From 3730a70e8e1a842564bb2fa45a9029ddc1c4782e Mon Sep 17 00:00:00 2001
From: shekhar16 <shekharlaad1609@gmail.com>
Date: Sun, 5 Feb 2023 01:24:21 +0530
Subject: [PATCH 1/2] feat: added search box to filter scopes

---
 .../oxtrust/action/UpdateClientAction.java    | 26 +++++++++++++++----
 server/src/main/webapp/client/addClient.xhtml |  5 ++--
 .../src/main/webapp/client/updateClient.xhtml |  7 ++---
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java b/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
index 6c4fb47e5..46741dbc1 100644
--- a/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
+++ b/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
@@ -201,6 +201,7 @@ public class UpdateClientAction implements Serializable {
     private String spontaneousScopeCustomScript;
     private String introspectionCustomScript;
     private String rptClaimsScript;
+    private String scopePattern;
     
     
     Pattern domainPattern = Pattern.compile("^((?!-)[A-Za-z0-9-]{1,63}(?<!-)\\\\.)+[A-Za-z]{2,6}");
@@ -263,6 +264,7 @@ public String add() throws Exception {
             this.spontaneousScopesScripts = Lists.newArrayList();
             this.backchannelLogoutUri = getStringFromList(client.getAttributes().getBackchannelLogoutUri());
             this.tlsSubjectDn = client.getAttributes().getTlsClientAuthSubjectDn();
+            this.scopePattern = "";
             searchAvailableCustomScriptsforAcr();
         } catch (BasePersistenceException ex) {
             log.error("Failed to prepare lists", ex);
@@ -334,6 +336,7 @@ public String update() throws Exception {
             this.claimRedirectURIList = getNonEmptyStringList(client.getClaimRedirectURI());
             this.additionalAudienceList = getNonEmptyStringList(client.getAttributes().getAdditionalAudience());
             this.tlsSubjectDn = client.getAttributes().getTlsClientAuthSubjectDn();
+            this.scopePattern = "";
             
             this.postAuthnScripts = searchAvailablePostAuthnCustomScripts().stream()
                     .filter(entity -> client.getAttributes().getPostAuthnScripts().contains(entity.getEntity().getDn()))
@@ -1489,14 +1492,18 @@ public List<CustomScript> getScripts(CustomScriptType type) {
     }
 
     public void searchAvailableScopes() {
-        if (this.availableScopes != null) {
-            selectAddedScopes();
-            return;
-        }
+        //if (this.availableScopes != null) {
+        //    selectAddedScopes();
+        //    return;
+        //}
         List<SelectableEntity<Scope>> tmpAvailableScopes = new ArrayList<SelectableEntity<Scope>>();
         List<Scope> scopes = new ArrayList<Scope>();
         try {
-            scopes = scopeService.getAllScopesList(1000);
+        	if(scopePattern !=  null && !scopePattern.isEmpty()) {
+        		scopes = scopeService.searchScopes(scopePattern, 0);
+        	}else {
+        		scopes = scopeService.getAllScopesList(1000);
+        	}
         } catch (Exception e) {
             e.printStackTrace();
         }
@@ -2164,6 +2171,7 @@ public void setResources(List<UmaResource> resources) {
 		this.resources = resources;
 	}
 
