From 6cb802b5ab67f074a31bc5cb12b9dc20e3e79ab8 Mon Sep 17 00:00:00 2001
From: Jose Gonzalez <bonustrack310@gmail.com>
Date: Mon, 3 Feb 2025 07:26:47 -0500
Subject: [PATCH] fix: align consent script wrt latest AS updates (#10780)

* fix: align script wrt latest AS consent updates #10766

Signed-off-by: jgomer2001 <bonustrack310@gmail.com>

* docs: update Agama consent docs #10766

Signed-off-by: jgomer2001 <bonustrack310@gmail.com>

* docs: change keyword #10766

Signed-off-by: jgomer2001 <bonustrack310@gmail.com>

---------

Signed-off-by: jgomer2001 <bonustrack310@gmail.com>
Co-authored-by: YuriyZ <yzabrovarniy@gmail.com>
---
 .../AgamaConsentGathering.py                  | 23 ++++----------
 .../consent_gathering/consent-gathering.md    | 31 ++++++++++++++++++-
 2 files changed, 36 insertions(+), 18 deletions(-)

diff --git a/docs/script-catalog/consent_gathering/AgamaConsentGathering.py b/docs/script-catalog/consent_gathering/AgamaConsentGathering.py
index 7709dbc06c8..53948677ec4 100644
--- a/docs/script-catalog/consent_gathering/AgamaConsentGathering.py
+++ b/docs/script-catalog/consent_gathering/AgamaConsentGathering.py
@@ -75,25 +75,20 @@ def prepareForStep(self, step, context):
                 print "Agama-Consent. Failed to retrieve session_id"
                 return False
                 
-            cesar = session.getSessionAttributes()
-            param = cesar.get("agama_flow")
+            sessionId = session.getId()
+            # print "Session id is %s" % sessionId
+            param = context.getSessionAttributes().get("consent_flow")
 
             if not param:
-                param = self.extractAgamaFlow(cesar.get("acr_values"))
+                print "Agama-Consent. 'consent_flow' session attribute missing"
+                return False
 
-                if not param:
-                    print "Agama-Consent. Unable to determine the Agama flow to launch. Check the docs"
-                    return False
-            
             (qn, ins) = self.extractParams(param)
             if qn == None:
                 print "Agama-Consent. Unable to determine the Agama flow to launch. Check the docs"
                 return False
                 
             try:
-                sessionId = session.getId()
-                # print "==================================== %s" % sessionId
-
                 bridge = CdiUtil.bean(NativeJansFlowBridge)
                 running = bridge.prepareFlow(sessionId, qn, ins, False, self.enterUrl)
                 
@@ -120,13 +115,7 @@ def getPageForStep(self, step, context):
         return "/" + self.enterUrl
 
 # Misc routines
-        
-    def extractAgamaFlow(self, acr):
-        prefix = "agama_"
-        if acr and acr.startswith(prefix):
-            return acr[len(prefix):]
-        return None        
-        
+
     def extractParams(self, param):
 
         # param must be of the form QN-INPUT where QN is the qualified name of the flow to launch
diff --git a/docs/script-catalog/consent_gathering/consent-gathering.md b/docs/script-catalog/consent_gathering/consent-gathering.md
index 6021561097a..254370d5cc7 100644
--- a/docs/script-catalog/consent_gathering/consent-gathering.md
+++ b/docs/script-catalog/consent_gathering/consent-gathering.md
@@ -3,7 +3,7 @@ tags:
   - administration
   - developer
   - script-catalog
-  - ConsentGathering
+  - consent
 ---
 
 ## Overview
@@ -262,3 +262,32 @@ This is how consent will work depending on the authentication request issued:
 - With `agama_co.acme.mysuperflow`, the Agama flow `io.jans.consent.B` will be launched for consent
 
 Agama flows used for consent can be built using the same approach and tooling used for regular authentication flows. Note however there is no need to pass a user identity in the `Finish` instruction. If passed, it will be ignored, thus, it suffices to end a consent flow with `Finish false/true`.
+
+### Getting contextual data
+
+To access information in your Agama consent flow related to the user attempting login, scopes requested, etc., get an instance of managed bean `io.jans.as.server.util.AgamaConsentUtil` and use the available methods as summarized below:
+
+|Method|Description|Reference class|
+|-|-|-|
+|`getClient`|Gets a reference to the OAuth client associated to the authentication request|[Client](https://github.com/JanssenProject/jans/tree/vreplace-janssen-version/jans-auth-server/common/src/main/java/io/jans/as/common/model/registration/Client.java)|
+|`getScopes`|A list of OAuth scopes requested|[Scope](https://github.com/JanssenProject/jans/tree/vreplace-janssen-version/jans-auth-server/persistence-model/src/main/java/io/jans/as/persistence/model/Scope.java)|
+|`getUser`|A reference to the user attempting authentication|[User](https://github.com/JanssenProject/jans/tree/vreplace-janssen-version/jans-auth-server/common/src/main/java/io/jans/as/common/model/common/User.java) / [SimpleUser](https://github.com/JanssenProject/jans/tree/vreplace-janssen-version/jans-core/model/src/main/java/io/jans/model/user/SimpleUser.java)|
+|`getSessionAttributes`|A map containing the parameters of the OAuth authentication request issued||
+
+Java example code:
+
+```
+import io.jans.as.server.util.AgamaConsentUtil;
+import io.jans.service.cdi.util.CdiUtil;
+...
+AgamaConsentUtil acu = CdiUtil.bean(AgamaConsentUtil.class);
+String name = acu.getClient().getClientName();        //retrieves the client's display name
+```
+
+Agama DSL example:
+
+```
+acuCls = Call io.jans.as.server.util.AgamaConsentUtil#class
+acu = Call io.jans.service.cdi.util.CdiUtil#bean acuCls
+name = acu.client.clientName        //retrieves the client's display name
+```