Summary:

The code changes in this pull request focus on implementing session management and OAuth server management functionality within a command-line interface (CLI) application. The key security-related aspects of these changes are:

1. Session Management: The changes in the sessions.py file introduce session management features, including the ability to search, view, and delete user sessions. The code includes input validation, permission checks, and asynchronous processing to ensure security and responsiveness.

2. OAuth Server Management: The changes in the main.py file introduce an "oauth" plugin that handles the management of OAuth-related entities, such as clients, scopes, keys, and logging configurations. The code includes functionality to retrieve, display, and update these entities, with a focus on secure data handling and access control.

3. Session Lifecycle Configuration: The documentation changes in the README.md file provide an overview of the session-related configuration options in the Auth Server, such as session lifetime and inactivity timeouts. These settings are crucial for maintaining appropriate session security.

4. Session Revocation: The documentation mentions the availability of session revocation endpoints, which allow administrators to quickly invalidate compromised or unwanted sessions, a critical security feature.

Overall, the code changes and documentation demonstrate a well-designed session management and OAuth server management system with a focus on security, flexibility, and administrative control. The various security-related aspects, such as input validation, permission checks, secure data handling, and session lifecycle management, are in line with best practices for secure application development.

Files Changed:

1. jans-cli-tui/cli_tui/plugins/010_auth_server/sessions.py: This file introduces session management features, including the ability to search, view, and delete user sessions. The code includes input validation, permission checks, and asynchronous processing to ensure security and responsiveness.

2. jans-cli-tui/cli_tui/plugins/010_auth_server/main.py: This file introduces an "oauth" plugin that handles the management of OAuth-related entities, such as clients, scopes, keys, and logging configurations. The code includes functionality to retrieve, display, and update these entities, with a focus on secure data handling and access control.

3. docs/janssen-server/auth-server/session-management/README.md: This file provides an overview of the session-related configuration options in the Auth Server, such as session lifetime and inactivity timeouts, as well as information about session data storage and session event interception scripts.