From 7bfb852ec1849d61fe67ce5cc5c1919dda9d8bff Mon Sep 17 00:00:00 2001
From: Markus Strehle <11627201+strehle@users.noreply.github.com>
Date: Sat, 1 Mar 2025 11:00:30 +0100
Subject: [PATCH] Maintain federated credentials in UAA (#147)

---
 cf-uaac.gemspec           |  2 +-
 lib/uaa/cli/client_reg.rb | 15 +++++++++------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/cf-uaac.gemspec b/cf-uaac.gemspec
index 9adace4..39ffd0e 100644
--- a/cf-uaac.gemspec
+++ b/cf-uaac.gemspec
@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
 
   # dependencies
-  s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.8'
+  s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.9'
   s.add_development_dependency 'rake', '~> 13.0'
   s.add_development_dependency 'rspec', '~> 3.12'
   s.add_development_dependency 'simplecov', '~> 0.22.0'
diff --git a/lib/uaa/cli/client_reg.rb b/lib/uaa/cli/client_reg.rb
index 30b9937..9b3d730 100644
--- a/lib/uaa/cli/client_reg.rb
+++ b/lib/uaa/cli/client_reg.rb
@@ -134,25 +134,28 @@ def client_info(defaults)
 
   define_option :jwks_uri, '--jwks_uri <token_keys endpoint>', 'JWKS token key endpoint'
   define_option :jwks, '--jwks <json token key set>', 'JWKS token key'
-  desc 'client jwt add [id]', 'Add client jwt trust', :jwks_uri, :jwks do |id|
+  define_option :iss, '--issuer <Issuer>', 'Issuer to trust'
+  define_option :sub, '--subject <Subject>', 'Subject to trust'
+  define_option :aud, '--audience <Audience>', 'Audience to trust'
+  desc 'client jwt add [id]', 'Add client jwt trust', :jwks_uri, :jwks, :iss, :sub, :aud do |id|
     pp scim_request { |cr|
       ###change_clientjwt(client_id, jwks_uri = nil, jwks = nil, kid = nil, changeMode = nil)
-      cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'ADD')
+      cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'ADD', opts[:iss], opts[:sub], opts[:aud])
       'client jwt successfully added'
     }
   end
 
-  desc 'client jwt update [id]', 'Update client jwt trust', :jwks_uri, :jwks do |id|
+  desc 'client jwt update [id]', 'Update client jwt trust', :jwks_uri, :jwks, :iss, :sub, :aud do |id|
     pp scim_request { |cr|
-      cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'UPDATE')
+      cr.change_clientjwt(clientid(id), opts[:jwks_uri], opts[:jwks], nil, 'UPDATE', opts[:iss], opts[:sub], opts[:aud])
       'client jwt successfully set'
     }
   end
 
   define_option :kid, '--kid <key id in json token keys>', 'JWKS token key'
-  desc 'client jwt delete [id]', 'Delete client jwt trust', :kid do |id|
+  desc 'client jwt delete [id]', 'Delete client jwt trust', :kid, :jwks, :iss, :sub, :aud do |id|
     pp scim_request { |cr|
-      cr.change_clientjwt(clientid(id), '*', nil, opts[:kid], 'DELETE')
+      cr.change_clientjwt(clientid(id), '*', nil, opts[:kid], 'DELETE', opts[:iss], opts[:sub], opts[:aud])
       'client jwt successfully deleted'
     }
   end