+
 	public List<String> getClientBackChannellogoutUris() {
 		return clientBackChannellogoutUris;
 	}
@@ -2179,4 +2187,12 @@ public String getAvailableClientBacklogoutUri() {
 	public void setAvailableClientBacklogoutUri(String availableClientBacklogoutUri) {
 		this.availableClientBacklogoutUri = availableClientBacklogoutUri;
 	}
+
+	public String getScopePattern() {
+		return scopePattern;
+	}
+
+	public void setScopePattern(String scopePattern) {
+		this.scopePattern = scopePattern;
+	}
 }
diff --git a/server/src/main/webapp/client/addClient.xhtml b/server/src/main/webapp/client/addClient.xhtml
index 43b320eea..12a203fe7 100644
--- a/server/src/main/webapp/client/addClient.xhtml
+++ b/server/src/main/webapp/client/addClient.xhtml
@@ -78,11 +78,12 @@
 				<ox:selectSelectableEntityDialog
 					acceptMethod="#{updateClientAction.acceptSelectScopes()}"
 					cancelMethod="#{updateClientAction.cancelSelectScopes()}"
-					displayNameProperty="entity.description" displaySearchForm="false"
+					displayNameProperty="entity.description" displaySearchForm="true"
 					id="scope" label="#{msgs['client.scopes']}"
 					nameProperty="entity.id" render="selectedScopesId"
 					searchMethod="#{updateClientAction.searchAvailableScopes}"
-					searchResult="#{updateClientAction.availableScopes}" />
+					searchResult="#{updateClientAction.availableScopes}" 
+					searchPattern="#{updateClientAction.scopePattern}" />
 
 				<ox:selectSelectableEntityDialog
 					acceptMethod="#{updateClientAction.acceptSelectResponseTypes}"
diff --git a/server/src/main/webapp/client/updateClient.xhtml b/server/src/main/webapp/client/updateClient.xhtml
index 9be846987..4c888ecbc 100644
--- a/server/src/main/webapp/client/updateClient.xhtml
+++ b/server/src/main/webapp/client/updateClient.xhtml
@@ -105,12 +105,13 @@
 			<ox:selectSelectableEntityDialog
 				acceptMethod="#{updateClientAction.acceptSelectScopes()}"
 				cancelMethod="#{updateClientAction.cancelSelectScopes()}"
-				displayNameProperty="entity.description" displaySearchForm="false"
+				displayNameProperty="entity.description" displaySearchForm="true"
 				id="scope" label="#{msgs['client.scopes']}" nameProperty="entity.id"
 				render="selectedScopesId"
 				searchMethod="#{updateClientAction.searchAvailableScopes}"
-				searchResult="#{updateClientAction.availableScopes}" />
-
+				searchResult="#{updateClientAction.availableScopes}" 
+				searchPattern="#{updateClientAction.scopePattern}" />
+				
 			<ox:selectSelectableEntityDialog
 				acceptMethod="#{updateClientAction.acceptSelectResponseTypes}"
 				cancelMethod="#{updateClientAction.cancelSelectResponseTypes}"

From 8d5510ccb086a0a17c385013bcb9eebfa019234c Mon Sep 17 00:00:00 2001
From: shekhar16 <shekharlaad1609@gmail.com>
Date: Sun, 25 Jun 2023 23:11:59 +0530
Subject: [PATCH 2/2] fix(oxtrust-server): postLogoutRedirectUris as
 multivalued

---
 .../oxtrust/action/UpdateClientAction.java    | 54 +++++++++++++++++++
 .../org/gluu/oxtrust/model/OxAuthClient.java  |  6 +--
 .../WEB-INF/incl/client/clientForm.xhtml      | 41 +++++++++++---
 server/src/main/webapp/client/addClient.xhtml | 10 ++++
 .../src/main/webapp/client/updateClient.xhtml | 10 ++++
 5 files changed, 112 insertions(+), 9 deletions(-)

diff --git a/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java b/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
index 46741dbc1..524304749 100644
--- a/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
+++ b/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java
@@ -162,6 +162,7 @@ public class UpdateClientAction implements Serializable {
     private List<String> loginUris = Lists.newArrayList();
     private List<String> logoutUris;
     private List<String> clientlogoutUris;
+    private List<String> redirectLogoutUrl;
     private List<String> clientBackChannellogoutUris;
     private List<String> claimRedirectURIList;
     private List<String> additionalAudienceList;
@@ -188,6 +189,7 @@ public class UpdateClientAction implements Serializable {
     private String availableLoginUri = HTTPS;
     private String availableLogoutUri = HTTPS;
     private String availableClientlogoutUri = HTTPS;
+    private String availableRedirectLogoutUrl = HTTPS;
     private String availableClientBacklogoutUri = HTTPS;
     private String availableContact = "";
     private String availableRequestUri = HTTPS;
@@ -264,6 +266,7 @@ public String add() throws Exception {
             this.spontaneousScopesScripts = Lists.newArrayList();
             this.backchannelLogoutUri = getStringFromList(client.getAttributes().getBackchannelLogoutUri());
             this.tlsSubjectDn = client.getAttributes().getTlsClientAuthSubjectDn();
+            this.redirectLogoutUrl = getNonEmptyStringList(client.getOxAuthPostLogoutRedirectURIs());
             this.scopePattern = "";
             searchAvailableCustomScriptsforAcr();
         } catch (BasePersistenceException ex) {
@@ -325,6 +328,7 @@ public String update() throws Exception {
             this.loginUris = getNonEmptyStringList(client.getOxAuthRedirectURIs());
 
