yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

2021-W07.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2021-08-17 14:47:00 +02:00
parent b7d4b65f69
commit 5214036095
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 724 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

724
2021-W07.org Normal file
View file

@ -0,0 +1,724 @@
** 2021-W07
*** 2021-02-15 Monday
**** IN-PROGRESS Authentication, ID, Activation Optimisation :work:
:LOGBOOK:
CLOCK: [2021-02-15 Mon 11:20]--[2021-02-16 Tue 09:07] => 21:47
:END:
[2021-02-15 Mon 11:20]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*managed IdP vs non-managed IdP and org-ids][managed IdP vs non-managed IdP and org-ids]]
*** 2021-02-16 Tuesday
**** DONE create OAuth2 clients for Vitalii in PROD :work:
:LOGBOOK:
CLOCK: [2021-02-16 Tue 16:34]--[2021-02-16 Tue 16:35] => 0:01
:END:
[2021-02-16 Tue 16:34]
- ref :: [[file:~/dev/iroh/services/iroh-auth/test/iroh_auth/iroh_auth_web_service_test.clj:::expect-merge? true]]
**** DONE update SSE clients :work:
:LOGBOOK:
CLOCK: [2021-02-16 Tue 15:22]--[2021-02-16 Tue 16:34] => 1:12
:END:
[2021-02-16 Tue 15:22]
- ref :: [[orgit:~/dev/iroh/][~/dev/iroh/ (magit-status)]]
***** NAM
client-id: client-3e55e6a3-4561-4733-b380-ffbd94733ba1
#+begin_src js
{
"scopes": [
"integration",
"private-intel",
"admin",
"profile",
"inspect",
"iroh-master",
"iroh-auth",
"sse",
"users",
"casebook",
"orbital",
"enrich",
"oauth",
"global-intel",
"collect",
"response",
"ui-settings",
"openid",
"ao"
],
"description": "PROD NAM Environment for Security Services Exchange Admin Console",
"approved?": true,
"redirects": [
"https://admin.sse.itd.cisco.com/*/*",
"https://admin.sse.itd.cisco.com/*/*/*",
"https://admin.sse.itd.cisco.com/*",
"https://admin.sse.itd.cisco.com/*/*/*/*",
"https://devops.sse.itd.cisco.com/*/*",
"https://devops.sse.itd.cisco.com/*/*/*",
"https://devops.sse.itd.cisco.com/*",
"https://devops.sse.itd.cisco.com/*/*/*/*"
],
"availability": "everyone",
"access-token-lifetime-in-sec": 86400,
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG",
"idb-amp": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
],
"password": "$s0$f0801$yjznqcXJR2qIloN/JFc4LQ==$FPuIlE/C5Pk/vVG+VVJeTos5UtV5HPhDveM3T/m4wAg=",
"id-token-lifetime-in-sec": 86400,
"name": "sse-ui-prod-nam-client",
"org-id": "576c9ad4-7820-44ca-9d5e-6ca678eadcd1",
"enabled?": true,
"grants": [
"auth-code"
],
"client-type": "confidential",
"id": "client-3e55e6a3-4561-4733-b380-ffbd94733ba1",
"approval-status": "approved",
"owner-id": "d697511a-9164-49d0-8c7b-a5c1a11fb25d",
"created-at": "2020-02-03T13:48:54.758Z"
}
#+end_src
****** PATCH
#+begin_src js
{
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG",
"idb-amp": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG",
"idb-amp": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "old-idp-mapping-idp"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "old-idp-mapping-organization-id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
]
}
#+end_src
***** EU
become master:
user-id: 080c8271-e1c7-4fe6-b6e2-bc1fda123432
done.
