From ea406bbe0bd507975fb6599ed88819b6ef332bbd Mon Sep 17 00:00:00 2001 From: AnuradhaSK Date: Tue, 24 Oct 2023 01:26:23 +0530 Subject: [PATCH 1/4] return associating roles' allowed audience on request --- .../ApplicationManagementConstants.java | 1 + .../management/v1/ApplicationListItem.java | 26 +++++++++++++++++-- .../ServerApplicationManagementService.java | 6 +++++ ...cationInfoWithRequiredPropsToApiModel.java | 11 +++++++- .../src/main/resources/applications.yaml | 8 +++--- 5 files changed, 46 insertions(+), 6 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index 3865722114..a6b5507924 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -51,6 +51,7 @@ private ApplicationManagementConstants() { public static final String NAME = "name"; public static final String CLIENT_ID = "clientId"; public static final String ISSUER = "issuer"; + public static final String ROLE_ASSOCIATION_ALLOWED_AUDIENCE = "associatedRoles.allowedAudience"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationListItem.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationListItem.java index bc44e431b9..cf2f2ffbd2 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationListItem.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationListItem.java @@ -23,6 +23,7 @@ import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig; import javax.validation.constraints.*; @@ -77,6 +78,7 @@ public static AccessEnum fromValue(String value) { private String self; private AdvancedApplicationConfiguration advancedConfigurations; private String templateId; + private AssociatedRolesConfig associatedRoles; /** **/ @@ -276,6 +278,24 @@ public void setTemplateId(String templateId) { this.templateId = templateId; } + /** + **/ + public ApplicationListItem associatedRoles(AssociatedRolesConfig associatedRoles) { + + this.associatedRoles = associatedRoles; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("associatedRoles") + @Valid + public AssociatedRolesConfig getAssociatedRoles() { + return associatedRoles; + } + public void setAssociatedRoles(AssociatedRolesConfig associatedRoles) { + this.associatedRoles = associatedRoles; + } + @Override @@ -298,12 +318,13 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.access, applicationListItem.access) && Objects.equals(this.self, applicationListItem.self) && Objects.equals(this.advancedConfigurations, applicationListItem.advancedConfigurations) && - Objects.equals(this.templateId, applicationListItem.templateId); + Objects.equals(this.templateId, applicationListItem.templateId) && + Objects.equals(this.associatedRoles, applicationListItem.associatedRoles); } @Override public int hashCode() { - return Objects.hash(id, name, description, image, accessUrl, clientId, issuer, access, self, advancedConfigurations, templateId); + return Objects.hash(id, name, description, image, accessUrl, clientId, issuer, access, self, advancedConfigurations, templateId, associatedRoles); } @Override @@ -323,6 +344,7 @@ public String toString() { sb.append(" self: ").append(toIndentedString(self)).append("\n"); sb.append(" advancedConfigurations: ").append(toIndentedString(advancedConfigurations)).append("\n"); sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); + sb.append(" associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java index d77904cf8e..3c645e061e 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java @@ -173,6 +173,7 @@ import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ErrorMessage.USE_EXTERNAL_CONSENT_PAGE_NOT_SUPPORTED; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ISSUER; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.NAME; +import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ROLE_ASSOCIATION_ALLOWED_AUDIENCE; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.TEMPLATE_ID; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.buildBadRequestError; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.buildNotImplementedError; @@ -227,6 +228,7 @@ public class ServerApplicationManagementService { SUPPORTED_REQUIRED_ATTRIBUTES.add(CLIENT_ID); SUPPORTED_REQUIRED_ATTRIBUTES.add(TEMPLATE_ID); SUPPORTED_REQUIRED_ATTRIBUTES.add(ISSUER); + SUPPORTED_REQUIRED_ATTRIBUTES.add(ROLE_ASSOCIATION_ALLOWED_AUDIENCE); } @Autowired @@ -1628,6 +1630,10 @@ private List getApplicationListItems(List if (requiredAttributes.stream().noneMatch(attribute -> attribute.equals(ISSUER))) { applicationResponseModel.issuer(null); } + if (requiredAttributes.stream() + .noneMatch(attribute -> attribute.equals(ROLE_ASSOCIATION_ALLOWED_AUDIENCE))) { + applicationResponseModel.associatedRoles(null); + } applicationListItems.add(new ApplicationInfoWithRequiredPropsToApiModel().apply(applicationResponseModel)); } return applicationListItems; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java index 80716c0cbd..a245ab9450 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java @@ -19,6 +19,7 @@ import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationListItem; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationResponseModel; +import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig; import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.api.server.common.ContextLoader; @@ -54,7 +55,15 @@ public ApplicationListItem apply(ApplicationResponseModel applicationResponseMod .issuer(applicationResponseModel.getIssuer()) .advancedConfigurations(getAdvancedConfigurations(applicationResponseModel)) .templateId(applicationResponseModel.getTemplateId()) - .self(getApplicationLocation(applicationResponseModel.getId())); + .self(getApplicationLocation(applicationResponseModel.getId())) + .associatedRoles(excludeAssociatedRoles(applicationResponseModel.getAssociatedRoles())); + } + + private AssociatedRolesConfig excludeAssociatedRoles(AssociatedRolesConfig associatedRolesConfig) { + + AssociatedRolesConfig configExcludingRoles = new AssociatedRolesConfig(); + configExcludingRoles.setAllowedAudience(associatedRolesConfig.getAllowedAudience()); + return configExcludingRoles; } private AdvancedApplicationConfiguration getAdvancedConfigurations( diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index 57873e99b7..d4ec0f049e 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -2456,9 +2456,9 @@ components: required: false description: | Specifies the required parameters in the response. - Currently supports for only 'advancedConfigurations', 'templateId', 'clientId', and 'issuer' attributes. + Currently supports for only 'advancedConfigurations', 'templateId', 'clientId', 'issuer', and 'associatedRoles.allowedAudience' attributes. - /applications?attributes=advancedConfigurations,templateId,clientId + /applications?attributes=advancedConfigurations,templateId,clientId,associatedRoles.allowedAudience schema: type: string exportSecretsQueryParam: @@ -2587,7 +2587,9 @@ components: templateId: type: string example: "980b8tester24c64a8a09a0d80abf8c337bd2555" - + associatedRoles: + type: object + $ref: '#/components/schemas/AssociatedRolesConfig' ApplicationModel: type: object required: From 10bd5b86762b52e2c07e07cbff498180c5933070 Mon Sep 17 00:00:00 2001 From: AnuradhaSK Date: Tue, 24 Oct 2023 09:48:43 +0530 Subject: [PATCH 2/4] bump framework --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8cb8c85dea..501a588b1c 100644 --- a/pom.xml +++ b/pom.xml @@ -760,7 +760,7 @@ 1.4 1.2.4 1.8.62 - 5.25.426 + 5.25.430 3.0.5 5.2.0 **/gen/**/* From c2679afab1fc85f51df4b684ca73b790713e5946 Mon Sep 17 00:00:00 2001 From: AnuradhaSK Date: Tue, 24 Oct 2023 10:28:51 +0530 Subject: [PATCH 3/4] fix possible NPE --- .../ApplicationInfoWithRequiredPropsToApiModel.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java index a245ab9450..aa965e1ba3 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApplicationInfoWithRequiredPropsToApiModel.java @@ -62,6 +62,9 @@ public ApplicationListItem apply(ApplicationResponseModel applicationResponseMod private AssociatedRolesConfig excludeAssociatedRoles(AssociatedRolesConfig associatedRolesConfig) { AssociatedRolesConfig configExcludingRoles = new AssociatedRolesConfig(); + if (associatedRolesConfig == null) { + return configExcludingRoles; + } configExcludingRoles.setAllowedAudience(associatedRolesConfig.getAllowedAudience()); return configExcludingRoles; } From e419ab0500f3c804b69022571b791d665b0d7b1c Mon Sep 17 00:00:00 2001 From: AnuradhaSK Date: Tue, 24 Oct 2023 10:56:55 +0530 Subject: [PATCH 4/4] use BE constant --- .../management/common/ApplicationManagementConstants.java | 1 - .../v1/core/ServerApplicationManagementService.java | 7 ++++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index a6b5507924..3865722114 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -51,7 +51,6 @@ private ApplicationManagementConstants() { public static final String NAME = "name"; public static final String CLIENT_ID = "clientId"; public static final String ISSUER = "issuer"; - public static final String ROLE_ASSOCIATION_ALLOWED_AUDIENCE = "associatedRoles.allowedAudience"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java index 3c645e061e..4dbe7bb7c2 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.java @@ -102,6 +102,7 @@ import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.common.model.SpFileContent; import org.wso2.carbon.identity.application.common.model.User; +import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants; import org.wso2.carbon.identity.application.mgt.ApplicationConstants; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; @@ -173,7 +174,6 @@ import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ErrorMessage.USE_EXTERNAL_CONSENT_PAGE_NOT_SUPPORTED; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ISSUER; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.NAME; -import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ROLE_ASSOCIATION_ALLOWED_AUDIENCE; import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.TEMPLATE_ID; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.buildBadRequestError; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.buildNotImplementedError; @@ -228,7 +228,7 @@ public class ServerApplicationManagementService { SUPPORTED_REQUIRED_ATTRIBUTES.add(CLIENT_ID); SUPPORTED_REQUIRED_ATTRIBUTES.add(TEMPLATE_ID); SUPPORTED_REQUIRED_ATTRIBUTES.add(ISSUER); - SUPPORTED_REQUIRED_ATTRIBUTES.add(ROLE_ASSOCIATION_ALLOWED_AUDIENCE); + SUPPORTED_REQUIRED_ATTRIBUTES.add(IdentityApplicationConstants.ALLOWED_ROLE_AUDIENCE_REQUEST_ATTRIBUTE_NAME); } @Autowired @@ -1631,7 +1631,8 @@ private List getApplicationListItems(List applicationResponseModel.issuer(null); } if (requiredAttributes.stream() - .noneMatch(attribute -> attribute.equals(ROLE_ASSOCIATION_ALLOWED_AUDIENCE))) { + .noneMatch(attribute -> attribute.equals( + IdentityApplicationConstants.ALLOWED_ROLE_AUDIENCE_REQUEST_ATTRIBUTE_NAME))) { applicationResponseModel.associatedRoles(null); } applicationListItems.add(new ApplicationInfoWithRequiredPropsToApiModel().apply(applicationResponseModel));