XDlhk_yML4S_e23BJhLKVtyhrB180YRQy4Bkb2sX7vYGLCYQE_s9w2AQOZQfr6wb0tlk8-hcE2I-4UDjVpcqRwxu1Kg9FRSzhgq-eqJaNT1tVY_Z-BJkrmwWD8ZdN6zf5FP0YlbvLJKpOJMi_vVTqfoG2mITYwbcxhGXTg4MGsZggX0rht5uJEIX1-3sIv7liJeIAP5qcLFEnSfUUcJ5j6M4Zg9NS0c6AfMqO7Sfiouh9SxjeVGEd1xTO9PKFP6gocJW_Qq1aXhuyPnHCbk3kUNAlLEDa9yNszAYqeTyDCLNpxRwbi1zHeiaDETnwngKlE7KRdWTbhRJ7rfrXs3KpEEeZgb1N35ZFi0j5k-zsj4namgv86QzHilDh8PgOmDj0_ueNw3Jde4yC-db-iTFRySgfTUnwvkzVYsI_O48DwwyPyi8PMVnaMFOylnqOQvaAaZ9O5KdqSRSnVvFSW5K44gKJ4dJ14wnICvrHbdSEbWwT0B3JXutLvMu-wd1jdhhfw0lV9Wpi6crfhdTkk2mfnW9L1gxONeqGIGDjOVhHDVod-68p5GfvBRZXQDHcUjBNMDEwDQYJYIZIAWUDBAIBBQAEIP-IiDHhHUT-35PcbBNPq_p8-9LENbKqf0SyUozFaVijBBS1fZ7XSUc6vj-xMrbNAH_y_-5NOQICJxA=", + "format": "PKCS12", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..gVeXHink3QWNt1epfwgDUQ.t0SNfTR3XBMc1HSscAdnMj4YMLntPZ0T4eJxt4QNYe0.0KGyXlb-966FjXAVMkAIyg" + }, + { + "id": "tiq4n26axjircjk30oz5zf6k3", + "fileData": "MIIKUAIBAzCCCfoGCSqGSIb3DQEHAaCCCesEggnnMIIJ4zCCBaoGCSqGSIb3DQEHAaCCBZsEggWXMIIFkzCCBY8GCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFLQ0848EZD6gPUE_cf3A9mwmcaiNAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQrIDyyig5vv5b41nRTJ4aSgSCBNA1rjNcEmpE7k9YfCK3Q6zB32mzFgRq4kCy-EPdPn291BPsAFaxNmiNB6rz18D_XORoYfbe9LnCY6hhFseljUHGzzJ6D3VNwNWuj1lls1wo5nFlHCd2bVLFpI2kUdDrym8Z7sWBrrUvw3bqcMJm91_SEFwzcnkGDXTYI2paxkeqtR5hPyZ1EsEk6qfTZKyWJE6-C5ZRfQRQ03TFl1iU8eAYZ_zZU_txrRek-M3uPVN9C4fAElj_naWlxv_kRCqAThQVwCYyxL6-SG_AN0Z8mRR9Lc12mMdFzms3WCXBehJyi8rNsu3htRc-PlP7JPIpHvbU4hKDdVV2YhcyieDucqn_uazt-YOKm_o_z7v6Al6TGLBCXFJAwNrVFtbNHxRaYlJTSD_-Lw3LLodPo20vdrEFYh93hMQ6DNxEcDPMQWP9l7zDCilShAgWclzwpNYyZKW0DbMBI53L51Ar4PgnNZd0JppouPXHzLEc3bYbIO_VfYQgeSfey-5UHITMk-FJ-0dfpJsfDg-bnoaRdTPnCcVPoml06BG2s4x1n7A185XGkhzBmZm5T1JRNsOtR3Atm1CvtSuPGdLsd0Yh5C15dTYMxM8Vq6fjoKqJDmo2BrBLgzhrSrPZKb5o3R0hEkcYfRlZwxiIasqxyhaGyR1DiN89s7zEkrmon4dYYgzfoipq0sh9Cc88Mvlej8tkIpKQxYRc8ggqln7lyiVj_FLCgezRcyPiukGchDlQgJqP7YQTmcMqtfH1HqRPmNmw4JKuQYTWjfKObbNFHWQmU9H_TeWWfGN9gwrS030kxmgr68CmETCqnjqmFK2sRDdtPzZcra5D3lBk4Z1VQfrR180NmmWiwQYvPwwu9hJpFe1eQVxE43EuJz4JNfU97Om8I35zKWuHA2lIR_DNL8HmaJZIcXYqneihe662mFc7qx8VhednFZNZq8P-r0dj1t3Yv9C6u-5sX0Prz6VNe62cHR3krs5Tgd9R3YxfH_wGWCpT_iH1bPxZhgIJcUYQ0Li8Y42ok10X5jZZAz84AXje0LmmTugGNWXgfhRmAfNDqMihPn443Z_umC7jW1NuDCIYv57Tll3uh0xqPpcjIyjuLLMEb8tyPScvqPQqAYrJPQ9gSVaUAwftzOkCg-eAqb8xYxZW9W89hmOSOudkU4MmH9IQJw3IeJzsGqnuxA3_S4PLa5G3Cs18ybVuVH4ScmgO9S753BCyVUu_8I60bLhQdYT36LqtK3SrJiOhwgqIG16utdw2kD2I_tkM04HMN-1sEZEk1_Md6UE1F0GbGm9QsYnagHu-BGd6MWntE_CMvGYtcnomTC548xMbAGeRotaEBkygZRoh92TZBAtOBwYz1YfemGAslLd7EnK0aBbYpx0fJWT9Lokclbxbam2Lrx16DsBjbw03istMoob8nDNiih6LQYDeqyMbCxJiHhyYs-xpfxPVoE5UKgxIKgpnRvJL6jEitwYtoB077Farme4YW3VFdvXT_NIzDi7uVGvrBhbpERVFqMn1zq7Zfl-bJJij-2AXyih8ETjI-WG9rOXXyJctxTsbeNotVgklLCZDGqD7PchcVaz1QwDPEphNnugQmKR-CrVylUnpx7081z4ZMtGaBSmgwdudRbZcfa-66CJFyuEewjE8MBcGCSqGSIb3DQEJFDEKHggAcABpAG4AZzAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzM1ODUxODg4NzM3MIIEMQYJKoZIhvcNAQcGoIIEIjCCBB4CAQAwggQXBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFBKpNCiu7LPjMk2pt9v0sLpDSfXTAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQx78GwXfQZdSc7-2ZsHqdG4CCA6B5oCi9i7w4kmfOsUlSdb2WhxF5AI4FzZovbh6H4-8eDxZwEVWu1tiSXyJEfpOxvo-5EMOAvOCZ2VUj8SqmWGkCuzDixX8mSD4zuCwIg9QrhZ2r3LBJtMosrewrfsvc77Vw9aGtkIuK6inJQe8BG0BijuGsvjMjNTQGJOMp_63pE-Y4Xvkt6uv0YHJCCZotmzy0pjrRS8JY4h0NEf1jo9CEcH-yI2skFJtC3XrbQsur5UrIlWzEibfQSO6ozQbO2cGnFEsfRNLtTkl4QMIj98DVcBh9MRisapysmD_vWFGeXJPaDeMrV17JBmNzbLNZ_q0EJ2CPr-2VX9nmAyoYL7MIbAYChxzaCM8Xl2dlXe9lD7DBpEbsz7rakCEwAG0Rf0yw_lOwf1FUDFmt4mYJJPGXC3L5Mf48XpWilfU3toqNDhi1KtHuA7OymYBBZJw9jC9_cHg9KXak-U6068pfYe57SbrEwE4esSPtn6jF4uWq3-G3LniC_oHR9BCllZOB-1otGR7Z3rtterPoZFpdNWaUzfGXLFQlGx7g4_5zccVkUGSO43imjO8fLRvDEpOXc61bAbXct7nEnGEzlHki2wrzn9PdnRrpJm6nwQQY5yCu2jtMU12xBE7XhBW-1be4HKrUFknXcdORZEI3Zrqhaj_3IMudg_MXWhD5vcdyyNmeRd7ggul3-9I1TCYXhWRYtsBee8E7xW9rZfTRZ3REC1XOecOrMqsQlUTATQ5oiWO4VooDI1mVTiciK-IAk5CK-0H5Pwq20i8I_4NuWPbelNb76iMvdteHlygCSSp5-MvghfIwqClhqW0rMeAc-kLC8fzrZjME2L5WPgpqc8cKHm-xcxgSLbGpgHaRsS-ZxBuOi0tOGeZ6hknPlFnNmBttlJmNK2O8ykTNX6mE8I8pRoPCgUTYNNuhDCArBVwAV_q4vlEAMmBz7yBajG7CGQgFeU_r10lEKOyQSpG8J2aq2WeV7VQI6BLwXHiLfY7bakW5txu_X3z1DSDlMqFaGon1D6ic8aTPDjAxwNKd06q_9-0Eg-CyjYNK8JKsEqglh794WtK4iaVLmJPlcU0qReHLvOHqVYghgEgH4mpWAIEvXrSnRd-2HKnI2_5HVL5hA9NjbQkm5hLq1xr15320nTdVat10MNwr63OkDd8DaLwznK_Baq5Akrzu8i-ejKAxwitnmXSavdLSiVbth95u320yheHvkc6MLt3vtFOjATVXLq3VME0wMTANBglghkgBZQMEAgEFAAQg_7SjIvZ0aEKK1Apo2CkUIBNTbC8vQUFECFZZfc1fMHIEFItpHnkFo2hGFRTpr6cnzSrxUN1mAgInEA==", + "format": "PKCS12", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..YD9GwH9hHVbqNjRm2lbFrg.Y7USHUUM7NPHoScEqgvKdE3ZLfLlavaRNOQM3nNxSEY.wGYYwuzkXbTeAIK4r9Fq0w" + } + ] + }, + { + "resourceType": "/keyPairs/signing/rotationSettings", + "operationType": "SAVE", + "items": [ + { + "id": "9vgmnd36wykte1l2nm8s8uead", + "validDays": 36500, + "keySize": 2048, + "signatureAlgorithm": "SHA256withRSA", + "creationBufferDays": 9125, + "activationBufferDays": 3650, + "keyAlgorithm": "RSA" + } + ] + }, + { + "resourceType": "/keyPairs/oauthOpenIdConnect", + "operationType": "SAVE", + "items": [ + { + "staticJwksEnabled": false + } + ] + }, + { + "resourceType": "/certificates/groups", + "operationType": "SAVE", + "subResource": "STS Settings Mutual SSL Authentication Certs", + "items": [ + { + "id": "ycrgw3j4ckw91gxdmd479qftb", + "fileData": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURuVENDQW9XZ0F3SUJBZ0lVUzJUQkNkUnpwSzRaemUrSERLakI5RVFTSHFZd0RRWUpLb1pJaHZjTkFRRUxCUUF3WGpFTE1Ba0cKQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWtOUE1ROHdEUVlEVlFRSERBWkVaVzUyWlhJeElqQWdCZ05WQkFvTUdWQnBibWNnU1dSbApiblJwZEhrZ1EyOXljRzl5WVhScGIyNHhEVEFMQmdOVkJBTU1CSFJsYzNRd0hoY05NalF4TWpFeU1qTXlPREkwV2hjTk1qY3dPVEE0Ck1qTXlPREkwV2pCZU1Rc3dDUVlEVlFRR0V3SlZVekVMTUFrR0ExVUVDQXdDUTA4eER6QU5CZ05WQkFjTUJrUmxiblpsY2pFaU1DQUcKQTFVRUNnd1pVR2x1WnlCSlpHVnVkR2wwZVNCRGIzSndiM0poZEdsdmJqRU5NQXNHQTFVRUF3d0VkR1Z6ZERDQ0FTSXdEUVlKS29aSQpodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUpkb0d1cmdEdlNSQkwyY0llVWFDWTNwbzVZRFpuVjFleXVPUVR4UWM2T1QySlMwCis0MGdKYkptZk5yYmNPU3QrMURieHpQK0l4YmxrY3o1NjlWT0M1bGJST24zOHllYU1VMzJYYy80REdTcDFIQ1kvSmZTeWd6LytxcjgKOFlUcU1hSTIxQWJabkFpWTV4MFJ3NTZJRG1KZ2xYYVhlVmJDVUp5N29QVHlBb1lZVDkzREpEazQxWmU1MVVjVG1Vc1RLTjRLM2d2dgpTYVJ1eXE1K2c2RVhCcTdBa2VPbmJQMGJTSHliTjFLRVY1QlhOTnBnazloMEp3M1BFK3FrbS81bllSenhCZjRSQS9BZ2Z2OWVzRzlOCnozWGdEb3dBR0JteHIrclUvbmE3cHdFRXVkTWg2NjhERURlUlZ3aDFaYXBZcEJ0VmN4TUhtZEpQZ0ZKckJsbzZtTUVDQXdFQUFhTlQKTUZFd0hRWURWUjBPQkJZRUZHSmMzWjBqOWtYUHNUbW1iZ0FzWS9QSzJjdXBNQjhHQTFVZEl3UVlNQmFBRkdKYzNaMGo5a1hQc1RtbQpiZ0FzWS9QSzJjdXBNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSlZCdmNIaGgrMDBnelEwCnBuWkt0Ukp4dkVnK3BHaCtCOUUrNWkyUHNOR3lJQXZBWHc0bWRCY1FaS3hmaVhNMzFaRTJnZTFtUCs0ZGkxMStQS1lOSDJFOTczUEwKSit3R0hlUVoxRVRERzVmbzc5dDBNRzFSekh0R29pclpXN3Y0Qk5VSTZaTTJGakVhQ090WmcxclVoa2RJZnFEeDRDZU5qemIwcmhYSQp6WE5UUzRZNlZseFdBclFud0FncVB0YjVwb0pHM01tLzNmNnVRZy9sMExJS1RZL0dSNnlRc05Da3pUWlFocklwWGo0UnBxblgzUWdECjFJV1RvTW9uN250cDRnQVAvbEFTTTUveG01SnpiNmRtRitob04wNzNnMDJVZVYyVERMemU4MCtLK1hyMUdaZWVVTHVYTnJoT0VYRFIKeXR2dWJlOE9YUFBZNi96Q3BoVmIyMWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ] + }, + { + "resourceType": "/secretManagers", + "operationType": "SAVE", + "items": [ + { + "id": "testSecretManager", + "name": "Test Secret Manager", + "pluginDescriptorRef": { + "id": "com.pingidentity.pf.secretmanagers.cyberark.CyberArkCredentialProvider", + "location": "https://localhost:9999/pf-admin-api/v1/secretManagers/descriptors/com.pingidentity.pf.secretmanagers.cyberark.CyberArkCredentialProvider" + }, + "configuration": { + "tables": [], + "fields": [ + { + "name": "APP ID", + "value": "testAppId" + }, + { + "name": "Connection Port", + "value": "18923" + }, + { + "name": "Connection Timeout (sec)", + "value": "30" + }, + { + "name": "Username Retrieval Property Name", + "value": "username" + } + ] + }, + "lastModified": "2025-01-02T19:37:46.072Z" + } + ] + }, + { + "resourceType": "/pingOneConnections", + "operationType": "SAVE", + "items": [ + { + "id": "noeOvj5ltBnf4rcmtZAKdJ", + "name": "internal_brassteam_893438732", + "active": true, + "encryptedCredential": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..fG2nO6u8N6RRXRfo4EQTkQ.tI42SGPft_Q-orzKHKhEudp1nQz-omqC_3CyV0rlNTjrcu4YLHV1ytB_O0tV0xh9KHx2_250ISGtNiACtdh5mz0N2RG4k57ZE7wDfftECtNaDvB4Ay4lvWDL20o76w03Uh27OqJeTsJ_oZs2DcRv5vyFSP7AiM-bdFHTUzb0rROxLEp0ogmv73B739kqtIdEk9CgImMl6PwZxDf8xESyrYJhB5xG74uXbW6-alofdjskdgCmXgvARIBegH8ztox_zTYK23O6hiTngE4lxZ712qUHRLUy6TWrUR435hNPixBviW74Yr1S-TyVgKvdrMUYrS5V1DHJmjqv2SPbBpe7pVixlSba-EVmG1WJ-qZ4HpzmITbXY4doft90XYZxRTDLpZCJmP4OeI8ocnIpVv6gjG1PFofpELm7VoVpHNz4kueR7rmGeYl_5G1GALmcCIqJARKqaj89DKEnIbs8CZY36EFwLJ9z47SKSucHMpPw4Aw7M52MPDK8V59Tz3IU35_RWYJQmHeCL2ZGzq6aZeLAwaDP-DLg0ojtyRilNSixuBqWv2_s0L5OA1BrjY1pSLmnGLwknqG7n8li7b5OMnY3FpifFVb6mAVntdfxUI5lfUbG_HAm-OzwIf5AgTjd1cETkb6OwRJkx4660obEf6oSFGuB6EkXumyx4YM9MpmarVeU3JDTsbFJFF4SSVlMooM5AjxHEyFDPf96CIXBHe4mb_e8HDVNNsg7WISnAb1Tovgx7meI_pwvqPHEfMmAfxiHva3qRM9eRHXB75UuVpiqHfd67lTIVMUS10zB5I2Oh4PV9VLm8ytYnH-xCs46xPAErW4XrBtVp5-Sxp11Gsl11egezjjjl_1L4eo-eW7Cok-UqEnl87on1ZCNuYJvXB8iL6E4LnFbclzFV0xYN5Ex5LrWt5osHn8qoKcKlovrVA1A9FIZ2tW02An8gX66N1R5wUESCNHG1hpqTYVUF92yLqIke11CotygnVf4zJrqM98Ytvw2aW-Nda3y8dKDrETc7g-sXT376BGoZFpNbPWid4MaQPzC_mCoqyjdE1yw4GsshUF6ksQtcBQQ6X1ga5ozGb3C6TuxrvuD2inekbMnF67UKluN6r4NjtBCsnVkSrKmIsrI_gOAsHMU_GgeA7V4Eb3AU4eSbQj_Sk8rGSqFirP4Ce0iMcrNuygnCXScU61ff45ogTYRCvkytoT_SPVZGhlF9DhTGxSExLnGNPDc-6ZqHlis-o5qCQ7ZrnOcMlCgd4bOnoXyQUSAP1PptYSfIqmn6eWZWzkFRDSsxBI2kXuPlEUavZb7wbtuV51VkxxZVTuTHShOKta98RrjXL62Qjy9Yvumv3ulZXwDm797O-VTIPWeiEvdOlFscPmLEgqxGK6XEtmPBdPpznJ9btm2YxtJVenaqI53jvyhSUbmk34zaGR3EATHkyITUjtuw_5j_CFg1OMvcZbhEKfdPt4Xnxd8UqhGPiV1GbXw3UcY6oarcWFqs6v56OvftoVGBgckxjzr76CByO-KHM0XLelDnzkCNxXFPHDsp662tKOfSMgowllSM4dfaUZz7KvrmrFGco6unKup5HbwtJw1D_nft0vwrCaTXdQybcoZpfJqbOtw2IyT-mhR18QhgJv22w_XFfRoYTo1L7NuIngSdXxILlvskSdgcP6n7EP6zR0jWs6L64nZ_7lI9Zxg88mNBxv_dXtQmPLsK4sHg-qG9-7yaa5B8z_VY2xIfBIysp7Wnw.09YLtWJ2ySQEySbFxfF4Eg", + "creationDate": "2025-01-02T19:37:46.117Z", + "credentialId": "971b5d20-0955-4030-b49b-7e349b3b9b1e", + "pingOneConnectionId": "554257ac-76ca-447a-a210-722343328312", + "environmentId": "f5901536-2b60-4d4a-a987-3d56aadad46d", + "organizationName": "internal_brassteam_893438732", + "region": "North America", + "pingOneManagementApiEndpoint": "https://api.pingone.com", + "pingOneAuthenticationApiEndpoint": "https://auth.pingone.com" } - ], - "resourceType": "/authenticationApi" + ] }, { "resourceType": "/dataStores", @@ -59,7 +273,7 @@ "ldapType": "PING_DIRECTORY", "bindAnonymously": false, "userDN": "cn=pingfederate", - "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..6RewNBX62O0tgFLaPtvcDg.IshqqZsUlopyadcCUEr9Gg.-7q9bdH2EpKMIcdz1MVMNQ", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..jVe3x5VP0IgQZvJr2JLHfg.XDPhm9vICFG6gX2ZRZNmnw.Xldpt0OEEvnVqKemr8dHCA", "useSsl": false, "useDnsSrvRecords": false, "name": "PingDirectory", @@ -71,6 +285,7 @@ "defaultSource": true } ], + "lastModified": "2025-01-02T19:37:46.201Z", "retryFailedOperations": false, "testOnBorrow": false, "testOnReturn": false, @@ -85,7 +300,8 @@ "binaryAttributes": [], "dnsTtl": 0, "ldapDnsSrvPrefix": "_ldap._tcp", - "ldapsDnsSrvPrefix": "_ldaps._tcp" + "ldapsDnsSrvPrefix": "_ldaps._tcp", + "useStartTLS": false }, { "type": "JDBC", @@ -94,7 +310,7 @@ "connectionUrl": "jdbc:hsqldb:${pf.server.data.dir}${/}hypersonic${/}ProvisionerDefaultDB;hsqldb.lock_file=false", "driverClass": "org.hsqldb.jdbcDriver", "userName": "sa", - "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..7tDRsYYYhUm3zb_BtMcn0Q.HrYxxlXpI5s3HgjXaJaW2w.uaGsFAv9XrmgKTYvMn329g", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..cgdPSsU0UfdWiwPsPqxGUA.TRaaGAQls383_kOGr0PgXQ.z6_gZTKKD3AjU9eT22eTXA", "allowMultiValueAttributes": false, "name": "ProvisionerDS (sa)", "connectionUrlTags": [ @@ -102,7 +318,12 @@ "connectionUrl": "jdbc:hsqldb:${pf.server.data.dir}${/}hypersonic${/}ProvisionerDefaultDB;hsqldb.lock_file=false", "defaultSource": true } - ] + ], + "lastModified": "2025-01-02T19:37:46.221Z", + "minPoolSize": 10, + "maxPoolSize": 100, + "blockingTimeout": 5000, + "idleTimeout": 5 }, { "type": "LDAP", @@ -114,7 +335,7 @@ "ldapType": "PING_DIRECTORY", "bindAnonymously": false, "userDN": "cn=pingfederate", - "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..OHfrNaAuajm1AMtNq9XB-Q.6SLl-a107TOUuQ8foVSDJA.k4pH_u0FmunvC8JhxUlOOA", + "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..e33Qf9teVnpwxWVlc005gQ.tT6vc5-7C_nXBHShlyYWfg.h5eDFEzXeX4OCq56r_h0gw", "useSsl": false, "useDnsSrvRecords": false, "name": "pingdirectory", @@ -126,6 +347,7 @@ "defaultSource": true } ], + "lastModified": "2025-01-02T19:37:46.233Z", "retryFailedOperations": false, "testOnBorrow": false, "testOnReturn": false, @@ -140,415 +362,600 @@ "binaryAttributes": [], "dnsTtl": 60000, "ldapDnsSrvPrefix": "_ldap._tcp", - "ldapsDnsSrvPrefix": "_ldaps._tcp" + "ldapsDnsSrvPrefix": "_ldaps._tcp", + "useStartTLS": false } ] }, { + "resourceType": "/notificationPublishers", "operationType": "SAVE", "items": [ { + "id": "exampleSmtpPublisher", + "name": "exampleSmtpPublisher", + "pluginDescriptorRef": { + "id": "com.pingidentity.email.SmtpNotificationPlugin", + "location": "https://localhost:9999/pf-admin-api/v1/notificationPublishers/descriptors/com.pingidentity.email.SmtpNotificationPlugin" + }, "configuration": { - "tables": [ - { - "name": "Authentication Error Overrides", - "rows": [] - } - ], + "tables": [], "fields": [ { - "name": "LDAP Datastore", - "value": "pingdirectory" + "name": "From Address", + "value": "example@pingidentity.com" }, { - "name": "Search Base", - "value": "${USER_BASE_DN}" + "name": "Email Server", + "value": "example.com" }, { - "name": "Search Filter", - "value": "(&(objectClass=person)(|(mail=${username})(cn=${username})(uid=${username})))" + "name": "Sender Name", + "value": "" }, { - "name": "Scope of Search", - "value": "Subtree" + "name": "SMTP Port", + "value": "25" }, { - "name": "Case-Sensitive Matching", - "value": "false" + "name": "Encryption Method", + "value": "NONE" }, { - "name": "Display Name Attribute", - "value": "displayName" + "name": "SMTPS Port", + "value": "465" }, { - "name": "Mail Attribute", - "value": "mail" + "name": "Verify Hostname", + "value": "true" }, { - "name": "SMS Attribute", - "value": "" + "name": "UTF-8 Message Header Support", + "value": "false" }, { - "name": "PingID Username Attribute", + "name": "Username", "value": "" }, { - "name": "Mail Search Filter", + "name": "Password", "value": "" }, { - "name": "Username Attribute", + "name": "Test Address", "value": "" }, { - "name": "Mail Verified Attribute", - "value": "" + "name": "Connection Timeout", + "value": "30" + }, + { + "name": "Enable SMTP Debugging Messages", + "value": "false" } ] }, - "name": "pingdirectory", - "id": "pingdirectory", + "lastModified": "2025-01-02T19:37:46.288Z" + }, + { + "id": "exampleSmtpPublisher2", + "name": "exampleSmtpPublisher2", "pluginDescriptorRef": { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator", - "id": "org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator" + "id": "com.pingidentity.email.SmtpNotificationPlugin", + "location": "https://localhost:9999/pf-admin-api/v1/notificationPublishers/descriptors/com.pingidentity.email.SmtpNotificationPlugin" }, - "attributeContract": { - "coreAttributes": [ + "configuration": { + "tables": [], + "fields": [ { - "name": "mail" + "name": "From Address", + "value": "example@pingdemo.example" }, { - "name": "givenName" + "name": "Email Server", + "value": "pingdemo.example" }, { - "name": "DN" + "name": "Sender Name", + "value": "" }, { - "name": "username" - } - ], - "extendedAttributes": [ + "name": "SMTP Port", + "value": "25" + }, { - "name": "entryUUID" + "name": "Encryption Method", + "value": "NONE" + }, + { + "name": "SMTPS Port", + "value": "465" + }, + { + "name": "Verify Hostname", + "value": "true" + }, + { + "name": "UTF-8 Message Header Support", + "value": "false" + }, + { + "name": "Username", + "value": "" + }, + { + "name": "Password", + "value": "" + }, + { + "name": "Test Address", + "value": "" + }, + { + "name": "Connection Timeout", + "value": "30" + }, + { + "name": "Enable SMTP Debugging Messages", + "value": "false" } ] - } - }, - { - "configuration": { - "tables": [ - { - "name": "Users", - "rows": [ - { - "defaultRow": false, - "fields": [ - { - "name": "Username", - "value": "joe" - }, - { - "name": "Password", - "value": "${passwordCredentialValidators_items_simple_configuration_tables_rows_fields_Password_value}" - }, - { - "name": "Confirm Password", - "value": "${passwordCredentialValidators_items_simple_configuration_tables_rows_fields_Confirm_Password_value}" - }, - { - "name": "Relax Password Requirements", - "value": "true" - } - ] - } - ] - } - ], - "fields": [] - }, - "name": "simple", - "id": "simple", - "pluginDescriptorRef": { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator", - "id": "org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator" }, - "attributeContract": { - "coreAttributes": [ - { - "name": "username" - } - ] - } - } - ], - "resourceType": "/passwordCredentialValidators" - }, - { - "resourceType": "/keyPairs/signing", - "operationType": "SAVE", - "items": [ - { - "id": "419x9yg43rlawqwq9v6az997k", - "fileData": "MIIKAAIBAzCCCaoGCSqGSIb3DQEHAaCCCZsEggmXMIIJkzCCBaoGCSqGSIb3DQEHAaCCBZsEggWXMIIFkzCCBY8GCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFLTKPJwidJYF-vbm9h9ij2NGhf9oAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ79KdD_qxBVa0U7JyU_DiaASCBNDYe72YOp8awn68_hl524b1wEmFaJxXreKC3SRPDR_7NgFlD1jKQQ0CtPaUVgxgZ1LMMBqtvj2j__jF2SYxVJ-eWvz4sExEXPuyNY1RZbppB24h_4gfzpCL_F1QPAuG5agBy-7GoIjJMszuuW-RYudB-bwZqwwducg42VYBOMD8_XNT49qoVpYA0A0HeBrPkfP32AVddrdFEzJFsxYbj2NfrONCaJTwJrFHAdbvBiHRxD4Spg1VQVw6-4NjBC5DgcrKfdPl3NwVQFMxpHLrS-5dr8kFZICwm4UdlLwq0NPr7aREYsLr2G-pCJLCvGZz_9-WYmlqL-ZfGNrLpHYqv3gD7srSbwMxdz1bNoV9MfDlGspc2a2J3pASca3GSfAvAiJXS4p_VpNxc6bXDB5zwbZpksCc1ISmtM2Hoh1f6EffjeVHFI03-sWQsRLZNSiUrOV9b0qNCj2m9U5quagx9JyM3ZzFfemibTYrdoU3oPVHHf_EHKqh-MaDAowcenHfxwo5WWJapjyFUswzSgjZr8OyDE0z9Sr67VFrFLL670qHCnoMQm7ell-C9Lbt637Oqhf3eYoWlJSO5tglEt-QyOSc-G-Iw9I-0-UgQf4QaZHEXMTopSE4O_XSkTNrM-HG73zagcByj8BHTD7YyvPNs55H7wCcs_n1vtoiPaWefBwMkDUHr2vu84OOyA-9GI1hhO1nCR7p1ThLy_b8KT1i2E3ktJ5-RjQPGHIrzOv0h7AnbPB_jqlqmN1q9nwzprjmh9oYlBmuCTXOCDZk0BQpYsOaCSZt9mHrU9pcp63mG05A3YTF8_zSnBgKD3MAL3ieaTd98ki6g_czAxm3Zfv1qC7frGJOobqZQjd1v8CcZG502RmSGDttiyusH6BMMuHlJQP98n5QDRZa7MGYKz7bVt4IZC0IfGGe7hqYZId2Pt7fSgWYd3wjKDby8OdWKpEvUq74rUYKzqjHGHPaujUssJ1qxkoe2jrTCVvwvJmbDfsI-Mcd3Yt4blS1ytfD0HERnB3KJiG7nHlTlWlae0kECOCbLq1aTxtHoXBqWkz3kG6oNG5u-QmtO4EGlOVgXrbx6HuJ-h9KEInSmnFKmesDCkCGhWuy0NA3zp4xMIjGMUFkx7cgTi6jPFHmNfOIpR7Vow2b1yDYlCvV6_EOhHnE3_z9I2rh90cqsTE22MFEH9i9OLijIWP4EqAxXYLF01QJznB4Cmgxel4R8r7a0eN0gf9otWsaUcnVAJuBAtU1J5JbQKsCin9Cf6BQ64u53gaTtAEKOqCh_LUFCfrBjXvbC64CNjWHyAmRy_sM2BVqjExzh35LGpzPPvaO1PzPGOsWETzzd5fwbigOR46a4f5z_dstneLnG_WDaGQwoedXvKeHW4RDE5oQ49b-_0A8MXy-RIlsiU-r3sbYoil7rsrzy_0j3dglNAFlIVmc6zvb4xSiPdnieohN_iv2VVCZdwYBH-xux9pLV4hF2BL2s-YFIQWPUd9TiEeAtikYyXOu7l9F9cld2OqMlbdOtOVJ1V2vn8xm8al91YKJHXd9yEyDP4PUHwu4nz0KZrXVqPuXDAoZB_buoxv2mEgbGQ0WKFXTDrz-opq2L9SSoiAh5Mf9-efBC3d6sPO_jMh74q2rl2p5qjE8MBcGCSqGSIb3DQEJFDEKHggAcABpAG4AZzAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNjk2NTMyNTEwODY0MIID4QYJKoZIhvcNAQcGoIID0jCCA84CAQAwggPHBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFAFdj0s4XgV7ONDqUlU2K0ZGWk3nAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQslddrqq6CVi_URYA6GwnEYCCA1C4uJ1QZpXZFFU72fKc3GWE1wrg4tOKVsMyfqewoUh88O3MdFJIcqfHn1xGc1DVD2s3GoYax1maMlfigHDHxIu5vUV6PS6z9TYdMsh8JCoUNwl_HRccRH8ssMJ0uO6dgETnjmQaTEpghx1JCN-_ssXVtGHJY3gok_SFCtRuyo8p2xiy6xOTvh_Sf1F1jbqau62Bt1W-pveqEDGe7zu9Y0q-6a7lS386oS5TSLdU0d_w-9Rteut-zkMJqzfyUhbPBS4IU8uQqm9GIRx2loNgv14is5v8A7guXUInXy2XXWFQJAJAZ5Q_fQheiGKyJJiJXyvVF9Dh9zEM5MmOwCvuu0uXarnY4PHdO4UbYF_KnEFU7z_lpZf3xrOW84zEjVaGS3erIfusQp3P7ocQHYsIpwBOYguFCCNB5ESndnKgXHquX-kOYgmFIbGVu5OOn6ThA_HNzga2hlnj19CM3T5cT_T8o1rhS15TzUP-68L6-0yZa_gCb1UtjPGya3HEncgEpnzCHSlLp-a5nc2LP8VBpTanjqmhhn8G4jnTm6odTm9-e2HptimFUEE-17T5_D6BFCZnybYhYbyAoGFWqEQun-iqC4U34vUrYabVzp6L61bwQwr2pMNHpvn19BWI7gj-5Fiv2LX_-i3RM9JNTtHxr-XyhnnObSzEE06BWDzbYc_Mix3Lo9YG1_GczqamZaFLDuw6DjsfWS46ak_s05Xb8VB5L8hvuGPLIBDTI4ekvVhnuaLz02hHGt7b6BsMu6BlnaJH0dQ823e3cqN3-6ZK1wDIevKhhfxk063K1RysbsAwD-881lotTbVy4Ni2PQo_aldUNVoO4b6Z_t1iJeIyMCyE6iLNK8dQ3jcHlJVfuQ5wiVYTPvzpyO_75X-FVzn3z7nYr_-6_ifldADvGH129NzbiIS_pyqGagNeGievYy__6mRk6eggii6FlIUmXs9gmDgN_SKTH5GrYhRvVGXYIcssLIcOWoBjCmzZcLuvnqPL26lLWREVICZAZJKFN2Z9PEeLGYjnfzf5_fWTEVnTSrUkpKuRYkt3ZHGrGaddmhifK2EnPiZNow5Deb5PnTsKDzAxde72zE1nqtqYxOKZcMO9kX2FVSkgijSLaRhKaAmetTBNMDEwDQYJYIZIAWUDBAIBBQAEINbpIfulyYknJxcBpJ1nPDeqtR-_CVqeWCqd5Rru8To8BBRJ0_5HpFO0PxATZveX8rK8cEqvtgICJxA=", - "format": "PKCS12", - "encryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMS4yLjUuMCJ9..QxamhMMTPjLpYZ-1uhf-ww.EL3oTIlhI-wlX1oWrWiyWKR42hCwXxpHTBA62UiReDw.0VKa9gKWPEmASgS68xCErA" + "lastModified": "2025-01-02T19:37:46.274Z" } ] }, { + "resourceType": "/notificationPublishers/settings", "operationType": "SAVE", "items": [ { - "password": "${PRIVATE_KEYSTORE_PIN}", - "fileData": "${PRIVATE_KEYSTORE}", - "id": "sslservercert" - } - ], - "resourceType": "/keyPairs/sslServer" - }, - { - "operationType": "SAVE", - "items": [ - { - "activeRuntimeServerCerts": [ - { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/keyPairs/sslServer/sslservercert", - "id": "sslservercert" - } - ], - "activeAdminConsoleCerts": [ - { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/keyPairs/sslServer/sslservercert", - "id": "sslservercert" - } - ], - "adminConsoleCertRef": { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/keyPairs/sslServer/sslservercert", - "id": "sslservercert" - }, - "runtimeServerCertRef": { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/keyPairs/sslServer/sslservercert", - "id": "sslservercert" + "defaultNotificationPublisherRef": { + "id": "exampleSmtpPublisher", + "location": "https://localhost:9999/pf-admin-api/v1/notificationPublishers/exampleSmtpPublisher" } } - ], - "resourceType": "/keyPairs/sslServer/settings" + ] }, { - "resourceType": "/sp/tokenGenerators", + "resourceType": "/captchaProviders", "operationType": "SAVE", "items": [ { - "id": "tokengenerator", - "name": "token generator", + "id": "exampleCaptchaProvider", + "name": "exampleCaptchaProvider", "pluginDescriptorRef": { - "id": "org.sourceid.wstrust.generator.saml.Saml20TokenGenerator", - "location": "${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/sp/tokenGenerators/descriptors/org.sourceid.wstrust.generator.saml.Saml20TokenGenerator" + "id": "com.pingidentity.captcha.recaptchaV3.ReCaptchaV3Plugin", + "location": "https://localhost:9999/pf-admin-api/v1/captchaProviders/descriptors/com.pingidentity.captcha.recaptchaV3.ReCaptchaV3Plugin" }, "configuration": { "tables": [], "fields": [ { - "name": "Minutes Before", - "value": "60" - }, - { - "name": "Minutes After", - "value": "60" - }, - { - "name": "Issuer", - "value": "issuer" - }, - { - "name": "Signing Certificate", - "value": "419x9yg43rlawqwq9v6az997k" - }, - { - "name": "Signing Algorithm", - "value": "SHA1" + "name": "Site Key", + "value": "asdf" }, { - "name": "Include Certificate in KeyInfo", - "value": "false" + "name": "Secret Key", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..o7T4HppXKm-kANjU8t8avQ.01xAEx3TosV-Hq79Lt_h5A.KIUJsGsyQvM5_hYcjpeazg" }, { - "name": "Include Raw Key in KeyValue", - "value": "false" + "name": "Pass Score Threshold", + "value": "1" }, { - "name": "Audience", - "value": "audience" - }, + "name": "JavaScript File Name", + "value": "recaptcha-v3.js" + } + ] + }, + "lastModified": "2025-01-02T19:37:46.323Z" + }, + { + "id": "exampleCaptchaProviderV2", + "name": "exampleCaptchaProviderV2", + "pluginDescriptorRef": { + "id": "com.pingidentity.captcha.ReCaptchaV2InvisiblePlugin", + "location": "https://localhost:9999/pf-admin-api/v1/captchaProviders/descriptors/com.pingidentity.captcha.ReCaptchaV2InvisiblePlugin" + }, + "configuration": { + "tables": [], + "fields": [ { - "name": "Confirmation Method", - "value": "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches" + "name": "Site Key", + "value": "exampleCaptchaProviderV2" }, { - "name": "Encryption Certificate", - "value": "" + "name": "Secret Key", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..u286rd3MOERi4xzzKUwLaA.0okr6lY8i_0z-EiqfgE1rA.GNL3zQoBD2S1h6SumzUmAg" }, { - "name": "Message Customization Expression", - "value": "" + "name": "JavaScript File Name", + "value": "recaptcha-v2-invisible.js" } ] }, - "attributeContract": { - "coreAttributes": [ - { - "name": "SAML_SUBJECT" - } - ], - "extendedAttributes": [] + "lastModified": "2025-01-02T19:37:46.348Z" + } + ] + }, + { + "resourceType": "/captchaProviders/settings", + "operationType": "SAVE", + "items": [ + { + "defaultCaptchaProviderRef": { + "id": "exampleCaptchaProviderV2", + "location": "https://localhost:9999/pf-admin-api/v1/captchaProviders/exampleCaptchaProviderV2" } } ] }, { - "resourceType": "/idp/tokenProcessors", + "resourceType": "/serverSettings", "operationType": "SAVE", "items": [ { - "id": "tokenprocessor", - "name": "token processor", - "pluginDescriptorRef": { - "id": "org.sourceid.wstrust.processor.saml.Saml20TokenProcessor", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/tokenProcessors/descriptors/org.sourceid.wstrust.processor.saml.Saml20TokenProcessor" + "contactInfo": {}, + "rolesAndProtocols": { + "oauthRole": { + "enableOauth": true, + "enableOpenIdConnect": true + }, + "idpRole": { + "enable": true, + "enableSaml11": true, + "enableSaml10": true, + "enableWsFed": true, + "enableWsTrust": true, + "saml20Profile": { + "enable": true + }, + "enableOutboundProvisioning": true + }, + "spRole": { + "enable": true, + "enableSaml11": true, + "enableSaml10": true, + "enableWsFed": true, + "enableWsTrust": true, + "saml20Profile": { + "enable": true, + "enableXASP": true + }, + "enableInboundProvisioning": true, + "enableOpenIDConnect": true + }, + "enableIdpDiscovery": true }, - "configuration": { - "tables": [ - { - "name": "Valid Certificate Issuer DNs", - "rows": [] - }, - { - "name": "Valid Certificate Subject DNs", - "rows": [] - } - ], - "fields": [ - { - "name": "Audience", - "value": "audience" - } - ] + "federationInfo": { + "baseUrl": "https://localhost:9031", + "saml2EntityId": "samlEntityId", + "saml1xIssuerId": "", + "saml1xSourceId": "", + "wsfedRealm": "" }, - "attributeContract": { - "coreAttributes": [ - { - "name": "SAML_SUBJECT", - "masked": false - } - ], - "extendedAttributes": [], - "maskOgnlValues": false + "notifications": { + "notifyAdminUserPasswordChanges": false, + "expiringCertificateAdministrativeConsoleWarningDays": 14, + "expiredCertificateAdministrativeConsoleWarningDays": 14, + "threadPoolExhaustionNotificationSettings": { + "emailAddress": "", + "threadDumpEnabled": true, + "notificationMode": "LOGGING_ONLY" + } } } ] }, { - "resourceType": "/oauth/tokenExchange/processor/policies", + "resourceType": "/serverSettings/systemKeys", "operationType": "SAVE", "items": [ { - "id": "tokenexchangeprocessorpolicy", - "name": "tokenexchangeprocessorpolicy", - "actorTokenRequired": false, - "attributeContract": { - "coreAttributes": [ - { - "name": "subject" - } - ], - "extendedAttributes": [] + "current": { + "creationDate": "2025-01-02T17:59:19.959Z", + "encryptedKeyData": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCIsInppcCI6IkRFRiJ9..mBwXJBuBBcBb1iuF7_J_oQ.aD0ENEXvfHwWh_wJBCV6_uj98eJ8hFuLpstFj19YSB6kFScALLsDk_6r4oSzepix.dj8Utcj8m66bpfazwNsw8A" }, - "processorMappings": [ - { - "attributeSources": [], - "attributeContractFulfillment": { - "subject": { - "source": { - "type": "TEXT" - }, - "value": "value" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [ - { - "errorResult": "error", - "source": { - "type": "CONTEXT" - }, - "attributeName": "ClientIp", - "condition": "EQUALS", - "value": "value" - } - ] - }, - "subjectTokenType": "urn:ietf:params:oauth:token-type:saml2", - "subjectTokenProcessor": { - "id": "tokenprocessor", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/tokenProcessors/tokenprocessor" - }, - "actorTokenType": "", - "actorTokenProcessor": {} - } - ] + "pending": { + "creationDate": "2025-01-02T17:59:19.960Z", + "encryptedKeyData": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCIsInppcCI6IkRFRiJ9..lTUXjpewvJW85TygS2XTtw.tn7hmeI-KHBTvmRmev2pvqN8R2qeW5PHhMBTUa761u6vbJ7wH70SJyU-RoZ3mYX0.XLC2NhA4WJ4mmmE-RtRyQw" + } } ] }, { - "resourceType": "/authenticationPolicyContracts", + "resourceType": "/serverSettings/outboundProvisioning", "operationType": "SAVE", "items": [ { - "id": "DkhZxRcZchsed90U", - "name": "Fragment - Subject", - "coreAttributes": [ - { - "name": "subject" - } - ], - "extendedAttributes": [] - }, + "dataStoreRef": { + "id": "ProvisionerDS", + "location": "https://localhost:9999/pf-admin-api/v1/dataStores/ProvisionerDS" + }, + "synchronizationFrequency": 60 + } + ] + }, + { + "resourceType": "/serverSettings/wsTrustStsSettings", + "operationType": "SAVE", + "items": [ { - "id": "QGxlec5CX693lBQL", - "name": "apc", - "coreAttributes": [ - { - "name": "subject" - } + "basicAuthnEnabled": true, + "clientCertAuthnEnabled": true, + "restrictBySubjectDn": true, + "restrictByIssuerCert": true, + "subjectDns": [ + "CN=test, O=Ping Identity Corporation, L=Denver, ST=CO, C=US" ], - "extendedAttributes": [] - }, - { - "id": "default", - "name": "Default", - "coreAttributes": [ + "users": [ { - "name": "subject" + "username": "testUser", + "encryptedPassword": "lPkeLavAtN0Qb4eY579HVgd5Uk3vdODyatGvGAV-tVQ.odLwjB--.2" } ], - "extendedAttributes": [ - { - "name": "firstName" - }, - { - "name": "lastName" - }, + "issuerCerts": [ { - "name": "ImmutableID" - }, - { - "name": "mail" - }, - { - "name": "SAML_AUTHN_CTX" + "id": "ycrgw3j4ckw91gxdmd479qftb", + "location": "https://localhost:9999/pf-admin-api/v1/serverSettings/wsTrustStsSettings/ycrgw3j4ckw91gxdmd479qftb" } ] - }, + } + ] + }, + { + "resourceType": "/serverSettings/wsTrustStsSettings/issuerCertificates", + "operationType": "SAVE", + "items": [ + { + "id": "ycrgw3j4ckw91gxdmd479qftb", + "fileData": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURuVENDQW9XZ0F3SUJBZ0lVUzJUQkNkUnpwSzRaemUrSERLakI5RVFTSHFZd0RRWUpLb1pJaHZjTkFRRUxCUUF3WGpFTE1Ba0cKQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWtOUE1ROHdEUVlEVlFRSERBWkVaVzUyWlhJeElqQWdCZ05WQkFvTUdWQnBibWNnU1dSbApiblJwZEhrZ1EyOXljRzl5WVhScGIyNHhEVEFMQmdOVkJBTU1CSFJsYzNRd0hoY05NalF4TWpFeU1qTXlPREkwV2hjTk1qY3dPVEE0Ck1qTXlPREkwV2pCZU1Rc3dDUVlEVlFRR0V3SlZVekVMTUFrR0ExVUVDQXdDUTA4eER6QU5CZ05WQkFjTUJrUmxiblpsY2pFaU1DQUcKQTFVRUNnd1pVR2x1WnlCSlpHVnVkR2wwZVNCRGIzSndiM0poZEdsdmJqRU5NQXNHQTFVRUF3d0VkR1Z6ZERDQ0FTSXdEUVlKS29aSQpodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUpkb0d1cmdEdlNSQkwyY0llVWFDWTNwbzVZRFpuVjFleXVPUVR4UWM2T1QySlMwCis0MGdKYkptZk5yYmNPU3QrMURieHpQK0l4YmxrY3o1NjlWT0M1bGJST24zOHllYU1VMzJYYy80REdTcDFIQ1kvSmZTeWd6LytxcjgKOFlUcU1hSTIxQWJabkFpWTV4MFJ3NTZJRG1KZ2xYYVhlVmJDVUp5N29QVHlBb1lZVDkzREpEazQxWmU1MVVjVG1Vc1RLTjRLM2d2dgpTYVJ1eXE1K2c2RVhCcTdBa2VPbmJQMGJTSHliTjFLRVY1QlhOTnBnazloMEp3M1BFK3FrbS81bllSenhCZjRSQS9BZ2Z2OWVzRzlOCnozWGdEb3dBR0JteHIrclUvbmE3cHdFRXVkTWg2NjhERURlUlZ3aDFaYXBZcEJ0VmN4TUhtZEpQZ0ZKckJsbzZtTUVDQXdFQUFhTlQKTUZFd0hRWURWUjBPQkJZRUZHSmMzWjBqOWtYUHNUbW1iZ0FzWS9QSzJjdXBNQjhHQTFVZEl3UVlNQmFBRkdKYzNaMGo5a1hQc1RtbQpiZ0FzWS9QSzJjdXBNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSlZCdmNIaGgrMDBnelEwCnBuWkt0Ukp4dkVnK3BHaCtCOUUrNWkyUHNOR3lJQXZBWHc0bWRCY1FaS3hmaVhNMzFaRTJnZTFtUCs0ZGkxMStQS1lOSDJFOTczUEwKSit3R0hlUVoxRVRERzVmbzc5dDBNRzFSekh0R29pclpXN3Y0Qk5VSTZaTTJGakVhQ090WmcxclVoa2RJZnFEeDRDZU5qemIwcmhYSQp6WE5UUzRZNlZseFdBclFud0FncVB0YjVwb0pHM01tLzNmNnVRZy9sMExJS1RZL0dSNnlRc05Da3pUWlFocklwWGo0UnBxblgzUWdECjFJV1RvTW9uN250cDRnQVAvbEFTTTUveG01SnpiNmRtRitob04wNzNnMDJVZVYyVERMemU4MCtLK1hyMUdaZWVVTHVYTnJoT0VYRFIKeXR2dWJlOE9YUFBZNi96Q3BoVmIyMWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ] + }, + { + "resourceType": "/serverSettings/generalSettings", + "operationType": "SAVE", + "items": [ + { + "disableAutomaticConnectionValidation": false, + "idpConnectionTransactionLoggingOverride": "DONT_OVERRIDE", + "spConnectionTransactionLoggingOverride": "DONT_OVERRIDE", + "datastoreValidationIntervalSecs": 300, + "requestHeaderForCorrelationId": "" + } + ] + }, + { + "resourceType": "/serverSettings/logSettings", + "operationType": "SAVE", + "items": [ + { + "logCategories": [ + { + "id": "core", + "name": "Core", + "description": "Debug logging for core components.", + "enabled": false + }, + { + "id": "protocolrequestresponse", + "name": "Protocol Requests and Responses", + "description": "Log protocol request and response messages.", + "enabled": false + }, + { + "id": "policytree", + "name": "Policy Tree", + "description": "Policy tree debug logging.", + "enabled": false + }, + { + "id": "dsresponsetime", + "name": "Data Store Response Times", + "description": "Log response times for data store requests.", + "enabled": false + }, + { + "id": "trustedcas", + "name": "Trusted CAs", + "description": "Log PingFederate and JRE trusted CAs when they are loaded.", + "enabled": false + }, + { + "id": "xmlsig", + "name": "XML Signatures", + "description": "Debug logging for XML signature operations.", + "enabled": false + }, + { + "id": "requestheaders", + "name": "HTTP Request Headers", + "description": "Log HTTP request headers. Sensitive information, such as passwords, may be logged when this category is enabled.", + "enabled": false + }, + { + "id": "requestparams", + "name": "HTTP Request Parameters", + "description": "Log HTTP GET request parameters. Sensitive information, such as passwords, may be logged when this category is enabled.", + "enabled": false + }, + { + "id": "restdatastore", + "name": "REST Data Store Requests and Responses", + "description": "Log REST datastore requests and responses. Sensitive information, such as passwords, may be logged when this category is enabled.", + "enabled": false + } + ] + } + ] + }, + { + "resourceType": "/administrativeAccounts", + "operationType": "SAVE", + "items": [ + { + "username": "Administrator", + "encryptedPassword": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..zoe8s-EawoF5uNaA5bcNGw.U6EWDLaI4lNtmMPSCb8GgFlfon_ugdY0OwYMRpj2SYNys2lY8D5pVSUCMAJ-bz4XI8fet_8ekfgFG6C4DKSwCg.df5PlUPdVn_6dl6Fqv0R5w", + "description": "Initial administrator user.", + "auditor": false, + "active": true, + "roles": [ + "USER_ADMINISTRATOR", + "EXPRESSION_ADMINISTRATOR", + "ADMINISTRATOR", + "CRYPTO_ADMINISTRATOR" + ] + } + ] + }, + { + "resourceType": "/certificates/revocation/ocspCertificates", + "operationType": "SAVE", + "items": [ + { + "id": "opcey20sf9djwvk8snv1actzq", + "fileData": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURuVENDQW9XZ0F3SUJBZ0lVUzJUQkNkUnpwSzRaemUrSERLakI5RVFTSHFZd0RRWUpLb1pJaHZjTkFRRUxCUUF3WGpFTE1Ba0cKQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWtOUE1ROHdEUVlEVlFRSERBWkVaVzUyWlhJeElqQWdCZ05WQkFvTUdWQnBibWNnU1dSbApiblJwZEhrZ1EyOXljRzl5WVhScGIyNHhEVEFMQmdOVkJBTU1CSFJsYzNRd0hoY05NalF4TWpFeU1qTXlPREkwV2hjTk1qY3dPVEE0Ck1qTXlPREkwV2pCZU1Rc3dDUVlEVlFRR0V3SlZVekVMTUFrR0ExVUVDQXdDUTA4eER6QU5CZ05WQkFjTUJrUmxiblpsY2pFaU1DQUcKQTFVRUNnd1pVR2x1WnlCSlpHVnVkR2wwZVNCRGIzSndiM0poZEdsdmJqRU5NQXNHQTFVRUF3d0VkR1Z6ZERDQ0FTSXdEUVlKS29aSQpodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUpkb0d1cmdEdlNSQkwyY0llVWFDWTNwbzVZRFpuVjFleXVPUVR4UWM2T1QySlMwCis0MGdKYkptZk5yYmNPU3QrMURieHpQK0l4YmxrY3o1NjlWT0M1bGJST24zOHllYU1VMzJYYy80REdTcDFIQ1kvSmZTeWd6LytxcjgKOFlUcU1hSTIxQWJabkFpWTV4MFJ3NTZJRG1KZ2xYYVhlVmJDVUp5N29QVHlBb1lZVDkzREpEazQxWmU1MVVjVG1Vc1RLTjRLM2d2dgpTYVJ1eXE1K2c2RVhCcTdBa2VPbmJQMGJTSHliTjFLRVY1QlhOTnBnazloMEp3M1BFK3FrbS81bllSenhCZjRSQS9BZ2Z2OWVzRzlOCnozWGdEb3dBR0JteHIrclUvbmE3cHdFRXVkTWg2NjhERURlUlZ3aDFaYXBZcEJ0VmN4TUhtZEpQZ0ZKckJsbzZtTUVDQXdFQUFhTlQKTUZFd0hRWURWUjBPQkJZRUZHSmMzWjBqOWtYUHNUbW1iZ0FzWS9QSzJjdXBNQjhHQTFVZEl3UVlNQmFBRkdKYzNaMGo5a1hQc1RtbQpiZ0FzWS9QSzJjdXBNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSlZCdmNIaGgrMDBnelEwCnBuWkt0Ukp4dkVnK3BHaCtCOUUrNWkyUHNOR3lJQXZBWHc0bWRCY1FaS3hmaVhNMzFaRTJnZTFtUCs0ZGkxMStQS1lOSDJFOTczUEwKSit3R0hlUVoxRVRERzVmbzc5dDBNRzFSekh0R29pclpXN3Y0Qk5VSTZaTTJGakVhQ090WmcxclVoa2RJZnFEeDRDZU5qemIwcmhYSQp6WE5UUzRZNlZseFdBclFud0FncVB0YjVwb0pHM01tLzNmNnVRZy9sMExJS1RZL0dSNnlRc05Da3pUWlFocklwWGo0UnBxblgzUWdECjFJV1RvTW9uN250cDRnQVAvbEFTTTUveG01SnpiNmRtRitob04wNzNnMDJVZVYyVERMemU4MCtLK1hyMUdaZWVVTHVYTnJoT0VYRFIKeXR2dWJlOE9YUFBZNi96Q3BoVmIyMWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ] + }, + { + "resourceType": "/certificates/revocation/settings", + "operationType": "SAVE", + "items": [ + { + "ocspSettings": { + "requesterAddNonce": false, + "actionOnResponderUnavailable": "CONTINUE", + "actionOnStatusUnknown": "FAIL", + "actionOnUnsuccessfulResponse": "FAIL", + "currentUpdateGracePeriod": 5, + "nextUpdateGracePeriod": 5, + "responseCachePeriod": 48, + "responderTimeout": 5, + "responderCertReference": { + "id": "opcey20sf9djwvk8snv1actzq", + "location": "https://localhost:9999/pf-admin-api/v1/certificates/revocation/ocspCertificates/opcey20sf9djwvk8snv1actzq" + } + } + } + ] + }, + { + "resourceType": "/virtualHostNames", + "operationType": "SAVE", + "items": [ + { + "virtualHostNames": [] + } + ] + }, + { + "resourceType": "/redirectValidation", + "operationType": "SAVE", + "items": [ + { + "redirectValidationLocalSettings": { + "enableTargetResourceValidationForSSO": false, + "enableTargetResourceValidationForSLO": false, + "enableTargetResourceValidationForIdpDiscovery": false, + "enableInErrorResourceValidation": false, + "whiteList": [], + "uriAllowList": [] + }, + "redirectValidationPartnerSettings": { + "enableWreplyValidationSLO": false + } + } + ] + }, + { + "resourceType": "/incomingProxySettings", + "operationType": "SAVE", + "items": [ + { + "proxyTerminatesHttpsConns": false + } + ] + }, + { + "resourceType": "/protocolMetadata/lifetimeSettings", + "operationType": "SAVE", + "items": [ + { + "cacheDuration": 1440, + "reloadDelay": 1440 + } + ] + }, + { + "resourceType": "/protocolMetadata/signingSettings", + "operationType": "SAVE", + "items": [ + {} + ] + }, + { + "resourceType": "/serviceAuthentication", + "operationType": "SAVE", + "items": [ + {} + ] + }, + { + "resourceType": "/authenticationPolicyContracts", + "operationType": "SAVE", + "items": [ + { + "id": "DkhZxRcZchsed90U", + "name": "Fragment - Subject", + "coreAttributes": [ + { + "name": "subject" + } + ], + "extendedAttributes": [], + "lastModified": "2025-01-02T19:37:46.770Z" + }, + { + "id": "QGxlec5CX693lBQL", + "name": "apc", + "coreAttributes": [ + { + "name": "subject" + } + ], + "extendedAttributes": [], + "lastModified": "2025-01-02T19:37:46.783Z" + }, + { + "id": "default", + "name": "Default", + "coreAttributes": [ + { + "name": "subject" + } + ], + "extendedAttributes": [ + { + "name": "firstName" + }, + { + "name": "lastName" + }, + { + "name": "ImmutableID" + }, + { + "name": "mail" + }, + { + "name": "SAML_AUTHN_CTX" + } + ], + "lastModified": "2025-01-02T19:37:46.788Z" + }, { "id": "samplePolicyContract", "name": "Sample Policy Contract", @@ -573,7 +980,8 @@ { "name": "SAML_AUTHN_CTX" } - ] + ], + "lastModified": "2025-01-02T19:37:46.792Z" }, { "id": "wIdHhK789PmadmMS", @@ -593,2807 +1001,2151 @@ { "name": "mail" } - ] - } - ] - }, - { - "resourceType": "/pingOneConnections", - "operationType": "SAVE", - "items": [ - { - "id": "${PF_TF_P1_CONNECTION_ID}", - "name": "${PF_TF_P1_CONNECTION_NAME}", - "active": "${PF_TF_P1_CONNECTION_ACTIVE}", - "encryptedCredential": "${PF_TF_P1_CONNECTION_ENCRYPTED_CRED}", - "creationDate": "${PF_TF_P1_CONNECTION_CREATION_DATE}", - "credentialId": "${PF_TF_P1_CONNECTION_CRED_ID}", - "pingOneConnectionId": "${PF_TF_P1_CONNECTION_P1_CONNECTION_ID}", - "environmentId": "${PF_TF_P1_CONNECTION_ENV_ID}", - "organizationName": "${PF_TF_P1_CONNECTION_ORG_NAME}", - "region": "${PF_TF_P1_CONNECTION_REGION}", - "pingOneManagementApiEndpoint": "${PF_TF_P1_CONNECTION_P1_MANAGEMENT_API_EP}", - "pingOneAuthenticationApiEndpoint": "${PF_TF_P1_CONNECTION_P1_AUTH_API_EP}" + ], + "lastModified": "2025-01-02T19:37:46.796Z" } ] }, { - "resourceType": "/idp/spConnections", + "resourceType": "/passwordCredentialValidators", "operationType": "SAVE", "items": [ { - "type": "SP", - "id": "iIoQK.-GWcXI5kLp4KDNxQqAhDF", - "name": "test", - "entityId": "test", - "active": true, - "contactInfo": {}, - "loggingMode": "STANDARD", - "virtualEntityIds": [], - "licenseConnectionGroup": "", - "credentials": { - "certs": [], - "signingSettings": { - "signingKeyPairRef": { - "id": "419x9yg43rlawqwq9v6az997k", - "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/signing/419x9yg43rlawqwq9v6az997k" - }, - "algorithm": "SHA256withRSA", - "includeCertInSignature": false, - "includeRawKeyInSignature": false - } + "id": "PDPCV", + "name": "PD PCV", + "pluginDescriptorRef": { + "id": "org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator", + "location": "https://localhost:9999/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator" }, - "modificationDate": "2024-08-19T20:05:54.484Z", - "creationDate": "2024-08-19T20:05:54.483Z", - "wsTrust": { - "partnerServiceIds": [ - "test" - ], - "oAuthAssertionProfiles": false, - "defaultTokenType": "SAML20", - "generateKey": false, - "encryptSaml2Assertion": false, - "minutesBefore": 5, - "minutesAfter": 30, - "attributeContract": { - "coreAttributes": [ - { - "name": "TOKEN_SUBJECT" - } - ], - "extendedAttributes": [] - }, - "tokenProcessorMappings": [ + "configuration": { + "tables": [ { - "attributeSources": [], - "attributeContractFulfillment": { - "TOKEN_SUBJECT": { - "source": { - "type": "NO_MAPPING" - } - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - }, - "idpTokenProcessorRef": { - "id": "tokenprocessor", - "location": "https://localhost:9999/pf-admin-api/v1/idp/tokenProcessors/tokenprocessor" - }, - "restrictedVirtualEntityIds": [] + "name": "Authentication Error Overrides", + "rows": [] } - ] - }, - "connectionTargetType": "STANDARD" - } - ] - }, - { - "resourceType": "/sp/adapters", - "operationType": "SAVE", - "items": [ - { - "id": "spadapter", - "name": "SpAdapter", - "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.opentoken.SpAuthnAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/sp/adapters/descriptors/com.pingidentity.adapters.opentoken.SpAuthnAdapter" - }, - "configuration": { - "tables": [], + ], "fields": [ { - "name": "Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMS4yLjUuMCJ9..S07IsBZUPvN0EMWSjHeZzw.NufB_dB-tIV-xAYXb-e9QA.xlrVRdYjjd20jrx6g6Mnzw" + "name": "LDAP Datastore", + "value": "LDAP-PingDirectory" }, { - "name": "Confirm Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMS4yLjUuMCJ9..GS_uAbFh8qRrcLKa628Pgw.EBrVy9hMqdTFgqWmGKbyfg.zaCOoRj9GTUyYgoAt4TXfA" + "name": "Search Base", + "value": "dc=example,dc=com" }, { - "name": "Transport Mode", - "value": "2" + "name": "Search Filter", + "value": "(|(uid=${username})(mail=${username}))" }, { - "name": "Token Name", - "value": "opentoken" + "name": "Scope of Search", + "value": "Subtree" }, { - "name": "Cipher Suite", - "value": "2" + "name": "Case-Sensitive Matching", + "value": "true" }, { - "name": "Authentication Service", - "value": "" + "name": "Display Name Attribute", + "value": "displayName" }, { - "name": "Account Link Service", - "value": "" + "name": "Mail Attribute", + "value": "mail" }, { - "name": "Logout Service", + "name": "SMS Attribute", "value": "" }, { - "name": "SameSite Cookie", - "value": "3" + "name": "PingID Username Attribute", + "value": "uid" }, { - "name": "Cookie Domain", - "value": "" + "name": "Mail Search Filter", + "value": "mail=${mail}" }, { - "name": "Cookie Path", - "value": "/" + "name": "Username Attribute", + "value": "uid" }, { - "name": "Token Lifetime", - "value": "300" + "name": "Trim Username Spaces For Search", + "value": "true" }, { - "name": "Session Lifetime", - "value": "43200" + "name": "Mail Verified Attribute", + "value": "" }, { - "name": "Not Before Tolerance", - "value": "0" + "name": "Account Disabled Attribute", + "value": "" }, { - "name": "Force SunJCE Provider", + "name": "Enable PingDirectory Detailed Password Policy Requirement Messaging", "value": "false" }, { - "name": "Use Verbose Error Messages", + "name": "Expect Password Expired Control", "value": "false" + } + ] + }, + "lastModified": "2025-01-02T19:37:47.125Z", + "attributeContract": { + "coreAttributes": [ + { + "name": "mail" }, { - "name": "Obfuscate Password", - "value": "true" + "name": "givenName" }, { - "name": "Session Cookie", + "name": "DN" + }, + { + "name": "username" + } + ], + "extendedAttributes": [ + { + "name": "entryUUID" + }, + { + "name": "uid" + }, + { + "name": "sn" + } + ] + } + }, + { + "id": "pingdirectory", + "name": "pingdirectory", + "pluginDescriptorRef": { + "id": "org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator", + "location": "https://localhost:9999/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator" + }, + "configuration": { + "tables": [ + { + "name": "Authentication Error Overrides", + "rows": [] + } + ], + "fields": [ + { + "name": "LDAP Datastore", + "value": "pingdirectory" + }, + { + "name": "Search Base", + "value": "dc=example,dc=com" + }, + { + "name": "Search Filter", + "value": "(&(objectClass=person)(|(mail=${username})(cn=${username})(uid=${username})))" + }, + { + "name": "Scope of Search", + "value": "Subtree" + }, + { + "name": "Case-Sensitive Matching", "value": "false" }, { - "name": "Secure Cookie", - "value": "true" + "name": "Display Name Attribute", + "value": "displayName" }, { - "name": "HTTP Only Flag", - "value": "true" + "name": "Mail Attribute", + "value": "mail" }, { - "name": "Send Subject as Query Parameter", + "name": "SMS Attribute", "value": "" }, { - "name": "Subject Query Parameter ", + "name": "PingID Username Attribute", "value": "" }, { - "name": "Send Extended Attributes", + "name": "Mail Search Filter", "value": "" }, { - "name": "Skip Trimming of Trailing Backslashes", + "name": "Username Attribute", + "value": "" + }, + { + "name": "Mail Verified Attribute", + "value": "" + }, + { + "name": "Trim Username Spaces For Search", "value": "false" }, { - "name": "URL Encode Cookie Values", - "value": "true" + "name": "Account Disabled Attribute", + "value": "" + }, + { + "name": "Enable PingDirectory Detailed Password Policy Requirement Messaging", + "value": "false" + }, + { + "name": "Expect Password Expired Control", + "value": "false" } ] }, + "lastModified": "2025-01-02T19:37:47.141Z", "attributeContract": { "coreAttributes": [ { - "name": "subject" + "name": "mail" + }, + { + "name": "givenName" + }, + { + "name": "DN" + }, + { + "name": "username" } ], - "extendedAttributes": [] - }, - "targetApplicationInfo": { - "applicationName": "test", - "applicationIconUrl": "https://test.com" + "extendedAttributes": [ + { + "name": "entryUUID" + } + ] } - } - ] - }, - { - "resourceType": "/sp/authenticationPolicyContractMappings", - "operationType": "SAVE", - "items": [ + }, { - "attributeSources": [], - "attributeContractFulfillment": { - "subject": { - "source": { - "type": "NO_MAPPING" - } - } + "id": "simple", + "name": "simple", + "pluginDescriptorRef": { + "id": "org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator", + "location": "https://localhost:9999/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator" }, - "issuanceCriteria": { - "conditionalCriteria": [] + "configuration": { + "tables": [ + { + "name": "Users", + "rows": [ + { + "fields": [ + { + "name": "Username", + "value": "joe" + }, + { + "name": "Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..AcscU84nJxctW3DLpLtYtg.TbnXFMwsWczwhOOKiA59dv_GvnguFKcqzT5Q6WmM6j0hi6-o5Cu841lMJwbaOTXW1wFMPo_oN_RSfgemVD2LIQ.kclQSHNUcLXNGjAjnfNgXg" + }, + { + "name": "Confirm Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..1w4OjpjNLzRL86GrhO-mbA.0HoCYeRsGMd0tnwqVPh_P5EsIFb2mMU3_IlUnvUn_9ZF1SNr1p-7ZoAadzFLZH01h776PhExOCFfYnwJvXEE2Q.4bXHFzFd3qna7JNBvtv37A" + }, + { + "name": "Relax Password Requirements", + "value": "true" + } + ], + "defaultRow": false + } + ] + } + ], + "fields": [] }, - "id": "wIdHhK789PmadmMS|spadapter", - "sourceId": "wIdHhK789PmadmMS", - "targetId": "spadapter" + "lastModified": "2025-01-02T19:37:47.158Z", + "attributeContract": { + "coreAttributes": [ + { + "name": "username" + } + ] + } } ] }, { - "resourceType": "/notificationPublishers", + "resourceType": "/localIdentity/identityProfiles", "operationType": "SAVE", "items": [ { - "id": "exampleSmtpPublisher", - "name": "exampleSmtpPublisher", - "pluginDescriptorRef": { - "id": "com.pingidentity.email.SmtpNotificationPlugin" - }, - "configuration": { - "tables": [], + "id": "adminIdentityProfile", + "name": "Admin Identity Profile", + "apcId": { + "id": "default", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/default" + }, + "authSources": [ + { + "source": "SecurityKey", + "id": "SecurityKey" + }, + { + "source": "FIDO", + "id": "FIDO" + } + ], + "authSourceUpdatePolicy": { + "storeAttributes": false, + "retainAttributes": false, + "updateAttributes": false, + "updateInterval": 0 + }, + "fieldConfig": { "fields": [ { - "name": "From Address", - "value": "example@pingidentity.com" + "type": "TEXT", + "id": "fullName", + "label": "Full Name", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" }, { - "name": "Email Server", - "value": "example.com" - } - ] - } - }, - { - "id": "exampleSmtpPublisher2", - "name": "exampleSmtpPublisher2", - "pluginDescriptorRef": { - "id": "com.pingidentity.email.SmtpNotificationPlugin" - }, - "configuration": { - "tables": [], - "fields": [ - { - "name": "From Address", - "value": "example@pingdemo.example" + "type": "TEXT", + "id": "firstName", + "label": "First Name", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" }, { - "name": "Email Server", - "value": "pingdemo.example" - } - ] - } - } - ] - }, - { - "resourceType": "/captchaProviders", - "operationType": "SAVE", - "items": [ - { - "id": "exampleCaptchaProviderV2", - "name": "exampleCaptchaProviderV2", - "pluginDescriptorRef": { - "id": "com.pingidentity.captcha.ReCaptchaV2InvisiblePlugin" - }, - "configuration": { - "tables": [], - "fields": [ + "type": "TEXT", + "id": "lastName", + "label": "Last Name", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" + }, { - "name": "Site Key", - "value": "exampleCaptchaProviderV2" + "type": "EMAIL", + "id": "email", + "label": "Email Address", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": true, + "Unique ID Field": false, + "Mask Log Values": false + } }, { - "name": "Secret Key", - "value": "2FederateM0re" + "type": "PHONE", + "id": "phoneNumber", + "label": "Phone Number", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + } }, { - "name": "JavaScript File Name", - "value": "recaptcha-v2-invisible.js" + "type": "TEXT", + "id": "username", + "label": "Username", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": true, + "Unique ID Field": true, + "Mask Log Values": false + }, + "defaultValue": "" } - ] - } - } - ] - }, - { - "resourceType": "/captchaProviders", - "operationType": "SAVE", - "items": [ + ], + "stripSpaceFromUniqueField": true + }, + "emailVerificationConfig": { + "emailVerificationEnabled": false + }, + "dataStoreConfig": { + "type": "LDAP", + "dataStoreRef": { + "id": "LDAP-PingDirectory", + "location": "https://localhost:9999/pf-admin-api/v1/dataStores/LDAP-PingDirectory" + }, + "baseDn": "ou=Administrators,dc=example,dc=com", + "createPattern": "", + "objectClass": "", + "dataStoreMapping": { + "firstName": { + "type": "LDAP", + "name": "givenName", + "metadata": {} + }, + "lastName": { + "type": "LDAP", + "name": "sn", + "metadata": {} + }, + "phoneNumber": { + "type": "LDAP", + "name": "mobile", + "metadata": {} + }, + "fullName": { + "type": "LDAP", + "name": "cn", + "metadata": {} + }, + "email": { + "type": "LDAP", + "name": "mail", + "metadata": {} + }, + "username": { + "type": "LDAP", + "name": "uid", + "metadata": {} + } + } + }, + "profileConfig": { + "deleteIdentityEnabled": false, + "templateName": "local.identity.profile.html" + }, + "registrationEnabled": false, + "profileEnabled": true + }, { - "id": "exampleCaptchaProvider", - "name": "exampleCaptchaProvider", - "pluginDescriptorRef": { - "id": "com.pingidentity.captcha.recaptchaV3.ReCaptchaV3Plugin" + "id": "regIdentityProfile", + "name": "Registration Identity Profile", + "apcId": { + "id": "samplePolicyContract", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/samplePolicyContract" }, - "configuration": { - "tables": [], + "authSources": [], + "authSourceUpdatePolicy": { + "storeAttributes": false, + "retainAttributes": false, + "updateAttributes": false, + "updateInterval": 0 + }, + "registrationConfig": { + "captchaEnabled": false, + "templateName": "local.identity.registration.html", + "createAuthnSessionAfterRegistration": true, + "usernameField": "username", + "thisIsMyDeviceEnabled": false + }, + "fieldConfig": { "fields": [ { - "name": "Site Key", - "value": "asdf" + "type": "TEXT", + "id": "firstName", + "label": "First Name", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" }, { - "name": "Secret Key", - "value": "asdf" + "type": "TEXT", + "id": "lastName", + "label": "Last Name", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" }, { - "name": "Pass Score Threshold", - "value": "1" + "type": "TEXT", + "id": "fullName", + "label": "Full Name", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + }, + "defaultValue": "" + }, + { + "type": "EMAIL", + "id": "email", + "label": "Email Address", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": true, + "Unique ID Field": false, + "Mask Log Values": false + } + }, + { + "type": "PHONE", + "id": "phoneNumber", + "label": "Phone Number", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": false, + "Unique ID Field": false, + "Mask Log Values": false + } + }, + { + "type": "TEXT", + "id": "username", + "label": "Username", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Read-Only": false, + "Required": true, + "Unique ID Field": true, + "Mask Log Values": false + }, + "defaultValue": "" + }, + { + "type": "HIDDEN", + "id": "ImmutableID", + "label": "ImmutableID", + "registrationPageField": true, + "profilePageField": true, + "attributes": { + "Unique ID Field": false, + "Mask Log Values": false + } + }, + { + "type": "HIDDEN", + "id": "accountVerified", + "label": "Account Verified", + "registrationPageField": false, + "profilePageField": true, + "attributes": { + "Unique ID Field": false, + "Mask Log Values": false + } } - ] - } + ], + "stripSpaceFromUniqueField": false + }, + "emailVerificationConfig": { + "emailVerificationEnabled": false + }, + "dataStoreConfig": { + "type": "LDAP", + "dataStoreRef": { + "id": "LDAP-PingDirectory", + "location": "https://localhost:9999/pf-admin-api/v1/dataStores/LDAP-PingDirectory" + }, + "baseDn": "ou=People,dc=example,dc=com", + "createPattern": "uid=${username}", + "objectClass": "inetOrgPerson", + "auxiliaryObjectClasses": [ + "pf-connected-identities", + "ubidPersonAux" + ], + "dataStoreMapping": { + "firstName": { + "type": "LDAP", + "name": "givenName", + "metadata": {} + }, + "lastName": { + "type": "LDAP", + "name": "sn", + "metadata": {} + }, + "phoneNumber": { + "type": "LDAP", + "name": "mobile", + "metadata": {} + }, + "ImmutableID": { + "type": "LDAP", + "name": "entryUUID", + "metadata": {} + }, + "fullName": { + "type": "LDAP", + "name": "cn", + "metadata": {} + }, + "accountVerified": { + "type": "LDAP", + "name": "ubidAccountVerified", + "metadata": {} + }, + "email": { + "type": "LDAP", + "name": "mail", + "metadata": {} + }, + "username": { + "type": "LDAP", + "name": "uid", + "metadata": {} + } + } + }, + "profileConfig": { + "deleteIdentityEnabled": false, + "templateName": "local.identity.profile.html" + }, + "registrationEnabled": true, + "profileEnabled": true } ] }, { + "resourceType": "/oauth/accessTokenManagers", "operationType": "SAVE", "items": [ { + "id": "jwt", + "name": "JSON Web Tokens", + "pluginDescriptorRef": { + "id": "com.pingidentity.pf.access.token.management.plugins.JwtBearerAccessTokenManagementPlugin", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/descriptors/com.pingidentity.pf.access.token.management.plugins.JwtBearerAccessTokenManagementPlugin" + }, "configuration": { "tables": [ { - "name": "Credential Validators", + "name": "Symmetric Keys", + "rows": [] + }, + { + "name": "Certificates", "rows": [ { - "defaultRow": false, "fields": [ { - "name": "Password Credential Validator Instance", - "value": "pingdirectory" - } - ] - }, - { - "defaultRow": false, - "fields": [ + "name": "Key ID", + "value": "k1" + }, { - "name": "Password Credential Validator Instance", - "value": "simple" + "name": "Certificate", + "value": "tiq4n26axjircjk30oz5zf6k3" } - ] + ], + "defaultRow": false } ] } ], "fields": [ { - "name": "Authentication Attempts", - "value": "3" - } - ] - }, - "name": "UsernameTokenProcessor", - "id": "UsernameTokenProcessor", - "pluginDescriptorRef": { - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/tokenProcessors/descriptors/com.pingidentity.pf.tokenprocessors.username.UsernameTokenProcessor", - "id": "com.pingidentity.pf.tokenprocessors.username.UsernameTokenProcessor" - }, - "attributeContract": { - "maskOgnlValues": false, - "coreAttributes": [ - { - "masked": false, - "name": "username" - } - ], - "extendedAttributes": [] - } - } - ], - "resourceType": "/idp/tokenProcessors" - }, - { - "resourceType": "/kerberos/realms", - "operationType": "SAVE", - "items": [ - { - "id": "testKerberosRealm", - "kerberosRealmName": "Test Kerberos Realm", - "keyDistributionCenters": [ - "distCenterTest" - ], - "kerberosUsername": "user", - "kerberosEncryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjAuNCJ9..eSVByfqXC4TmafBIHhQ4aA.QrCCJ_z5orXIZMraSTB-4Q.MrXxFpCyS2s3aXjQsGW0bQ", - "retainPreviousKeysOnPasswordChange": true, - "suppressDomainNameConcatenation": true, - "connectionType": "DIRECT" - } - ] - }, - { - "resourceType": "/kerberos/realms/settings", - "operationType": "SAVE", - "items": [ - { - "forceTcp": false, - "kdcTimeout": "3", - "debugLogOutput": false, - "kdcRetries": "3", - "keySetRetentionPeriodMins": 610 - } - ] - }, - { - "resourceType": "/idp/adapters", - "operationType": "SAVE", - "items": [ - { - "id": "OTIdPJava", - "name": "OTIdPJava", - "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.opentoken.IdpAuthnAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.opentoken.IdpAuthnAdapter" - }, - "configuration": { - "tables": [], - "fields": [ - { - "name": "Password", - "value": "2FederateM0re" + "name": "Token Lifetime", + "value": "120" }, { - "name": "Confirm Password", - "value": "2FederateM0re" + "name": "Use Centralized Signing Key", + "value": "false" }, { - "name": "Authentication Service", - "value": "https://localhost:9031/IdpSample/?cmd=sso" + "name": "JWS Algorithm", + "value": "RS256" }, { - "name": "Transport Mode", - "value": "1" + "name": "Active Symmetric Key ID", + "value": "" }, { - "name": "Token Name", - "value": "idpopentoken" + "name": "Active Signing Certificate Key ID", + "value": "k1" }, { - "name": "Cipher Suite", - "value": "2" + "name": "JWE Algorithm", + "value": "" }, { - "name": "Logout Service", - "value": "https://localhost:9031/IdpSample/?cmd=slo" + "name": "JWE Content Encryption Algorithm", + "value": "" }, { - "name": "Cookie Domain", + "name": "Active Symmetric Encryption Key ID", "value": "" }, { - "name": "Cookie Path", - "value": "/" + "name": "Asymmetric Encryption Key", + "value": "" }, { - "name": "Token Lifetime", - "value": "300" + "name": "Asymmetric Encryption JWKS URL", + "value": "" }, { - "name": "Session Lifetime", - "value": "43200" + "name": "Enable Token Revocation", + "value": "false" }, { - "name": "Not Before Tolerance", - "value": "0" + "name": "Include Key ID Header Parameter", + "value": "true" }, { - "name": "Force SunJCE Provider", + "name": "Include X.509 Thumbprint Header Parameter", "value": "false" }, { - "name": "Use Verbose Error Messages", - "value": "false" + "name": "Default JWKS URL Cache Duration", + "value": "720" }, { - "name": "Obfuscate Password", + "name": "Include JWE Key ID Header Parameter", "value": "true" }, { - "name": "Session Cookie", + "name": "Include JWE X.509 Thumbprint Header Parameter", "value": "false" }, { - "name": "Secure Cookie", + "name": "Client ID Claim Name", + "value": "client_id_name" + }, + { + "name": "Scope Claim Name", + "value": "scope" + }, + { + "name": "Space Delimit Scope Values", "value": "false" }, { - "name": "Delete Cookie", + "name": "Authorization Details Claim Name", + "value": "authorization_details" + }, + { + "name": "Issuer Claim Value", + "value": "" + }, + { + "name": "Audience Claim Value", + "value": "" + }, + { + "name": "Not Before Claim Offset", + "value": "" + }, + { + "name": "Include Issued At Claim", "value": "false" }, { - "name": "Replay Prevention", + "name": "JWT ID Claim Length", + "value": "22" + }, + { + "name": "Access Grant GUID Claim Name", + "value": "agid" + }, + { + "name": "Publish Keys to the PingFederate JWKS Endpoint", "value": "false" }, { - "name": "Skip Malformed Attribute Detection", + "name": "JWKS Endpoint Path", + "value": "" + }, + { + "name": "JWKS Endpoint Cache Duration", + "value": "720" + }, + { + "name": "Publish Key ID X.509 URL", "value": "false" }, { - "name": "SameSite Cookie", - "value": "3" + "name": "Publish Thumbprint X.509 URL", + "value": "false" }, { - "name": "HTTP Only Flag", - "value": "true" + "name": "Expand Scope Groups", + "value": "false" }, { - "name": "Track Authentication Time", - "value": "true" + "name": "Type Header Value", + "value": "" } ] }, + "lastModified": "2025-01-02T21:03:19.303Z", "attributeContract": { - "coreAttributes": [ + "coreAttributes": [], + "extendedAttributes": [ { - "name": "subject", - "masked": false, - "pseudonym": true + "name": "Username", + "multiValued": false + }, + { + "name": "OrgName", + "multiValued": false } ], - "extendedAttributes": [], - "maskOgnlValues": false + "defaultSubjectAttribute": "OrgName" }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "subject": { - "source": { - "type": "ADAPTER" - }, - "value": "subject" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } + "selectionSettings": { + "resourceUris": [] + }, + "accessControlSettings": { + "restrictClients": false, + "allowedClients": [] + }, + "sessionValidationSettings": { + "checkValidAuthnSession": false, + "checkSessionRevocationStatus": false, + "updateAuthnSessionActivity": false, + "includeSessionId": false + }, + "sequenceNumber": 2 + } + ] + }, + { + "resourceType": "/oauth/accessTokenManagers/settings", + "operationType": "SAVE", + "items": [ + { + "defaultAccessTokenManagerRef": { + "id": "jwt", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/jwt" } } ] }, { - "resourceType": "/oauth/issuers", + "resourceType": "/kerberos/realms", "operationType": "SAVE", "items": [ { - "id": "BmoJwEmyzs4RSNMzVUlCs8qTPC", - "name": "Test Issuer", - "description": "test issuer", - "host": "localhost", - "path": "" + "id": "testKerberosRealm", + "kerberosRealmName": "Test Kerberos Realm", + "keyDistributionCenters": [ + "distCenterTest" + ], + "kerberosUsername": "user", + "kerberosEncryptedPassword": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..p7-lBq1Be8b9E7z-8F2kew.wqyvKe3Irq0yJ9GjbI3tQA.oAcTXO6pdze88hL_mwQyQA", + "retainPreviousKeysOnPasswordChange": true, + "suppressDomainNameConcatenation": true, + "connectionType": "DIRECT" } ] }, { - "resourceType": "/oauth/outOfBandAuthPlugins", + "resourceType": "/kerberos/realms/settings", "operationType": "SAVE", "items": [ { - "id": "exampleCibaAuthenticator", - "name": "exampleCibaAuthenticator", + "forceTcp": false, + "kdcTimeout": "3", + "debugLogOutput": false, + "kdcRetries": "3", + "keySetRetentionPeriodMins": 610 + } + ] + }, + { + "resourceType": "/idp/adapters", + "operationType": "SAVE", + "items": [ + { + "id": "IDFirst", + "name": "Identifier-First", "pluginDescriptorRef": { - "id": "com.pingidentity.oobauth.pingone.mfa.PingOneMfaCibaAuthenticator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/outOfBandAuthPlugins/descriptors/com.pingidentity.oobauth.pingone.mfa.PingOneMfaCibaAuthenticator" + "id": "com.pingidentity.adapters.identifierfirst.idp.IdentifierFirstAdapter", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.identifierfirst.idp.IdentifierFirstAdapter" }, "configuration": { - "tables": [ - { - "name": "PingOne Template Variables", - "rows": [] - } - ], + "tables": [], "fields": [ { - "name": "PingOne Environment", - "value": "${PF_TF_P1_CONNECTION_ID}|${PF_TF_P1_CONNECTION_ENV_ID}" + "name": "Identifier Cookie Lifetime", + "value": "30" }, { - "name": "Application", - "value": "${PF_TF_P1_EXAMPLE_OAUTH_APP_ID}" + "name": "Allow Cancelling Identifier Selection", + "value": "false" }, { - "name": "PingOne Authentication Policy", - "value": "" + "name": "Maximum Identifiers Count", + "value": "5" }, { - "name": "Test Username", - "value": "" + "name": "Identifier Selection Template", + "value": "identifier.first.template.html" }, { - "name": "PingOne Template Name", - "value": "transaction" + "name": "Enable Risk Provider", + "value": "false" }, { - "name": "PingOne Template Variant", + "name": "Risk Provider", "value": "" - }, - { - "name": "Client Context", - "value": "#*\nDefine additional key/value pairs to be received at the mobile application.\nThe following variables are available by default:\n\n$oobAuthRequestContext - Context for the out-of-band authentication/authorization request\n$languagePackMessages - The language-pack file configured for this authenticator\n$subject - The user's PingOne username or user ID.\n$JSONValue - A JSON utility class that can be used to escape text and convert objects to JSON.\n Methods:\n escape(String s) - Escape quotes, \\, /, \\r, \\n, \\b, \\f, \\t and other control characters (U+0000 through U+001F).\n toJSONString(Object value) - Convert an object to JSON text.\n\nAdditionally, any Extended Contract attributes are also available using the $name syntax.\n\nExample:\n\n{\n \"requestingApplicationName\": \"$JSONValue.escape($oobAuthRequestContext.requestingApplication.name)\",\n \"requestedScope\": $JSONValue.toJSONString($oobAuthRequestContext.requestedScope.values()),\n \"amount\": \"$JSONValue.escape($amount)\",\n \"alert.color\": \"red\"\n}\n*#" - }, + } + ] + }, + "lastModified": "2025-01-02T19:37:47.471Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Messages Files", - "value": "pingone-mfa-messages" + "name": "subject", + "masked": false, + "pseudonym": true }, { - "name": "API Request Timeout", - "value": "12000" - }, + "name": "domain", + "masked": false, + "pseudonym": false + } + ], + "extendedAttributes": [ { - "name": "Proxy Settings", - "value": "System Defaults" + "name": "entryUUID", + "masked": false, + "pseudonym": false }, { - "name": "Custom Proxy Host", - "value": "" + "name": "uid", + "masked": false, + "pseudonym": false }, { - "name": "Custom Proxy Port", - "value": "" + "name": "mail", + "masked": false, + "pseudonym": false } - ] + ], + "maskOgnlValues": false }, - "attributeContract": { - "coreAttributes": [ + "attributeMapping": { + "attributeSources": [ { - "name": "subject" - } - ], - "extendedAttributes": [] - } - } - ] - }, - { - "resourceType": "/oauth/cibaServerPolicy/requestPolicies", - "operationType": "SAVE", - "items": [ - { - "id": "exampleCibaReqPolicy", - "name": "exampleCibaReqPolicy", - "authenticatorRef": { - "id": "exampleCibaAuthenticator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/outOfBandAuthPlugins/exampleCibaAuthenticator" - }, - "transactionLifetime": 120, - "allowUnsignedLoginHintToken": false, - "requireTokenForIdentityHint": false, - "alternativeLoginHintTokenIssuers": [], - "identityHintContract": { - "coreAttributes": [ - { - "name": "IDENTITY_HINT_SUBJECT" + "type": "LDAP", + "dataStoreRef": { + "id": "LDAP-PingDirectory", + "location": "https://localhost:9999/pf-admin-api/v1/dataStores/LDAP-PingDirectory" + }, + "id": "PD", + "description": "PD", + "baseDn": "dc=example,dc=com", + "searchScope": "SUBTREE", + "searchFilter": "(|(uid=${subject} )(mail=${subject}))", + "binaryAttributeSettings": {}, + "memberOfNestedGroup": false } ], - "extendedAttributes": [] - }, - "identityHintContractFulfillment": { - "attributeSources": [], "attributeContractFulfillment": { - "IDENTITY_HINT_SUBJECT": { + "entryUUID": { "source": { - "type": "REQUEST" + "type": "LDAP_DATA_STORE", + "id": "PD" }, - "value": "IDENTITY_HINT_SUBJECT" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - }, - "identityHintMapping": { - "attributeSources": [], - "attributeContractFulfillment": { + "value": "entryUUID" + }, + "uid": { + "source": { + "type": "LDAP_DATA_STORE", + "id": "PD" + }, + "value": "uid" + }, + "mail": { + "source": { + "type": "LDAP_DATA_STORE", + "id": "PD" + }, + "value": "mail" + }, "subject": { "source": { - "type": "NO_MAPPING" - } + "type": "ADAPTER" + }, + "value": "subject" }, - "USER_KEY": { + "domain": { "source": { - "type": "NO_MAPPING" - } + "type": "ADAPTER" + }, + "value": "domain" } }, "issuanceCriteria": { "conditionalCriteria": [] } } - } - ] - }, - { - "resourceType": "/oauth/tokenExchange/generator/groups", - "operationType": "SAVE", - "items": [ - { - "id": "exampleGeneratorGroup", - "name": "exampleGeneratorGroup", - "resourceUris": [], - "generatorMappings": [ - { - "requestedTokenType": "urn:ietf:params:oauth:token-type:saml2", - "tokenGenerator": { - "id": "tokengenerator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/sp/tokenGenerators/tokengenerator" - }, - "defaultMapping": true - } - ] - } - ] - }, - { - "resourceType": "/oauth/tokenExchange/generator/groups", - "operationType": "SAVE", - "items": [ - { - "id": "exampleGeneratorGroup2", - "name": "exampleGeneratorGroup2", - "resourceUris": [], - "generatorMappings": [ - { - "requestedTokenType": "urn:ietf:params:oauth:token-type:saml2", - "tokenGenerator": { - "id": "tokengenerator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/sp/tokenGenerators/tokengenerator" - }, - "defaultMapping": true - } - ] - } - ] - }, - { - "resourceType": "/certificates/ca", - "operationType": "SAVE", - "items": [ - { - "id": "sslservercert", - "fileData": "MIIDUzCCAj2gAwIBAgIQHRNLFwkDQLw7Xfz5VJNRgzALBgkqhkiG9w0BAQswSzEOMAwGA1UECAwFVEVYQVMxDzANBgNVBAcMBkFVU1RJTjENMAsGA1UECwwEUElORzEMMAoGA1UECgwDQ0RSMQswCQYDVQQGDAJVUzAeFw0yNDA4MTIxOTQ3MTdaFw00NDA4MDcxOTQ3MTdaMEsxDjAMBgNVBAgMBVRFWEFTMQ8wDQYDVQQHDAZBVVNUSU4xDTALBgNVBAsMBFBJTkcxDDAKBgNVBAoMA0NEUjELMAkGA1UEBgwCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChu17gQbbvMvplnBtbpK93UU3/b4TdJjbyurMD4P8S+jCVxDxp1xdlTxbqlZaqTnhO28mFDwEDYauX2dwD6e0MLd4Eyid7yJyOebfgPS4LRksvUoteRU1WdhgR847rDSNfqakrPRDZUfI9JfcJj0n+XIIOhhlHPepxlNzh4r+LTcvjqr/Mh10H78mxmqeHoQiYbhrtLihh17cvpeIZXOOwUSBoWZCZG+yyXUsFwdGSuhWYtrSOlMSfveNnknN5jhyhUebQCNoUHStK5qoXy1UUMGDNHpAGH3V4riZhB6LaNK3gx0naywtop1tZJZ5x4fYI0T/U5ky9FeleA6HC3fdxAgMBAAGjNzA1MB0GA1UdDgQWBBRYPeFEmNLGqDFCjNqhAQW758YOqjAUBgNVHREEDTALgglsb2NhbGhvc3QwCwYJKoZIhvcNAQELA4IBAQAUPQ3XJJkIgrMINqV2OvpxmDvsBlTEcBa8gbQsS1vnAGC4Tl+5vAjpkFxTXTnpGikISnO9ZwIbQa2uFVQ26EnCJk1wgrLXTdcAWB4KBfQadJQ7UC9ma7E6XinEJ0TXgyQsRstxrWU6WKXeuwyXdAbta5ehsF6YP3Oc3Ye0jGm5/QmifaVl3YBMCrq9EFvLS451ESqRLh08AFcgtZZW8Dj50srPiVl6buUP9gwaljjhXWMEL0MUkJ2X0xyU0yF3+MWiL1Ohi8TGMxL9c9b7rRqD2ZOfSlWTcuJo79s5fCE8mex57TgeHHyx/FTB+S8i1f/ORyY9tfQ+n2oBMhnts7jd" - } - ] - }, - { - "resourceType": "/oauth/accessTokenManagers", - "operationType": "SAVE", - "items": [ + }, { - "id": "jwt", - "name": "JSON Web Tokens", + "id": "OTIdPJava", + "name": "OTIdPJava", "pluginDescriptorRef": { - "id": "com.pingidentity.pf.access.token.management.plugins.JwtBearerAccessTokenManagementPlugin", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/accessTokenManagers/descriptors/com.pingidentity.pf.access.token.management.plugins.JwtBearerAccessTokenManagementPlugin" + "id": "com.pingidentity.adapters.opentoken.IdpAuthnAdapter", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.opentoken.IdpAuthnAdapter" }, "configuration": { - "tables": [ - { - "name": "Symmetric Keys", - "rows": [] - }, - { - "name": "Certificates", - "rows": [ - { - "fields": [ - { - "name": "Key ID", - "value": "k1" - }, - { - "name": "Certificate", - "value": "419x9yg43rlawqwq9v6az997k" - } - ], - "defaultRow": false - } - ] - } - ], + "tables": [], "fields": [ { - "name": "Token Lifetime", - "value": "120" + "name": "Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..P8-n1_WPyNyDX8d513tRVQ.h9TlPDdMcCffdJw9D15mwA.ietPcUo5-UJiOXr8VJBoNg" }, { - "name": "Use Centralized Signing Key", - "value": "false" + "name": "Confirm Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9.._hHGvkU_PjNVpGs_ZTjKIg.F1_wEgClWpvBWBGVWPMXEA.dzFiIh1nXNAs9tziAjBDzA" }, { - "name": "JWS Algorithm", - "value": "RS256" + "name": "Authentication Service", + "value": "https://localhost:9031/IdpSample/?cmd=sso" }, { - "name": "Active Symmetric Key ID", - "value": "" + "name": "Transport Mode", + "value": "1" }, { - "name": "Active Signing Certificate Key ID", - "value": "k1" + "name": "Token Name", + "value": "idpopentoken" }, { - "name": "JWE Algorithm", - "value": "" + "name": "Cipher Suite", + "value": "2" }, { - "name": "JWE Content Encryption Algorithm", - "value": "" + "name": "Logout Service", + "value": "https://localhost:9031/IdpSample/?cmd=slo" }, { - "name": "Active Symmetric Encryption Key ID", + "name": "Cookie Domain", "value": "" }, { - "name": "Asymmetric Encryption Key", - "value": "" + "name": "Cookie Path", + "value": "/" }, { - "name": "Asymmetric Encryption JWKS URL", - "value": "" + "name": "Token Lifetime", + "value": "300" }, { - "name": "Enable Token Revocation", - "value": "false" + "name": "Session Lifetime", + "value": "43200" }, { - "name": "Include Key ID Header Parameter", - "value": "true" + "name": "Not Before Tolerance", + "value": "0" }, { - "name": "Include X.509 Thumbprint Header Parameter", + "name": "Force SunJCE Provider", "value": "false" }, { - "name": "Default JWKS URL Cache Duration", - "value": "720" + "name": "Use Verbose Error Messages", + "value": "false" }, { - "name": "Include JWE Key ID Header Parameter", + "name": "Obfuscate Password", "value": "true" }, { - "name": "Include JWE X.509 Thumbprint Header Parameter", + "name": "Session Cookie", "value": "false" }, { - "name": "Client ID Claim Name", - "value": "client_id_name" + "name": "Secure Cookie", + "value": "false" }, { - "name": "Scope Claim Name", - "value": "scope" + "name": "Delete Cookie", + "value": "false" }, { - "name": "Space Delimit Scope Values", + "name": "Replay Prevention", "value": "false" }, { - "name": "Authorization Details Claim Name", - "value": "authorization_details" + "name": "Skip Malformed Attribute Detection", + "value": "false" }, { - "name": "Issuer Claim Value", - "value": "" + "name": "SameSite Cookie", + "value": "3" }, { - "name": "Audience Claim Value", - "value": "" + "name": "HTTP Only Flag", + "value": "true" }, { - "name": "Not Before Claim Offset", - "value": "" - }, + "name": "Track Authentication Time", + "value": "true" + } + ] + }, + "lastModified": "2025-01-02T19:37:47.524Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Include Issued At Claim", - "value": "false" + "name": "subject", + "masked": false, + "pseudonym": true + } + ], + "extendedAttributes": [], + "maskOgnlValues": false + }, + "attributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "ADAPTER" + }, + "value": "subject" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + } + }, + { + "id": "ciamHtmlForm", + "name": "Customer HTML Form (PF)", + "pluginDescriptorRef": { + "id": "com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter" + }, + "configuration": { + "tables": [ + { + "name": "Credential Validators", + "rows": [ + { + "fields": [ + { + "name": "Password Credential Validator Instance", + "value": "PDPCV" + } + ], + "defaultRow": false + } + ] + } + ], + "fields": [ + { + "name": "Challenge Retries", + "value": "3" }, { - "name": "JWT ID Claim Length", - "value": "22" + "name": "Session State", + "value": "None" }, { - "name": "Access Grant GUID Claim Name", - "value": "agid" + "name": "Session Timeout", + "value": "60" }, { - "name": "JWKS Endpoint Path", + "name": "Session Max Timeout", + "value": "480" + }, + { + "name": "Allow Password Changes", + "value": "true" + }, + { + "name": "Password Management System", "value": "" }, { - "name": "JWKS Endpoint Cache Duration", - "value": "720" + "name": "Enable 'Remember My Username'", + "value": "true" }, { - "name": "Publish Key ID X.509 URL", + "name": "Enable 'This is My Device'", "value": "false" }, { - "name": "Publish Thumbprint X.509 URL", + "name": "Change Password Policy Contract", + "value": "" + }, + { + "name": "Change Password Email Notification", "value": "false" }, { - "name": "Expand Scope Groups", + "name": "Show Password Expiring Warning", "value": "false" }, { - "name": "Type Header Value", + "name": "Password Reset Type", + "value": "NONE" + }, + { + "name": "Password Reset Policy Contract", "value": "" - } - ] - }, - "attributeContract": { - "coreAttributes": [], - "extendedAttributes": [ + }, { - "name": "Username", - "multiValued": false + "name": "Revoke Sessions After Password Change Or Reset", + "value": "false" }, { - "name": "OrgName", - "multiValued": false - } - ], - "defaultSubjectAttribute": "OrgName" - }, - "selectionSettings": { - "resourceUris": [] - }, - "accessControlSettings": { - "restrictClients": false, - "allowedClients": [] - }, - "sessionValidationSettings": { - "checkValidAuthnSession": false, - "checkSessionRevocationStatus": false, - "updateAuthnSessionActivity": false, - "includeSessionId": false - }, - "sequenceNumber": 2 - } - ] - }, - { - "resourceType": "/oauth/accessTokenManagers/settings", - "operationType": "SAVE", - "items": [ - { - "defaultAccessTokenManagerRef": { - "id": "jwt", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/accessTokenManagers/jwt" - } - } - ] - }, - { - "resourceType": "/oauth/authServerSettings", - "operationType": "SAVE", - "items": [ - { - "defaultScopeDescription": "", - "scopes": [ - { - "name": "email", - "description": "email scope", - "dynamic": false - } - ], - "scopeGroups": [], - "exclusiveScopes": [], - "exclusiveScopeGroups": [], - "authorizationCodeTimeout": 60, - "authorizationCodeEntropy": 30, - "disallowPlainPKCE": false, - "includeIssuerInAuthorizationResponse": false, - "persistentGrantLifetime": -1, - "persistentGrantLifetimeUnit": "DAYS", - "persistentGrantIdleTimeout": 30, - "persistentGrantIdleTimeoutTimeUnit": "DAYS", - "refreshTokenLength": 42, - "rollRefreshTokenValues": false, - "refreshTokenRollingGracePeriod": 60, - "refreshRollingInterval": 0, - "persistentGrantReuseGrantTypes": [ - "IMPLICIT" - ], - "persistentGrantContract": { - "extendedAttributes": [], - "coreAttributes": [ + "name": "Account Unlock", + "value": "false" + }, { - "name": "USER_KEY" + "name": "Local Identity Profile", + "value": "regIdentityProfile" }, { - "name": "USER_NAME" - } - ] - }, - "bypassAuthorizationForApprovedGrants": false, - "allowUnidentifiedClientROCreds": false, - "allowUnidentifiedClientExtensionGrants": false, - "tokenEndpointBaseUrl": "", - "userAuthorizationUrl": "", - "registeredAuthorizationPath": "", - "pendingAuthorizationTimeout": 600, - "bypassActivationCodeConfirmation": false, - "devicePollingInterval": 5, - "activationCodeCheckMode": "AFTER_AUTHENTICATION", - "userAuthorizationConsentPageSetting": "INTERNAL", - "atmIdForOAuthGrantManagement": "jwt", - "scopeForOAuthGrantManagement": "email", - "allowedOrigins": [], - "trackUserSessionsForLogout": false, - "parReferenceTimeout": 60, - "parReferenceLength": 24, - "parStatus": "ENABLED", - "clientSecretRetentionPeriod": 0, - "jwtSecuredAuthorizationResponseModeLifetime": 600 - } - ] - }, - { - "resourceType": "/oauth/clients", - "operationType": "SAVE", - "items": [ - { - "clientId": "test", - "enabled": true, - "redirectUris": [], - "grantTypes": [ - "CLIENT_CREDENTIALS", - "ACCESS_TOKEN_VALIDATION" - ], - "name": "test", - "description": "", - "logoUrl": "", - "modificationDate": "2024-01-30T20:22:16.054Z", - "creationDate": "2024-01-30T17:50:18.492Z", - "refreshRolling": "SERVER_DEFAULT", - "refreshTokenRollingIntervalType": "SERVER_DEFAULT", - "persistentGrantExpirationType": "SERVER_DEFAULT", - "persistentGrantExpirationTime": 0, - "persistentGrantExpirationTimeUnit": "DAYS", - "persistentGrantIdleTimeoutType": "SERVER_DEFAULT", - "persistentGrantIdleTimeout": 0, - "persistentGrantIdleTimeoutTimeUnit": "DAYS", - "persistentGrantReuseType": "SERVER_DEFAULT", - "allowAuthenticationApiInit": false, - "bypassApprovalPage": false, - "restrictScopes": false, - "requirePushedAuthorizationRequests": false, - "requireJwtSecuredAuthorizationResponseMode": false, - "restrictedScopes": [], - "exclusiveScopes": [], - "restrictedResponseTypes": [], - "authorizationDetailTypes": [], - "defaultAccessTokenManagerRef": { - "id": "jwt", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/accessTokenManagers/jwt" - }, - "restrictToDefaultAccessTokenManager": false, - "validateUsingAllEligibleAtms": false, - "oidcPolicy": { - "policyGroup": {}, - "grantAccessSessionRevocationApi": false, - "grantAccessSessionSessionManagementApi": false, - "logoutMode": "NONE", - "pingAccessLogoutCapable": false, - "pairwiseIdentifierUserType": false - }, - "clientAuth": { - "type": "SECRET", - "encryptedSecret": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjAuOSJ9..Rsv3b2i5_n5YafLuS-mr9g.3ys3kpiqcbrn6XoSn7qumr3F8tVgLWRNecgYCgNMN3uVft6x5xAjWJktgr3dVw08XK2CYeV2gXHPB5EnOTy7_mLuH9GFtK9i1YdnpPxK82w.hKLjJaBHpaPR3NUklqziLw", - "secondarySecrets": [] - }, - "deviceFlowSettingType": "SERVER_DEFAULT", - "requireProofKeyForCodeExchange": false, - "refreshTokenRollingGracePeriodType": "SERVER_DEFAULT", - "clientSecretRetentionPeriodType": "SERVER_DEFAULT", - "requireSignedRequests": false - } - ] - }, - { - "resourceType": "/oauth/accessTokenMappings", - "operationType": "SAVE", - "items": [ - { - "attributeSources": [], - "attributeContractFulfillment": { - "Username": { - "source": { - "type": "TEXT" + "name": "Notification Publisher", + "value": "" }, - "value": "Administrator" - }, - "OrgName": { - "source": { - "type": "TEXT" + { + "name": "Enable Username Recovery", + "value": "false" }, - "value": "Ping" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - }, - "id": "client_credentials|jwt", - "context": { - "type": "CLIENT_CREDENTIALS" - }, - "accessTokenManagerRef": { - "id": "jwt", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/accessTokenManagers/jwt" - } - }, - { - "attributeSources": [], - "attributeContractFulfillment": { - "Username": { - "source": { - "type": "TEXT" + { + "name": "Login Template", + "value": "html.form.login.template.html" }, - "value": "Administrator" - }, - "OrgName": { - "source": { - "type": "TEXT" + { + "name": "Logout Path", + "value": "" }, - "value": "Ping" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - }, - "id": "default|jwt", - "context": { - "type": "DEFAULT" - }, - "accessTokenManagerRef": { - "id": "jwt", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/oauth/accessTokenManagers/jwt" - } - } - ] - }, - { - "resourceType": "/localIdentity/identityProfiles", - "operationType": "SAVE", - "items": [ - { - "id": "adminIdentityProfile", - "name": "Admin Identity Profile", - "apcId": { - "id": "default", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/default" - }, - "authSources": [ - { - "source": "SecurityKey", - "id": "SecurityKey" - }, - { - "source": "FIDO", - "id": "FIDO" - } - ], - "authSourceUpdatePolicy": { - "storeAttributes": false, - "retainAttributes": false, - "updateAttributes": false, - "updateInterval": 0 - }, - "fieldConfig": { - "fields": [ { - "type": "TEXT", - "id": "fullName", - "label": "Full Name", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "Logout Redirect", + "value": "" }, { - "type": "TEXT", - "id": "firstName", - "label": "First Name", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "Logout Template", + "value": "idp.logout.success.page.template.html" }, { - "type": "TEXT", - "id": "lastName", - "label": "Last Name", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "Change Password Template", + "value": "html.form.change.password.template.html" }, { - "type": "EMAIL", - "id": "email", - "label": "Email Address", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": true, - "Unique ID Field": false, - "Mask Log Values": false - } + "name": "Change Password Message Template", + "value": "html.form.message.template.html" }, { - "type": "PHONE", - "id": "phoneNumber", - "label": "Phone Number", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - } + "name": "Password Management System Message Template", + "value": "html.form.message.template.html" }, { - "type": "TEXT", - "id": "username", - "label": "Username", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": true, - "Unique ID Field": true, - "Mask Log Values": false - }, - "defaultValue": "" - } - ], - "stripSpaceFromUniqueField": true - }, - "emailVerificationConfig": { - "emailVerificationEnabled": false - }, - "dataStoreConfig": { - "type": "LDAP", - "dataStoreRef": { - "id": "LDAP-PingDirectory", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/dataStores/LDAP-PingDirectory" - }, - "baseDn": "ou=Administrators,dc=example,dc=com", - "createPattern": "", - "objectClass": "", - "dataStoreMapping": { - "firstName": { - "type": "LDAP", - "name": "givenName", - "metadata": {} + "name": "Change Password Email Template", + "value": "message-template-end-user-password-change.html" }, - "lastName": { - "type": "LDAP", - "name": "sn", - "metadata": {} + { + "name": "Expiring Password Warning Template", + "value": "html.form.password.expiring.notification.template.html" }, - "phoneNumber": { - "type": "LDAP", - "name": "mobile", - "metadata": {} + { + "name": "Threshold for Expiring Password Warning", + "value": "7" }, - "fullName": { - "type": "LDAP", - "name": "cn", - "metadata": {} + { + "name": "Snooze Interval for Expiring Password Warning", + "value": "24" }, - "email": { - "type": "LDAP", - "name": "mail", - "metadata": {} + { + "name": "Login Challenge Template", + "value": "html.form.login.challenge.template.html" }, - "username": { - "type": "LDAP", - "name": "uid", - "metadata": {} - } - } - }, - "profileConfig": { - "deleteIdentityEnabled": false, - "templateName": "local.identity.profile.html" - }, - "registrationEnabled": false, - "profileEnabled": true - }, - { - "id": "regIdentityProfile", - "name": "Registration Identity Profile", - "apcId": { - "id": "samplePolicyContract", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/samplePolicyContract" - }, - "authSources": [], - "authSourceUpdatePolicy": { - "storeAttributes": false, - "retainAttributes": false, - "updateAttributes": false, - "updateInterval": 0 - }, - "registrationConfig": { - "captchaEnabled": false, - "templateName": "local.identity.registration.html", - "createAuthnSessionAfterRegistration": true, - "usernameField": "username", - "thisIsMyDeviceEnabled": false - }, - "fieldConfig": { - "fields": [ { - "type": "TEXT", - "id": "firstName", - "label": "First Name", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "'Remember My Username' Lifetime", + "value": "30" }, { - "type": "TEXT", - "id": "lastName", - "label": "Last Name", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "'This is My Device' Lifetime", + "value": "30" }, { - "type": "TEXT", - "id": "fullName", - "label": "Full Name", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "Allow Username Edits During Chaining", + "value": "false" }, { - "type": "EMAIL", - "id": "email", - "label": "Email Address", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": true, - "Unique ID Field": false, - "Mask Log Values": false - } + "name": "Track Authentication Time", + "value": "true" }, { - "type": "PHONE", - "id": "phoneNumber", - "label": "Phone Number", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": false, - "Unique ID Field": false, - "Mask Log Values": false - } + "name": "Post-Password Change Re-Authentication Delay", + "value": "0" }, { - "type": "TEXT", - "id": "username", - "label": "Username", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Read-Only": false, - "Required": true, - "Unique ID Field": true, - "Mask Log Values": false - }, - "defaultValue": "" + "name": "Password Reset Username Template", + "value": "forgot-password.html" }, { - "type": "HIDDEN", - "id": "ImmutableID", - "label": "ImmutableID", - "registrationPageField": true, - "profilePageField": true, - "attributes": { - "Unique ID Field": false, - "Mask Log Values": false - } + "name": "Password Reset Code Template", + "value": "forgot-password-resume.html" }, { - "type": "HIDDEN", - "id": "accountVerified", - "label": "Account Verified", - "registrationPageField": false, - "profilePageField": true, - "attributes": { - "Unique ID Field": false, - "Mask Log Values": false - } - } - ], - "stripSpaceFromUniqueField": false - }, - "emailVerificationConfig": { - "emailVerificationEnabled": false - }, - "dataStoreConfig": { - "type": "LDAP", - "dataStoreRef": { - "id": "LDAP-PingDirectory", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/dataStores/LDAP-PingDirectory" - }, - "baseDn": "ou=People,dc=example,dc=com", - "createPattern": "uid=${username}", - "objectClass": "inetOrgPerson", - "auxiliaryObjectClasses": [ - "pf-connected-identities", - "ubidPersonAux" - ], - "dataStoreMapping": { - "firstName": { - "type": "LDAP", - "name": "givenName", - "metadata": {} - }, - "lastName": { - "type": "LDAP", - "name": "sn", - "metadata": {} - }, - "phoneNumber": { - "type": "LDAP", - "name": "mobile", - "metadata": {} - }, - "ImmutableID": { - "type": "LDAP", - "name": "entryUUID", - "metadata": {} - }, - "fullName": { - "type": "LDAP", - "name": "cn", - "metadata": {} - }, - "accountVerified": { - "type": "LDAP", - "name": "ubidAccountVerified", - "metadata": {} - }, - "email": { - "type": "LDAP", - "name": "mail", - "metadata": {} + "name": "Password Reset Template", + "value": "forgot-password-change.html" }, - "username": { - "type": "LDAP", - "name": "uid", - "metadata": {} - } - } - }, - "profileConfig": { - "deleteIdentityEnabled": false, - "templateName": "local.identity.profile.html" - }, - "registrationEnabled": true, - "profileEnabled": true - } - ] - }, - { - "resourceType": "/passwordCredentialValidators", - "operationType": "SAVE", - "items": [ - { - "id": "PDPCV", - "name": "PD PCV", - "pluginDescriptorRef": { - "id": "org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator" - }, - "configuration": { - "tables": [ { - "name": "Authentication Error Overrides", - "rows": [] - } - ], - "fields": [ + "name": "Password Reset Error Template", + "value": "forgot-password-error.html" + }, { - "name": "LDAP Datastore", - "value": "LDAP-PingDirectory" + "name": "Password Reset Success Template", + "value": "forgot-password-success.html" }, { - "name": "Search Base", - "value": "dc=example,dc=com" + "name": "Account Unlock Template", + "value": "account-unlock.html" }, { - "name": "Search Filter", - "value": "(|(uid=${username})(mail=${username}))" + "name": "OTP Length", + "value": "8" }, { - "name": "Scope of Search", - "value": "Subtree" + "name": "OTP Time to Live", + "value": "10" }, { - "name": "Case-Sensitive Matching", - "value": "true" + "name": "PingID Properties", + "value": "" }, { - "name": "Display Name Attribute", - "value": "displayName" + "name": "Require Verified Email", + "value": "false" }, { - "name": "Mail Attribute", - "value": "mail" + "name": "Username Recovery Template", + "value": "username.recovery.template.html" }, { - "name": "SMS Attribute", - "value": "" + "name": "Username Recovery Info Template", + "value": "username.recovery.info.template.html" }, { - "name": "PingID Username Attribute", - "value": "uid" + "name": "Username Recovery Email Template", + "value": "message-template-username-recovery.html" }, { - "name": "Mail Search Filter", - "value": "mail=${mail}" + "name": "CAPTCHA for Authentication", + "value": "false" }, { - "name": "Username Attribute", - "value": "uid" + "name": "CAPTCHA for Password change", + "value": "false" }, { - "name": "Trim Username Spaces For Search", - "value": "true" + "name": "CAPTCHA for Password Reset", + "value": "false" }, { - "name": "Mail Verified Attribute", - "value": "" + "name": "CAPTCHA for Username recovery", + "value": "false" }, { - "name": "Account Disabled Attribute", - "value": "" + "name": "Password Update Timeout", + "value": "30" }, { - "name": "Enable PingDirectory Detailed Password Policy Requirement Messaging", + "name": "Require Re-Authentication For Expiring Password Flow", "value": "false" }, { - "name": "Expect Password Expired Control", - "value": "false" + "name": "Require Re-Authentication for Change Password Flow", + "value": "true" + }, + { + "name": "Require Re-Authentication for Password Reset Flow", + "value": "true" + }, + { + "name": "Password Reset One-Time Link Email Template", + "value": "message-template-forgot-password-link.html" + }, + { + "name": "Password Reset One-Time Password Email Template", + "value": "message-template-forgot-password-code.html" + }, + { + "name": "Account Disabled Email Template", + "value": "message-template-account-disabled.html" + }, + { + "name": "Password Reset Complete Email Template", + "value": "message-template-forgot-password-complete.html" + }, + { + "name": "Password Reset Failed Email Template", + "value": "message-template-forgot-password-failed.html" + }, + { + "name": "Account Unlock Email Template", + "value": "message-template-account-unlock-complete.html" + }, + { + "name": "Allowed OTP Character Set", + "value": "23456789BCDFGHJKMNPQRSTVWXZbcdfghjkmnpqrstvwxz" + }, + { + "name": "CAPTCHA Provider", + "value": "" + }, + { + "name": "Fail Authentication on Account Lockout", + "value": "true" } ] }, + "lastModified": "2025-01-02T19:37:47.596Z", "attributeContract": { "coreAttributes": [ { - "name": "mail" - }, - { - "name": "givenName" - }, - { - "name": "DN" + "name": "policy.action", + "masked": false, + "pseudonym": false }, { - "name": "username" + "name": "username", + "masked": false, + "pseudonym": true } ], "extendedAttributes": [ { - "name": "entryUUID" + "name": "entryUUID", + "masked": false, + "pseudonym": false }, { - "name": "uid" + "name": "uid", + "masked": false, + "pseudonym": false }, { - "name": "sn" + "name": "mail", + "masked": false, + "pseudonym": false + }, + { + "name": "givenName", + "masked": false, + "pseudonym": false + }, + { + "name": "sn", + "masked": false, + "pseudonym": false } - ] + ], + "maskOgnlValues": false + }, + "attributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "entryUUID": { + "source": { + "type": "ADAPTER" + }, + "value": "entryUUID" + }, + "uid": { + "source": { + "type": "ADAPTER" + }, + "value": "uid" + }, + "mail": { + "source": { + "type": "ADAPTER" + }, + "value": "mail" + }, + "policy.action": { + "source": { + "type": "ADAPTER" + }, + "value": "policy.action" + }, + "givenName": { + "source": { + "type": "ADAPTER" + }, + "value": "givenName" + }, + "sn": { + "source": { + "type": "ADAPTER" + }, + "value": "sn" + }, + "username": { + "source": { + "type": "ADAPTER" + }, + "value": "username" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } } }, { - "id": "pingdirectory", - "name": "pingdirectory", + "id": "htmlForm", + "name": "Employee