#+begin_src js
{
"scopes": [
"integration",
"private-intel",
"admin",
"profile",
"inspect",
"iroh-master",
"iroh-auth",
"sse",
"users",
"casebook",
"orbital",
"enrich",
"oauth",
"global-intel",
"collect",
"response",
"ui-settings",
"openid",
"ao"
],
"description": "PROD EU Environment for Security Services Exchange Admin Console",
"approved?": true,
"redirects": [
"https://admin.eu.sse.itd.cisco.com/*/*",
"https://admin.eu.sse.itd.cisco.com/*/*/*",
"https://admin.eu.sse.itd.cisco.com/*",
"https://admin.eu.sse.itd.cisco.com/*/*/*/*",
"https://devops.eu.sse.itd.cisco.com/*/*",
"https://devops.eu.sse.itd.cisco.com/*/*/*",
"https://devops.eu.sse.itd.cisco.com/*",
"https://devops.eu.sse.itd.cisco.com/*/*/*/*"
],
"availability": "everyone",
"access-token-lifetime-in-sec": 86400,
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-EU",
"idb-amp": "AMP-EU"
},
"default-value": "AMP-EU",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
],
"password": "$s0$f0801$yjznqcXJR2qIloN/JFc4LQ==$FPuIlE/C5Pk/vVG+VVJeTos5UtV5HPhDveM3T/m4wAg=",
"id-token-lifetime-in-sec": 86400,
"name": "sse-ui-prod-eu-client",
"org-id": "576c9ad4-7820-44ca-9d5e-6ca678eadcd1",
"enabled?": true,
"grants": [
"auth-code"
],
"client-type": "confidential",
"id": "client-3e55e6a3-4561-4733-b380-ffbd94733ba1",
"approval-status": "approved",
"owner-id": "d697511a-9164-49d0-8c7b-a5c1a11fb25d",
"created-at": "2020-02-03T13:48:54.758Z"
}
#+end_src
PATCH
#+begin_src js
{
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-EU",
"idb-amp": "AMP-EU"
},
"default-value": "AMP-EU",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-EU",
"idb-amp": "AMP-EU"
},
"default-value": "AMP-EU",
"claim-to-alias": "old-idp-mapping-idp"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "old-idp-mapping-organization-id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
]}
#+end_src
***** APJC
Become master: user-id: b19d5dea-5aa4-4265-b42d-9acc1e913f01
done.
****** Client client-3e55e6a3-4561-4733-b380-ffbd94733ba1
#+begin_src js
{
"scopes": [
"integration",
"private-intel",
"admin",
"profile",
"inspect",
"iroh-master",
"iroh-auth",
"sse",
"users",
"casebook",
"orbital",
"enrich",
"oauth",
"global-intel",
"collect",
"response",
"ui-settings",
"openid",
"ao"
],
"description": "PROD APJC Environment for Security Services Exchange Admin Console",
"approved?": true,
"redirects": [
"https://admin.apj.sse.itd.cisco.com/*/*",
"https://admin.apj.sse.itd.cisco.com/*/*/*",
"https://admin.apj.sse.itd.cisco.com/*",
"https://admin.apj.sse.itd.cisco.com/*/*/*/*",
"https://devops.apj.sse.itd.cisco.com/*/*",
"https://devops.apj.sse.itd.cisco.com/*/*/*",
"https://devops.apj.sse.itd.cisco.com/*",
"https://devops.apj.sse.itd.cisco.com/*/*/*/*",
"https://devops.apj.sse.itd.cisco.com"
],
"availability": "everyone",
"access-token-lifetime-in-sec": 86400,
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-APJ",
"idb-amp": "AMP-APJ"
},
"default-value": "AMP",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
],
"password": "$s0$f0801$yjznqcXJR2qIloN/JFc4LQ==$FPuIlE/C5Pk/vVG+VVJeTos5UtV5HPhDveM3T/m4wAg=",
"id-token-lifetime-in-sec": 86400,
"name": "sse-ui-prod-apjc-client",
"org-id": "576c9ad4-7820-44ca-9d5e-6ca678eadcd1",
"enabled?": true,
"grants": [
"auth-code"
],
"client-type": "confidential",
"id": "client-3e55e6a3-4561-4733-b380-ffbd94733ba1",
"approval-status": "approved",
"owner-id": "d697511a-9164-49d0-8c7b-a5c1a11fb25d",
"created-at": "2020-02-03T13:48:54.758Z"
}
#+end_src
PATCH
#+begin_src js
{
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-APJ",
"idb-amp": "AMP-APJ"
},
"default-value": "AMP-APJ",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg": "TG-APJ",
"idb-amp": "AMP-APJ"
},
"default-value": "AMP-APJ",
"claim-to-alias": "old-idp-mapping-idp"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyId",
"replace-value": [
[
"^threatgrid[:]",
""
]
],
