Merge branch 'master' into reboot/fix/attls-missingblock

docs/extend/extend-apiml/api-mediation-oidc-authentication.md

@@ -259,7 +259,7 @@ Use the following curl command to make a REST request with the OIDC token to the
 curl --location 'https://"$HOSTNAME:$PORT"/gateway/api/v1/auth/oidc-token/validate --data '{"token": "$OIDC_TOKEN","serviceId": "$SERVICE_ID"}'
 ```
 
-An HTTP `200` code is returned if the validation passes. Failure to validate returns an HTTP `40x` error.
+An HTTP `204` code is returned if the validation passes. Failure to validate returns an HTTP `40x` error.
 :::
 
 :::note Azure Entra ID OIDC notes:

docs/extend/extend-apiml/zaas-client.md

@@ -33,6 +33,7 @@ public interface ZaasClient {
     String login(String authorizationHeader) throws ZaasClientException;
     ZaasToken query(String token) throws ZaasClientException;
     ZaasToken query(HttpServletRequest request) throws ZaasClientException;
+    ZaasOidcValidationResult validateOidc(String token) throws ZaasClientException;
     String passTicket(String jwtToken, String applicationId) throws ZaasClientException, ZaasConfigurationException;
     void logout(String token) throws ZaasClientException, ZaasConfigurationException;
 }
@@ -88,6 +89,21 @@ cookie or in an Authorization header. You then receive the `ZaasToken` Object in
 ZaasToken query(HttpServletRequest request) throws ZaasClientException;
 ```
 
+### Validate the OIDC token (`validateOidc`)
+
+Use the `validateOidc` method to get the validity information about the OIDC token.
+
+Call the `validateOidc` method from your API in the following format:
+
+```java
+ZaasOidcValidationResult validateOidc(String token) throws ZaasClientException;
+```
+
+In return, you receive the `ZaasOidcValidationResult` Object in JSON format.
+
+This method automatically uses the truststore file to add a security layer, which you configured in the `ConfigProperties` class.
+
+
 ### Invalidate a JWT token (`logout`)
 
 The `logout` method is used to invalidate the JWT token. The token must be provided in the Cookie header and must follow the format accepted by the API ML. 
@@ -124,65 +140,75 @@ To use this library, use the procedure described in this section.
 1. Add `zaas-client` as a dependency in your project.  
 You will need to specify the version of the `zaas-client` you want. `zaas-client` versioning following the semantic versioning format of `major.minor.patch`. For example, `1.22.0`.
 
+    <details>
+    <summary>Click here for procedural details using Gradle.</summary>
+
     **Gradle:**
 
-      1. Create a `gradle.properties` file in the root of your project if one does not already exist.
+    1. Create a `gradle.properties` file in the root of your project if one does not already exist.
 
-      2. In the `gradle.properties` file, set the URL of the specific Artifactory containing the _SpringEnabler_ artifact.
+    2. In the `gradle.properties` file, set the URL of the specific Artifactory containing the _SpringEnabler_ artifact.
 
-      ```
-      # Repository URL for getting the enabler-java artifact
-      artifactoryMavenRepo=https://zowe.jfrog.io/zowe/libs-release/
-      ```
+    ```
+    # Repository URL for getting the enabler-java artifact
+    artifactoryMavenRepo=https://zowe.jfrog.io/zowe/libs-release/
+    ```
 
-      3. Add the following _Gradle_ code block to the `repositories` section of your `build.gradle` file:
+    3. Add the following _Gradle_ code block to the `repositories` section of your `build.gradle` file:
 
-        ```gradle
-        repositories {
-            ...
+    ```gradle
+    repositories {
+        ...
 
-            maven {
+        maven {
                 url artifactoryMavenRepo
-            }
         }
-        ```
+    }
+    ```
 
-      4. Add the following _Gradle_ dependency:
+    4. Add the following _Gradle_ dependency:
 
-        ```groovy
-        dependencies {
-            compile 'org.zowe.apiml.sdk:zaas-client:{{version}}'
-        }
-        ```
+    ```groovy
+    dependencies {
+        compile 'org.zowe.apiml.sdk:zaas-client:{{version}}'
+    }
+    ```
+
+    </details>
+
+    <details>
+    <summary>Click here for procedural details using Maven.</summary>
 
     **Maven:**
 
-      1. Add the following _XML_ tags within the newly created `pom.xml` file:
-
-        ```xml
-        <repositories>
-            <repository>
-                <id>libs-release</id>
-                <name>libs-release</name>
-                <url>https://zowe.jfrog.io/zowe/libs-release/</url>
-                <snapshots>
-                    <enabled>false</enabled>
-                </snapshots>
-            </repository>
-        </repositories>
-        ```
+    1. Add the following _XML_ tags within the newly created `pom.xml` file:
+
+    ```xml
+    <repositories>
+        <repository>
+            <id>libs-release</id>
+            <name>libs-release</name>
+            <url>https://zowe.jfrog.io/zowe/libs-release/</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+    ```
 
     **Tip:** If you want to use snapshot version, replace libs-release with libs-snapshot in the repository url and change snapshots->enabled to true.
       
-      2. Then add the following _Maven_ dependency:
+    2. Then add the following _Maven_ dependency:
 
-        ```xml
-        <dependency>
-                    <groupId>org.zowe.apiml.sdk</groupId>
-                    <artifactId>zaas-client</artifactId>
-                    <version>{{version}}</version>
-        </dependency>
-        ```
+    ```xml
+    <dependency>
+                <groupId>org.zowe.apiml.sdk</groupId>
+                <artifactId>zaas-client</artifactId>
+                <version>{{version}}</version>
+    </dependency>
+    ```
+
+    </details>
 
 2. In your application, create your Java class which will be used to create an instance of `ZaasClient`, which enables you to use its method to login, query, and to issue a PassTicket.
 

docs/troubleshoot/cli/known-cli.md

@@ -211,3 +211,32 @@ When the `zowe zos-files search data-sets` command is issued with the `--mainfra
 **Solution:**
 
 Issue the `zowe files search ds` command without the `--mainframe-search` option. This returns results that include data sets in binary format.
+
+## Error message with PowerShell scripts
+
+**Valid on Windows**
+
+**Symptom:**
+
+PowerShell users on Windows can encounter an error when they try to run Zowe CLI with certain execution policies in place.
+
+Example of an error message:
+
+```
+PS C:\> zowe
+zowe : File C:\Users\user\AppData\Roaming\npm\zowe.ps1 cannot be loaded because running scripts is disabled on this
+system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
+At line:1 char:1
++ zowe
++ ~~~~
+    + CategoryInfo          : SecurityError: (:) [], PSSecurityException
+    + FullyQualifiedErrorId : UnauthorizedAccess
+```
+
+**Solutions:**
+
+- Update developer settings in Windows to enable running local scripts without signing:
+
+![PowerShell setting](../../images/troubleshoot/cli/PowerShell_developer_setting.png)
+
+- Run PowerShell as an administrator and use the `Set-ExecutionPolicy` command to change the execution policy to a less-restrictive setting, for example: `Set-ExecutionPolicy RemoteSigned -scope CurrentUser`.