HTML Form", "pluginDescriptorRef": { - "id": "org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.LDAPUsernamePasswordCredentialValidator" + "id": "com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter" }, "configuration": { "tables": [ { - "name": "Authentication Error Overrides", - "rows": [] + "name": "Credential Validators", + "rows": [ + { + "fields": [ + { + "name": "Password Credential Validator Instance", + "value": "PDPCV" + } + ], + "defaultRow": false + } + ] } ], "fields": [ { - "name": "LDAP Datastore", - "value": "pingdirectory" + "name": "Challenge Retries", + "value": "3" }, { - "name": "Search Base", - "value": "dc=example,dc=com" + "name": "Session State", + "value": "None" }, { - "name": "Search Filter", - "value": "(&(objectClass=person)(|(mail=${username})(cn=${username})(uid=${username})))" + "name": "Session Timeout", + "value": "60" }, { - "name": "Scope of Search", - "value": "Subtree" + "name": "Session Max Timeout", + "value": "480" }, { - "name": "Case-Sensitive Matching", + "name": "Allow Password Changes", "value": "false" }, { - "name": "Display Name Attribute", - "value": "displayName" + "name": "Password Management System", + "value": "" }, { - "name": "Mail Attribute", - "value": "mail" + "name": "Enable 'Remember My Username'", + "value": "false" }, { - "name": "SMS Attribute", - "value": "" + "name": "Enable 'This is My Device'", + "value": "false" }, { - "name": "PingID Username Attribute", - "value": "" + "name": "Change Password Email Notification", + "value": "false" }, { - "name": "Mail Search Filter", - "value": "" + "name": "Show Password Expiring Warning", + "value": "false" }, { - "name": "Username Attribute", - "value": "" + "name": "Password Reset Type", + "value": "NONE" }, { - "name": "Mail Verified Attribute", + "name": "Password Reset Policy Contract", "value": "" }, { - "name": "Trim Username Spaces For Search", + "name": "Account Unlock", "value": "false" }, { - "name": "Account Disabled Attribute", + "name": "Local Identity Profile", + "value": "adminIdentityProfile" + }, + { + "name": "Notification Publisher", "value": "" }, { - "name": "Enable PingDirectory Detailed Password Policy Requirement Messaging", + "name": "Enable Username Recovery", "value": "false" }, { - "name": "Expect Password Expired Control", + "name": "Change Password Policy Contract", + "value": "" + }, + { + "name": "Revoke Sessions After Password Change Or Reset", "value": "false" - } - ] - }, - "attributeContract": { - "coreAttributes": [ + }, { - "name": "mail" + "name": "Login Template", + "value": "html.form.login.template.html" }, { - "name": "givenName" + "name": "Logout Path", + "value": "" }, { - "name": "DN" + "name": "Logout Redirect", + "value": "" }, { - "name": "username" - } - ], - "extendedAttributes": [ + "name": "Logout Template", + "value": "idp.logout.success.page.template.html" + }, { - "name": "entryUUID" - } - ] - } - }, - { - "id": "simple", - "name": "simple", - "pluginDescriptorRef": { - "id": "org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/passwordCredentialValidators/descriptors/org.sourceid.saml20.domain.SimpleUsernamePasswordCredentialValidator" - }, - "configuration": { - "tables": [ + "name": "Change Password Template", + "value": "html.form.change.password.template.html" + }, { - "name": "Users", - "rows": [ - { - "fields": [ - { - "name": "Username", - "value": "joe" - }, - { - "name": "Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9.._Rw8wgxapi44LBCF_Mva2A.DDzCFD5PziQ2cYuBBT-Y7xU7_rVmU0GRh_EYNcrKi0dkvF-uVoiuMJU5SzlQW3tM3l-Ggb5uxXLtldJdXAjzFg.H-K-IJG9WM-Wq-b3yFGnOg" - }, - { - "name": "Confirm Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..S-RNUEPVKvS2sMLsHV3AXg.zZAwob08IHwTMQaLcjA-HJVfy3DxILMqXtI1LY5RSsB4cVtYEoQHa62WG4r3-j3lTHGJCmZdg7DZZHRZsrZuow.f6BXV0L8wMxm3J81SwaPJg" - }, - { - "name": "Relax Password Requirements", - "value": "true" - } - ], - "defaultRow": false - } - ] - } - ], - "fields": [] - }, - "attributeContract": { - "coreAttributes": [ + "name": "Change Password Message Template", + "value": "html.form.message.template.html" + }, { - "name": "username" - } - ] - } - } - ] - }, - { - "resourceType": "/authenticationPolicies/fragments", - "operationType": "SAVE", - "items": [ - { - "id": "FirstFactor", - "name": "First_Factor", - "description": "Used for Customer First Factor", - "rootNode": { - "action": { - "type": "AUTHN_SOURCE", - "authenticationSource": { - "type": "IDP_ADAPTER", - "sourceRef": { - "id": "ciamHtmlForm", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/ciamHtmlForm" - } + "name": "Password Management System Message Template", + "value": "html.form.message.template.html" }, - "attributeRules": { - "items": [ - { - "attributeSource": { - "type": "ADAPTER", - "id": "ciamHtmlForm" - }, - "attributeName": "policy.action", - "condition": "EQUALS_CASE_INSENSITIVE", - "expectedValue": "identity.registration", - "result": "Register" - } - ], - "fallbackToSuccess": true - } - }, - "children": [ { - "action": { - "type": "DONE", - "context": "Fail" - } + "name": "Change Password Email Template", + "value": "message-template-end-user-password-change.html" }, { - "action": { - "type": "LOCAL_IDENTITY_MAPPING", - "context": "Register", - "localIdentityRef": { - "id": "regIdentityProfile", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/localIdentity/identityProfiles/regIdentityProfile" - }, - "inboundMapping": { - "attributeSources": [], - "attributeContractFulfillment": {}, - "issuanceCriteria": { - "conditionalCriteria": [] - } - }, - "outboundAttributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "firstName": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "firstName" - }, - "lastName": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "lastName" - }, - "ImmutableID": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "ImmutableID" - }, - "mail": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "email" - }, - "subject": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "username" - }, - "SAML_AUTHN_CTX": { - "source": { - "type": "TEXT" - }, - "value": "registered" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - } - } + "name": "Expiring Password Warning Template", + "value": "html.form.password.expiring.notification.template.html" }, { - "action": { - "type": "LOCAL_IDENTITY_MAPPING", - "context": "Success", - "localIdentityRef": { - "id": "regIdentityProfile", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/localIdentity/identityProfiles/regIdentityProfile" - }, - "inboundMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "pf.local.identity.unique.id": { - "source": { - "type": "ADAPTER", - "id": "ciamHtmlForm" - }, - "value": "uid" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - }, - "outboundAttributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "firstName": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "firstName" - }, - "lastName": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "lastName" - }, - "ImmutableID": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "ImmutableID" - }, - "mail": { - "source": { - "type": "LOCAL_IDENTITY_PROFILE", - "id": "regIdentityProfile" - }, - "value": "email" - }, - "subject": { - "source": { - "type": "ADAPTER", - "id": "ciamHtmlForm" - }, - "value": "username" - }, - "SAML_AUTHN_CTX": { - "source": { - "type": "TEXT" - }, - "value": "single_factor" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - } - } - } - ] - }, - "inputs": { - "id": "DkhZxRcZchsed90U", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" - }, - "outputs": { - "id": "samplePolicyContract", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/samplePolicyContract" - } - }, - { - "id": "Identify_First", - "name": "Identify_First", - "description": "Used for First Factors that just use the User Identifier", - "rootNode": { - "action": { - "type": "AUTHN_SOURCE", - "authenticationSource": { - "type": "IDP_ADAPTER", - "sourceRef": { - "id": "IDFirst", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/IDFirst" - } + "name": "Threshold for Expiring Password Warning", + "value": "7" }, - "inputUserIdMapping": { - "source": { - "type": "INPUTS", - "id": "Inputs" - }, - "value": "subject" + { + "name": "Snooze Interval for Expiring Password Warning", + "value": "24" }, - "userIdAuthenticated": false - }, - "children": [ { - "action": { - "type": "DONE", - "context": "Fail" - } + "name": "Login Challenge Template", + "value": "html.form.login.challenge.template.html" }, { - "action": { - "type": "APC_MAPPING", - "context": "Success", - "authenticationPolicyContractRef": { - "id": "DkhZxRcZchsed90U", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" - }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "subject": { - "source": { - "type": "ADAPTER", - "id": "IDFirst" - }, - "value": "uid" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - } - } - } - ] - }, - "inputs": { - "id": "DkhZxRcZchsed90U", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" - }, - "outputs": { - "id": "DkhZxRcZchsed90U", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" - } - }, - { - "id": "InternalAuthN", - "name": "Internal AuthN", - "description": "Used for Internal Authentication", - "rootNode": { - "action": { - "type": "AUTHN_SOURCE", - "authenticationSource": { - "type": "IDP_ADAPTER", - "sourceRef": { - "id": "htmlForm", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/htmlForm" - } - } - }, - "children": [ - { - "action": { - "type": "DONE", - "context": "Fail" - } + "name": "'Remember My Username' Lifetime", + "value": "30" }, { - "action": { - "type": "APC_MAPPING", - "context": "Success", - "authenticationPolicyContractRef": { - "id": "default", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/default" - }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "firstName": { - "source": { - "type": "NO_MAPPING" - } - }, - "lastName": { - "source": { - "type": "NO_MAPPING" - } - }, - "ImmutableID": { - "source": { - "type": "ADAPTER", - "id": "htmlForm" - }, - "value": "entryUUID" - }, - "mail": { - "source": { - "type": "ADAPTER", - "id": "htmlForm" - }, - "value": "mail" - }, - "subject": { - "source": { - "type": "ADAPTER", - "id": "htmlForm" - }, - "value": "uid" - }, - "SAML_AUTHN_CTX": { - "source": { - "type": "TEXT" - }, - "value": "internal" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - } - } - } - ] - }, - "inputs": { - "id": "DkhZxRcZchsed90U", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" - }, - "outputs": { - "id": "default", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationPolicyContracts/default" - } - } - ] - }, - { - "resourceType": "/idp/adapters", - "operationType": "SAVE", - "items": [ - { - "id": "IDFirst", - "name": "Identifier-First", - "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.identifierfirst.idp.IdentifierFirstAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.identifierfirst.idp.IdentifierFirstAdapter" - }, - "configuration": { - "tables": [], - "fields": [ - { - "name": "Identifier Cookie Lifetime", + "name": "'This is My Device' Lifetime", "value": "30" }, { - "name": "Allow Cancelling Identifier Selection", + "name": "Allow Username Edits During Chaining", "value": "false" }, { - "name": "Maximum Identifiers Count", - "value": "5" + "name": "Track Authentication Time", + "value": "true" }, { - "name": "Identifier Selection Template", - "value": "identifier.first.template.html" + "name": "Post-Password Change Re-Authentication Delay", + "value": "0" }, { - "name": "Enable Risk Provider", - "value": "false" + "name": "Password Reset Username Template", + "value": "forgot-password.html" }, { - "name": "Risk Provider", - "value": "" - } - ] - }, - "attributeContract": { - "coreAttributes": [ - { - "name": "subject", - "masked": false, - "pseudonym": true + "name": "Password Reset Code Template", + "value": "forgot-password-resume.html" }, { - "name": "domain", - "masked": false, - "pseudonym": false - } - ], - "extendedAttributes": [ - { - "name": "entryUUID", - "masked": false, - "pseudonym": false + "name": "Password Reset Template", + "value": "forgot-password-change.html" }, { - "name": "uid", - "masked": false, - "pseudonym": false + "name": "Password Reset Error Template", + "value": "forgot-password-error.html" }, { - "name": "mail", - "masked": false, - "pseudonym": false - } - ], - "maskOgnlValues": false - }, - "attributeMapping": { - "attributeSources": [ - { - "type": "LDAP", - "dataStoreRef": { - "id": "LDAP-PingDirectory", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/dataStores/LDAP-PingDirectory" - }, - "id": "PD", - "description": "PD", - "baseDn": "dc=example,dc=com", - "searchScope": "SUBTREE", - "searchFilter": "(|(uid=${subject} )(mail=${subject}))", - "binaryAttributeSettings": {}, - "memberOfNestedGroup": false - } - ], - "attributeContractFulfillment": { - "entryUUID": { - "source": { - "type": "LDAP_DATA_STORE", - "id": "PD" - }, - "value": "entryUUID" - }, - "uid": { - "source": { - "type": "LDAP_DATA_STORE", - "id": "PD" - }, - "value": "uid" - }, - "mail": { - "source": { - "type": "LDAP_DATA_STORE", - "id": "PD" - }, - "value": "mail" - }, - "subject": { - "source": { - "type": "ADAPTER" - }, - "value": "subject" + "name": "Password Reset Success Template", + "value": "forgot-password-success.html" }, - "domain": { - "source": { - "type": "ADAPTER" - }, - "value": "domain" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - } - } - }, - { - "id": "OTIdPJava", - "name": "OTIdPJava", - "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.opentoken.IdpAuthnAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.opentoken.IdpAuthnAdapter" - }, - "configuration": { - "tables": [], - "fields": [ { - "name": "Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..sL84LT6Vg23hKZYYJHQ1eA.j_TBfypuPWenyRuvs_52ng.yq1SVD8f_NA8WCoD_2QqSA" + "name": "Account Unlock Template", + "value": "account-unlock.html" }, { - "name": "Confirm Password", - "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4wLjEuMCJ9..dUg3wwoXYAHkOt08bNxumA.8ZpXKQ1Tx9D5Gz83X2hbtg.txQDke4BznZvq8WGTagyng" + "name": "OTP Length", + "value": "8" }, { - "name": "Authentication Service", - "value": "https://localhost:9031/IdpSample/?cmd=sso" + "name": "OTP Time to Live", + "value": "10" }, { - "name": "Transport Mode", - "value": "1" + "name": "PingID Properties", + "value": "" }, { - "name": "Token Name", - "value": "idpopentoken" + "name": "Require Verified Email", + "value": "false" }, { - "name": "Cipher Suite", - "value": "2" + "name": "Username Recovery Template", + "value": "username.recovery.template.html" }, { - "name": "Logout Service", - "value": "https://localhost:9031/IdpSample/?cmd=slo" + "name": "Username Recovery Info Template", + "value": "username.recovery.info.template.html" }, { - "name": "Cookie Domain", - "value": "" + "name": "Username Recovery Email Template", + "value": "message-template-username-recovery.html" }, { - "name": "Cookie Path", - "value": "/" + "name": "CAPTCHA for Authentication", + "value": "false" }, { - "name": "Token Lifetime", - "value": "300" + "name": "CAPTCHA for Password change", + "value": "false" }, { - "name": "Session Lifetime", - "value": "43200" + "name": "CAPTCHA for Password Reset", + "value": "false" }, { - "name": "Not Before Tolerance", - "value": "0" + "name": "CAPTCHA for Username recovery", + "value": "false" }, { - "name": "Force SunJCE Provider", - "value": "false" + "name": "Password Update Timeout", + "value": "30" }, { - "name": "Use Verbose Error Messages", + "name": "Require Re-Authentication For Expiring Password Flow", "value": "false" }, { - "name": "Obfuscate Password", + "name": "Require Re-Authentication for Change Password Flow", "value": "true" }, { - "name": "Session Cookie", - "value": "false" + "name": "Require Re-Authentication for Password Reset Flow", + "value": "true" }, { - "name": "Secure Cookie", - "value": "false" + "name": "Password Reset One-Time Link Email Template", + "value": "message-template-forgot-password-link.html" }, { - "name": "Delete Cookie", - "value": "false" + "name": "Password Reset One-Time Password Email Template", + "value": "message-template-forgot-password-code.html" }, { - "name": "Replay Prevention", - "value": "false" + "name": "Account Disabled Email Template", + "value": "message-template-account-disabled.html" }, { - "name": "Skip Malformed Attribute Detection", - "value": "false" + "name": "Password Reset Complete Email Template", + "value": "message-template-forgot-password-complete.html" }, { - "name": "SameSite Cookie", - "value": "3" + "name": "Password Reset Failed Email Template", + "value": "message-template-forgot-password-failed.html" }, { - "name": "HTTP Only Flag", - "value": "true" + "name": "Account Unlock Email Template", + "value": "message-template-account-unlock-complete.html" }, { - "name": "Track Authentication Time", + "name": "Allowed OTP Character Set", + "value": "23456789BCDFGHJKMNPQRSTVWXZbcdfghjkmnpqrstvwxz" + }, + { + "name": "CAPTCHA Provider", + "value": "" + }, + { + "name": "Fail Authentication on Account Lockout", "value": "true" } ] }, + "lastModified": "2025-01-02T19:37:47.675Z", "attributeContract": { "coreAttributes": [ { - "name": "subject", + "name": "policy.action", + "masked": false, + "pseudonym": false + }, + { + "name": "username", "masked": false, "pseudonym": true } ], - "extendedAttributes": [], + "extendedAttributes": [ + { + "name": "entryUUID", + "masked": false, + "pseudonym": false + }, + { + "name": "uid", + "masked": false, + "pseudonym": false + }, + { + "name": "mail", + "masked": false, + "pseudonym": false + }, + { + "name": "givenName", + "masked": false, + "pseudonym": false + }, + { + "name": "cn", + "masked": false, + "pseudonym": false + }, + { + "name": "sn", + "masked": false, + "pseudonym": false + } + ], "maskOgnlValues": false }, "attributeMapping": { "attributeSources": [], "attributeContractFulfillment": { - "subject": { + "entryUUID": { "source": { "type": "ADAPTER" }, - "value": "subject" + "value": "entryUUID" + }, + "uid": { + "source": { + "type": "ADAPTER" + }, + "value": "uid" + }, + "mail": { + "source": { + "type": "ADAPTER" + }, + "value": "mail" + }, + "policy.action": { + "source": { + "type": "ADAPTER" + }, + "value": "policy.action" + }, + "givenName": { + "source": { + "type": "ADAPTER" + }, + "value": "givenName" + }, + "cn": { + "source": { + "type": "ADAPTER" + }, + "value": "cn" + }, + "sn": { + "source": { + "type": "ADAPTER" + }, + "value": "sn" + }, + "username": { + "source": { + "type": "ADAPTER" + }, + "value": "username" } }, "issuanceCriteria": { "conditionalCriteria": [] } } - }, + } + ] + }, + { + "resourceType": "/sp/adapters", + "operationType": "SAVE", + "items": [ { - "id": "ciamHtmlForm", - "name": "Customer HTML Form (PF)", + "id": "spadapter", + "name": "SpAdapter", "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter" + "id": "com.pingidentity.adapters.opentoken.SpAuthnAdapter", + "location": "https://localhost:9999/pf-admin-api/v1/sp/adapters/descriptors/com.pingidentity.adapters.opentoken.SpAuthnAdapter" }, "configuration": { - "tables": [ - { - "name": "Credential Validators", - "rows": [ - { - "fields": [ - { - "name": "Password Credential Validator Instance", - "value": "PDPCV" - } - ], - "defaultRow": false - } - ] - } - ], + "tables": [], "fields": [ { - "name": "Challenge Retries", - "value": "3" + "name": "Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..PFrv_FscMq6fEy2yX5N7AQ.GtT55khTeM8eJuVVnNK7Jg.39v7f0ww1MpoHoC_EbsUGA" }, { - "name": "Session State", - "value": "None" + "name": "Confirm Password", + "encryptedValue": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..76VQ-HU1M3cC97voJmgSFg.SHQw-_wj3-amWgLV-8o2Pg.GhWUxboRZQRqmUPlHIgI0A" }, { - "name": "Session Timeout", - "value": "60" + "name": "Transport Mode", + "value": "2" }, { - "name": "Session Max Timeout", - "value": "480" + "name": "Token Name", + "value": "opentoken" }, { - "name": "Allow Password Changes", - "value": "true" + "name": "Cipher Suite", + "value": "2" }, { - "name": "Password Management System", + "name": "Authentication Service", "value": "" }, { - "name": "Enable 'Remember My Username'", - "value": "true" + "name": "Account Link Service", + "value": "" }, { - "name": "Enable 'This is My Device'", - "value": "false" + "name": "Logout Service", + "value": "" }, { - "name": "Change Password Policy Contract", + "name": "SameSite Cookie", + "value": "3" + }, + { + "name": "Cookie Domain", "value": "" }, { - "name": "Change Password Email Notification", - "value": "false" + "name": "Cookie Path", + "value": "/" }, { - "name": "Show Password Expiring Warning", - "value": "false" + "name": "Token Lifetime", + "value": "300" }, { - "name": "Password Reset Type", - "value": "NONE" + "name": "Session Lifetime", + "value": "43200" }, { - "name": "Password Reset Policy Contract", - "value": "" + "name": "Not Before Tolerance", + "value": "0" }, { - "name": "Revoke Sessions After Password Change Or Reset", + "name": "Force SunJCE Provider", "value": "false" }, { - "name": "Account Unlock", + "name": "Use Verbose Error Messages", "value": "false" }, { - "name": "Local Identity Profile", - "value": "regIdentityProfile" - }, - { - "name": "Notification Publisher", - "value": "" - }, - { - "name": "Enable Username Recovery", - "value": "false" - }, - { - "name": "Login Template", - "value": "html.form.login.template.html" - }, - { - "name": "Logout Path", - "value": "" - }, - { - "name": "Logout Redirect", - "value": "" - }, - { - "name": "Logout Template", - "value": "idp.logout.success.page.template.html" - }, - { - "name": "Change Password Template", - "value": "html.form.change.password.template.html" - }, - { - "name": "Change Password Message Template", - "value": "html.form.message.template.html" - }, - { - "name": "Password Management System Message Template", - "value": "html.form.message.template.html" - }, - { - "name": "Change Password Email Template", - "value": "message-template-end-user-password-change.html" - }, - { - "name": "Expiring Password Warning Template", - "value": "html.form.password.expiring.notification.template.html" - }, - { - "name": "Threshold for Expiring Password Warning", - "value": "7" - }, - { - "name": "Snooze Interval for Expiring Password Warning", - "value": "24" - }, - { - "name": "Login Challenge Template", - "value": "html.form.login.challenge.template.html" - }, - { - "name": "'Remember My Username' Lifetime", - "value": "30" - }, - { - "name": "'This is My Device' Lifetime", - "value": "30" - }, - { - "name": "Allow Username Edits During Chaining", - "value": "false" - }, - { - "name": "Track Authentication Time", + "name": "Obfuscate Password", "value": "true" }, { - "name": "Post-Password Change Re-Authentication Delay", - "value": "0" - }, - { - "name": "Password Reset Username Template", - "value": "forgot-password.html" - }, - { - "name": "Password Reset Code Template", - "value": "forgot-password-resume.html" - }, - { - "name": "Password Reset Template", - "value": "forgot-password-change.html" - }, - { - "name": "Password Reset Error Template", - "value": "forgot-password-error.html" - }, - { - "name": "Password Reset Success Template", - "value": "forgot-password-success.html" - }, - { - "name": "Account Unlock Template", - "value": "account-unlock.html" - }, - { - "name": "OTP Length", - "value": "8" - }, - { - "name": "OTP Time to Live", - "value": "10" - }, - { - "name": "PingID Properties", - "value": "" - }, - { - "name": "Require Verified Email", - "value": "false" - }, - { - "name": "Username Recovery Template", - "value": "username.recovery.template.html" - }, - { - "name": "Username