APP-2985: Add update app endpoint and more params to create application request/response #473
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jr22
commented
Apr 4, 2024
proto/viam/app/v1/end_user.proto
Outdated
Comment on lines
41
to
44
| message RegisterAuthApplicationResponse { | ||
| string application_id = 1; | ||
| string secret = 2; | ||
| } |
There was a problem hiding this comment.
(copying comment over from other PR)
there is a massive number of things returned in this response from fusionauth:
{
"application": {
"id": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
"accessControlConfiguration": {
"uiIPAccessControlListId": "11d49de7-69f6-46fc-8270-0b3aa626327a"
},
"active": true,
"cleanSpeakConfiguration": {
"applicationIds": [
"6b4253e0-cee0-47dd-973a-a27b9e23987c",
"76a556ec-4ba8-4140-9085-555ee9a8bb1a"
],
"enabled": true,
"usernameModeration": {
"applicationId": "2338dc41-bed0-4cdb-8251-ac68701e9bc7",
"enabled": true
}
},
"data": {
"externalApplication": "Acme. Customer Support Forum",
"productOwner": "[email protected]"
},
"emailConfiguration": {
"emailUpdateEmailTemplateId": "ec3045c7-97d8-47f8-8725-61b93deacf5d",
"emailVerificationEmailTemplateId": "e6c74b53-d43d-471e-ae7e-906456d0f341",
"emailVerifiedEmailTemplateId": "1c3045c7-97d8-47f8-8725-61b93deacf5d",
"forgotPasswordEmailTemplateId": "162b3719-3d71-4638-b9bf-f3e2093f7fe1",
"loginIdInUseOnCreateEmailTemplateId": "1c3045c7-97d8-47f8-8725-61b93deacf5d",
"loginIdInUseOnUpdateEmailTemplateId": "2c3045c7-97d8-47f8-8725-61b93deacf5d",
"loginNewDeviceEmailTemplateId": "3c3045c7-97d8-47f8-8725-61b93deacf5d",
"loginSuspiciousEmailTemplateId": "4c3045c7-97d8-47f8-8725-61b93deacf5d",
"passwordlessEmailTemplateId": "162b3719-3d71-4638-b9bf-f3e2093f7fe1",
"passwordResetSuccessEmailTemplateId": "5c3045c7-97d8-47f8-8725-61b93deacf5d",
"passwordUpdateEmailTemplateId": "6c3045c7-97d8-47f8-8725-61b93deacf5d",
"setPasswordEmailTemplateId": "e160cc59-a73e-4d95-8287-f82e5c541a5c",
"twoFactorMethodAddEmailTemplateId": "7c3045c7-97d8-47f8-8725-61b93deacf5d",
"twoFactorMethodRemoveEmailTemplateId": "8c3045c7-97d8-47f8-8725-61b93deacf5d"
},
"formConfiguration": {
"adminRegistrationFormId": "e37dff97-9a94-48af-a0a6-c0bdfdd62c48"
},
"insertInstant": 1595361142909,
"jwtConfiguration": {
"accessTokenKeyId": "025233ca-d4f3-2aa4-eca9-7e4200e9b472",
"enabled": true,
"idTokenKeyId": "092dbedc-30af-4149-9c61-b578f2c72f59",
"refreshTokenTimeToLiveInMinutes": 43200,
"timeToLiveInSeconds": 3600
},
"lambdaConfiguration": {
"accessTokenPopulateId": "cbb303a4-0968-479c-ad62-de46b3fad130",
"idTokenPopulateId": "9987eec8-af37-4339-a969-bb462ff8b491",
"samlv2PopulateId": "0e58eb2b-b39e-41ad-bc06-52cd189b5908"
},
"lastUpdateInstant": 1595361143101,
"multiFactorConfiguration": {
"email": {
"templateId": "859f394b-22a6-4fa6-ba55-de700df9e950"
},
"loginPolicy": "Required",
"sms": {
"templateId": "17760f96-dca7-448b-9a8f-c49016aa7210"
},
"trustPolicy": "Any"
},
"name": "Forum",
"loginConfiguration": {
"allowTokenRefresh": false,
"generateRefreshTokens": false,
"requireAuthentication": true
},
"oauthConfiguration": {
"authorizedOriginURLs": [
"http://www.example.com"
],
"authorizedRedirectURLs": [
"http://www.example.com/oauth-callback"
],
"authorizedURLValidationPolicy": "ExactMatch",
"clientAuthenticationPolicy": "Required",
"clientId": "8174f72f-5ecd-4eae-8de8-7fef597b3473",
"clientSecret": "+fcXet9Iu2kQi61yWD9Tu4ReZ113P6yEAkr32v6WKOQ=",
"debug": false,
"enabledGrants": [