             this.clientlogoutUris = getNonEmptyStringList(client.getLogoutUri());
+            this.redirectLogoutUrl= getNonEmptyStringList(client.getOxAuthPostLogoutRedirectURIs());
             this.clientBackChannellogoutUris = getNonEmptyStringList(client.getAttributes().getBackchannelLogoutUri());
             this.scopes = getInitialEntries();
             this.claims = getInitialClaimDisplayNameEntries();
@@ -420,6 +424,7 @@ public String save() throws Exception {
         }
         updateLoginURIs();
         updateLogoutURIs();
+        updateRedirectLogoutUrls();
         updateBackChannelLogoutURIs();
         updateScopes();
         updateClaims();
@@ -537,6 +542,10 @@ public void removeLogoutURI(String uri) {
     public void removeClientLogoutURI(String uri) {
         removeFromList(this.clientlogoutUris, uri);
     }
+    
+    public void removeRedirectLogoutUrl(String uri) {
+        removeFromList(this.redirectLogoutUrl, uri);
+    }
 
     public void removeClientBackLogoutURI(String uri) {
         removeFromList(this.clientBackChannellogoutUris, uri);
@@ -807,6 +816,19 @@ && checkBlackListRedirectUris(availableLogoutUri)) {
         this.availableLogoutUri = HTTPS;
     }
 
+    public void acceptSelectRedirectLogoutUrl() {
+        if (StringHelper.isEmpty(this.availableRedirectLogoutUrl)) {
+            return;
+        }
+        if (this.availableRedirectLogoutUrl.equalsIgnoreCase(HTTPS)) {
+            return;
+        }
+        if (!this.redirectLogoutUrl.contains(this.availableRedirectLogoutUrl)) {
+            this.redirectLogoutUrl.add(this.availableRedirectLogoutUrl);
+        }
+        this.availableRedirectLogoutUrl = HTTPS;
+    }
+    
     public void acceptSelectClientLogoutUri() {
         if (StringHelper.isEmpty(this.availableClientlogoutUri)) {
             return;
@@ -927,6 +949,10 @@ public void cancelClientLogoutUri() {
         this.availableClientlogoutUri = HTTPS;
     }
     
+    public void cancelRedirectLogoutUrl() {
+        this.availableRedirectLogoutUrl = HTTPS;
+    }
+    
     public void cancelClientBackLogoutUri() {
         this.availableClientBacklogoutUri = HTTPS;
     }
@@ -976,6 +1002,18 @@ private void updateLogoutURIs() {
         this.client.setLogoutUri(tmpUris);
     }
     