Recovery Info Template", - "value": "username.recovery.info.template.html" - }, - { - "name": "Username Recovery Email Template", - "value": "message-template-username-recovery.html" - }, - { - "name": "CAPTCHA for Authentication", - "value": "false" - }, - { - "name": "CAPTCHA for Password change", - "value": "false" - }, - { - "name": "CAPTCHA for Password Reset", - "value": "false" - }, - { - "name": "CAPTCHA for Username recovery", - "value": "false" - }, - { - "name": "Password Update Timeout", - "value": "30" - }, - { - "name": "Require Re-Authentication For Expiring Password Flow", + "name": "Session Cookie", "value": "false" }, { - "name": "Require Re-Authentication for Change Password Flow", + "name": "Secure Cookie", "value": "true" }, { - "name": "Require Re-Authentication for Password Reset Flow", + "name": "HTTP Only Flag", "value": "true" }, { - "name": "Password Reset One-Time Link Email Template", - "value": "message-template-forgot-password-link.html" - }, - { - "name": "Password Reset One-Time Password Email Template", - "value": "message-template-forgot-password-code.html" - }, - { - "name": "Account Disabled Email Template", - "value": "message-template-account-disabled.html" - }, - { - "name": "Password Reset Complete Email Template", - "value": "message-template-forgot-password-complete.html" - }, - { - "name": "Password Reset Failed Email Template", - "value": "message-template-forgot-password-failed.html" + "name": "Send Subject as Query Parameter", + "value": "false" }, { - "name": "Account Unlock Email Template", - "value": "message-template-account-unlock-complete.html" + "name": "Subject Query Parameter ", + "value": "" }, { - "name": "Allowed OTP Character Set", - "value": "23456789BCDFGHJKMNPQRSTVWXZbcdfghjkmnpqrstvwxz" + "name": "Send Extended Attributes", + "value": "" }, { - "name": "CAPTCHA Provider", - "value": "" + "name": "Skip Trimming of Trailing Backslashes", + "value": "false" }, { - "name": "Fail Authentication on Account Lockout", + "name": "URL Encode Cookie Values", "value": "true" } ] }, + "lastModified": "2025-01-02T19:37:47.706Z", "attributeContract": { "coreAttributes": [ { - "name": "policy.action", - "masked": false, - "pseudonym": false - }, - { - "name": "username", - "masked": false, - "pseudonym": true - } - ], - "extendedAttributes": [ - { - "name": "entryUUID", - "masked": false, - "pseudonym": false - }, - { - "name": "uid", - "masked": false, - "pseudonym": false - }, - { - "name": "mail", - "masked": false, - "pseudonym": false - }, - { - "name": "givenName", - "masked": false, - "pseudonym": false - }, - { - "name": "sn", - "masked": false, - "pseudonym": false + "name": "subject" } ], - "maskOgnlValues": false + "extendedAttributes": [] }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "entryUUID": { - "source": { - "type": "ADAPTER" - }, - "value": "entryUUID" - }, - "uid": { - "source": { - "type": "ADAPTER" - }, - "value": "uid" + "targetApplicationInfo": { + "applicationName": "test", + "applicationIconUrl": "https://test.com" + } + } + ] + }, + { + "resourceType": "/idpToSpAdapterMapping", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "ADAPTER" }, - "mail": { - "source": { - "type": "ADAPTER" - }, - "value": "mail" - }, - "policy.action": { - "source": { - "type": "ADAPTER" - }, - "value": "policy.action" - }, - "givenName": { - "source": { - "type": "ADAPTER" - }, - "value": "givenName" - }, - "sn": { - "source": { - "type": "ADAPTER" - }, - "value": "sn" - }, - "username": { - "source": { - "type": "ADAPTER" - }, - "value": "username" + "value": "entryUUID" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "ciamHtmlForm|spadapter", + "sourceId": "ciamHtmlForm", + "targetId": "spadapter" + } + ] + }, + { + "resourceType": "/sp/authenticationPolicyContractMappings", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "NO_MAPPING" } - }, - "issuanceCriteria": { - "conditionalCriteria": [] } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "wIdHhK789PmadmMS|spadapter", + "sourceId": "wIdHhK789PmadmMS", + "targetId": "spadapter" + } + ] + }, + { + "resourceType": "/identityStoreProvisioners", + "operationType": "SAVE", + "items": [ + { + "id": "ISPTestID", + "name": "ISP TestName", + "pluginDescriptorRef": { + "id": "com.pingidentity.identitystoreprovisioners.sample.SampleIdentityStoreProvisioner", + "location": "https://localhost:9999/pf-admin-api/v1/identityStoreProvisioners/descriptors/com.pingidentity.identitystoreprovisioners.sample.SampleIdentityStoreProvisioner" + }, + "configuration": { + "tables": [], + "fields": [ + { + "name": "Delete user behavior", + "value": "Disable User" + } + ] + }, + "lastModified": "2025-01-02T19:37:47.776Z", + "attributeContract": { + "coreAttributes": [ + { + "name": "username" + } + ], + "inherited": false + }, + "groupAttributeContract": { + "coreAttributes": [ + { + "name": "groupname" + } + ], + "inherited": false } - }, + } + ] + }, + { + "resourceType": "/idp/tokenProcessors", + "operationType": "SAVE", + "items": [ { - "id": "htmlForm", - "name": "Employee HTML Form", + "id": "UsernameTokenProcessor", + "name": "UsernameTokenProcessor", "pluginDescriptorRef": { - "id": "com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/idp/adapters/descriptors/com.pingidentity.adapters.htmlform.idp.HtmlFormIdpAuthnAdapter" + "id": "com.pingidentity.pf.tokenprocessors.username.UsernameTokenProcessor", + "location": "https://localhost:9999/pf-admin-api/v1/idp/tokenProcessors/descriptors/com.pingidentity.pf.tokenprocessors.username.UsernameTokenProcessor" }, "configuration": { "tables": [ @@ -3404,7 +3156,16 @@ "fields": [ { "name": "Password Credential Validator Instance", - "value": "PDPCV" + "value": "pingdirectory" + } + ], + "defaultRow": false + }, + { + "fields": [ + { + "name": "Password Credential Validator Instance", + "value": "simple" } ], "defaultRow": false @@ -3414,433 +3175,1121 @@ ], "fields": [ { - "name": "Challenge Retries", + "name": "Authentication Attempts", "value": "3" - }, - { - "name": "Session State", - "value": "None" - }, + } + ] + }, + "lastModified": "2025-01-02T19:37:47.792Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Session Timeout", - "value": "60" - }, + "name": "username", + "masked": false + } + ], + "extendedAttributes": [], + "maskOgnlValues": false + } + }, + { + "id": "tokenprocessor", + "name": "token processor", + "pluginDescriptorRef": { + "id": "org.sourceid.wstrust.processor.saml.Saml20TokenProcessor", + "location": "https://localhost:9999/pf-admin-api/v1/idp/tokenProcessors/descriptors/org.sourceid.wstrust.processor.saml.Saml20TokenProcessor" + }, + "configuration": { + "tables": [ { - "name": "Session Max Timeout", - "value": "480" + "name": "Valid Certificate Issuer DNs", + "rows": [] }, { - "name": "Allow Password Changes", - "value": "false" - }, + "name": "Valid Certificate Subject DNs", + "rows": [] + } + ], + "fields": [ { - "name": "Password Management System", - "value": "" - }, + "name": "Audience", + "value": "audience" + } + ] + }, + "lastModified": "2025-01-02T19:37:47.807Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Enable 'Remember My Username'", - "value": "false" - }, + "name": "SAML_SUBJECT", + "masked": false + } + ], + "extendedAttributes": [], + "maskOgnlValues": false + } + } + ] + }, + { + "resourceType": "/sp/tokenGenerators", + "operationType": "SAVE", + "items": [ + { + "id": "tokengenerator", + "name": "token generator", + "pluginDescriptorRef": { + "id": "org.sourceid.wstrust.generator.saml.Saml20TokenGenerator", + "location": "https://localhost:9999/pf-admin-api/v1/sp/tokenGenerators/descriptors/org.sourceid.wstrust.generator.saml.Saml20TokenGenerator" + }, + "configuration": { + "tables": [], + "fields": [ { - "name": "Enable 'This is My Device'", - "value": "false" + "name": "Minutes Before", + "value": "60" }, { - "name": "Change Password Email Notification", - "value": "false" + "name": "Minutes After", + "value": "60" }, { - "name": "Show Password Expiring Warning", - "value": "false" + "name": "Issuer", + "value": "issuer" }, { - "name": "Password Reset Type", - "value": "NONE" + "name": "Signing Certificate", + "value": "tiq4n26axjircjk30oz5zf6k3" }, { - "name": "Password Reset Policy Contract", - "value": "" + "name": "Signing Algorithm", + "value": "SHA1" }, { - "name": "Account Unlock", + "name": "Include Certificate in KeyInfo", "value": "false" }, { - "name": "Local Identity Profile", - "value": "adminIdentityProfile" - }, - { - "name": "Notification Publisher", - "value": "" - }, - { - "name": "Enable Username Recovery", + "name": "Include Raw Key in KeyValue", "value": "false" }, { - "name": "Change Password Policy Contract", - "value": "" - }, - { - "name": "Revoke Sessions After Password Change Or Reset", - "value": "false" + "name": "Audience", + "value": "audience" }, { - "name": "Login Template", - "value": "html.form.login.template.html" + "name": "Confirmation Method", + "value": "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches" }, { - "name": "Logout Path", + "name": "Encryption Certificate", "value": "" }, { - "name": "Logout Redirect", + "name": "Message Customization Expression", "value": "" - }, + } + ] + }, + "lastModified": "2025-01-02T21:02:09.135Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Logout Template", - "value": "idp.logout.success.page.template.html" - }, - { - "name": "Change Password Template", - "value": "html.form.change.password.template.html" - }, - { - "name": "Change Password Message Template", - "value": "html.form.message.template.html" - }, - { - "name": "Password Management System Message Template", - "value": "html.form.message.template.html" - }, - { - "name": "Change Password Email Template", - "value": "message-template-end-user-password-change.html" + "name": "SAML_SUBJECT" + } + ], + "extendedAttributes": [] + } + } + ] + }, + { + "resourceType": "/tokenProcessorToTokenGeneratorMappings", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "SAML_SUBJECT": { + "source": { + "type": "CONTEXT" }, + "value": "ClientIp" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "tokenprocessor|tokengenerator", + "sourceId": "tokenprocessor", + "targetId": "tokengenerator" + } + ] + }, + { + "resourceType": "/idp/defaultUrls", + "operationType": "SAVE", + "items": [ + { + "confirmIdpSlo": false, + "idpErrorMsg": "errorDetail.idpSsoFailure" + } + ] + }, + { + "resourceType": "/sp/defaultUrls", + "operationType": "SAVE", + "items": [ + { + "confirmSlo": false + } + ] + }, + { + "resourceType": "/extendedProperties", + "operationType": "SAVE", + "items": [ + { + "name": "authNexp", + "description": "Authentication Experience [Single_Factor | Internal | ID-First | Multi_Factor]", + "multiValued": false + }, + { + "name": "useAuthnApi", + "description": "Use the AuthN API", + "multiValued": false + } + ] + }, + { + "resourceType": "/idp/stsRequestParametersContracts", + "operationType": "SAVE", + "items": [ + { + "id": "STSTestID", + "name": "STS TestName", + "parameters": [ + "test" + ], + "lastModified": "2025-01-02T19:37:47.913Z" + } + ] + }, + { + "resourceType": "/metadataUrls", + "operationType": "SAVE", + "items": [ + { + "id": "i8uUHFDebYX7Z7gSfyhZ9yKUA", + "name": "Test Metadata URL", + "url": "https://www.example.com", + "validateSignature": false + } + ] + }, + { + "resourceType": "/oauth/authServerSettings", + "operationType": "SAVE", + "items": [ + { + "defaultScopeDescription": "", + "scopes": [ + { + "name": "email", + "description": "email scope", + "dynamic": false + } + ], + "scopeGroups": [], + "exclusiveScopes": [], + "exclusiveScopeGroups": [], + "authorizationCodeTimeout": 60, + "authorizationCodeEntropy": 30, + "disallowPlainPKCE": false, + "includeIssuerInAuthorizationResponse": false, + "persistentGrantLifetime": -1, + "persistentGrantLifetimeUnit": "DAYS", + "persistentGrantIdleTimeout": 30, + "persistentGrantIdleTimeoutTimeUnit": "DAYS", + "refreshTokenLength": 42, + "rollRefreshTokenValues": false, + "refreshTokenRollingGracePeriod": 60, + "refreshRollingInterval": 0, + "refreshRollingIntervalTimeUnit": "HOURS", + "persistentGrantReuseGrantTypes": [ + "IMPLICIT" + ], + "persistentGrantContract": { + "extendedAttributes": [], + "coreAttributes": [ { - "name": "Expiring Password Warning Template", - "value": "html.form.password.expiring.notification.template.html" + "name": "USER_KEY" }, { - "name": "Threshold for Expiring Password Warning", - "value": "7" + "name": "USER_NAME" + } + ] + }, + "bypassAuthorizationForApprovedGrants": false, + "allowUnidentifiedClientROCreds": false, + "allowUnidentifiedClientExtensionGrants": false, + "tokenEndpointBaseUrl": "", + "requireOfflineAccessScopeToIssueRefreshTokens": false, + "offlineAccessRequireConsentPrompt": false, + "userAuthorizationUrl": "", + "registeredAuthorizationPath": "", + "pendingAuthorizationTimeout": 600, + "bypassActivationCodeConfirmation": false, + "devicePollingInterval": 5, + "activationCodeCheckMode": "AFTER_AUTHENTICATION", + "enableCookielessUserAuthorizationAuthenticationApi": false, + "userAuthorizationConsentPageSetting": "INTERNAL", + "atmIdForOAuthGrantManagement": "jwt", + "scopeForOAuthGrantManagement": "email", + "allowedOrigins": [], + "trackUserSessionsForLogout": false, + "parReferenceTimeout": 60, + "parReferenceLength": 24, + "parStatus": "ENABLED", + "clientSecretRetentionPeriod": 0, + "jwtSecuredAuthorizationResponseModeLifetime": 600, + "dpopProofRequireNonce": false, + "dpopProofLifetimeSeconds": 120, + "dpopProofEnforceReplayPrevention": false, + "bypassAuthorizationForApprovedConsents": false, + "consentLifetimeDays": -1 + } + ] + }, + { + "resourceType": "/sp/idpConnections", + "operationType": "SAVE", + "items": [ + { + "type": "IDP", + "id": "n26SCl49a8lB_ifAaLF_MyUbquv", + "name": "testConnection", + "entityId": "testPartnerId", + "active": true, + "contactInfo": {}, + "loggingMode": "STANDARD", + "virtualEntityIds": [], + "credentials": { + "certs": [ + { + "primaryVerificationCert": true, + "secondaryVerificationCert": false, + "certView": { + "id": "gpmlavn03e4mknkyml4m2ak9q", + "serialNumber": "430421198347763948001683365009287878912609754790", + "subjectDN": "CN=test, O=Ping Identity Corporation, L=Denver, ST=CO, C=US", + "subjectAlternativeNames": [], + "issuerDN": "CN=test, O=Ping Identity Corporation, L=Denver, ST=CO, C=US", + "validFrom": "2024-12-12T23:28:24.000Z", + "expires": "2027-09-08T23:28:24.000Z", + "keyAlgorithm": "RSA", + "keySize": 2048, + "signatureAlgorithm": "SHA256withRSA", + "version": 3, + "sha1Fingerprint": "B1B57BC2A8733287A1A9B65EB60BFFD01EFECEBA", + "sha256Fingerprint": "AA40F0AA0B7A438F15C49FA2A2EBE3B28AAB34A846781211BD170E8D7B06D291", + "status": "VALID" + }, + "x509File": { + "id": "gpmlavn03e4mknkyml4m2ak9q", + "fileData": "-----BEGIN CERTIFICATE-----\nMIIDnTCCAoWgAwIBAgIUS2TBCdRzpK4Zze+HDKjB9EQSHqYwDQYJKoZIhvcNAQELBQAwXjELMAkG\nA1UEBhMCVVMxCzAJBgNVBAgMAkNPMQ8wDQYDVQQHDAZEZW52ZXIxIjAgBgNVBAoMGVBpbmcgSWRl\nbnRpdHkgQ29ycG9yYXRpb24xDTALBgNVBAMMBHRlc3QwHhcNMjQxMjEyMjMyODI0WhcNMjcwOTA4\nMjMyODI0WjBeMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ08xDzANBgNVBAcMBkRlbnZlcjEiMCAG\nA1UECgwZUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbjENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBAJdoGurgDvSRBL2cIeUaCY3po5YDZnV1eyuOQTxQc6OT2JS0\n+40gJbJmfNrbcOSt+1DbxzP+Ixblkcz569VOC5lbROn38yeaMU32Xc/4DGSp1HCY/JfSygz/+qr8\n8YTqMaI21AbZnAiY5x0Rw56IDmJglXaXeVbCUJy7oPTyAoYYT93DJDk41Ze51UcTmUsTKN4K3gvv\nSaRuyq5+g6EXBq7AkeOnbP0bSHybN1KEV5BXNNpgk9h0Jw3PE+qkm/5nYRzxBf4RA/Agfv9esG9N\nz3XgDowAGBmxr+rU/na7pwEEudMh668DEDeRVwh1ZapYpBtVcxMHmdJPgFJrBlo6mMECAwEAAaNT\nMFEwHQYDVR0OBBYEFGJc3Z0j9kXPsTmmbgAsY/PK2cupMB8GA1UdIwQYMBaAFGJc3Z0j9kXPsTmm\nbgAsY/PK2cupMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJVBvcHhh+00gzQ0\npnZKtRJxvEg+pGh+B9E+5i2PsNGyIAvAXw4mdBcQZKxfiXM31ZE2ge1mP+4di11+PKYNH2E973PL\nJ+wGHeQZ1ETDG5fo79t0MG1RzHtGoirZW7v4BNUI6ZM2FjEaCOtZg1rUhkdIfqDx4CeNjzb0rhXI\nzXNTS4Y6VlxWArQnwAgqPtb5poJG3Mm/3f6uQg/l0LIKTY/GR6yQsNCkzTZQhrIpXj4RpqnX3QgD\n1IWToMon7ntp4gAP/lASM5/xm5Jzb6dmF+hoN073g02UeV2TDLze80+K+Xr1GZeeULuXNrhOEXDR\nytvube8OXPPY6/zCphVb21g=\n-----END CERTIFICATE-----\n" + }, + "encryptionCert": false, + "activeVerificationCert": true + } + ] + }, + "modificationDate": "2025-01-02T19:37:48.089Z", + "creationDate": "2025-01-02T19:37:48.089Z", + "wsTrust": { + "attributeContract": { + "coreAttributes": [ + { + "name": "TOKEN_SUBJECT", + "masked": false + } + ], + "extendedAttributes": [] + }, + "tokenGeneratorMappings": [], + "generateLocalToken": false + } + } + ] + }, + { + "resourceType": "/idp/spConnections", + "operationType": "SAVE", + "items": [ + { + "type": "SP", + "id": "iIoQK.-GWcXI5kLp4KDNxQqAhDF", + "name": "test", + "entityId": "test", + "active": true, + "contactInfo": {}, + "loggingMode": "STANDARD", + "virtualEntityIds": [], + "licenseConnectionGroup": "", + "credentials": { + "certs": [], + "signingSettings": { + "signingKeyPairRef": { + "id": "tiq4n26axjircjk30oz5zf6k3", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/signing/tiq4n26axjircjk30oz5zf6k3" }, + "algorithm": "SHA256withRSA", + "includeCertInSignature": false, + "includeRawKeyInSignature": false + } + }, + "modificationDate": "2025-01-02T21:01:44.089Z", + "creationDate": "2025-01-02T19:37:48.857Z", + "wsTrust": { + "partnerServiceIds": [ + "test" + ], + "oAuthAssertionProfiles": false, + "defaultTokenType": "SAML20", + "generateKey": false, + "encryptSaml2Assertion": false, + "minutesBefore": 5, + "minutesAfter": 30, + "attributeContract": { + "coreAttributes": [ + { + "name": "TOKEN_SUBJECT" + } + ], + "extendedAttributes": [] + }, + "tokenProcessorMappings": [ { - "name": "Snooze Interval for Expiring Password Warning", - "value": "24" + "attributeSources": [], + "attributeContractFulfillment": { + "TOKEN_SUBJECT": { + "source": { + "type": "NO_MAPPING" + } + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "idpTokenProcessorRef": { + "id": "tokenprocessor", + "location": "https://localhost:9999/pf-admin-api/v1/idp/tokenProcessors/tokenprocessor" + }, + "restrictedVirtualEntityIds": [] + } + ] + }, + "connectionTargetType": "STANDARD" + } + ] + }, + { + "resourceType": "/session/settings", + "operationType": "SAVE", + "items": [ + { + "trackAdapterSessionsForLogout": false, + "revokeUserSessionOnLogout": true, + "sessionRevocationLifetime": 490 + } + ] + }, + { + "resourceType": "/session/applicationSessionPolicy", + "operationType": "SAVE", + "items": [ + { + "idleTimeoutMins": 60, + "maxTimeoutMins": 480 + } + ] + }, + { + "resourceType": "/session/authenticationSessionPolicies/global", + "operationType": "SAVE", + "items": [ + { + "enableSessions": false, + "persistentSessions": false, + "hashUniqueUserKeyAttribute": false, + "idleTimeoutMins": 60, + "idleTimeoutDisplayUnit": "MINUTES", + "maxTimeoutMins": 480, + "maxTimeoutDisplayUnit": "MINUTES" + } + ] + }, + { + "resourceType": "/session/authenticationSessionPolicies", + "operationType": "SAVE", + "items": [ + { + "id": "UfdnqYjWycSeo2vZZgSYB3gpw", + "authenticationSource": { + "type": "IDP_ADAPTER", + "sourceRef": { + "id": "OTIdPJava", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/OTIdPJava" + } + }, + "enableSessions": false, + "userDeviceType": "PRIVATE", + "persistent": false, + "timeoutDisplayUnit": "MINUTES", + "authnContextSensitive": false + } + ] + }, + { + "resourceType": "/oauth/issuers", + "operationType": "SAVE", + "items": [ + { + "id": "BmoJwEmyzs4RSNMzVUlCs8qTPC", + "name": "Test Issuer", + "description": "test issuer", + "host": "localhost", + "path": "" + } + ] + }, + { + "resourceType": "/additionalKeySets", + "operationType": "SAVE", + "items": [ + { + "id": "testID", + "name": "testName", + "description": "testDescription", + "signingKeys": { + "rsaActiveCertRef": { + "id": "tiq4n26axjircjk30oz5zf6k3", + "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/signing/tiq4n26axjircjk30oz5zf6k3" + }, + "rsaPublishX5cParameter": true + }, + "issuers": [ + { + "id": "BmoJwEmyzs4RSNMzVUlCs8qTPC", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/issuers/BmoJwEmyzs4RSNMzVUlCs8qTPC" + } + ] + } + ] + }, + { + "resourceType": "/oauth/idpAdapterMappings", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "USER_NAME": { + "source": { + "type": "CONTEXT" }, - { - "name": "Login Challenge Template", - "value": "html.form.login.challenge.template.html" + "value": "OAuthScopes" + }, + "USER_KEY": { + "source": { + "type": "ADAPTER" }, - { - "name": "'Remember My Username' Lifetime", - "value": "30" + "value": "subject" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "OTIdPJava", + "idpAdapterRef": { + "id": "OTIdPJava", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/OTIdPJava" + } + } + ] + }, + { + "resourceType": "/oauth/authenticationPolicyContractMappings", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "USER_NAME": { + "source": { + "type": "CONTEXT" }, - { - "name": "'This is My Device' Lifetime", - "value": "30" + "value": "OAuthScopes" + }, + "USER_KEY": { + "source": { + "type": "AUTHENTICATION_POLICY_CONTRACT" }, + "value": "subject" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "QGxlec5CX693lBQL", + "authenticationPolicyContractRef": { + "id": "QGxlec5CX693lBQL", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/QGxlec5CX693lBQL" + } + } + ] + }, + { + "resourceType": "/oauth/outOfBandAuthPlugins", + "operationType": "SAVE", + "items": [ + { + "id": "exampleCibaAuthenticator", + "name": "exampleCibaAuthenticator", + "pluginDescriptorRef": { + "id": "com.pingidentity.oobauth.pingone.mfa.PingOneMfaCibaAuthenticator", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/outOfBandAuthPlugins/descriptors/com.pingidentity.oobauth.pingone.mfa.PingOneMfaCibaAuthenticator" + }, + "configuration": { + "tables": [ { - "name": "Allow Username Edits During Chaining", - "value": "false" - }, + "name": "PingOne Template Variables", + "rows": [] + } + ], + "fields": [ { - "name": "Track Authentication Time", - "value": "true" + "name": "PingOne Environment", + "value": "noeOvj5ltBnf4rcmtZAKdJ|f5901536-2b60-4d4a-a987-3d56aadad46d" }, { - "name": "Post-Password Change Re-Authentication Delay", - "value": "0" + "name": "Application", + "value": "2a7c1b5d-415b-4fb5-a6c0-1e290f776785" }, { - "name": "Password Reset Username Template", - "value": "forgot-password.html" + "name": "PingOne Authentication Policy", + "value": "" }, { - "name": "Password Reset Code Template", - "value": "forgot-password-resume.html" + "name": "Test Username", + "value": "" }, { - "name": "Password Reset Template", - "value": "forgot-password-change.html" + "name": "PingOne Template Name", + "value": "transaction" }, { - "name": "Password Reset Error Template", - "value": "forgot-password-error.html" + "name": "PingOne Template Variant", + "value": "" }, { - "name": "Password Reset Success Template", - "value": "forgot-password-success.html" + "name": "Client Context", + "value": "#*\nDefine additional key/value pairs to be received at the mobile application.\nThe following variables are available by default:\n\n$oobAuthRequestContext - Context for the out-of-band authentication/authorization request\n$languagePackMessages - The language-pack file configured for this authenticator\n$subject - The user's PingOne username or user ID.\n$JSONValue - A JSON utility class that can be used to escape text and convert objects to JSON.\n Methods:\n escape(String s) - Escape quotes, \\, /, \\r, \\n, \\b, \\f, \\t and other control characters (U+0000 through U+001F).\n toJSONString(Object value) - Convert an object to JSON text.\n\nAdditionally, any Extended Contract attributes are also available using the $name syntax.