"claim-to-alias": "old-idp-mapping-organization-id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin",
"iroh-admin": "admin"
},
"default-value": "user",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
]
}
#+end_src
****** Client client-92258bc0-196a-4f6c-a0b5-fe105de5f505
#+begin_src js
{
"scopes": [
"integration",
"private-intel",
"admin",
"profile",
"inspect",
"iroh-master",
"iroh-auth",
"sse",
"users",
"casebook",
"orbital",
"enrich",
"oauth",
"global-intel",
"collect",
"response",
"ui-settings",
"openid",
"ao"
],
"description": "PROD APJC Environment for Security Services Exchange Admin Console",
"approved?": true,
"redirects": [
"http://localhost:*/*",
"https://localhost:*/*/*/*",
"https://localhost:*/*/*",
"https://admin.apj.sse.itd.cisco.com/*/*",
"https://admin.apj.sse.itd.cisco.com/*/*/*",
"https://admin.apj.sse.itd.cisco.com/*",
"https://admin.apj.sse.itd.cisco.com/*/*/*/*",
"https://localhost:*",
"http://localhost:*/*/*/*",
"https://localhost:*/*",
"http://localhost:*/*/*",
"http://localhost:*"
],
"availability": "everyone",
"access-token-lifetime-in-sec": 86400,
"id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg-staging": "TG",
"idb-amp-staging": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "companyId",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin"
},
"default-value": "admin",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
],
"password": "$s0$f0801$1oB9uodlfkUpACx2HNnVcQ==$eLNMiORI5R4jCWZp40fGyQvU59bqigGtwoYr8f7cVzU=",
"id-token-lifetime-in-sec": 86400,
"name": "sse-ui-dev-client",
"org-id": "63489cf9-561c-4958-a13d-6d84b7ef09d4",
"enabled?": true,
"grants": [
"auth-code"
],
"client-type": "confidential",
"id": "client-92258bc0-196a-4f6c-a0b5-fe105de5f505",
"approval-status": "approved",
"owner-id": "6ee52ee9-2e3a-4e1b-977d-961facb5fd84",
"created-at": "2020-02-03T13:48:54.758Z"
}
#+end_src
PATCH
#+begin_src js
{ "id-token-aliases": [
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg-staging": "TG",
"idb-amp-staging": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/idp/id"
},
{
"alias": "spId",
"case-value": {
"sxso": "SXSO",
"idb-tg-staging": "TG",
"idb-amp-staging": "AMP"
},
"default-value": "AMP",
"claim-to-alias": "old-idp-mapping-idp"
},
{
"alias": "companyId",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/id"
},
{
"alias": "companyId",
"claim-to-alias": "old-idp-mapping-organization-id"
},
{
"alias": "companyName",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/org/name"
},
{
"alias": "user_name",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/name"
},
{
"alias": "user_email",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/email"
},
{
"alias": "role",
"case-value": {
"admin": "admin",
"master": "admin"
},
"default-value": "admin",
"claim-to-alias": "https://schemas.cisco.com/iroh/identity/claims/user/role"
}
]}
#+end_src
**** DONE CSA Migration: merge user by email :work:
:LOGBOOK:
CLOCK: [2021-02-16 Tue 09:07]--[2021-02-16 Tue 15:22] => 6:15
:END:
[2021-02-16 Tue 09:07]
*** 2021-02-17 Wednesday
**** IN-PROGRESS clients SSE :work:
:LOGBOOK:
CLOCK: [2021-02-17 Wed 17:25]--[2021-02-18 Thu 09:18] => 15:53
:END:
[2021-02-17 Wed 17:25]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*TEST][TEST]]
**** MEETING weekly meeting :work:meeting:
:LOGBOOK:
CLOCK: [2021-02-17 Wed 16:02]--[2021-02-17 Wed 17:25] => 1:23
:END:
[2021-02-17 Wed 16:02]
- ref ::
**** IN-PROGRESS Update SSE client 2nd pass :work:
:LOGBOOK:
CLOCK: [2021-02-17 Wed 14:52]--[2021-02-17 Wed 16:02] => 1:10
:END:
[2021-02-17 Wed 14:52]
*** 2021-02-18 Thursday
**** IN-PROGRESS debug claim aliases :work:
:LOGBOOK:
CLOCK: [2021-02-18 Thu 09:18]--[2021-02-18 Thu 10:38] => 1:20
:END:
[2021-02-18 Thu 09:18]
- ref :: [[file:~/dev/iroh/services/iroh-auth/src/iroh_auth/oauth2_service/schemas.clj::{:claim-to-alias s/Str]]
*** 2021-02-19 Friday
**** IN-PROGRESS Device Grant analysis :work:
[2021-02-19 Fri 15:41]