<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:22:06 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-2631] Update folio-ansible to work with breaking changes in mod-login</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-2631</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Overview&quot;&gt;&lt;/a&gt;Overview&lt;/h2&gt;
&lt;p&gt;For security reasons the following endpoints were removed from mod-login (login v7.0):&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;GET /authn/credentials&lt;/li&gt;
	&lt;li&gt;GET /authn/credentials/&amp;lt;id&amp;gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;folio-ansible uses GET /authn/credentials to check whether credentials already exists. It only creates it if it doesn&apos;t. One can run the folio-ansible script multiple times (idempotent). It only uses &quot;totalRecords&quot; and does not check the password hash:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Create admin user:&lt;br/&gt;
&lt;a href=&quot;https://github.com/folio-org/folio-ansible/blob/b1817775e1950969924f5184a98368da3f91db8e/roles/create-tenant-admin/tasks/main.yml#L82&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-ansible/blob/b1817775e1950969924f5184a98368da3f91db8e/roles/create-tenant-admin/tasks/main.yml#L82&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://github.com/folio-org/folio-ansible/blob/b1817775e1950969924f5184a98368da3f91db8e/roles/create-tenant-admin/tasks/main.yml#L103&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-ansible/blob/b1817775e1950969924f5184a98368da3f91db8e/roles/create-tenant-admin/tasks/main.yml#L103&lt;/a&gt;&lt;/li&gt;
	&lt;li&gt;Create edge module institutional user:&lt;br/&gt;
&lt;a href=&quot;https://github.com/folio-org/folio-ansible/blob/e3e492c302694abeb1108de1f1c022483d55d352/roles/edge-module/tasks/main.yml#L65&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-ansible/blob/e3e492c302694abeb1108de1f1c022483d55d352/roles/edge-module/tasks/main.yml#L65&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://github.com/folio-org/folio-ansible/blob/e3e492c302694abeb1108de1f1c022483d55d352/roles/edge-module/tasks/main.yml#L88&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-ansible/blob/e3e492c302694abeb1108de1f1c022483d55d352/roles/edge-module/tasks/main.yml#L88&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;folio-ansible can use the `/authn/credentials-existence` endpoint instead.&lt;/p&gt;

&lt;p&gt;See 
    &lt;span class=&quot;jira-issue-macro resolved&quot; data-jira-key=&quot;MODLOGIN-128&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/MODLOGIN-128&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;It is possible to fetch password hashes for all users&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10303?size=medium&quot; /&gt;
            MODLOGIN-128
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-success jira-macro-single-issue-export-pdf&quot;&gt;Closed&lt;/span&gt;
            &lt;/span&gt;
 for details.&lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;AcceptanceCriteria&quot;&gt;&lt;/a&gt;Acceptance Criteria&lt;/h2&gt;
&lt;ul&gt;
	&lt;li&gt;folio-ansible is updated to use /authn/credentials-existence instead of the endpoints being removed&lt;/li&gt;
&lt;/ul&gt;

</description>
                <environment></environment>
        <key id="81694">FOLIO-2631</key>
            <summary>Update folio-ansible to work with breaking changes in mod-login</summary>
                <type id="10005" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10309?size=medium">Story</type>
                                            <priority id="10000" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p1.svg">P1</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5cf6c546b87c300f36eb7b9a">Craig McNally</assignee>
                                                                <reporter accountid="5cf6c546b87c300f36eb7b9a">Craig McNally</reporter>
                                    <labels>
                    </labels>
                <created>Wed, 3 Jun 2020 03:16:26 +0000</created>
                <updated>Thu, 11 Jun 2020 14:39:00 +0000</updated>
                            <resolved>Thu, 11 Jun 2020 14:39:00 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                <comments>
                                                            <comment id="198903" author="5cf6c546b87c300f36eb7b9a" created="Tue, 9 Jun 2020 20:05:55 +0000"  >&lt;p&gt;JFYI the core platform team is looking to release mod-login with these breaking changes very soon.  These scripts will be broken when using head of master or Goldenrod once that happens.  If devops requires guidance/assistance please let me know.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5f9abc1eb45b2e007453f423&quot; class=&quot;user-hover&quot; rel=&quot;5f9abc1eb45b2e007453f423&quot; data-account-id=&quot;5f9abc1eb45b2e007453f423&quot; accountid=&quot;5f9abc1eb45b2e007453f423&quot; rel=&quot;noreferrer&quot;&gt;John Malconian&lt;/a&gt; &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5cd423bebc70090d6ce241b1&quot; class=&quot;user-hover&quot; rel=&quot;5cd423bebc70090d6ce241b1&quot; data-account-id=&quot;5cd423bebc70090d6ce241b1&quot; accountid=&quot;5cd423bebc70090d6ce241b1&quot; rel=&quot;noreferrer&quot;&gt;Ian Hardy&lt;/a&gt; &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; class=&quot;user-hover&quot; rel=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; data-account-id=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; accountid=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; rel=&quot;noreferrer&quot;&gt;Jakub Skoczen&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="198910" author="5cd423bebc70090d6ce241b1" created="Tue, 9 Jun 2020 20:23:42 +0000"  >&lt;p&gt;-off the top of my head I know the create-tenant-admin role and the okapi-secure role both check for the existence of admin credentials using a GET to /authn/credentials: &lt;a href=&quot;https://github.com/folio-org/folio-ansible/blob/master/roles/create-tenant-admin/tasks/main.yml#L79-&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-ansible/blob/master/roles/create-tenant-admin/tasks/main.yml#L79-&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;del&gt;This is to make the role idempotent (don&apos;t create credentials if they already exist). I guess we could delete the credentials record and re-create it every time.&lt;/del&gt;&lt;/p&gt;

&lt;p&gt;ignore me.&lt;/p&gt;</comment>
                                                            <comment id="198915" author="5cf6c546b87c300f36eb7b9a" created="Thu, 11 Jun 2020 14:38:53 +0000"  >&lt;p&gt;verified via folio-testing-backend build:&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend/491/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend/491/&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10000">
                    <name>Blocks</name>
                                            <outwardlinks description="blocks">
                                        <issuelink>
            <issuekey id="35207">MODLOGIN-128</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10155"><![CDATA[FOLIO DevOps]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i018h3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 9 Jun 2020 20:23:42 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>