+    private void updateRedirectLogoutUrls() {
+        if (this.redirectLogoutUrl == null || this.redirectLogoutUrl.size() == 0) {
+            this.client.setOxAuthPostLogoutRedirectURIs(null);
+            return;
+        }
+        List<String> tmpUris = new ArrayList<String>();
+        for (String uri : this.redirectLogoutUrl) {
+            tmpUris.add(StringHelper.trimAll(uri));
+        }
+        this.client.setOxAuthPostLogoutRedirectURIs(tmpUris);
+    }
+    
     private void updateBackChannelLogoutURIs() {
         if (this.clientBackChannellogoutUris == null || this.clientBackChannellogoutUris.size() == 0) {
         	client.getAttributes().setBackchannelLogoutUri(new ArrayList<String>());
@@ -2195,4 +2233,20 @@ public String getScopePattern() {
 	public void setScopePattern(String scopePattern) {
 		this.scopePattern = scopePattern;
 	}
+	
+	public List<String> getRedirectLogoutUrl() {
+		return redirectLogoutUrl;
+	}
+
+	public void setRedirectLogoutUrl(List<String> redirectLogoutUrl) {
+		this.redirectLogoutUrl = redirectLogoutUrl;
+	}
+
+	public String getAvailableRedirectLogoutUrl() {
+		return availableRedirectLogoutUrl;
+	}
+
+	public void setAvailableRedirectLogoutUrl(String availableRedirectLogoutUrl) {
+		this.availableRedirectLogoutUrl = availableRedirectLogoutUrl;
+	}
 }
diff --git a/server/src/main/java/org/gluu/oxtrust/model/OxAuthClient.java b/server/src/main/java/org/gluu/oxtrust/model/OxAuthClient.java
index d0dee9055..f7062de39 100644
--- a/server/src/main/java/org/gluu/oxtrust/model/OxAuthClient.java
+++ b/server/src/main/java/org/gluu/oxtrust/model/OxAuthClient.java
@@ -62,7 +62,7 @@ public class OxAuthClient extends Entry implements Serializable {
 	private List<String> oxAuthRedirectURIs;
 
 	@AttributeName(name = "oxAuthPostLogoutRedirectURI")
-	private String oxAuthPostLogoutRedirectURIs;
+	private List<String> oxAuthPostLogoutRedirectURIs;
 
 	@AttributeName(name = "oxAuthScope")
 	private List<String> oxAuthScopes;
@@ -301,11 +301,11 @@ public void setOxAuthRedirectURIs(List<String> oxAuthRedirectURIs) {
 		this.oxAuthRedirectURIs = oxAuthRedirectURIs;
 	}
 
-	public String getOxAuthPostLogoutRedirectURIs() {
+	public List<String> getOxAuthPostLogoutRedirectURIs() {
 		return oxAuthPostLogoutRedirectURIs;
 	}
 
-	public void setOxAuthPostLogoutRedirectURIs(String oxAuthPostLogoutRedirectURIs) {
+	public void setOxAuthPostLogoutRedirectURIs(List<String> oxAuthPostLogoutRedirectURIs) {
 		this.oxAuthPostLogoutRedirectURIs = oxAuthPostLogoutRedirectURIs;
 	}
 
diff --git a/server/src/main/webapp/WEB-INF/incl/client/clientForm.xhtml b/server/src/main/webapp/WEB-INF/incl/client/clientForm.xhtml
index 3bedca316..3000b7e6e 100644
--- a/server/src/main/webapp/WEB-INF/incl/client/clientForm.xhtml
+++ b/server/src/main/webapp/WEB-INF/incl/client/clientForm.xhtml
@@ -692,12 +692,41 @@
 											</h:panelGroup>
 										</h:panelGroup>
 									</b:panel>
-									<ox:decorate id="redirectLogoutUrls" label="#{msgs['clientForm.redirectLogoutURIs']}"
-												leftClass="col-sm-6" rightClass="col-sm-6">
-												<h:inputText id="redirectLogoutUrlsId"
-													value="#{_client.oxAuthPostLogoutRedirectURIs}" style="width:100%"
-													styleClass="form-control redirectLogoutUrlsId" />
-									</ox:decorate>
+																		
+									<b:panel title="#{msgs['clientForm.redirectLogoutURIs']}"
+										id="redirectLogoutUrl" look="primary">
+										<h:panelGroup id="selectedRedirectLogoutUrlId">
+											<h:panelGroup columns="1" width="100%" border="0"
+												cellpadding="0" cellspacing="0">
+												<a4j:repeat value="#{_clientAction.redirectLogoutUrl}"
+													rowKeyVar="_urisIdx" var="_uri" iterationStatusVar="loop">
+													<div class="row-fluid">
+														<div class="#{(loop.index % 2 == 0) ?'odd':'even'}"
+															style="overflow-x: scroll;">
+															<h:outputText value="#{empty _uri ? _uri : _uri}" />
+															<h:outputText value="&#160;" />
+															<div class="span6 pull-right">
+																<a4j:commandLink
+																	styleClass="glyphicon glyphicon-remove"
+																	action="#{_clientAction.removeRedirectLogoutUrl(_uri)}"
+																	execute="@this" render="selectedRedirectLogoutUrlId"
+																	eventsQueue="clientQueue">
+																	<!-- <h:graphicImage value="/img/remove.gif" /> -->
+																</a4j:commandLink>
+															</div>
+														</div>
+													</div>
+													<br />
+												</a4j:repeat>
+												<p:spacer height="16" />
+												<a4j:commandButton
+													styleClass="btn btn-primary addLogoutUriButton"
+													style="margin-top:5px" value="Add Post Logout Redirect URI"
+													oncomplete="#{rich:component('redirectLogoutUrlsId:inputText')}.show();"
+													execute="@this" eventsQueue="clientQueue" />
+											</h:panelGroup>
+										</h:panelGroup>
+									</b:panel>									
 									
