From 6d1cdc01697244b3257455243b1d597f44811831 Mon Sep 17 00:00:00 2001
From: sadilchamishka <sandilchamishka@gmail.com>
Date: Thu, 9 Nov 2023 13:33:06 +0530
Subject: [PATCH] Introduce new threadlocal property to store the root tenant

---
 components/org.wso2.carbon.identity.authz.valve/pom.xml    | 7 ++++++-
 .../carbon/identity/authz/valve/AuthorizationValve.java    | 7 +++++++
 pom.xml                                                    | 2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/components/org.wso2.carbon.identity.authz.valve/pom.xml b/components/org.wso2.carbon.identity.authz.valve/pom.xml
index e074f872..48374d6c 100644
--- a/components/org.wso2.carbon.identity.authz.valve/pom.xml
+++ b/components/org.wso2.carbon.identity.authz.valve/pom.xml
@@ -62,6 +62,10 @@
             <groupId>org.wso2.carbon.identity.organization.management</groupId>
             <artifactId>org.wso2.carbon.identity.organization.management.authz.service</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.organization.management.core</groupId>
+            <artifactId>org.wso2.carbon.identity.organization.management.service</artifactId>
+        </dependency>
     </dependencies>
 
     <build>
@@ -90,7 +94,8 @@
                             org.wso2.carbon.identity.core.*; version="${carbon.identity.package.import.version.range}",
                             org.wso2.carbon.identity.authz.service.*;version="${org.wso2.carbon.identity.authz.service.version.range}",
                             org.apache.catalina.*;version="1.7.0",
-                            org.wso2.carbon.identity.organization.management.authz.service; version="${org.wso2.carbon.identity.organization.management.version.range}"
+                            org.wso2.carbon.identity.organization.management.authz.service; version="${org.wso2.carbon.identity.organization.management.version.range}",
+                            org.wso2.carbon.identity.organization.management.service.constant; version="${org.wso2.carbon.identity.organization.management.core.version.range}"
                         </Import-Package>
                         <Export-Package>!org.wso2.carbon.identity.authz.valve.internal,
                             org.wso2.carbon.identity.authz.valve.*;
diff --git a/components/org.wso2.carbon.identity.authz.valve/src/main/java/org/wso2/carbon/identity/authz/valve/AuthorizationValve.java b/components/org.wso2.carbon.identity.authz.valve/src/main/java/org/wso2/carbon/identity/authz/valve/AuthorizationValve.java
index e5af2ee7..ab627de8 100644
--- a/components/org.wso2.carbon.identity.authz.valve/src/main/java/org/wso2/carbon/identity/authz/valve/AuthorizationValve.java
+++ b/components/org.wso2.carbon.identity.authz.valve/src/main/java/org/wso2/carbon/identity/authz/valve/AuthorizationValve.java
@@ -41,7 +41,9 @@
 import org.wso2.carbon.identity.authz.service.exception.AuthzServiceServerException;
 import org.wso2.carbon.identity.authz.valve.internal.AuthorizationValveServiceHolder;
 import org.wso2.carbon.identity.authz.valve.util.Utils;
+import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.organization.management.authz.service.OrganizationManagementAuthorizationContext;
+import org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants;
 import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 
@@ -55,6 +57,7 @@
 import javax.servlet.http.HttpServletResponse;
 
 import static org.wso2.carbon.identity.auth.service.util.Constants.ENGAGED_AUTH_HANDLER;
+import static org.wso2.carbon.identity.auth.service.util.Constants.IDP_NAME;
 import static org.wso2.carbon.identity.auth.service.util.Constants.OAUTH2_ALLOWED_SCOPES;
 import static org.wso2.carbon.identity.auth.service.util.Constants.OAUTH2_VALIDATE_SCOPE;
 
@@ -170,6 +173,8 @@ public void invoke(Request request, Response response) throws IOException, Servl
                                 getNext().invoke(request, response);
                             } finally {
                                 PrivilegedCarbonContext.endTenantFlow();
+                                IdentityUtil.threadLocalProperties.get()
+                                        .remove(OrganizationManagementConstants.ROOT_TENANT_DOMAIN);
                             }
                         } else {
                             getNext().invoke(request, response);
@@ -300,6 +305,8 @@ private boolean isAuthorizationSkipped(String authHandlerName, String requestUri
 
     private void startOrganizationBoundTenantFlow(String authorizedOrganization) {
 
+        String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
+        IdentityUtil.threadLocalProperties.get().put(OrganizationManagementConstants.ROOT_TENANT_DOMAIN, tenantDomain);
         String userId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserId();
         String userName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
         String userResidentOrganizationId = PrivilegedCarbonContext.getThreadLocalCarbonContext()
diff --git a/pom.xml b/pom.xml
index b6533104..ff1e1d5a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -356,7 +356,7 @@
         </org.wso2.carbon.identity.organization.management.version>
         <org.wso2.carbon.identity.organization.management.version.range>[1.0.0, 2.0.0)
         </org.wso2.carbon.identity.organization.management.version.range>
-        <org.wso2.carbon.identity.organization.management.core.version>1.0.17
+        <org.wso2.carbon.identity.organization.management.core.version>1.0.85
         </org.wso2.carbon.identity.organization.management.core.version>
         <org.wso2.carbon.identity.organization.management.core.version.range>[1.0.0, 2.0.0)
         </org.wso2.carbon.identity.organization.management.core.version.range>