Updates the Action Management API to reject inflow action types such as authentication.

components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionType.java

@@ -28,7 +28,7 @@
 @XmlEnum(String.class)
 public enum ActionType {
 
-    @XmlEnumValue("PRE_ISSUE_ACCESS_TOKEN") PRE_ISSUE_ACCESS_TOKEN(String.valueOf("PRE_ISSUE_ACCESS_TOKEN")), @XmlEnumValue("PRE_UPDATE_PASSWORD") PRE_UPDATE_PASSWORD(String.valueOf("PRE_UPDATE_PASSWORD")), @XmlEnumValue("PRE_UPDATE_PROFILE") PRE_UPDATE_PROFILE(String.valueOf("PRE_UPDATE_PROFILE")), @XmlEnumValue("PRE_REGISTRATION") PRE_REGISTRATION(String.valueOf("PRE_REGISTRATION")), @XmlEnumValue("AUTHENTICATION") AUTHENTICATION(String.valueOf("AUTHENTICATION"));
+    @XmlEnumValue("PRE_ISSUE_ACCESS_TOKEN") PRE_ISSUE_ACCESS_TOKEN(String.valueOf("PRE_ISSUE_ACCESS_TOKEN")), @XmlEnumValue("PRE_UPDATE_PASSWORD") PRE_UPDATE_PASSWORD(String.valueOf("PRE_UPDATE_PASSWORD")), @XmlEnumValue("PRE_UPDATE_PROFILE") PRE_UPDATE_PROFILE(String.valueOf("PRE_UPDATE_PROFILE")), @XmlEnumValue("PRE_REGISTRATION") PRE_REGISTRATION(String.valueOf("PRE_REGISTRATION"));
 
 
     private String value;

components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionsApi.java

@@ -67,7 +67,7 @@ public class ActionsApi  {
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class)
     })
-    public Response activateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
+    public Response activateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
 
         return delegate.activateAction(actionType,  actionId );
     }
@@ -92,7 +92,7 @@ public Response activateAction(@ApiParam(value = "Name of the Action Type.",requ
         @ApiResponse(code = 500, message = "Server Error", response = Error.class),
         @ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
     })
-    public Response createAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "This represents the action to be created." ,required=true) @Valid ActionModel actionModel) {
+    public Response createAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "This represents the action to be created." ,required=true) @Valid ActionModel actionModel) {
 
         return delegate.createAction(actionType,  actionModel );
     }
@@ -116,7 +116,7 @@ public Response createAction(@ApiParam(value = "Name of the Action Type.",requir
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class)
     })
-    public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
+    public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
 
         return delegate.deactivateAction(actionType,  actionId );
     }
@@ -140,59 +140,59 @@ public Response deactivateAction(@ApiParam(value = "Name of the Action Type.",re
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class)
     })
-    public Response deleteAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
+    public Response deleteAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
 
         return delegate.deleteAction(actionType,  actionId );
     }
 
     @Valid
     @GET
-    @Path("/types")
+    @Path("/{actionType}/{actionId}")
 
     @Produces({ "application/json" })
-    @ApiOperation(value = "Detailed summary of the Action Types ", notes = "This API provides the capability to retrieve the detailed summary of the action types.<br>   <b>Scope required:</b> <br>       * internal_action_mgt_view ", response = ActionTypesResponseItem.class, responseContainer = "List", authorizations = {
+    @ApiOperation(value = "Retrieve Action information by given Id. ", notes = "This API provides the capability to retrieve the action by action Id.<br>   <b>Scope required:</b> <br>       * internal_action_mgt_view ", response = ActionResponse.class, authorizations = {
         @Authorization(value = "BasicAuth"),
         @Authorization(value = "OAuth2", scopes = {
 
         })
     }, tags={ "Actions", })
     @ApiResponses(value = { 
-        @ApiResponse(code = 200, message = "OK", response = ActionTypesResponseItem.class, responseContainer = "List"),
+        @ApiResponse(code = 200, message = "OK", response = ActionResponse.class),
         @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
         @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
         @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class),
         @ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
     })
-    public Response getActionTypes() {
+    public Response getActionByActionId(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
 
-        return delegate.getActionTypes();
+        return delegate.getActionByActionId(actionType,  actionId );
     }
 
     @Valid
     @GET
-    @Path("/{actionType}/{actionId}")
+    @Path("/types")
 
     @Produces({ "application/json" })
-    @ApiOperation(value = "Retrieve Action information by given Id. ", notes = "This API provides the capability to retrieve the action by action Id.<br>   <b>Scope required:</b> <br>       * internal_action_mgt_view ", response = ActionResponse.class, authorizations = {
+    @ApiOperation(value = "Detailed summary of the Action Types ", notes = "This API provides the capability to retrieve the detailed summary of the action types.<br>   <b>Scope required:</b> <br>       * internal_action_mgt_view ", response = ActionTypesResponseItem.class, responseContainer = "List", authorizations = {
         @Authorization(value = "BasicAuth"),
         @Authorization(value = "OAuth2", scopes = {
 
         })
     }, tags={ "Actions", })
     @ApiResponses(value = { 
-        @ApiResponse(code = 200, message = "OK", response = ActionResponse.class),
+        @ApiResponse(code = 200, message = "OK", response = ActionTypesResponseItem.class, responseContainer = "List"),
         @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
         @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
         @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class),
         @ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
     })
-    public Response getActionByActionId(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId) {
+    public Response getActionTypes() {
 
