Skip to content

Commit

Permalink
Merge pull request #713 from malithie/action-mgt-improvements
Browse files Browse the repository at this point in the history 
Updates the Action Management API to reject inflow action types such as authentication.
  • Loading branch information
@malithie
malithie authored Oct 18, 2024
2 parents 12d5d4d + 9657cd1 commit 9d68644
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 35 deletions.
2 changes: 1 addition & 1 deletion ....v1/src/gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionType.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
@XmlEnum(String.class)
public enum ActionType {

@XmlEnumValue("PRE_ISSUE_ACCESS_TOKEN") PRE_ISSUE_ACCESS_TOKEN(String.valueOf("PRE_ISSUE_ACCESS_TOKEN")), @XmlEnumValue("PRE_UPDATE_PASSWORD") PRE_UPDATE_PASSWORD(String.valueOf("PRE_UPDATE_PASSWORD")), @XmlEnumValue("PRE_UPDATE_PROFILE") PRE_UPDATE_PROFILE(String.valueOf("PRE_UPDATE_PROFILE")), @XmlEnumValue("PRE_REGISTRATION") PRE_REGISTRATION(String.valueOf("PRE_REGISTRATION")), @XmlEnumValue("AUTHENTICATION") AUTHENTICATION(String.valueOf("AUTHENTICATION"));
@XmlEnumValue("PRE_ISSUE_ACCESS_TOKEN") PRE_ISSUE_ACCESS_TOKEN(String.valueOf("PRE_ISSUE_ACCESS_TOKEN")), @XmlEnumValue("PRE_UPDATE_PASSWORD") PRE_UPDATE_PASSWORD(String.valueOf("PRE_UPDATE_PASSWORD")), @XmlEnumValue("PRE_UPDATE_PROFILE") PRE_UPDATE_PROFILE(String.valueOf("PRE_UPDATE_PROFILE")), @XmlEnumValue("PRE_REGISTRATION") PRE_REGISTRATION(String.valueOf("PRE_REGISTRATION"));


private String value;
Expand Down
34 changes: 17 additions & 17 deletions ....v1/src/gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionsApi.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ public class ActionsApi {
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class)
})
public Response activateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
public Response activateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {

return delegate.activateAction(actionType, actionId );
}
Expand All @@ -92,7 +92,7 @@ public Response activateAction(@ApiParam(value = "Name of the Action Type.",requ
@ApiResponse(code = 500, message = "Server Error", response = Error.class),
@ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
})
public Response createAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "This represents the action to be created." ,required=true) @Valid ActionModel actionModel) {
public Response createAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "This represents the action to be created." ,required=true) @Valid ActionModel actionModel) {

return delegate.createAction(actionType, actionModel );
}
Expand All @@ -116,7 +116,7 @@ public Response createAction(@ApiParam(value = "Name of the Action Type.",requir
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class)
})
public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {

return delegate.deactivateAction(actionType, actionId );
}
Expand All @@ -140,59 +140,59 @@ public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",re
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class)
})
public Response deleteAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
public Response deleteAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {

return delegate.deleteAction(actionType, actionId );
}

@Valid
@GET
@Path("/types")
@Path("/{actionType}/{actionId}")

@Produces({ "application/json" })
@ApiOperation(value = "Detailed summary of the Action Types ", notes = "This API provides the capability to retrieve the detailed summary of the action types.<br> <b>Scope required:</b> <br> * internal_action_mgt_view ", response = ActionTypesResponseItem.class, responseContainer = "List", authorizations = {
@ApiOperation(value = "Retrieve Action information by given Id. ", notes = "This API provides the capability to retrieve the action by action Id.<br> <b>Scope required:</b> <br> * internal_action_mgt_view ", response = ActionResponse.class, authorizations = {
@Authorization(value = "BasicAuth"),
@Authorization(value = "OAuth2", scopes = {

})
}, tags={ "Actions", })
@ApiResponses(value = {
@ApiResponse(code = 200, message = "OK", response = ActionTypesResponseItem.class, responseContainer = "List"),
@ApiResponse(code = 200, message = "OK", response = ActionResponse.class),
@ApiResponse(code = 400, message = "Bad Request", response = Error.class),
@ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
@ApiResponse(code = 403, message = "Forbidden", response = Void.class),
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class),
@ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
})
public Response getActionTypes() {
public Response getActionByActionId(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {

return delegate.getActionTypes();
return delegate.getActionByActionId(actionType, actionId );
}

@Valid
@GET
@Path("/{actionType}/{actionId}")
@Path("/types")

@Produces({ "application/json" })
@ApiOperation(value = "Retrieve Action information by given Id. ", notes = "This API provides the capability to retrieve the action by action Id.<br> <b>Scope required:</b> <br> * internal_action_mgt_view ", response = ActionResponse.class, authorizations = {
@ApiOperation(value = "Detailed summary of the Action Types ", notes = "This API provides the capability to retrieve the detailed summary of the action types.<br> <b>Scope required:</b> <br> * internal_action_mgt_view ", response = ActionTypesResponseItem.class, responseContainer = "List", authorizations = {
@Authorization(value = "BasicAuth"),
@Authorization(value = "OAuth2", scopes = {