 										<b:panel title="Back Channel Logout URI"
 											id="backchannelLogoutUri" look="primary">
diff --git a/server/src/main/webapp/client/addClient.xhtml b/server/src/main/webapp/client/addClient.xhtml
index 12a203fe7..758e9c381 100644
--- a/server/src/main/webapp/client/addClient.xhtml
+++ b/server/src/main/webapp/client/addClient.xhtml
@@ -152,6 +152,16 @@
 					queue="clientQueue" render="selectedClientUrisId"
 					text="#{updateClientAction.availableClientlogoutUri}"
 					textId="clientLogoutTextId" />
+					
+				<ox:inputTextDialog
+					acceptMethod="#{updateClientAction.acceptSelectRedirectLogoutUrl()}"
+					cancelMethod="#{updateClientAction.cancelRedirectLogoutUrl()}"
+					dialogWidth="600" id="redirectLogoutUrlsId"
+					inputLabel="Add #{msgs['clientForm.redirectLogoutURIs']}" inputWidth="80"
+					label="#{msgs['clientForm.redirectLogoutURIs']}" maxLength="256"
+					queue="clientQueue" render="selectedRedirectLogoutUrlId"
+					text="#{updateClientAction.availableRedirectLogoutUrl}"
+					textId="redirectLogoutURIstextId" />
 				
 				<ox:inputTextDialog
 					acceptMethod="#{updateClientAction.acceptSelectClientBackLogoutUri()}"
diff --git a/server/src/main/webapp/client/updateClient.xhtml b/server/src/main/webapp/client/updateClient.xhtml
index 4c888ecbc..a1ba16743 100644
--- a/server/src/main/webapp/client/updateClient.xhtml
+++ b/server/src/main/webapp/client/updateClient.xhtml
@@ -177,6 +177,16 @@
 				render="selectedClientUrisId"
 				text="#{updateClientAction.availableClientlogoutUri}"
 				textId="clientLogoutTextId" />
+				
+			<ox:inputTextDialog
+					acceptMethod="#{updateClientAction.acceptSelectRedirectLogoutUrl()}"
+					cancelMethod="#{updateClientAction.cancelRedirectLogoutUrl()}"
+					dialogWidth="600" id="redirectLogoutUrlsId"
+					inputLabel="Add #{msgs['clientForm.redirectLogoutURIs']}" inputWidth="80"
+					label="#{msgs['clientForm.redirectLogoutURIs']}" maxLength="256"
+					queue="clientQueue" render="selectedRedirectLogoutUrlId"
+					text="#{updateClientAction.availableRedirectLogoutUrl}"
+					textId="redirectLogoutURIstextId" />
 			
 			<ox:inputTextDialog
 					acceptMethod="#{updateClientAction.acceptSelectClientBackLogoutUri()}"