"authorization_code",
"refresh_token"
],
"generateRefreshTokens": true,
"logoutBehavior": "AllApplications",
"logoutURL": "http://www.example.com/logout",
"proofKeyForCodeExchangePolicy": "NotRequired",
"requireClientAuthentication": true,
"requireRegistration": false
},
"passwordlessConfiguration": {
"enabled": false
},
"registrationConfiguration": {
"enabled": false,
"type": "basic"
},
"registrationDeletePolicy": {
"unverified": {
"enabled": true,
"enabledInstant": 1698772159415,
"numberOfDaysToRetain": 30
}
},
"roles": [
{
"description": "Administrators that have access to everything",
"id": "ce485a91-906f-4615-af75-81d37dc71e90",
"name": "admin",
"isDefault": false
},
{
"description": "Normal users that have access to nothing",
"id": "ce485a91-906f-4615-af75-81d37dc71e91",
"name": "user",
"isDefault": true
}
],
"samlv2Configuration": {
"audience": "example.com",
"authorizedRedirectURLs": [
"https://www.example.com/samlv2/acs"
],
"callbackURL": "https://www.example.com/samlv2/acs",
"debug": false,
"defaultVerificationKeyId": "be980e51-c94c-49f9-bfb5-90571c34a791",
"enabled": true,
"initiatedLogin": {
"enabled": false,
"nameIdFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
},
"issuer": "example.com",
"keyId": "0a52ace4-3016-47da-906a-f7d272fbdaed",
"loginHintConfiguration": {
"enabled": true,
"parameterName": "login_hint"
},
"logout": {
"behavior": "OnlyOriginator",
"defaultVerificationKeyId": "0a52ace4-3016-47da-906a-f7d272fbdaed",
"keyId": "0a52ace4-3016-47da-906a-f7d272fbdaed",
"requireSignedRequests": true,
"singleLogout": {
"enabled": true,
"keyId": "0a52ace4-3016-47da-906a-f7d272fbdaed",
"url": "https://www.example.com/logout",
"xmlSignatureC14nMethod": "exclusive_with_comments"
},
"xmlSignatureC14nMethod": "exclusive_with_comments"
},
"logoutURL": "https://www.example.com/logout",
"requireSignedRequests": true,
"xmlSignatureC14nMethod": "exclusive_with_comments",
"xmlSignatureLocation": "Assertion"
},
"state": "Active",
"tenantId": "50435e55-6e95-4d54-96d0-9c953dd53eeb",
"verifyRegistration": false,
"webAuthnConfiguration": {
"bootstrapWorkflow": {
"enabled": false
},
"enabled": false,
"reauthenticationWorkflow": {
"enabled": false
}
}
}
}
i think we're good with just application_id and secret? that seems to be all we need in our app to do stuff. let me know if you think we're missing anything here.
There was a problem hiding this comment.
Let's echo back the name too in case FusionAuth transformed any characters (e.g. stripped commas, added escape characters).
jr22
commented
Apr 5, 2024
Comment on lines
+47
to
+53
| message UpdateAuthApplicationRequest { | ||
| string org_id = 1; | ||
| string application_id = 2; | ||
| string application_name = 3; | ||
| repeated string origin_uris = 4; | ||
| repeated string redirect_uris = 5; | ||
| string logout_uri = 6; |
There was a problem hiding this comment.
@ohEmily updated this sightly after testing. i realized you need to provide these params because omitting them "resets" the values. basically the application gets fully rewritten with whatever is in the update request. renamed these fields to exclude the new_ prefix for that reason
There was a problem hiding this comment.
Ah! You're saying the FusionAuth API will reset these. That's unexpected for me too. Thanks for explaining!
ohEmily
approved these changes
Apr 5, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ticket: APP-2985
Add update app endpoint and more params to create application request/response.