Update account-linking-index.md

[mzico]

-Dacr value should be "agama_io.jans.casa.authn.acctlinking", not "io.jans.casa.authn.acctlinking"

Prepare

• Read PR guidelines
• Read license information

---

Description

Target issue

closes #issue-number-here

Implementation Details

---

Test and Document the changes

• Static code analysis has been run locally and issues have been fixed
• Relevant unit and integration tests have been added/updated
• Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

• I confirm that there is no impact on the docs due to the code changes in this PR.

[dryrunsecurity]

DryRun Security Summary

The pull request updates the Accounts Linking Plugin for the Jans Casa application, allowing users to link their local Jans account with external identity providers like OIDC, OAuth 2.0, and social sites, while also highlighting the security considerations associated with this integration.

Expand for full summary

Summary:

The code change in this pull request updates the Accounts Linking Plugin for the Jans Casa application. The key change is the modification of the -Dacr= parameter in the /etc/default/jans-casa file to use the agama_io.jans.casa.authn.acctlinking flow instead of the default flow. This allows the Casa application to leverage the accounts linking functionality provided by the Agama project, which enables users to link their local Jans account with external identity providers like OIDC, OAuth 2.0, and social sites.

From an application security perspective, the introduction of external identity provider integration and the ability to link and unlink accounts introduces additional attack surfaces and security considerations. It is important to ensure that the integration with these providers is properly secured, the attribute mapping process does not introduce any vulnerabilities, and the handling of user passwords and user provisioning includes appropriate security measures to maintain the overall security of the system.

Files Changed:

• docs/casa/plugins/accts-linking/account-linking-index.md: This file has been updated to document the changes related to the Accounts Linking Plugin for the Jans Casa application. The key changes include:
  1. Updating the value of the -Dacr= parameter in the /etc/default/jans-casa file to use the agama_io.jans.casa.authn.acctlinking flow instead of the default flow.
  2. Describing the functionality of the accounts linking feature, which allows users to link their local Jans account with external identity providers, retrieve user profile data, and provision new users or update existing ones.
  3. Highlighting the security considerations associated with the integration of external identity providers and the linking/unlinking of accounts, such as additional attack surfaces, access controls, and password/user provisioning security measures.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.