wso2 · Thisara-Welmilla · Jan 26, 2025 · Jan 25, 2025 · Jan 25, 2025 · Jan 26, 2025
diff --git a/...er/application/management/v1/core/functions/application/UpdateAuthenticationSequence.java b/...er/application/management/v1/core/functions/application/UpdateAuthenticationSequence.java
@@ -22,7 +22,6 @@
 import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction;
 import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils;
 import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
-import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
 import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
 import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.model.IdentityProvider;
@@ -32,7 +31,6 @@
 import org.wso2.carbon.identity.application.common.model.ServiceProvider;
 import org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig;
 import org.wso2.carbon.identity.application.mgt.ApplicationConstants;
-import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 
 import java.util.ArrayList;
 import java.util.Collections;
@@ -156,24 +154,21 @@ private AuthenticationStep buildAuthenticationStep(AuthenticationStepModel stepM
         List<LocalAuthenticatorConfig> localAuthOptions = new ArrayList<>();
         List<IdentityProvider> federatedAuthOptions = new ArrayList<>();
 
+        /* The defined type of the authenticator (USER or SYSTEM) will not be resolved here. Since this is flow of
+         the authenticator is being configured for application authentication flows, only the type of the authenticator
+         local or federated) is relevant. Therefore, resolving by the defined type is not necessary.
+         */
         stepModel.getOptions().forEach(option -> {
             // TODO : add validations to swagger so that we don't need to check inputs here.
             if (FrameworkConstants.LOCAL_IDP_NAME.equals(option.getIdp())) {
                 LocalAuthenticatorConfig localAuthOption = new LocalAuthenticatorConfig();
                 localAuthOption.setEnabled(true);
                 localAuthOption.setName(option.getAuthenticator());
-                DefinedByType definedByType = ApplicationAuthenticatorService.getInstance()
-                        .getLocalAuthenticatorByName(option.getAuthenticator()).getDefinedByType();
-                localAuthOption.setDefinedByType(definedByType);
                 localAuthOptions.add(localAuthOption);
             } else {
                 FederatedAuthenticatorConfig federatedAuthConfig = new FederatedAuthenticatorConfig();
                 federatedAuthConfig.setEnabled(true);
                 federatedAuthConfig.setName(option.getAuthenticator());
-                DefinedByType definedByType = ApplicationAuthenticatorService.getInstance()
-                        .getFederatedAuthenticatorByName(option.getAuthenticator()).getDefinedByType();
-                federatedAuthConfig.setDefinedByType(definedByType);
-
                 IdentityProvider federatedIdp = new IdentityProvider();
                 federatedIdp.setIdentityProviderName(option.getIdp());
                 federatedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[]{federatedAuthConfig});

diff --git a/...rbon/identity/api/server/authenticators/v1/core/ServerAuthenticatorManagementService.java b/...rbon/identity/api/server/authenticators/v1/core/ServerAuthenticatorManagementService.java
@@ -50,7 +50,6 @@
 import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.AuthenticatorMgtError;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
-import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 import org.wso2.carbon.identity.base.IdentityException;
 import org.wso2.carbon.identity.core.model.ExpressionNode;
 import org.wso2.carbon.identity.core.model.FilterTreeBuilder;
@@ -521,9 +520,10 @@ private void addIdp(IdentityProvider identityProvider, List<Authenticator> authe
          authenticator and should always be classified as a SYSTEM type. Otherwise, it can be classified as either
          SYSTEM or USER, depending on the 'definedBy' type of the federated authenticator. */
         if (identityProvider.getFederatedAuthenticatorConfigs().length == 1) {
-            DefinedByType definedByType =
-                    identityProvider.getFederatedAuthenticatorConfigs()[0].getDefinedByType();
-            authenticator.definedBy(Authenticator.DefinedByEnum.valueOf(definedByType.toString()));
+            FederatedAuthenticatorConfig federatedAuthConfig = resolveFederatedAuthenticatorConfig(identityProvider);
+            authenticator.definedBy(Authenticator.DefinedByEnum.valueOf(
+                    String.valueOf(federatedAuthConfig.getDefinedByType())));
+            authenticator.setTags(Arrays.asList(federatedAuthConfig.getTags()));
         } else {
             authenticator.definedBy(Authenticator.DefinedByEnum.SYSTEM);
         }
@@ -536,6 +536,20 @@ private void addIdp(IdentityProvider identityProvider, List<Authenticator> authe
                 String.format("/v1/identity-providers/%s", identityProvider.getResourceId())).toString());
     }
 