})
}, tags={ "Actions", })
@ApiResponses(value = {
@ApiResponse(code = 200, message = "OK", response = ActionResponse.class),
@ApiResponse(code = 200, message = "OK", response = ActionTypesResponseItem.class, responseContainer = "List"),
@ApiResponse(code = 400, message = "Bad Request", response = Error.class),
@ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
@ApiResponse(code = 403, message = "Forbidden", response = Void.class),
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class),
@ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
})
public Response getActionByActionId(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
public Response getActionTypes() {

return delegate.getActionByActionId(actionType, actionId );
return delegate.getActionTypes();
}

@Valid
Expand All @@ -215,7 +215,7 @@ public Response getActionByActionId(@ApiParam(value = "Name of the Action Type."
@ApiResponse(code = 500, message = "Server Error", response = Error.class),
@ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
})
public Response getActionsByActionType(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType) {
public Response getActionsByActionType(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType) {

return delegate.getActionsByActionType(actionType );
}
Expand All @@ -239,7 +239,7 @@ public Response getActionsByActionType(@ApiParam(value = "Name of the Action Typ
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class)
})
public Response updateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "This represents the action information to be updated." ,required=true) @Valid ActionUpdateModel actionUpdateModel) {
public Response updateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "This represents the action information to be updated." ,required=true) @Valid ActionUpdateModel actionUpdateModel) {

return delegate.updateAction(actionType, actionId, actionUpdateModel );
}
Expand All @@ -263,7 +263,7 @@ public Response updateAction(@ApiParam(value = "Name of the Action Type.",requir
@ApiResponse(code = 404, message = "Not Found", response = Error.class),
@ApiResponse(code = 500, message = "Server Error", response = Error.class)
})
public Response updateActionEndpointAuthentication(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "Authentication Type of the Action Endpoint.",required=true, allowableValues="none, basic, apiKey, bearer") @PathParam("authType") String authType, @ApiParam(value = "This represents the action endpoint authentication to be updated." ,required=true) @Valid AuthenticationTypeProperties authenticationTypeProperties) {
public Response updateActionEndpointAuthentication(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "Authentication Type of the Action Endpoint.",required=true, allowableValues="none, basic, apiKey, bearer") @PathParam("authType") String authType, @ApiParam(value = "This represents the action endpoint authentication to be updated." ,required=true) @Valid AuthenticationTypeProperties authenticationTypeProperties) {

return delegate.updateActionEndpointAuthentication(actionType, actionId, authType, authenticationTypeProperties );
}
Expand Down
4 changes: 2 additions & 2 deletions .../gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionsApiService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,10 @@ public interface ActionsApiService {

public Response deleteAction(String actionType, String actionId);

public Response getActionTypes();

public Response getActionByActionId(String actionType, String actionId);

public Response getActionTypes();

public Response getActionsByActionType(String actionType);

public Response updateAction(String actionType, String actionId, ActionUpdateModel actionUpdateModel);
Expand Down
12 changes: 7 additions & 5 deletions ...carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,21 +36,23 @@ private ActionMgtEndpointConstants() {
public enum ErrorMessage {

// Client errors.
ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60001",
ERROR_INVALID_ACTION_TYPE("60001", "Invalid action type.",
"Invalid action type used for path parameter."),
ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60010",
"Unable to perform the operation.",
"Required authentication properties are not provided or invalid."),
ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE("60002",
ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE("60011",
"Invalid Authentication Type for Action Endpoint.",
"Invalid authentication type used for path parameter."),
ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60003",
ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60012",
"Unable to perform the operation.",
"Authentication property values cannot be empty."),
ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60004",
ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60013",
"Action is not found.",
"No action is found for given action id and action type"),

// Server errors.
ERROR_NOT_IMPLEMENTED_ACTION_TYPE("65001",
ERROR_NOT_IMPLEMENTED_ACTION_TYPE("650015",
"Unable to perform the operation.",
"The requested action type is not currently supported by the server.");

Expand Down
9 changes: 0 additions & 9 deletions .../org.wso2.carbon.identity.api.server.action.management.v1/src/main/resources/Actions.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
requestBody:
content:
application/json:
Expand Down Expand Up @@ -153,7 +152,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
responses:
'200':
description: OK
Expand Down Expand Up @@ -212,7 +210,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -275,7 +272,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -340,7 +336,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -395,7 +390,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -454,7 +448,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -513,7 +506,6 @@ paths:
- preUpdatePassword
- preUpdateProfile
- preRegistration
- authentication
- name: actionId
in: path
description: Id of the Action.
Expand Down Expand Up @@ -588,7 +580,6 @@ components:
- PRE_UPDATE_PASSWORD
- PRE_UPDATE_PROFILE
- PRE_REGISTRATION
- AUTHENTICATION
ActionModel:
type: object
required:
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -803,7 +803,7 @@
<maven.buildnumber.plugin.version>1.4</maven.buildnumber.plugin.version>
<org.apache.felix.annotations.version>1.2.4</org.apache.felix.annotations.version>
<identity.governance.version>1.10.6</identity.governance.version>
<carbon.identity.framework.version>7.5.69</carbon.identity.framework.version>
<carbon.identity.framework.version>7.5.70</carbon.identity.framework.version>
<maven.findbugsplugin.version>3.0.5</maven.findbugsplugin.version>
<findsecbugs-plugin.version>1.12.0</findsecbugs-plugin.version>
<maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>
Expand Down

0 comments on commit 9d68644

Please sign in to comment.