Merge pull request #429 from oracle-devrel/oig-access-term-notification

Add access-termination-notification scheduled task sample for OIG

Author: oheimburger

security/identity-and-access-management/oracle-identity-governance/scheduled-task-samples/access-termination-notification/LICENSE

@@ -0,0 +1,35 @@
+Copyright (c) 2023 Oracle and/or its affiliates.
+
+The Universal Permissive License (UPL), Version 1.0
+
+Subject to the condition set forth below, permission is hereby granted to any
+person obtaining a copy of this software, associated documentation and/or data
+(collectively the "Software"), free of charge and under any and all copyright
+rights in the Software, and any and all patent rights owned or freely
+licensable by each licensor hereunder covering either (i) the unmodified
+Software as contributed to or provided by such licensor, or (ii) the Larger
+Works (as defined below), to deal in both
+
+(a) the Software, and
+(b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+one is included with the Software (each a "Larger Work" to which the Software
+is contributed by such licensors),
+
+without restriction, including without limitation the rights to copy, create
+derivative works of, display, perform, and distribute the Software and make,
+use, sell, offer for sale, import, export, have made, and have sold the
+Software and the Larger Work(s), and to sublicense the foregoing rights on
+either these or other terms.
+
+This license is subject to the following condition:
+The above copyright notice and either this complete permission notice or at
+a minimum a reference to the UPL must be included in all copies or
+substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

security/identity-and-access-management/oracle-identity-governance/scheduled-task-samples/access-termination-notification/README.md

@@ -0,0 +1,45 @@
+# Access Termination Notification Scheduled Task
+
+This asset contains the code and deployment items for a scheduled task designed to notify users and their managers of any expiring access. It uses standard OIG APIs to handle email composition and dispatch (tcEmailNotificationUtil).
+
+In case access extensions or a more complex handling of email contents are also required, please refer to the [Access Extension Notification Scheduled Task](https://github.com/oracle-devrel/technology-engineering/tree/main/security/identity-and-access-management/oracle-identity-governance/scheduled-task-samples/access-extension-notification).
+
+Developed on and compatible with OIG 11g R2 PS3 and above.
+
+## When to use this asset?
+
+When there's a need to provide or demonstrate the functionality described above or something similar, which can be adapted from the provided code.
+
+## How to use this asset?
+
+### Building and deployment
+
+Here's a short build and deployment checklist:
+
+1. Import any additional artifacts using deployment manager, such as the `Access_Termination_Template.xml` file
+2. Generate a jar file containing the sample code.
+3. Upload the jar file to an OIG environment using OIG's command line "Jar Upload" utility. Also remember to upload the dependencies as "3. ThirdParty" jars.
+4. Use the Enterprise Manager web interface to upload the scheduled task metadata/definition into the MDS repository.
+5. Create a scheduled task in OIG based on the uploaded definition.
+
+Please see the useful link below for detailed build and deployment steps.
+
+### Executing the scheduled task
+
+The following items need to be populated as part of the scheduled job parameters:
+- Days Before Expiration: Number of days before the email is sent, e.g. 7
+- Email Template Name: Email template name for the email, e.g. Access_Termination_Template
+
+[Consult this section](https://docs.oracle.com/en/middleware/idm/identity-governance/12.2.1.4/omusg/managing-jobs-1.html#GUID-71BB3623-AEE2-4F64-BBD4-D921DCA39D7C) on how to manually start or schedule a job.
+
+## Useful Links
+
+[Oracle Identity Governance developer's guide - Developing scheduled tasks](https://docs.oracle.com/en/middleware/idm/identity-governance/12.2.1.4/omdev/developing-scheduled-tasks.html#GUID-F62EF833-1E70-41FC-9DCC-C1EAB407D151)
+
+# License
+
+Copyright (c) 2023 Oracle and/or its affiliates.
+
+Licensed under the Universal Permissive License (UPL), Version 1.0.
+
+See [LICENSE](https://github.com/oracle-devrel/technology-engineering/blob/main/LICENSE) for more details.

security/identity-and-access-management/oracle-identity-governance/scheduled-task-samples/access-termination-notification/files/Access_Termination_Notification.xml

@@ -0,0 +1,13 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<scheduledTasks xmlns="http://xmlns.oracle.com/oim/scheduler">
+<task>
+<name>Access Termination Notification</name>
+<class>com.oracle.sample.AccessTerminationNotification</class>
+<description>Access Termination Notification</description>
+<retry>1</retry>
+<parameters>
+<string-param required="true" encrypted="false" helpText="Number of days before the email is sent.">Days Before Expiration</string-param>
+<string-param required="true" encrypted="false" helpText="Email template name for the email.">Email Template Name</string-param>
+</parameters>
+</task>
+</scheduledTasks>

security/identity-and-access-management/oracle-identity-governance/scheduled-task-samples/access-termination-notification/files/Access_Termination_Template.xml

@@ -0,0 +1,10 @@
+<?xml version = '1.0' encoding = 'UTF-8'?>
+<xl-ddm-data version="12.2.1.4.0" user="XELSYSADM" database="" exported-date="1694515569790" description="Access_Termination_Template"><NOTIFICATIONTEMPLATE repo-type="RDBMS" name="Access_Termination_Template"><CREATEUSER>1</CREATEUSER><CREATIONDATE>1614848134174</CREATIONDATE><DATALEVEL>0</DATALEVEL><EVENTNAME>EndDateNotificationEvent</EVENTNAME><LASTUSER>xelsysadm</LASTUSER><LASTUPDATED>1614849641138</LASTUPDATED><LOCALTEMPLATE repo-type="RDBMS" id="LOCALTEMPLATE501"><CREATEUSER>1</CREATEUSER><CONTENTTYPE>text/plain</CONTENTTYPE><CREATIONDATE>1614848134282</CREATIONDATE><LOCALE>en_US</LOCALE><DATALEVEL>0</DATALEVEL><ENCODING>UTF-8</ENCODING><SUBJECT>Your access is expiring</SUBJECT><LONGMESSAGE>Hi $display_name,
+
+Some of your access is expiring in $days day(s). Please find below a list of expiring access items.
+
+$expiring_items
+Please also note that a copy of this email will also be sent to your direct manager.
+
+Kind regards,
+Your friendly OIM admin</LONGMESSAGE><LASTUSER>xelsysadm</LASTUSER><LASTUPDATED>1614849641156</LASTUPDATED></LOCALTEMPLATE></NOTIFICATIONTEMPLATE></xl-ddm-data>