Merge branch 'main' into docs

Signed-off-by: valens niyonsenga <95166477+valens200@users.noreply.github.com>

Author: valens200

docs/2024/index.md

@@ -63,3 +63,4 @@ More info to come here.
 Photos to come soon.
 
 Thanks for being part of the community. 💚
+

docs/2024/rest/index.md

@@ -41,6 +41,7 @@ This project involves the following tasks:
 
 2. **Upgrading Existing Endpoints to Version 2:**
 
+
    - Develop a REST API guideline which will provide a solid set of rules to follow.
    - Upgrade existing endpoints to V2 based on the guideline, also ensuring backward compatibility.
    - Update documentation to reflect the changes and versioning.
@@ -49,4 +50,13 @@ This project involves the following tasks:
    - Study each endpoint and its functionality to identify potential edge cases.
    - Write unit tests for all existing and new endpoints.
 
+More specific details about each task can be found in the [Task Details Table](https://docs.google.com/document/d/158BZBZ5owLtI-SqD1MIduMy4bR3XLuwm4aDLynoFZAA/edit?usp=sharing).
+    - Develop a REST API guideline which will provide a solid set of rules to follow.
+    - Upgrade existing endpoints to V2 based on the guideline, also ensuring backward compatibility.
+    - Update documentation to reflect the changes and versioning.
+
+3. **Increasing Test Coverage:**
+    - Study each endpoint and its functionality to identify potential edge cases.
+    - Write unit tests for all existing and new endpoints.
+
 More specific details about each task can be found in the [Task Details Table](https://docs.google.com/document/d/158BZBZ5owLtI-SqD1MIduMy4bR3XLuwm4aDLynoFZAA/edit?usp=sharing).

docs/2024/rest/updates/2024-05-07.md

@@ -0,0 +1,92 @@
+---
+title: Community bonding
+author: Divij Sharma
+---
+<!--
+SPDX-License-Identifier: CC-BY-SA-4.0
+
+SPDX-FileCopyright Text: 2024 Divij Sharma <divijs75@gmail.com>
+-->
+
+# Community Bonding
+
+## Introduction meeting
+
+*(May 7,2024)*
+
+This was the first meeting of the community bonding period for GSoC '24. Mentors and contributors introduced themselves, and the general meeting time and platform were decided.
+
+## Meeting 1
+
+*(May 9,2024)*
+
+This was the first general meeting after the introduction meeting. Mentors discussed the importance of communication and the need for regular updates. The contributors were free to ask any questions they had.
+
+## During community bonding week 1
+
+*(May 9,2024- May 15,2024)*
+
+### Activities
+
+* I created an unofficial communication group with fellow contributors to get to know each other better.
+* I discussed the project and the tasks that need to be completed during the coding period with the mentors.
+* I clarified some of my doubts regarding the project timeline.
+
+### Work done
+
+* I was already familiar with the code-base because of my previous contributions to FOSSology. I started working on upgrading the REST APIs to version 2.
+* I fixed some minor bugs in the following of my uplink PRs related to the upgradation:
+    - [feat(api): Upgrade User & Group APIs to Version 2 ](https://github.com/fossology/fossology/pull/2711)
+    - [feat(api): Upgrade Folder, License & Obligation APIs to Version 2](https://github.com/fossology/fossology/pull/2712)
+
+## Meeting 2
+
+*(May 16,2024)*
+
+We discussed the progress made during the first week of community bonding. Mentors asked if contributors were able to set up their development environments and if they faced any issues. Everyone gave a brief overview of the tasks they were working on.
+
+## During community bonding week 2
+
+*(May 16,2024- May 22,2024)*
+
+### Activities
+
+* I had calls with fellow contributors to help them set up their development environments.
+* I had a discussion with my colleague [Valens](https://github.com/valens200) about how we shall manage our tasks.
+
+### Work done
+
+* I continued working on upgrading the REST APIs to version 2.
+
+* I finalized the work on a new endpoint to retrieve user copyright findings and also upgraded Jobs and Report APIs to version 2.
+    - [feat(api): New endpoint to retrieve user copyright findings ](https://github.com/fossology/fossology/pull/2717)
+    - [feat(api): Upgrade Jobs and Report APIs to Version 2 ](https://github.com/fossology/fossology/pull/2736)
+
+
+## Meeting 3
+
+*(May 23,2024)*
+
+We discussed the progress made during the second week of the community bonding period. Mentors asked if contributors faced any issues while installing the project and encouraged us to make small contributions. We also decided on the time for project-specific weekly meetings.
+
+## During community bonding week 3
+
+*(May 23,2024- May 29,2024)*
+
+### Activities
+
+* I helped few of my colleagues in setting up their development environments.
+
+### Work done
+
+* I continued working on upgrading the REST APIs to version 2.
+
+* I upgraded the Search, Copyright & Admin APIs to Version 2.
+    - [feat(api): Upgrade Search, Copyright & Admin APIs to Version 2 ](https://github.com/fossology/fossology/pull/2744)
+
+## Meeting 4
+
+*(May 30,2024)*
+
+We discussed the progress made during the third week of the community bonding period. Mentors gave general updates followed by weekly updates by contributors. We had a session on how are we supposed to present and maintain our work during the coding period through the documentation.
+   

