First Last Prev Next    This bug is not in your last search results.
Bug 54438 - Service Specific Password (Radius): Generate a Service Specific Password in the UDM REST API
Service Specific Password (Radius): Generate a Service Specific Password in t...
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM - REST API
UCS 4.4
Other Linux
: P5 normal (vote)
: UCS 5.0-1-errata
Assigned To: Julia Bremer
Florian Best
:
Depends on: 54555
Blocks: 54434
  Show dependency treegraph
 
Reported: 2022-02-09 17:57 CET by Julia Bremer
Modified: 2022-12-08 10:54 CET (History)
3 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Julia Bremer univentionstaff 2022-02-09 17:57:45 CET 
A service specific Password should be generated via UDM REST API.
Comment 1 Julia Bremer univentionstaff 2022-03-22 13:32:36 CET 
We've added the udm rest api call 
`service-specific-password`
which takes the argument of a service it will be used for (only radius for now),
generates a random password, returns it and sets in in UDM.

This is used for the selfservice.


d35a4edbb3 Bug #54438, Bug #54395, Bug #54556, Bug #54555, Bug #54409, Bug #54434: YAML
0760560ca3 Bug #54438: New UDM Rest call "service-specific-password"
bf4dcbc4b5 fixup! Bug #54438: New UDM Rest call "service-specific-password"


Some additional work from Florian:
1b4d7d5bad YAML Bug #54438
17bb87f4a4 Bug #54438: integrate features into CLI client
bf4dcbc4b5 fixup! Bug #54438: New UDM Rest call "service-specific-password"
c2b4812e67 Bug #54438: add features for client
7d1bc3ef67 Bug #54438: match the object type from URL
Comment 2 Florian Best univentionstaff 2022-03-23 09:33:28 CET 
OK: server implementation
OK: error handling
OK: client implementation
FAIL: po-Metadata and i18n-comments were removed from "management/univention-directory-manager-rest/src/univention/admin/rest/de.po"
→ I fixed it in: 33c0b81924, ... (using `univention-l10n` to update po metadata)
OK: API Change univention.admin.property() parameter order
~OK: "show_in_lists" evaluation for excluded properties could be moved upstream (now UDM REST API doesn't expose it, but UDM-UMC module does)
FYI: with a "complex" syntax and subtypes for "service" and "password" the UDM REST API could transform the property into a dict and received values back into a list structure. UDM originally can and does only handle lists and strings as property values.
OK: out of scope client improvements
OK: YAML

>>> user.generate_service_specific_password('radius')
'hi7Zozny5v2e7ZwC6MeUBj9P'
>>> user.generate_service_specific_password('radius2')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3/dist-packages/univention/admin/rest/client/__init__.py", line 603, in generate_service_specific_password                                                                                  
    response = self.client.make_request('POST', uri, data={"service": service})
  File "/usr/lib/python3/dist-packages/univention/admin/rest/client/__init__.py", line 187, in make_request                                                                                                        
    return doit()
  File "/usr/lib/python3/dist-packages/univention/admin/rest/client/__init__.py", line 183, in doit
    data = self.eval_response(response, expect_json=expect_json)
  File "/usr/lib/python3/dist-packages/univention/admin/rest/client/__init__.py", line 215, in eval_response                                                                                                       
    raise cls(response.status_code, msg, response)
univention.admin.rest.client.BadRequest: POST http://localhost/univention/udm/users/user/uid%3D…/service-specific-password: 400                                       
HTTP 400: Bad Request (Service does not support service specific passwords)
First Last Prev Next    This bug is not in your last search results.