\n\nExample:\n\n{\n \"requestingApplicationName\": \"$JSONValue.escape($oobAuthRequestContext.requestingApplication.name)\",\n \"requestedScope\": $JSONValue.toJSONString($oobAuthRequestContext.requestedScope.values()),\n \"amount\": \"$JSONValue.escape($amount)\",\n \"alert.color\": \"red\"\n}\n*#" }, { - "name": "Account Unlock Template", - "value": "account-unlock.html" + "name": "Messages Files", + "value": "pingone-mfa-messages" }, { - "name": "OTP Length", - "value": "8" + "name": "API Request Timeout", + "value": "12000" }, { - "name": "OTP Time to Live", - "value": "10" + "name": "Proxy Settings", + "value": "System Defaults" }, { - "name": "PingID Properties", + "name": "Custom Proxy Host", "value": "" }, { - "name": "Require Verified Email", - "value": "false" - }, - { - "name": "Username Recovery Template", - "value": "username.recovery.template.html" - }, + "name": "Custom Proxy Port", + "value": "" + } + ] + }, + "lastModified": "2025-01-02T19:37:50.470Z", + "attributeContract": { + "coreAttributes": [ { - "name": "Username Recovery Info Template", - "value": "username.recovery.info.template.html" - }, + "name": "subject" + } + ], + "extendedAttributes": [] + } + } + ] + }, + { + "resourceType": "/oauth/cibaServerPolicy/requestPolicies", + "operationType": "SAVE", + "items": [ + { + "id": "exampleCibaReqPolicy", + "name": "exampleCibaReqPolicy", + "authenticatorRef": { + "id": "exampleCibaAuthenticator", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/outOfBandAuthPlugins/exampleCibaAuthenticator" + }, + "transactionLifetime": 120, + "allowUnsignedLoginHintToken": false, + "requireTokenForIdentityHint": false, + "alternativeLoginHintTokenIssuers": [], + "identityHintContract": { + "coreAttributes": [ { - "name": "Username Recovery Email Template", - "value": "message-template-username-recovery.html" + "name": "IDENTITY_HINT_SUBJECT" + } + ], + "extendedAttributes": [] + }, + "identityHintContractFulfillment": { + "attributeSources": [], + "attributeContractFulfillment": { + "IDENTITY_HINT_SUBJECT": { + "source": { + "type": "REQUEST" + }, + "value": "IDENTITY_HINT_SUBJECT" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + }, + "identityHintMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "NO_MAPPING" + } }, + "USER_KEY": { + "source": { + "type": "NO_MAPPING" + } + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + }, + "lastModified": "2025-01-02T19:37:50.507Z" + } + ] + }, + { + "resourceType": "/oauth/cibaServerPolicy/settings", + "operationType": "SAVE", + "items": [ + { + "defaultRequestPolicyRef": { + "id": "exampleCibaReqPolicy", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/cibaServerPolicy/requestPolicies/exampleCibaReqPolicy" + } + } + ] + }, + { + "resourceType": "/oauth/openIdConnect/policies", + "operationType": "SAVE", + "items": [ + { + "id": "test-openid-connect-policy", + "name": "Test OpenID Connect Policy", + "idTokenLifetime": 5, + "attributeContract": { + "coreAttributes": [ { - "name": "CAPTCHA for Authentication", - "value": "false" - }, + "name": "sub", + "multiValued": false + } + ], + "extendedAttributes": [] + }, + "attributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "sub": { + "source": { + "type": "TOKEN" + }, + "value": "OrgName" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + }, + "includeSriInIdToken": false, + "includeUserInfoInIdToken": false, + "includeSHashInIdToken": false, + "includeX5tInIdToken": false, + "idTokenTypHeaderValue": "", + "returnIdTokenOnRefreshGrant": false, + "reissueIdTokenInHybridFlow": false, + "accessTokenManagerRef": { + "id": "jwt", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/jwt" + }, + "scopeAttributeMappings": {}, + "lastModified": "2025-01-02T19:37:50.605Z" + } + ] + }, + { + "resourceType": "/oauth/openIdConnect/settings", + "operationType": "SAVE", + "items": [ + { + "defaultPolicyRef": { + "id": "test-openid-connect-policy", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/openIdConnect/policies/test-openid-connect-policy" + }, + "sessionSettings": { + "trackUserSessionsForLogout": false, + "revokeUserSessionOnLogout": true, + "sessionRevocationLifetime": 490 + } + } + ] + }, + { + "resourceType": "/oauth/tokenExchange/processor/policies", + "operationType": "SAVE", + "items": [ + { + "id": "tokenexchangeprocessorpolicy", + "name": "tokenexchangeprocessorpolicy", + "actorTokenRequired": false, + "attributeContract": { + "coreAttributes": [ { - "name": "CAPTCHA for Password change", - "value": "false" + "name": "subject" + } + ], + "extendedAttributes": [] + }, + "processorMappings": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "TEXT" + }, + "value": "value" + } }, - { - "name": "CAPTCHA for Password Reset", - "value": "false" + "issuanceCriteria": { + "conditionalCriteria": [ + { + "errorResult": "error", + "source": { + "type": "CONTEXT" + }, + "attributeName": "ClientIp", + "condition": "EQUALS", + "value": "value" + } + ] }, - { - "name": "CAPTCHA for Username recovery", - "value": "false" + "subjectTokenType": "urn:ietf:params:oauth:token-type:saml2", + "subjectTokenProcessor": { + "id": "tokenprocessor", + "location": "https://localhost:9999/pf-admin-api/v1/idp/tokenProcessors/tokenprocessor" }, - { - "name": "Password Update Timeout", - "value": "30" + "actorTokenType": "", + "actorTokenProcessor": {} + } + ] + } + ] + }, + { + "resourceType": "/oauth/tokenExchange/processor/settings", + "operationType": "SAVE", + "items": [ + { + "defaultProcessorPolicyRef": { + "id": "tokenexchangeprocessorpolicy", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/tokenExchange/processor/policies/tokenexchangeprocessorpolicy" + } + } + ] + }, + { + "resourceType": "/oauth/tokenExchange/generator/groups", + "operationType": "SAVE", + "items": [ + { + "id": "exampleGeneratorGroup", + "name": "exampleGeneratorGroup", + "resourceUris": [], + "generatorMappings": [ + { + "requestedTokenType": "urn:ietf:params:oauth:token-type:saml2", + "tokenGenerator": { + "id": "tokengenerator", + "location": "https://localhost:9999/pf-admin-api/v1/sp/tokenGenerators/tokengenerator" }, - { - "name": "Require Re-Authentication For Expiring Password Flow", - "value": "false" + "defaultMapping": true + } + ] + }, + { + "id": "exampleGeneratorGroup2", + "name": "exampleGeneratorGroup2", + "resourceUris": [], + "generatorMappings": [ + { + "requestedTokenType": "urn:ietf:params:oauth:token-type:saml2", + "tokenGenerator": { + "id": "tokengenerator", + "location": "https://localhost:9999/pf-admin-api/v1/sp/tokenGenerators/tokengenerator" }, - { - "name": "Require Re-Authentication for Change Password Flow", - "value": "true" + "defaultMapping": true + } + ] + } + ] + }, + { + "resourceType": "/oauth/tokenExchange/generator/settings", + "operationType": "SAVE", + "items": [ + { + "defaultGeneratorGroupRef": { + "id": "exampleGeneratorGroup", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/tokenExchange/generator/groups/exampleGeneratorGroup" + } + } + ] + }, + { + "resourceType": "/oauth/tokenExchange/tokenGeneratorMappings", + "operationType": "SAVE", + "items": [ + { + "attributeSources": [], + "attributeContractFulfillment": { + "SAML_SUBJECT": { + "source": { + "type": "CONTEXT" }, + "value": "OAuthScopes" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "tokenexchangeprocessorpolicy|tokengenerator", + "sourceId": "tokenexchangeprocessorpolicy", + "targetId": "tokengenerator" + } + ] + }, + { + "resourceType": "/oauth/clients", + "operationType": "SAVE", + "items": [ + { + "clientId": "test", + "enabled": true, + "redirectUris": [], + "grantTypes": [ + "CLIENT_CREDENTIALS", + "ACCESS_TOKEN_VALIDATION" + ], + "name": "test", + "modificationDate": "2025-01-02T19:37:50.760Z", + "creationDate": "2025-01-02T19:37:50.760Z", + "refreshRolling": "SERVER_DEFAULT", + "refreshTokenRollingIntervalType": "SERVER_DEFAULT", + "persistentGrantExpirationType": "SERVER_DEFAULT", + "persistentGrantExpirationTime": 0, + "persistentGrantExpirationTimeUnit": "DAYS", + "persistentGrantIdleTimeoutType": "SERVER_DEFAULT", + "persistentGrantIdleTimeout": 0, + "persistentGrantIdleTimeoutTimeUnit": "DAYS", + "persistentGrantReuseType": "SERVER_DEFAULT", + "allowAuthenticationApiInit": false, + "enableCookielessAuthenticationApi": false, + "bypassApprovalPage": false, + "restrictScopes": false, + "requirePushedAuthorizationRequests": false, + "requireJwtSecuredAuthorizationResponseMode": false, + "restrictedScopes": [], + "exclusiveScopes": [], + "restrictedResponseTypes": [], + "authorizationDetailTypes": [], + "defaultAccessTokenManagerRef": { + "id": "jwt", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/jwt" + }, + "restrictToDefaultAccessTokenManager": false, + "validateUsingAllEligibleAtms": false, + "oidcPolicy": { + "grantAccessSessionRevocationApi": false, + "grantAccessSessionSessionManagementApi": false, + "logoutMode": "NONE", + "pingAccessLogoutCapable": false, + "pairwiseIdentifierUserType": false + }, + "clientAuth": { + "type": "SECRET", + "encryptedSecret": "OBF:JWE:eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiUWVzOVR5eTV5WiIsInZlcnNpb24iOiIxMi4xLjQuMCJ9..7DwuTz2jKYLtp6DY5xB6ag.Ur20BDlEYLMrRM6yXNbvp5cdnRta7QafBHU1wXw5VU1ba7oERgsMG0buE2L2JxF8W1ZKNM-o2RcWGunpD9nUJVhicoPokdUeFRCdnOp3EU0.rJnSYiuhQUytZKK4ISjDhA", + "secondarySecrets": [] + }, + "deviceFlowSettingType": "SERVER_DEFAULT", + "requireProofKeyForCodeExchange": false, + "refreshTokenRollingGracePeriodType": "SERVER_DEFAULT", + "clientSecretRetentionPeriodType": "SERVER_DEFAULT", + "requireDpop": false, + "requireOfflineAccessScopeToIssueRefreshTokens": "SERVER_DEFAULT", + "offlineAccessRequireConsentPrompt": "SERVER_DEFAULT", + "requireSignedRequests": false + } + ] + }, + { + "resourceType": "/oauth/clientRegistrationPolicies", + "operationType": "SAVE", + "items": [ + { + "id": "testRegistrationPolicy", + "name": "Test Registration Policy", + "pluginDescriptorRef": { + "id": "com.pingidentity.pf.client.registration.ResponseTypesConstraintsPlugin", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/clientRegistrationPolicies/descriptors/com.pingidentity.pf.client.registration.ResponseTypesConstraintsPlugin" + }, + "configuration": { + "tables": [], + "fields": [ { - "name": "Require Re-Authentication for Password Reset Flow", + "name": "code", "value": "true" }, { - "name": "Password Reset One-Time Link Email Template", - "value": "message-template-forgot-password-link.html" - }, - { - "name": "Password Reset One-Time Password Email Template", - "value": "message-template-forgot-password-code.html" - }, - { - "name": "Account Disabled Email Template", - "value": "message-template-account-disabled.html" - }, - { - "name": "Password Reset Complete Email Template", - "value": "message-template-forgot-password-complete.html" + "name": "code id_token", + "value": "true" }, { - "name": "Password Reset Failed Email Template", - "value": "message-template-forgot-password-failed.html" + "name": "code id_token token", + "value": "true" }, { - "name": "Account Unlock Email Template", - "value": "message-template-account-unlock-complete.html" + "name": "code token", + "value": "true" }, { - "name": "Allowed OTP Character Set", - "value": "23456789BCDFGHJKMNPQRSTVWXZbcdfghjkmnpqrstvwxz" + "name": "id_token", + "value": "true" }, { - "name": "CAPTCHA Provider", - "value": "" + "name": "id_token token", + "value": "true" }, { - "name": "Fail Authentication on Account Lockout", + "name": "token", "value": "true" } ] }, - "attributeContract": { - "coreAttributes": [ - { - "name": "policy.action", - "masked": false, - "pseudonym": false - }, - { - "name": "username", - "masked": false, - "pseudonym": true - } - ], - "extendedAttributes": [ - { - "name": "entryUUID", - "masked": false, - "pseudonym": false - }, - { - "name": "uid", - "masked": false, - "pseudonym": false - }, - { - "name": "mail", - "masked": false, - "pseudonym": false - }, - { - "name": "givenName", - "masked": false, - "pseudonym": false - }, - { - "name": "cn", - "masked": false, - "pseudonym": false - }, - { - "name": "sn", - "masked": false, - "pseudonym": false - } - ], - "maskOgnlValues": false - }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "entryUUID": { - "source": { - "type": "ADAPTER" - }, - "value": "entryUUID" - }, - "uid": { - "source": { - "type": "ADAPTER" - }, - "value": "uid" - }, - "mail": { - "source": { - "type": "ADAPTER" - }, - "value": "mail" - }, - "policy.action": { - "source": { - "type": "ADAPTER" - }, - "value": "policy.action" - }, - "givenName": { - "source": { - "type": "ADAPTER" - }, - "value": "givenName" - }, - "cn": { - "source": { - "type": "ADAPTER" - }, - "value": "cn" - }, - "sn": { - "source": { - "type": "ADAPTER" - }, - "value": "sn" - }, - "username": { - "source": { - "type": "ADAPTER" - }, - "value": "username" - } + "lastModified": "2025-01-02T19:37:50.792Z" + } + ] + }, + { + "resourceType": "/oauth/clientSettings", + "operationType": "SAVE", + "items": [ + { + "clientMetadata": [ + { + "parameter": "authNexp", + "description": "Authentication Experience [Single_Factor | Internal | ID-First | Multi_Factor]", + "multiValued": false }, - "issuanceCriteria": { - "conditionalCriteria": [] + { + "parameter": "useAuthnApi", + "description": "Use the AuthN API", + "multiValued": false } - } + ] } ] }, { - "resourceType": "/oauth/openIdConnect/policies", + "resourceType": "/oauth/accessTokenMappings", "operationType": "SAVE", "items": [ { - "id": "test-openid-connect-policy", - "name": "Test OpenID Connect Policy", - "idTokenLifetime": 5, - "attributeContract": { - "coreAttributes": [ - { - "name": "sub", - "multiValued": false - } - ], - "extendedAttributes": [] - }, - "attributeMapping": { - "attributeSources": [], - "attributeContractFulfillment": { - "sub": { - "source": { - "type": "TOKEN" - }, - "value": "OrgName" - } + "attributeSources": [], + "attributeContractFulfillment": { + "Username": { + "source": { + "type": "TEXT" + }, + "value": "Administrator" }, - "issuanceCriteria": { - "conditionalCriteria": [] + "OrgName": { + "source": { + "type": "TEXT" + }, + "value": "Ping" } }, - "includeSriInIdToken": false, - "includeUserInfoInIdToken": false, - "includeSHashInIdToken": false, - "includeX5tInIdToken": false, - "idTokenTypHeaderValue": "", - "returnIdTokenOnRefreshGrant": false, - "reissueIdTokenInHybridFlow": false, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "client_credentials|jwt", + "context": { + "type": "CLIENT_CREDENTIALS" + }, "accessTokenManagerRef": { "id": "jwt", "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/jwt" - }, - "scopeAttributeMappings": {}, - "lastModified": "2024-09-24T17:02:21.741Z" - } - ] - }, - { - "resourceType": "/extendedProperties", - "operationType": "SAVE", - "items": [ - { - "name": "authNexp", - "description": "Authentication Experience [Single_Factor | Internal | ID-First | Multi_Factor]", - "multiValued": false + } }, { - "name": "useAuthnApi", - "description": "Use the AuthN API", - "multiValued": false + "attributeSources": [], + "attributeContractFulfillment": { + "Username": { + "source": { + "type": "TEXT" + }, + "value": "Administrator" + }, + "OrgName": { + "source": { + "type": "TEXT" + }, + "value": "Ping" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + }, + "id": "default|jwt", + "context": { + "type": "DEFAULT" + }, + "accessTokenManagerRef": { + "id": "jwt", + "location": "https://localhost:9999/pf-admin-api/v1/oauth/accessTokenManagers/jwt" + } } ] }, @@ -3853,7 +4302,7 @@ "name": "AuthN Experiences", "pluginDescriptorRef": { "id": "com.pingidentity.pf.selectors.ExtendedPropertyAuthnSelector", - "location": "https://${PF_ADMIN_PUBLIC_HOSTNAME}:${PF_ADMIN_PUBLIC_PORT_HTTPS}/pf-admin-api/v1/authenticationSelectors/descriptors/com.pingidentity.pf.selectors.ExtendedPropertyAuthnSelector" + "location": "https://localhost:9999/pf-admin-api/v1/authenticationSelectors/descriptors/com.pingidentity.pf.selectors.ExtendedPropertyAuthnSelector" }, "configuration": { "tables": [], @@ -3872,149 +4321,412 @@ } ] }, - "attributeContract": { - "extendedAttributes": [ + "lastModified": "2025-01-02T19:37:50.879Z", + "attributeContract": { + "extendedAttributes": [ + { + "name": "Single_Factor" + }, + { + "name": "Internal" + } + ] + } + } + ] + }, + { + "resourceType": "/authenticationApi", + "operationType": "SAVE", + "items": [ + { + "id": "myauthenticationapiapplication", + "url": "https://example.com", + "description": "example", + "additionalAllowedOrigins": [], + "name": "myauthenticationapiapplication" + } + ] + }, + { + "resourceType": "/authenticationApi/settings", + "operationType": "SAVE", + "items": [ + { + "apiEnabled": false, + "enableApiDescriptions": true, + "restrictAccessToRedirectlessMode": true, + "includeRequestContext": false + } + ] + }, + { + "resourceType": "/authenticationPolicies/fragments", + "operationType": "SAVE", + "items": [ + { + "id": "FirstFactor", + "name": "First_Factor", + "description": "Used for Customer First Factor", + "rootNode": { + "action": { + "type": "AUTHN_SOURCE", + "authenticationSource": { + "type": "IDP_ADAPTER", + "sourceRef": { + "id": "ciamHtmlForm", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/ciamHtmlForm" + } + }, + "attributeRules": { + "items": [ + { + "attributeSource": { + "type": "ADAPTER", + "id": "ciamHtmlForm" + }, + "attributeName": "policy.action", + "condition": "EQUALS_CASE_INSENSITIVE", + "expectedValue": "identity.registration", + "result": "Register" + } + ], + "fallbackToSuccess": true + } + }, + "children": [ + { + "action": { + "type": "DONE", + "context": "Fail" + } + }, + { + "action": { + "type": "LOCAL_IDENTITY_MAPPING", + "context": "Register", + "localIdentityRef": { + "id": "regIdentityProfile", + "location": "https://localhost:9999/pf-admin-api/v1/localIdentity/identityProfiles/regIdentityProfile" + }, + "inboundMapping": { + "attributeSources": [], + "attributeContractFulfillment": {}, + "issuanceCriteria": { + "conditionalCriteria": [] + } + }, + "outboundAttributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "firstName": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "firstName" + }, + "lastName": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "lastName" + }, + "ImmutableID": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "ImmutableID" + }, + "mail": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "email" + }, + "subject": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "username" + }, + "SAML_AUTHN_CTX": { + "source": { + "type": "TEXT" + }, + "value": "registered" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + } + } + }, + { + "action": { + "type": "LOCAL_IDENTITY_MAPPING", + "context": "Success", + "localIdentityRef": { + "id": "regIdentityProfile", + "location": "https://localhost:9999/pf-admin-api/v1/localIdentity/identityProfiles/regIdentityProfile" + }, + "inboundMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "pf.local.identity.unique.id": { + "source": { + "type": "ADAPTER", + "id": "ciamHtmlForm" + }, + "value": "uid" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + }, + "outboundAttributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "firstName": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "firstName" + }, + "lastName": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "lastName" + }, + "ImmutableID": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "ImmutableID" + }, + "mail": { + "source": { + "type": "LOCAL_IDENTITY_PROFILE", + "id": "regIdentityProfile" + }, + "value": "email" + }, + "subject": { + "source": { + "type": "ADAPTER", + "id": "ciamHtmlForm" + }, + "value": "username" + }, + "SAML_AUTHN_CTX": { + "source": { + "type": "TEXT" + }, + "value": "single_factor" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + } + } + } + ] + }, + "inputs": { + "id": "DkhZxRcZchsed90U", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" + }, + "outputs": { + "id": "samplePolicyContract", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/samplePolicyContract" + } + }, + { + "id": "Identify_First", + "name": "Identify_First", + "description": "Used for First Factors that just use the User Identifier", + "rootNode": { + "action": { + "type": "AUTHN_SOURCE", + "authenticationSource": { + "type": "IDP_ADAPTER", + "sourceRef": { + "id": "IDFirst", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/IDFirst" + } + }, + "inputUserIdMapping": { + "source": { + "type": "INPUTS", + "id": "Inputs" + }, + "value": "subject" + }, + "userIdAuthenticated": false + }, + "children": [ { - "name": "Single_Factor" + "action": { + "type": "DONE", + "context": "Fail" + } }, { - "name": "Internal" + "action": { + "type": "APC_MAPPING", + "context": "Success", + "authenticationPolicyContractRef": { + "id": "DkhZxRcZchsed90U", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" + }, + "attributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "subject": { + "source": { + "type": "ADAPTER", + "id": "IDFirst" + }, + "value": "uid" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + } + } } ] + }, + "inputs": { + "id": "DkhZxRcZchsed90U", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" + }, + "outputs": { + "id": "DkhZxRcZchsed90U", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" } - } - ] - }, - { - "resourceType": "/certificates/revocation/ocspCertificates", - "operationType": "SAVE", - "items": [ - { - "id": "opcey20sf9djwvk8snv1actzq", - "fileData": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURuVENDQW9XZ0F3SUJBZ0lVUzJUQkNkUnpwSzRaemUrSERLakI5RVFTSHFZd0RRWUpLb1pJaHZjTkFRRUxCUUF3WGpFTE1Ba0cKQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWtOUE1ROHdEUVlEVlFRSERBWkVaVzUyWlhJeElqQWdCZ05WQkFvTUdWQnBibWNnU1dSbApiblJwZEhrZ1EyOXljRzl5WVhScGIyNHhEVEFMQmdOVkJBTU1CSFJsYzNRd0hoY05NalF4TWpFeU1qTXlPREkwV2hjTk1qY3dPVEE0Ck1qTXlPREkwV2pCZU1Rc3dDUVlEVlFRR0V3SlZVekVMTUFrR0ExVUVDQXdDUTA4eER6QU5CZ05WQkFjTUJrUmxiblpsY2pFaU1DQUcKQTFVRUNnd1pVR2x1WnlCSlpHVnVkR2wwZVNCRGIzSndiM0poZEdsdmJqRU5NQXNHQTFVRUF3d0VkR1Z6ZERDQ0FTSXdEUVlKS29aSQpodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUpkb0d1cmdEdlNSQkwyY0llVWFDWTNwbzVZRFpuVjFleXVPUVR4UWM2T1QySlMwCis0MGdKYkptZk5yYmNPU3QrMURieHpQK0l4YmxrY3o1NjlWT0M1bGJST24zOHllYU1VMzJYYy80REdTcDFIQ1kvSmZTeWd6LytxcjgKOFlUcU1hSTIxQWJabkFpWTV4MFJ3NTZJRG1KZ2xYYVhlVmJDVUp5N29QVHlBb1lZVDkzREpEazQxWmU1MVVjVG1Vc1RLTjRLM2d2dgpTYVJ1eXE1K2c2RVhCcTdBa2VPbmJQMGJTSHliTjFLRVY1QlhOTnBnazloMEp3M1BFK3FrbS81bllSenhCZjRSQS9BZ2Z2OWVzRzlOCnozWGdEb3dBR0JteHIrclUvbmE3cHdFRXVkTWg2NjhERURlUlZ3aDFaYXBZcEJ0VmN4TUhtZEpQZ0ZKckJsbzZtTUVDQXdFQUFhTlQKTUZFd0hRWURWUjBPQkJZRUZHSmMzWjBqOWtYUHNUbW1iZ0FzWS9QSzJjdXBNQjhHQTFVZEl3UVlNQmFBRkdKYzNaMGo5a1hQc1RtbQpiZ0FzWS9QSzJjdXBNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSlZCdmNIaGgrMDBnelEwCnBuWkt0Ukp4dkVnK3BHaCtCOUUrNWkyUHNOR3lJQXZBWHc0bWRCY1FaS3hmaVhNMzFaRTJnZTFtUCs0ZGkxMStQS1lOSDJFOTczUEwKSit3R0hlUVoxRVRERzVmbzc5dDBNRzFSekh0R29pclpXN3Y0Qk5VSTZaTTJGakVhQ090WmcxclVoa2RJZnFEeDRDZU5qemIwcmhYSQp6WE5UUzRZNlZseFdBclFud0FncVB0YjVwb0pHM01tLzNmNnVRZy9sMExJS1RZL0dSNnlRc05Da3pUWlFocklwWGo0UnBxblgzUWdECjFJV1RvTW9uN250cDRnQVAvbEFTTTUveG01SnpiNmRtRitob04wNzNnMDJVZVYyVERMemU4MCtLK1hyMUdaZWVVTHVYTnJoT0VYRFIKeXR2dWJlOE9YUFBZNi96Q3BoVmIyMWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" - } - ] - }, - { - "resourceType": "/certificates/revocation/settings", - "operationType": "SAVE", - "items": [ - { - "ocspSettings": { - "requesterAddNonce": false, - "actionOnResponderUnavailable": "CONTINUE", - "actionOnStatusUnknown": "FAIL", - "actionOnUnsuccessfulResponse": "FAIL", - "currentUpdateGracePeriod": 5, - "nextUpdateGracePeriod": 5, - "responseCachePeriod": 48, - "responderTimeout": 5, - "responderCertReference": { - "id": "opcey20sf9djwvk8snv1actzq", - "location": "https://localhost:9999/pf-admin-api/v1/certificates/revocation/ocspCertificates/opcey20sf9djwvk8snv1actzq" - } - } - } - ] - }, - { - "resourceType": "/identityStoreProvisioners", - "operationType": "SAVE", - "items": [ + }, { - "id": "ISPTestID", - "name": "ISP