docs/2024/rest/updates/2024-05-30.md

@@ -0,0 +1,47 @@
+---
+title: Week 1
+author: Divij Sharma
+tags: [gsoc24, rest]
+---
+<!--
+SPDX-License-Identifier: CC-BY-SA-4.0
+
+SPDX-FileCopyrightText: 2024 Divij Sharma <divijs75@gmail.com>
+-->
+
+# Week 1 meeting and activities
+
+*(May 30,2024)*
+
+## Attendees:
+
+- [Divij Sharma](https://github.com/dvjsharma)
+- [Gaurav Mishra](https://github.com/GMishx)
+- [Samuel Dushimimana](https://github.com/dushimsam)
+- [Shaheem Azmal M MD](https://github.com/shaheemazmalmmd)
+- [Soham Banerjee](https://github.com/soham4abc)
+- [Valens Niyonsenga](https://github.com/valens200)
+
+## Discussion:
+
+- **Who should be doing what?**
+  - Discussed project responsibilities with my colleague [Valens](https://github.com/valens200) and mentors.
+  - We decided that currently I will focus on the REST API Version 2 upgrade and OAuth 2.0 implementation, while Valens would work on adding test cases for the current REST API implementation.
+
+- **REST API Version 2 updates**
+  - I mentioned that the work on the REST API Version 2 upgrade is almost complete and suggested we can start looking for any further improvements.
+  - Mentors suggested I should review the code and look for any possible improvements based on my proposed guidelines. [(REST API Guidelines)](../API-guidelines.md).
+
+- **OAuth 2.0 architecture discussion and needs**
+  - [Gaurav](https://github.com/GMishx) explained the various modes of authentication we aim to have in the FOSSology project. These are:
+    - Token based authentication
+    - Authorization Code Grant (Web Application)
+    - Client Credentials Grant (Machine to Machine)
+  - I cleared my doubts regarding the OAuth 2.0 implementation and its significance in the project. I also got a rough vision of what needs to be implemented and what is already implemented. [(Reference Material)](https://github.com/fossology/fossology/wiki/OpenID-Connect-authentication-configuration)
+
+## Activities:
+
+- Tested the REST API Version 2 on a local instance and noted down the improvements that can be made.
+- Researched on OAuth 2.0 and how it can be implemented in the project.
+- Did minor improvements in the following PR:
+  - [feat(api): Upgrade User & Group APIs to Version 2 ](https://github.com/fossology/fossology/pull/2711)

docs/2024/rest/updates/2024-06-06.md

@@ -0,0 +1,51 @@
+---
+title: Week 2
+author: Divij Sharma
+tags: [gsoc24, rest]
+---
+<!--
+SPDX-License-Identifier: CC-BY-SA-4.0
+
+SPDX-FileCopyrightText: 2024 Divij Sharma <divijs75@gmail.com>
+-->
+
+# Week 2 meeting and activities
+
+*(June 6,2024)*
+
+## Attendees:
+
+- [Divij Sharma](https://github.com/dvjsharma)
+- [Shaheem Azmal M MD](https://github.com/shaheemazmalmmd)
+- [Valens Niyonsenga](https://github.com/valens200)
+
+## Discussion:
+
+  - No major updates since the last meeting.
+  - Discussed the improvements that can be made in the REST API Version 2.
+  - Discussed the implementation of OAuth 2.0 in the project.
+
+## Activities:
+
+- **OAuth 2.0**
+  - Researched OAuth 2.0 and its application on production servers. Found the [Auth0 article](https://auth0.com/intro-to-iam/what-is-oauth-2) particularly helpful. Studied various architectural patterns for different flows to determine the best fit for our project.
+  - Prepared a draft outlining the implementation details, focusing on two scenarios:
+
+    - **For the API**:
+      - Create an endpoint to add new clients, accepting `name`, `clientId`, and `scope`.
+      - Another endpoint to configure FOSSology, accepting `appName`, `clientId`, `clientSecret`, `clientClaim`, `redirectUri`, and `discoveryUri`. The `discoveryUri` will be used to fetch other required endpoints.
+      - Once these steps are completed, FOSSology will be configured to use OAuth 2.0. Users can obtain a token from their authorization server to access the FOSSology API.
+
+    - **For the Web Application**:
+      - Implement the Authorization Code Grant flow for the frontend. This requires a login page where users can log in and receive a code, which can be exchanged for a token to access the FOSSology API.
+      - Researched libraries to implement this flow on the frontend.
+      - On the server side, implement a mechanism to verify user credentials received from the server and issue a token to the user.
+
+- **REST API Version 2**
+  - Reviewed the code and identified areas for improvement.
+  - Found the following things which we can look into:
+    - Status Codes: Particularly 204 (no content)
+    - Adding pagination to all necessary endpoints
+    - Using model classes for all major/minor responses
+    - Test coverage
+    - Authentication workflow