-        return delegate.getActionByActionId(actionType,  actionId );
+        return delegate.getActionTypes();
     }
 
     @Valid
@@ -215,7 +215,7 @@ public Response getActionByActionId(@ApiParam(value = "Name of the Action Type."
         @ApiResponse(code = 500, message = "Server Error", response = Error.class),
         @ApiResponse(code = 501, message = "Not Implemented", response = Error.class)
     })
-    public Response getActionsByActionType(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType) {
+    public Response getActionsByActionType(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType) {
 
         return delegate.getActionsByActionType(actionType );
     }
@@ -239,7 +239,7 @@ public Response getActionsByActionType(@ApiParam(value = "Name of the Action Typ
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class)
     })
-    public Response updateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "This represents the action information to be updated." ,required=true) @Valid ActionUpdateModel actionUpdateModel) {
+    public Response updateAction(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "This represents the action information to be updated." ,required=true) @Valid ActionUpdateModel actionUpdateModel) {
 
         return delegate.updateAction(actionType,  actionId,  actionUpdateModel );
     }
@@ -263,7 +263,7 @@ public Response updateAction(@ApiParam(value = "Name of the Action Type.",requir
         @ApiResponse(code = 404, message = "Not Found", response = Error.class),
         @ApiResponse(code = 500, message = "Server Error", response = Error.class)
     })
-    public Response updateActionEndpointAuthentication(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration, authentication") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "Authentication Type of the Action Endpoint.",required=true, allowableValues="none, basic, apiKey, bearer") @PathParam("authType") String authType, @ApiParam(value = "This represents the action endpoint authentication to be updated." ,required=true) @Valid AuthenticationTypeProperties authenticationTypeProperties) {
+    public Response updateActionEndpointAuthentication(@ApiParam(value = "Name of the Action Type.",required=true, allowableValues="preIssueAccessToken, preUpdatePassword, preUpdateProfile, preRegistration") @PathParam("actionType") String actionType, @ApiParam(value = "Id of the Action.",required=true) @PathParam("actionId") String actionId, @ApiParam(value = "Authentication Type of the Action Endpoint.",required=true, allowableValues="none, basic, apiKey, bearer") @PathParam("authType") String authType, @ApiParam(value = "This represents the action endpoint authentication to be updated." ,required=true) @Valid AuthenticationTypeProperties authenticationTypeProperties) {
 
         return delegate.updateActionEndpointAuthentication(actionType,  actionId,  authType,  authenticationTypeProperties );
     }

components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/action/management/v1/ActionsApiService.java

@@ -44,10 +44,10 @@ public interface ActionsApiService {
 
       public Response deleteAction(String actionType, String actionId);
 
-      public Response getActionTypes();
-
       public Response getActionByActionId(String actionType, String actionId);
 
+      public Response getActionTypes();
+
       public Response getActionsByActionType(String actionType);
 
       public Response updateAction(String actionType, String actionId, ActionUpdateModel actionUpdateModel);

components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java

@@ -36,21 +36,23 @@ private ActionMgtEndpointConstants() {
     public enum ErrorMessage {
 
         // Client errors.
-        ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60001",
+        ERROR_INVALID_ACTION_TYPE("60001", "Invalid action type.",
+                "Invalid action type used for path parameter."),
+        ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60010",
                 "Unable to perform the operation.",
                 "Required authentication properties are not provided or invalid."),
-        ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE("60002",
+        ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE("60011",
                 "Invalid Authentication Type for Action Endpoint.",
                 "Invalid authentication type used for path parameter."),
-        ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60003",
+        ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES("60012",
                 "Unable to perform the operation.",
                 "Authentication property values cannot be empty."),
-        ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60004",
+        ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60013",
                 "Action is not found.",
                 "No action is found for given action id and action type"),
 
         // Server errors.
-        ERROR_NOT_IMPLEMENTED_ACTION_TYPE("65001",
+        ERROR_NOT_IMPLEMENTED_ACTION_TYPE("650015",
                 "Unable to perform the operation.",
                 "The requested action type is not currently supported by the server.");
 

components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/resources/Actions.yaml

@@ -88,7 +88,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
       requestBody:
         content:
           application/json:
@@ -153,7 +152,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
       responses:
         '200':
           description: OK
@@ -212,7 +210,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -275,7 +272,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -340,7 +336,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -395,7 +390,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -454,7 +448,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -513,7 +506,6 @@ paths:
               - preUpdatePassword
               - preUpdateProfile
               - preRegistration
-              - authentication
         - name: actionId
           in: path
           description: Id of the Action.
@@ -588,7 +580,6 @@ components:
         - PRE_UPDATE_PASSWORD
         - PRE_UPDATE_PROFILE
         - PRE_REGISTRATION
-        - AUTHENTICATION
     ActionModel:
       type: object
       required:

pom.xml

@@ -803,7 +803,7 @@
         <maven.buildnumber.plugin.version>1.4</maven.buildnumber.plugin.version>
         <org.apache.felix.annotations.version>1.2.4</org.apache.felix.annotations.version>
         <identity.governance.version>1.10.6</identity.governance.version>
-        <carbon.identity.framework.version>7.5.69</carbon.identity.framework.version>
+        <carbon.identity.framework.version>7.5.70</carbon.identity.framework.version>
         <maven.findbugsplugin.version>3.0.5</maven.findbugsplugin.version>
         <findsecbugs-plugin.version>1.12.0</findsecbugs-plugin.version>
         <maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>