TestName", - "pluginDescriptorRef": { - "id": "com.pingidentity.identitystoreprovisioners.sample.SampleIdentityStoreProvisioner", - "location": "https://localhost:9999/pf-admin-api/v1/identityStoreProvisioners/descriptors/com.pingidentity.identitystoreprovisioners.sample.SampleIdentityStoreProvisioner" - }, - "configuration": { - "tables": [], - "fields": [ + "id": "InternalAuthN", + "name": "Internal AuthN", + "description": "Used for Internal Authentication", + "rootNode": { + "action": { + "type": "AUTHN_SOURCE", + "authenticationSource": { + "type": "IDP_ADAPTER", + "sourceRef": { + "id": "htmlForm", + "location": "https://localhost:9999/pf-admin-api/v1/idp/adapters/htmlForm" + } + } + }, + "children": [ { - "name": "Delete user behavior", - "value": "Disable User" + "action": { + "type": "DONE", + "context": "Fail" + } + }, + { + "action": { + "type": "APC_MAPPING", + "context": "Success", + "authenticationPolicyContractRef": { + "id": "default", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/default" + }, + "attributeMapping": { + "attributeSources": [], + "attributeContractFulfillment": { + "firstName": { + "source": { + "type": "NO_MAPPING" + } + }, + "lastName": { + "source": { + "type": "NO_MAPPING" + } + }, + "ImmutableID": { + "source": { + "type": "ADAPTER", + "id": "htmlForm" + }, + "value": "entryUUID" + }, + "mail": { + "source": { + "type": "ADAPTER", + "id": "htmlForm" + }, + "value": "mail" + }, + "subject": { + "source": { + "type": "ADAPTER", + "id": "htmlForm" + }, + "value": "uid" + }, + "SAML_AUTHN_CTX": { + "source": { + "type": "TEXT" + }, + "value": "internal" + } + }, + "issuanceCriteria": { + "conditionalCriteria": [] + } + } + } } ] }, - "lastModified": "2024-12-13T18:45:28.156Z", - "attributeContract": { - "coreAttributes": [ - { - "name": "username" - } - ], - "inherited": false + "inputs": { + "id": "DkhZxRcZchsed90U", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/DkhZxRcZchsed90U" }, - "groupAttributeContract": { - "coreAttributes": [ - { - "name": "groupname" - } - ], - "inherited": false + "outputs": { + "id": "default", + "location": "https://localhost:9999/pf-admin-api/v1/authenticationPolicyContracts/default" } } ] }, { - "resourceType": "/idp/stsRequestParametersContracts", - "operationType": "SAVE", - "items": [ - { - "id": "STSTestID", - "name": "STS TestName", - "parameters": [ - "test" - ], - "lastModified": "2024-12-13T18:59:29.324Z" - } - ] - }, - { - "resourceType": "/idpToSpAdapterMapping", + "resourceType": "/authenticationPolicies/default", "operationType": "SAVE", "items": [ { - "attributeSources": [], - "attributeContractFulfillment": { - "subject": { - "source": { - "type": "ADAPTER" - }, - "value": "entryUUID" - } - }, - "issuanceCriteria": { - "conditionalCriteria": [] - }, - "id": "ciamHtmlForm|spadapter", - "sourceId": "ciamHtmlForm", - "targetId": "spadapter" + "failIfNoSelection": false, + "authnSelectionTrees": [], + "defaultAuthenticationSources": [], + "trackedHttpParameters": [] } ] }, { - "resourceType": "/additionalKeySets", + "resourceType": "/authenticationPolicies/settings", "operationType": "SAVE", "items": [ { - "id": "testID", - "name": "testName", - "description": "testDescription", - "signingKeys": { - "rsaActiveCertRef": { - "id": "419x9yg43rlawqwq9v6az997k", - "location": "https://localhost:9999/pf-admin-api/v1/keyPairs/signing/419x9yg43rlawqwq9v6az997k" - }, - "rsaPublishX5cParameter": true - }, - "issuers": [ - { - "id": "BmoJwEmyzs4RSNMzVUlCs8qTPC", - "location": "https://localhost:9999/pf-admin-api/v1/oauth/issuers/BmoJwEmyzs4RSNMzVUlCs8qTPC" - } - ] + "enableIdpAuthnSelection": false, + "enableSpAuthnSelection": false } ] } diff --git a/server-profiles/shared-profile/env_vars b/server-profiles/shared-profile/env_vars deleted file mode 100644 index 8ce35942..00000000 --- a/server-profiles/shared-profile/env_vars +++ /dev/null @@ -1,37 +0,0 @@ -# .suppress-container-warning -# -# NOTICE: Settings in this file will override values set at the -# image or orchestraton layers of the container. Examples -# include variables that are specific to this server profile. -# Options include: -# -# ALWAYS OVERRIDE the value in the container -# NAME=VAL -# -# SET TO DEFAULT VALUE if not already set -# export NAME=${NAME:=myDefaultValue} # Sets to string of "myDefaultValue" -# export NAME=${NAME:-OTHER_VAR} # Sets to value of OTHER_VAR variable -# -export dataStores_items_ProvisionerDS_ProvisionerDS_password="secretpass" -export keyPairs_sslServer_items_vtcm75en83g6v1r87ytm7lihi_vtcm75en83g6v1r87ytm7lihi_fileData="MIIJeQIBAzCCCT8GCSqGSIb3DQEHAaCCCTAEggksMIIJKDCCA98GCSqGSIb3DQEHBqCCA9AwggPMAgEAMIIDxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQInjmCIniDoPwCAggAgIIDmFraiJVk7FgGjSHnySwUY7LPWVniqQz1MWPGa1U+6Bqe4yAVnv9owagOPUViYOfGCIwrgfg+FW1Dx8INvdHjs6gTqcTz3k+C8I4zhoKpXuSjpxnhyTDtfB5zUFDm6gGyawl4VuwMNoVMAAVvpWTEJi993lWb9QXmdFntPjZU7bC4yGoJzhFDTiZnTBRtCKcH0PbDR8f+8dDmHxk8oLRNL2+HfAmzYBPuxzhpcfH3HQI44RAKR+OJDluZF99PU8qO3\/G1hjYcSSIrSc7bTPJ+b2XVtjdZ1WANB2BOAiGdzvwSNvrU6MzHKrs1qLKoD58mGupE2ckeQVY7soUZGW+eWNSM98ykrcyxXOBgWcSdOjfHx7nc7XBSIEhaaaCDwkRbFdS2Iw+ehBQPQtYvbqA2Vn0+G9jzYyrERGZzLIKGApPYyOCeVuR4+5yI+E64Owrde2cxqkqrqmYIy+omzUBgMgawxBgTk2TqzRVaAoVSXqbvi8dxmXv9nt17gNS9GsUg+DnDZ\/26NPOLBoZNkegBehtKX1aVgEDtMPkyIlkfU8tz9L8tKV6sbcJ\/GCK34XuSjkfwDf2GHCjEP8U64Z\/7bwjGm8\/GEZ2ZUi5OkacPhiJ0UWdiC5YIjrGY0EORV26MpjoSIIOWh14vy2Yf3AJEeEur0OIwS8J\/xQlHMbyNr+K4kzRf6jnUc4gS6wgV33WeXMN72P6Gauh82x8gdGwWoFtrHNiJZIDecDVZHIMFlQq1XioMLXkkWRDGNPB+XupmWGoUmHZz5iFSbW6PxYju9Gzze5P7fHiNEo4qmst2QwmWjJET8DTksopu0cUV2NoeAWt0FgOkLkd3Se9grfW5Yr3C5gIgk5dYSVom28oVZUVFabnVGVzOeMMBWkFwMsuoxssP7S+X6BrK7OWmJRQOO7NX165pT4iBecxyc1BuGsZMVvAxumleTe7XIpuVqg7kkJYiFGCXC3IwEYyCpuQkTrys0ZOHCoAQfO5J\/Yji8q4\/8XyxSN\/bZRCyQjfTCFNDmFPXUmtNTv5BbuaIZw3HpG28Cqo3gY5nS9iH6xxNz2Jvx0BYZsOV2OJchfwBGkSiPQRI2bXJmEj0e+BvcsXPrGwvAe\/YTWF9esOv+qt+SgG4eP6X9cAoGPtxsfMbj9\/9+wUfgZ74tCkocHHTLa4H7q30PRrpl2iOOG5FTRHqWjKH4wk6hL7J9ex7qoaUJJ5Z6DqaG8\/cUbqaMIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECPdbHIBZDZQoAgIIAASCBMiLELpnbMnje5Q3uXKsGoLoQpEMJatS1SRGVipDLKYDzccc9g9jG\/UVkSc9a0MbL0MJEpK5GPdsNguuB\/n3D0hWp1b3DoaimyJ6VmtjaJHExs0TcCC+5Q1rUm2tjIAi7CiqBYNbs1QnZXHdlsNRxsmfYGLxL910OQqxGdy+\/qUfW8+n\/DmR0X8C28Wqz0Uxn5mc8NfGTMC36OVAnghy58BZk2sijjUz+yJYXRDVCQkqVsMWVTe8fFQibHJvfKMX7Sj5DNIQ3CD6KvtIVDvDusMTFQcj3RUFq553Kti\/BhmVIvxxZ0Ak3W\/DDAzTLX9EBYwB80pmHlrXdnEFPztKY2NiU+0zl4HY5bQyUQ8IBour0KGwsPo4oZ3EH7EbwCKxNPuwE3N0jIJuOVn4yY9q\/dxTdT1QE01abywBDd7ixvJFkW3LUrGO7ciOb7jDp7OD0TtLFjdbSX2ahmb7sIqqWp3MU1Mqfsa30mqiGbWPvgpDuPIenwoQyjtME6WP3sMsML1QlLySvCXJCyfxeIMWeIOLZEg+c17udi01MkWInLgM9RXkUA84yXuSIb5JoyLLsR8UDIDpD9dPzz2wnpoGnpk+o0fwjXvgrmkXyCd49rAE\/8zCpainG5d0yANE6lMilm2cPVG5RbMhx58vAG5PoLEoCMqlGIZkdKDr\/yZT9ufgV1LlWjyDV0vcYxJeUb0wLH6iCj\/lQcoJ8ryf8Vo2HkEcPLWSobpvxR4XU8kyksLf8YIeRmJ289oM9closfnNmFOk3td+v1yqFqQWlyqxtFSOkx+LWacHrTc65cOWt6TjG+NyvVOrSvYcudK8nxIyzt\/L9IetLgo2KMpqAsGOIH+r7K6K45nuFFg\/HeUwnsy4ETBujx9Emo3TNJ7bmaQ6G6fmCZWf3IYnomdopSOfTvGzENA9qnSi\/MXEPX7MqUUUMohtOtSFFZcmH0tpp+bAXytJq7hj\/t0eqRoY\/OM8bDRQQPEpFlIHUryY\/BExSP7xDIz3ArVJziODT0L0au0cnX2sGhNSPl5HrXG6SRPi7XzTi9HWXWnT1QSG9UWvZcl2rr70n3KR\/flcaIBzHJ2HKLcVZlgJENOIFWyG7rd9Ri8HFKyho+2uV+8NgWFeHJsjcdK2gsp\/t2UhEgrneEbPFBd\/MjFjeEJM8wFbAKve6jWjVDMaZ1TMBjWZo3AIy3yiajpAWqXdAPlM+02CQJCc25lt0sTCUMV+h\/xhtre\/fJLvW\/D84UmwgYTTVmJOBaGT4wWYNjA+BhELZCwDh5CHm\/3ax01D\/IIsJfDhchtc1yJNSiopEzG9F5H6RK7uC65VqZ\/qxqpghGX\/Pqet55lgy6bgN0OknLP+QMhFYxW7MT9xXq+80\/jrSYKsehZqo671FIXCpIAYCudQWkMGB54TOTD8l3pgjUqrq7rgeE7wWwq71dqxg3K4z+xa8O9+S5ESjcjp7PpCpzpVzj2cmI0OsoV0q232TcjJefLKIyJpIgl4I5dvvpPKhXZsTrUF\/1sxPlZV86tF\/hCvy5Y+od+QiTMlgg4YS2DS8LLSH6gGs9MjQ3Y3kQihJ5rfn4d+6wnXkarBvk1Z\/+WJya4zu8itnO4+kmOZX7uBuHCMO+ozc7aKvngh+tD2GuMxJTAjBgkqhkiG9w0BCRUxFgQUPP5CHtYo987+CLAt6z60+13puS0wMTAhMAkGBSsOAwIaBQAEFAw2inxnEl2AnG\/29s23ELeulGgaBAhq+OSHGvOzZwICCAA=%" -export keyPairs_sslServer_items_vtcm75en83g6v1r87ytm7lihi_vtcm75en83g6v1r87ytm7lihi_password="2FederateM0re" -export serverSettings_systemKeys_items_current_keyData="zXq7Idi2Buey5Gu9UZjLz7AHcywCsF6g3uxj0tYK52A=" -export serverSettings_systemKeys_items_pending_keyData="7ZuraJ9Iz9H0tczsx4Ta2YOPZJUlN7Oksp4EcTwjCW0=" -export PING_IDENTITY_PASSWORD=${PING_IDENTITY_PASSWORD:=2FederateM0re} -export PD_ENGINE_PRIVATE_HOSTNAME=${PD_ENGINE_PRIVATE_HOSTNAME:=pingdirectory} -export PD_ENGINE_PRIVATE_PORT_LDAP=${PD_ENGINE_PRIVATE_PORT_LDAP:=1389} - -## Variables for PF Bulk JSON -export dataStores_pingdirectory_password="2FederateM0re" -export PRIVATE_KEYSTORE="MIIKhgIBAzCCCjAGCSqGSIb3DQEHAaCCCiEEggodMIIKGTCCBbAGCSqGSIb3DQEHAaCCBaEEggWdMIIFmTCCBZUGCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFGGyrPQwzbe+q82TqhvdXtTSt+JkAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQRYLr0nyaduHSF0rwzlns7QSCBNCKP4Q6K8fH2VkQmzZhIxtp8s4wnbYU4VPa3NhWVHIGNmfRbKnTIryma+6MB1vIe66LQRzDT1B1w8c/5ivHF3Ro6NfFEmeNeUxW0Tz6Tc9xyXvP7B+OdE3KfzT46RvuqrPhr86LHsmtROqSUUbOro2FhuQRTfaoI10ISscymmou2QCLY0+UZMzel+FwsFqombldGCTB1Qr+ColLzx9z5U6HaZf/o+KtgaJR1V4Y5pGuGKDkvlaRv1WFdi8wqjUtBpmceyV9X75P6GV7uMbKfma0KfCsBcxVUPEiHvPiVNtdWHXhAWB7IZGcJuhty+FVwgkNU/3k68ShvnSNz+WCue+oFk6EHwgdEkavMPag4qTq9D+NIYhmQsqtjFwo4KHvF7OSssi+UVQIu1eVwy2QAcIAZAnlsecKDNqJQ12z8ZhuHGlGlsIBhDhSuJeRFCI+fTwlm9Dywtdzi+MOK4j0+h9gLu1qiXAd2IciyG8YWxZlQigVvenj94XexZCjgB8BYWfLKxNoUkRVVb6e3qLVat/jUmEhBgmapEEku5XKgAGxtEb/Z1WmUaCXyf3JplhAbRahOvEoMeuwezEtc2DGnJT3CcMH3aXeO+MVtpUpuBWPKcdNyJIsPsL7sjm4xGxMTJUjwAJjLJ8lDkIIpFq4zwAfgT4t/YEzfuLBz960ljh06wZWR+eFCo6LrTyZUJbNP0/ab8eSKW7bhci40v2aORHWXkMvJz7MUkjq9GeCu5svhI8MhFAEdx/P/yZzD5U7EhIbaIkDvz847ZYDoZdr9tW+sdLDwr/9SDya8sZXVd4bATv9/WOUcv/UOleHRQkOqKkMAGe7x0DVb3XdNCBfxAxPbXjQsLg5is3C1a84RzFF5g7pmL9z56ub/QY0r6P4a/YYXymIrLgiwq0uBijd1IkHutfO2XJVEyOoJvZbfvQmwd/Ti/l0N/yFNW33mOgc6owWvkHL0HheS3KWun3eHc6r72pFm3qb+NSeR9W5ij6fCuuBfHrakQmH2aQp9QtwmQoYooBGAlU1gQ/X0mHB/6/Rnf0V2RIGhWRDDag5mJm9cKY8ovIQeId+co3f7f3b2fbBNOrizbNmVAfOZ+NOiu6VmW1eJadPUD5s/NERW/9TB9f3vx7kw/OZ1fSbcpmVabnJkswu/Nhh4eCRNTD7yBiY0tv4nDf2tPILgL0AA3CSQ3GiSVGdfA2VkRdGXqs746KZXgcDO3WK7H4Bl5FnDMl/1wGU/dbvJOXIYA0l+uxGkVyCkPeo7B/7ZpJ/FPLrBmYC7H73N6ZSVWmMkq6f/uhH2lAbTdXmvyKbEw+oxQzkJfFiyaG1tI1l2pIbD3h0RvDRyrlJvq/tIp0L/pmID6h9O/tkXwWPINprzeyik6kRpkpbKDoA07OL4ubKpjQFNY2iEW/i8Yc7SMoFebwmLi1RrXRDPJx78/8P8LuYjoPc7m4e3Oa13JzULgsk90ZUQJSyWtZvP8v2vqp4MOcMdRMpt5OrVk+bT/4VeUuFiWhhocudTeiXOEPOjyapJbYP9yrOWY75a/5Ox26a9iiwYQXMav6iGQhniHmNausVI9bWqvCSnsX/kqbMLjTLVv3j/TTazRc/p4z3sNjRRd7p9lB582vF4FoJRunOy9+KV0q8QjFCMB0GCSqGSIb3DQEJFDEQHg4AYwBhAC0AYwBlAHIAdDAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzIzNDkyMDM3MzgxMIIEYQYJKoZIhvcNAQcGoIIEUjCCBE4CAQAwggRHBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFB8hB1tEOIKlMKG3BcwG57ZNrW6zAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQdGKC6eOC/WGTryUk2WhMNoCCA9AByxmlPUonipwqhBc+IQoz1LGio8XHsIgzn5pqW46AXl3REzIWu4Yo3sDlt+gjiWOrn9tRbCu97cl3HDOMJhoekZxuzdknnLAoscDSbchZ2KP00HZX05cVP/PCzTjqff2YJQKIYXZFmUKC8O5j+/YdM8L5hSivZTZH00mzZARLzeFPeWAj1tGKVS6yGI+Ki3+YBjHRfnsoK+j4mv/vUgibTzrRxLGvlasdNefLKCbsdtN68jfdsumToPnRXSUp25113RMt7v3UiI2Yjq0cIXASpKpDysr5wzyqZaP+H1m2kQtqRGf9osrMUQEom0U7nXFIJ1RYEgzK5NB2Sg+HFJvABF5/psd2yrcQFInD2z9p8W+Mw1HaU7uier9Gb/YUl/64GoWtr4bteIe5JgpIfQzcJCezoEManyvlOUNmD0ZnNmS9Z+6Bk+uVZsrf5LCd5J8nvSls9KEWvn35TZ41lmxGK55RsZ+9RuET65mQChWwoUb7DLjoQLbhQXhxdwibVZQXyFI3JfGLxOLIUEUw3V9Uc1sIRgy1xqNdLFxz5zwej9aJOWHZFHAs+i9RVbpPdikNBtiLRrnQzMg4hBp7NoOJP9jcg6z4Uly3UB+t7xqAaFV2EVvd1+U8FJPacCv4iMy/Jag3dKyVKo9CvSkZ/+9WQv0M+PLf+PcrEMpwdXFp4CZcGC9sCrLtSQdb/vhdC/SMgiGsEiklRVlKGGaQ+ZiPSKMC4jIpCs7kjG+Xrz8wEmN4CPMHLQMhOshORSCbWIBmz/KMVcbl7Xd3+iFKXPMUkWLM5hG234LpM2vaIVJimCv2Yggj8IgEkI4+zRGL1I4LPIb4GYc8zdE1mSwQfxG703k1G3WP+9RiTJGL7TVVh2OfKckYDjU40uTKDSohF5uy53RwuCOi46aApT0lojxQgUMXV8QdWcLZhQtbwvIXUpuDhx5/C1Dvevp4IF5PeP9578hDCqyPx6B0rdh7fauTddIPz8GhR2ijEb4a3o+Ec7pFRWUbelV/iBEYJaPiMyTUHiJePzEK6O5q5oZYMZK4uEdBDR7azKrRuvciJJeJWZjMFd+xK+cowfJkdipQsrjBU79kdD2EQz1H6J6+BuUjEzHWjpHWcAgDI7sWiFEqOxeNt5Y58761XI1hpOJybevjoLE67XD3t3Xifz7NskToVV9qxraAEsCSQInctAdMW1ScHIW820qIAvhY+H7nRDxNKwJT37rJB+LWjT6t4l2vsLvXBLle526ccBEKu9MUwyquhASVS0uZ9FJZ2Irqc1KzSSp00fGts+FfN1Lju0fcME0wMTANBglghkgBZQMEAgEFAAQgh6VOTJ/L4uau0eNydTJ5WXTOv8+jsM8w+2i6EVtzkGcEFH6EmSPFeUu7hQF+aVQPIOLZ2xgeAgInEA==" -export PRIVATE_KEYSTORE_PIN="2FederateM0re" -export passwordCredentialValidators_items_simple_configuration_tables_rows_fields_Password_value="2FederateM0re" -export certificates_ca_items_50z1hm968rdu2irr31i5ridbh_50z1hm968rdu2irr31i5ridbh_fileData="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUY4akNDQTlxZ0F3SUJBZ0lFZFlEZWt6QU5CZ2txaGtpRzl3MEJBUXNGQURCaE1Rc3dDUVlEVlFRR0V3SjFjekVMTUFrR0ExVUUKQ0JNQ1kyOHhEekFOQmdOVkJBY1RCbVJsYm5abGNqRVZNQk1HQTFVRUNoTU1jR2x1WjJsa1pXNTBhWFI1TVE4d0RRWURWUVFMRXdaawpiMk5yWlhJeEREQUtCZ05WQkFNVEEyUmxkakFlRncweE9UQTFNREV5TURRNE1ERmFGdzB5T1RBME1qZ3lNRFE0TURGYU1HRXhDekFKCkJnTlZCQVlUQW5Wek1Rc3dDUVlEVlFRSUV3SmpiekVQTUEwR0ExVUVCeE1HWkdWdWRtVnlNUlV3RXdZRFZRUUtFd3h3YVc1bmFXUmwKYm5ScGRIa3hEekFOQmdOVkJBc1RCbVJ2WTJ0bGNqRU1NQW9HQTFVRUF4TURaR1YyTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQwpBZzhBTUlJQ0NnS0NBZ0VBak9uZCtqdUd6T3pTL0N0OHFtZmg2SFJ4WmY4NTZ5UjM5Q3ZxOHFZMlhhOUsxU3FuTFBoS0kyeUJocVNpCkFoQ01laHAvRHRQdEFJaXgvNUVVZmwvUWxuOU1Ka3dGTkt5QTVUQ090SHVBWE5maGhSY0p2VCs4TDZaM0VsOGduQWE1S1A5b1BtVzkKcngvWHhUcU11RGVOQWhuSGZIaVlsdEdXc3F1TGY2WnVaMVhWcHp3NmZWRzZWcVdwNmdTSU0wRXQrS2ZFMVczeUNyekIzajdCQ0hMRQp0V0ZGdEdWVjB6cS8zZE5wUFlCbG5XOEtreC9Cd3hhNkE4ZldDeEVzVjk0NUQzUDRWR2V5VmlMUklWS1hQNjVTOTZ3eGRPYk1xYjJOCis4K0VKdERxNmlZYUplWDMrYStiOG9yOFJ0MHZIRm83YXkrV3NLSVljZWlDUW5wTEcwQkRJb1pYQnhNVnc5OVpjN0x2dGRmaGpBRlcKaEI1T2dJQ3duck51YkR0djArN3d0Y0lROVV5akpYZWw4bTI2QjlsNFRXWjYyNXozR2EzbkZSK2c2TmdUb2JyWkRYbzBwV2dxU0R3eQpTem9QQ3FWT3N6VFduVzBscFNRM3diZnNkQ0w1YXVzeFE0STR5bnY3anJQS3V5WFRxdGRSK0lCajEyeFBrcy94ckM3eW9aV2RjcGN1CmRrYkR4U3REK1VCeUM4QlYvOFpzZm9LSU8rSFhKM2drc0dOYUhGQ2YyZVIyZXVVT3cycWJDRGYxYnJYOEk3RU1KdFNJajd4YnpqajQKbGFiT0NIWnF5a2FBajNveWlaTVN4ZjFnUUdRMmNKMHNYdFRERG5BNWRocjhtNUZPcUFuc0VTN2tsNEMvVzFuMCtZd3FzZisvNERyVQpoc3VKNjhQMHhIV0gwNk1DQXdFQUFhT0JzVENCcmpDQmpBWURWUjBSQklHRU1JR0JnZ3B3YVc1bllXTmpaWE56Z2c5d2FXNW5aR0YwCllXTnZibk52YkdXQ0VuQnBibWRrWVhSaFoyOTJaWEp1WVc1alpZSU1jR2x1WjJSaGRHRnplVzVqZ2cxd2FXNW5aR2x5WldOMGIzSjUKZ2d4d2FXNW5abVZrWlhKaGRHV0NFbkJwYm1kbVpXUmxjbUYwWlMxaFpHMXBib0lKYkc5allXeG9iM04waHdSL0FBQUJNQjBHQTFVZApEZ1FXQkJRSnpnbGdaeTdOczlpR3J2V0U3TjlWWXBnV0FqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUFaRXpqblhZUGpSSUYwdlQ1CnZYaGRQUlN5L3pMamZVQWVZSkZTWENuUUh1ODVkS0N0SExtekdXMjQ5aGd4c2VjQW03MS9UMHFoKzMvWlA0UTNwL2doU3dWOHlsK0wKM2kxak9mUWF1dlRXQnNmQzBla29MNHZReEpJSXkxMmRJYzJpd3pCUklOSUpUaGlJVmdaVTJiTjVqdGRzRER4Y09CU2UzMVN5RWFPSwpOVWUvRUV6WnBIRXpHUDFETjVqMzRZYXBkQjNtNXVrUWZnN1laT0dNb0k2QjFmejlNcFZOMklORmcyenF0TmRKVkhVZlI0M0NxbDk2CnpDangvQVZFejJPMUFMeVd3KzNMZXFGeWo1Q1pVL1pWaXpwWFRFM0d3VmRRVlFnVkZPcndIS29HODcvRDhaSUpvQmI5MW4zNlZ4RXEKcVZFUjNJeC9WL3R5bWNCLzFTMnhKL0Zza1NBR1lQeFNkVlBlRlNRNTN3NkJkaHFvT0krdk5hSXR4aW5yV3V3Y1dBWHVMLzJabGd5TQppNGpZeXQ0UDI0anE0dTBMRytkSE1meW15VTV6MHhWaUMxSjdsZDdJMytUM2lCLzgyTTBjeVFrSDJGNmNKbVNyZ1o3cEtZQ3BaV2J2CjZ3R3ZGdzFnaUtHa1VERFhKT0E5NTBmSzY2cUZFSmdXb3RoV3J6SFRuZ1RMSHZZakpZOUZiMElocjRWb3VLOG1WdTBLYmxUY2x3eVoKNjNKcXhBZEl0alNvbzZVVUcyZnFoOHpSdTRTWjNLaXVZVGF1Q3dUZFpmbmE5ejNlZk83RHg5Y3dPWWwxQy9Ea01BOVBHdExTOW0vagpEOElOQnFFdmxIMFgyTVBNWS9mWGdEUFhlbFU5TEs4aStaZ2FvbDhnVkd3dlNUL0dWdGtuaGVSWVVoMD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" -export keyPairs_signing_items_devsigningcert_devsigningcert_fileData="MIIRAQIBAzCCEMcGCSqGSIb3DQEHAaCCELgEghC0MIIQsDCCC2cGCSqGSIb3DQEHBqCCC1gwggtUAgEAMIILTQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIrKxJULvuRF4CAggAgIILIHPRkAXu98f7ImcM7oYxW1QCZm4i8JLwyqbTNLtuiM5UyfCXYeQe0a1xYRH2ey1iJPP9vFzCGUyH2zN6jFeuhbICBBnozHEQ4lkWJmt9oJYy84Qmmht9c+NS98OY0+CZGKHbiOFHOH\/HNIMm3\/OI\/ei\/CJv+0PmvMaGY9yZYCG1ATUCOEESOi3UMx2Hg1e1k+a9UjsZwVQJQA7Qt3QEQOSuptx1MlzBT7Lc3fmUGFtWfXqFFeyoLN+wZR6Ff8vsrNm40jtUZLGEhCwoDppF4nX3yoo0UJnPou5pw1ep50Ge7Px0gajP4XRq9lB6SJh0H4dM\/pgtkA8WAJZ9FiMUzCXyuBSqJzOtTR+wjJlUg7aVav\/3gYN4CTF1CFHzDvpXFssI8M175XL9q3sfrmBm7nzGVMnuj4SvX7RXf3tyrld6RQecBA7k5y+dAzOc+VgZzKcS4UzOenUJ6dueHliYjK\/IJyZwfNCO1nZ+1NSY69BgW4e7EZRLtVwLXp2haKvbJ7f6XiuhcaWxZVCylx5Ws0Tf+laLtjPOIDkpmAqwljaIMDH+J+YmdcTRDLnn6XoGhgfSG7\/37b0WcD02n3\/9gwuZ4K\/Z6wVmOmIilaaf\/ramLAqjY89sTwalPua3\/hY6h9XMQv19c0oP+yt3WPnNDs6yaRAR+RY5EhdUP8yjYQ\/wG9adM68nXivUm7BCOTcvCixWchKJ1+FTZBY7JbgGlXmjeY\/+OxTQ4i3l+Oujv71CCvJRlOHk0et5gB2TOfL8ckXQRJeVBc\/DDc\/bv6K9DT6gNRLaQ\/bA4Nh7QB2au3kEL2fFg\/vmgIWREjot0RFVmYuRFyYhvHVRbXHu4kkJvXx5xqbLOEyOkDd96bH2M7soYCz\/Y5xKq12Xy2CpkuT7JdIZ7h+q0sVcADHKcBzcyIfKjejHdUSa0PBZ+ilrSIRTvR0JyyEqvfkD6qz17ulxq2Q2+lN3+Eiv5l5IRDrrXWgJVVov4N17nBHqd7IsW882CTFBFsv5IJOBVWHptL4QDJH13TnMY7mbYT3z7Gl0mSqDjvmA\/tq+owlrYkNoYcV86Qc1hY5sDosc5IQbmIIlHTcPIQYj9cYyfRcUJTDSRFMqeMUdXWiy+3pAqA+o5pvsZfd+q4d7Kk6xVxh5KgagXXEKyliLGA\/yjVjyKCsfGNIBlo6V\/wBgDw6FFJV5IEELB+C67Bla6DPd\/IijssFFNeQuhanDPTYlPD9tNg\/fs3qyXdgLtAD5wFTpItkiW9sCIl0sdiKKYenKTEP0Kzl7m5rHRysKDmvpAz4B7qpSWHHdj7wUWNTnb3cJBZruDfs6J8nGLi\/mdRxQBiZjqNHk+NdoLGP5+Se85nS73YcvnQNM+R3BgRGCRg\/Oz6F2BEFw4Pg6VWtaOWPj1PIc\/\/iuRtfWYtg5xFHXnqQgs\/UmYlQ9rIdal1kxEBaCzgb43mXE+Sb5AyFnCxn0sgw\/sNIFvZyUs86+mj7qYXVUtqozz0REEn78XroBEJaDpSbfVW+97VLSGTjdGmIr47vu3lOL\/p3DM9ojy8QObunklWN1rowob+5Qp6BMQ5OLFX9RMjJeRqUyXfuDGuGfVMQ\/XLMMn6dZzgB\/tUs29cpPyfFEVlp0PeKw3TsB2CurZqV8a7eJIve1DU6C2VNyud0dDf4v1PIkQ61GcEZLJPbx\/jL4cUGG+VUF+jWy5lK6mqLbu60gq58x7M2RJvbdHqZIMhnfS6GMuY4BDYCnDWScjFOOs6JN9teRus2vSlv3tyk6Bi4w3i+ipntczD0uVmE9ehPVk361+tBqgfc4FojALrG6LWC\/JdAEuBuCgF+LOBaCD\/q35zfq2b4VSQ+tSeCScB24F\/GMVTich1oBJEILHciuWYFeGd8OkyXLYP4p0W12MEs+NqTbrjb\/2UqwK0ugGs6sPOOg5ijteoNTE31oEW3zJ8DKgAjvKc9KK7mwgDyO\/9UOe1eoZu6Ej0CqfrGyuMTuj6g+TFbUuYMWFK+3FM7Gf7uDaAHXhARQ07OatUJ2b73x0kNhMSobx2LYcCzveItbZDc7iSAi0meGvGrRLyuv2D0Tts7UqZgn+NIpflv57HtQ7TYuoJt\/MZR0q4eQTfdIL2UKYhIHFb5L4AXTNlN2n9HkPlBfnaEPl7o6QlUHd9byjmD\/oDiPDeDOKkY4KIshuasu0P3HGCD3od\/oQ0GuGrSzVzXi3kwfCKOPSIUrUUILa0TqHe3bYCWyBwHPa0ROZ4+eNQRr4TdRkn8L5gHWPjp3TikMH1opA+i8kCL7vSTzos7m9vrjde02Nn0cXRVqpaYtXt9Wi\/znvURpUNpKIsdXxb6A8+T6qtFsN+8sdQBDcYuiyje870Rt6p5BLoDYrsH2jkdWBqKhi5EJ3Uh9VRHAq8aJP9h9gngV3bdVW3bv0FEMjKmvpUQnBLBonXJUX\/kksuVMGdOwFovs9F7lWsso\/4B9N0eIoXcUP5NosC0KECWOBW4NCx5+sDETNCzrXBsZ4KDR6DOjrbvVQF3u4Le9Fp97CFgcX5UPlS6E1NbO3ueISzpOoWyo1KwCbl4UA7Xuo2og9al\/xXXf9bUSbi9ElyBhK7gM1gY+ZtWnZpLrd+0UaIJcKNVESblsROA+B\/4hG8F0oJPoOJNm3mGG7C8itWM4+YknrSVwDQEwwOqbbYB4b9kB2SrkS6Taz3cmIhhPPe2cTYfEV7j\/\/zY0GfCW0MTjvLv2j\/2inItKLv3scYVBbZCVva9co+CtL+tI7xPrOegXWHgfOEz9k8V2FRZxXKml9SJwMWtXHUgs\/qox9++uk9Pxyn051lL2Jwyfzn4CJWyp9LWMHY71Y+svwagLUJ6Il6pnq6OgO0OeFcP\/bmh5BGdfe8WYCCBaWAd\/yBrfppTrm50yUqXBXlXToWzajJNqXs+7w7Qk2Q4A5K+At8XfwRXMLxfViSrDJjx+wYv0jpkCDHnPu76fmSWIgZ6wwN+8L7M7\/uIURnV5fDAARTnR37VW2Pbk24Bt5ElZR5i+ALF\/BvxBHz+Q9JK2r\/vlSGKys\/TCGVCJ98eydmKNsXGWQjeWs\/61D4E7ocMPENKH05qrHZGVW5p5VHKLeK+1mxcLMyw2g46M86R6vUeukvv7CWv1mooSzxQHteDDP07CvTbaUEuJHBAbg1RCTD667HljRYDBd2FUgcE5ZIJGONQZh+6MCt4lvGxePTyKxn1KsomY9fomY9queDz7MD9yYux8s2fhDIhEBmUl9IdQOc9wOJwAMrLiBhx0rrWCrJe04Qo0d9m70avZcef9sxVk\/qO\/AqweL1vI9Lo5yO9jL1jutS3aaVBiECv9FrMIy7FU7Old6LPqEaPY2uNquegFT+E9L6TzH4vqNl2\/OrG2ydn1HDkTD2X4orEwMuGQ9skk8LD1+Vte8NOQjrnuKgaVjZ8mZr0oQqvqq9IqB79NNtzhw5BzCVFbm9NZTqJLrqwMosXDgS4E8EyMDz16cqv20ab1hBqPWwLy+D5QUrmfuQXL\/wdyWxe+KYxuRWowzEBXlz2Upz6kwnMn6etMKV0tLczV\/o7+iceHmS3KTgDLV5Kz7NtwYh1hToxtHVT\/WzpabHzzVQPFV0dvhABTXJNDfGNfdBIWeVm92mk0WFRSEdPAV6WZsq3Xuxo6pKytgwe0vKv\/YpArdP1W3tVmea0GVZpVLeRGsH0sYsVWMtcYBfhNZVUu3z85p9hxRy46e7T27ut7lUpQ5EyzIXEoO\/MZk98rT70oZJL5eP80yon5OPVVvWY0X7PtxpPTP\/GGVw9KAB0vaF+jv4Ail\/R\/1QMowggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIAm\/3u0BvULYCAggABIIEyMdBeIlp7aF8dRnxx1SDdQR50XRKmsnq2\/4tRqVZj2MegksqdOahiPPWTZB7BWBbqwE+Su\/NvKTcueA1Mk7Hd\/t3CkeQGxVsRp5vyqnuIqTU1kdUMO8AkG5tLIuxIGD9rLPyglKUomGsqkR9fQ\/QFQZ+VPzYfkwklpcWQ6pvscejFZxQEgFyE5XaHod+tQypN6oZoBg0EwRJdbwLePgR6o2vARcxMu3XbykRiYPJEIaYWOmoqg2tJrvHrIpvtliGaFSNOOVxw5uENu3s6zNENGtMohw\/IAjhqxuRDpfEaLTgpVRdy9Iig6RPL1WQLejRQTOgxbEdBB4+xLIzIxt4gFRyxN0JbR\/GQgxzfdHYTGbJJL58DRN2HxBJGVR8skRaTVKRHtjbD2glvRaafJS8bcmp44TPGA7QyGhwNGGMqthHwFMTnQA6DUuu+ecX+RSDNHh\/8Lyufq384k\/R7RIA33hMwaCBAsB8SrQCJoEzO3PeWiRin+mg1zig8UBpmJzmbGeE1n0hupmU5K8IWXpmwWBetkxFFEof+QXGWndMiB5LFW\/0RYcGrilNh5Wrvc\/yn6u5lSEWY7OurcESUWoZ\/Z9wKPR9xvoOKm2R4I2k\/ZngsKGqH4E1wWYyf1dtKbSYM9ddtpcGcCr7tzmvETS2kQJUohMPodI79NZby7cOgvi4hYxYMiT4PmDzBtZSOMOiGHwbtgb5UDOpL5Xre5X\/Kmef8ncJQ2wjdPsmvUXWplxr2rdqd6tU5K4dOSQBIs3FgZBXUY9dlXi5hI6mPvJzCEjs9IN8WxMPCtIzpelexOUgzuCLNvwcKzYCkXTXvAyoRkRvxPTrtkw9OzaskriY+lXtST3PUR52zGynC5mvnCE8P0ah1VzEG6+sDOVkN8963qehyVkavuSyv5glW8TmBBg9KC3vefrJjvfoA8CpVpfvVw9d6DRjvXLC48GUATuRDGU9XYzM0XBwsWitYbutYYLQuhDVAT7o1KI6YN3+axkot9pzHDRKEx9sS08x9ZaVUoS3CjgGIVJ\/mN+5vKKJS1uXq54nmjoEB7wdA\/r7uPNjK+aM4y+rMBWC8J+is910QkTLlaQhitjYOFnECuyMKdyKoGceiIjc2C\/IXlGhk\/U6i47W4Ry56UBWUJoluf9aytr3cuJPOTaBJTKMWwg8KHgbL6OdlY+cWmW\/R3libJH2yUKsNVqJxLHbwfw3To2+prrDnSziSTkv\/aHe+dR3H35IwRwjFdU72TgGkjhs0EjZjMDYohtfYljUvTf3+LvmLBhOxhiB1AY0CAYD7svmE1bXSRMiq6vQ8nGQyk\/TPMt2wiqETx4K5B\/oE3iEZFcno6oxoM8CcaYT8KFXm+XlJfMS6Y5p7lEZZUUrJZ9DmyWFnOK2N5X4DVVoz90b0xHOPoySxdHVxPEkhki+\/hyMe\/5Af++AF08fW0UkNrcysm9oL+JcxLhIFmYKeXOp6ndc2l8LriGdYwnQIslsNz7NS4CyMWevFCxdtHdtDHCMeNR4vVZ\/H4tKjQAN+MSGlJUivnf+4O7aAza3JFYrHebvEnZ2bOXDBEO8Wg2KdlU9\/kWT7+Mbx4uDoBx5uSlc\/EjEyMMwaRFWNLT0BE1rEhjZ\/2dgnSJicoQxxzElMCMGCSqGSIb3DQEJFTEWBBREJ\/fTZniwl+QwiadKGFDCt3RQkDAxMCEwCQYFKw4DAhoFAAQUAI+SRcJd8x0\/muoSflbGrh4sOgYECAo5YVCkatpXAgIIAA==" -export keyPairs_signing_items_devsigningcert_devsigningcert_password="2FederateM0re" -export serverSettings_systemKeys_items_current_keyData="zXq7Idi2Buey5Gu9UZjLz7AHcywCsF6g3uxj0tYK52A=" -export serverSettings_systemKeys_items_pending_keyData="7ZuraJ9Iz9H0tczsx4Ta2YOPZJUlN7Oksp4EcTwjCW0=" -export sp_idpConnections_items_aLGfLX1_K4VP6a3uGh33YOuZodG_credentials_certs_x509File_a5kvb66kyxbmdfwp506gijvn6_a5kvb66kyxbmdfwp506gijvn6_fileData="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTakNDQWpLZ0F3SUJBZ0lHQVdpU2M5cERNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1HWXhDekFKQmdOVkJBWVRBbFZUTVFzd0NRWUQKVlFRSUV3SkRUekVQTUEwR0ExVUVCeE1HUkdWdWRtVnlNUTB3Q3dZRFZRUUtFd1JRYVc1bk1Rd3dDZ1lEVlFRTEV3TkVaWFl4SERBYQpCZ05WQkFNVEUwTnZibVpwWnlCVGFXZHVhVzVuSUVObGNuUXdIaGNOTVRrd01USTRNRE14TkRVeVdoY05NelF3TVRJME1ETXhORFV5CldqQm1NUXN3Q1FZRFZRUUdFd0pWVXpFTE1Ba0dBMVVFQ0JNQ1EwOHhEekFOQmdOVkJBY1RCa1JsYm5abGNqRU5NQXNHQTFVRUNoTUUKVUdsdVp6RU1NQW9HQTFVRUN4TURSR1YyTVJ3d0dnWURWUVFERXhORGIyNW1hV2NnVTJsbmJtbHVaeUJEWlhKME1JSUJJakFOQmdrcQpoa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXJBVlJrcXcyOEFkQXhBRkdZR0IvOUkydWZiMnQxRlg3NDc2bml1bndHQ2JDCm5wdUxyOTk4QVZRMFNsQTJUY1EvazNDU2pMdnBXcE8zRzRGcGV5RS96L3EyUlp6L3VLMm9qWDYzVGg5MHc3TjN2dnU3VjJqSWovWXAKWXZtV1hPN3hBNkNnU0VKZmVvTUp0dC8xT29seXpSOENlZjFvNkFPeE4rVnNrcFVKQ0R1NFJpcW1SVW9GMjJLcVhadUxVN010WmQ3WApOK1RicHVKa0EweWlxb3FBdXp2VjF2TVlDWTdMMFQraW9zT054TUt0WTA1TjltTW9qNUFBSnFpeFJrM2FjQ2I4UzJVekdUY3J6eUtHCjZ0NkRTdUpJc1RnSHlzZ2FPYUI5YkdMRXBDSThyVUovWGRlS3ZMSUxPbzFDNU5zQkpRNE5QaHRFSjRkWDhuaFJxV2crVndJREFRQUIKTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFDUElaeUdwRGFpK1ZsalNrYTMxaHdjbncybC9DVnJVSWI5NG5XRW9vRk8vT1FTNm9VawpVSXF0S01OMTFrVm44YzRyTmhuNWZlbENvNzQ3VlM1ZkxRdkhUWTlwK3F0Z2hIY3lQRDdYNVlaTDZNVTJ2cVBJbmxzOUk1QUNGbUE5CnBacEI0Yk1ManZXY1F2YzV4WXEzRlJRdENVdm5RTGhWdlN5UnErVWt5NWxaOTVpM1JRM2lWV2lwQ1BMSTBxWmxtbXkxcGJtc0VjdSsKL2VFRW9GblJRWm82bjRBUWhaTFYweWp6Y3gzcUV1c3pYTXd1VlhqL1lwRlc0M1JjVG10MHhWYTRsYUNtRVVvOUVOcGUyR1Bidk9LSwp3MTdYeDhKaEdjY2oyNEptUjducGk4bENVNHVmbExLdFNRQUZNRElzTTI4M0Yxd1ZFeEZ4dUx6YlF1ajVGbnRZCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=" -export dataStores_items_ProvisionerDS_ProvisionerDS_password="secretpass" -export passwordCredentialValidators_items_simple_configuration_tables_rows_fields_Confirm_Password_value="2FederateM0re" -export administrativeAccounts_items_Administrator_password="${PING_IDENTITY_PASSWORD:=2FederateM0re}" diff --git a/server-profiles/shared-profile/instance/bulk-config/data.json.subst b/server-profiles/shared-profile/instance/bulk-config/data.json similarity index 100% rename from server-profiles/shared-profile/instance/bulk-config/data.json.subst rename to server-profiles/shared-profile/instance/bulk-config/data.json