+    private FederatedAuthenticatorConfig resolveFederatedAuthenticatorConfig(IdentityProvider identityProvider) {
+
+        try {
+            return idpManager.getFederatedAuthenticatorByName(
+                    identityProvider.getFederatedAuthenticatorConfigs()[0].getName(),
+                    ContextLoader.getTenantDomainFromContext());
+        } catch (IdentityProviderManagementException e) {
+            throw handleException(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessage
+                    .ERROR_CODE_ERROR_LISTING_AUTHENTICATORS, String.format("An error occurred whiling " +
+                    "retrieving federated authenticator configuration for identity provider: %s",
+                    identityProvider.getIdentityProviderName()));
+        }
+    }
+
     /**
      * Adds the local authenticator to the list of authenticators.
      *

diff --git a/...va/org/wso2/carbon/identity/api/server/configs/v1/core/ServerConfigManagementService.java b/...va/org/wso2/carbon/identity/api/server/configs/v1/core/ServerConfigManagementService.java
@@ -38,7 +38,6 @@
 import org.wso2.carbon.identity.api.server.configs.v1.function.CORSConfigurationToCORSConfig;
 import org.wso2.carbon.identity.api.server.configs.v1.function.DCRConnectorUtil;
 import org.wso2.carbon.identity.api.server.configs.v1.function.JWTConnectorUtil;
-import org.wso2.carbon.identity.api.server.configs.v1.model.AuthenticationType;
 import org.wso2.carbon.identity.api.server.configs.v1.model.Authenticator;
 import org.wso2.carbon.identity.api.server.configs.v1.model.AuthenticatorListItem;
 import org.wso2.carbon.identity.api.server.configs.v1.model.AuthenticatorProperty;
@@ -110,7 +109,6 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
@@ -816,7 +814,7 @@ private Authenticator buildAuthenticatorResponse(LocalAuthenticatorConfig config
                 UserDefinedLocalAuthenticatorConfig userDefinedConfig = castToUserDefinedConfig(config);
                 authenticator.setImage(userDefinedConfig.getImageUrl());
                 authenticator.setDescription(userDefinedConfig.getDescription());
-                resolveEndpointConfiguration(authenticator, userDefinedConfig);
+                resolveEndpointConfigurationForAuthenticatorFromConfig(authenticator, userDefinedConfig);
             } else {
                 authenticator.setDefinedBy(Authenticator.DefinedByEnum.SYSTEM);
                 setAuthenticatorProperties(config, authenticator);
@@ -841,18 +839,14 @@ private UserDefinedLocalAuthenticatorConfig castToUserDefinedConfig(LocalAuthent
         }
     }
 
-    private void resolveEndpointConfiguration(Authenticator authenticator, UserDefinedLocalAuthenticatorConfig config) {
+    private void resolveEndpointConfigurationForAuthenticatorFromConfig(
+            Authenticator authenticator, UserDefinedLocalAuthenticatorConfig config) {
 
+        /* Only the endpoint URI of the endpoint configurations of the user-defined authenticator is set to the
+        authenticator. The authentication properties in the config are aliases for secrets and must not be included
+         in the response body.*/
         UserDefinedAuthenticatorEndpointConfig endpointConfig = config.getEndpointConfig();
-
-        AuthenticationType authenticationType = new AuthenticationType();
-        authenticationType.setType(AuthenticationType.TypeEnum.fromValue(
-                endpointConfig.getAuthenticatorEndpointAuthenticationType()));
-        authenticationType.setProperties(new HashMap<>(
-                endpointConfig.getAuthenticatorEndpointAuthenticationProperties()));
-
         Endpoint endpoint = new Endpoint();
-        endpoint.setAuthentication(authenticationType);
         endpoint.setUri(endpointConfig.getAuthenticatorEndpointUri());
         authenticator.addEndpointItem(endpoint);
     }

diff --git a/pom.xml b/pom.xml
@@ -822,7 +822,7 @@
         <maven.buildnumber.plugin.version>1.4</maven.buildnumber.plugin.version>
         <org.apache.felix.annotations.version>1.2.4</org.apache.felix.annotations.version>
         <identity.governance.version>1.11.27</identity.governance.version>
-        <carbon.identity.framework.version>7.7.138</carbon.identity.framework.version>
+        <carbon.identity.framework.version>7.7.141</carbon.identity.framework.version>
         <maven.findbugsplugin.version>3.0.5</maven.findbugsplugin.version>
         <findsecbugs-plugin.version>1.12.0</findsecbugs-plugin.version>
         <maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>