Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add validation for endpoint authentication properties in authenticator create flows #828

Merged
merged 7 commits into from
Feb 4, 2025
Merged

Add validation for endpoint authentication properties in authenticator create flows #828

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
e7efd84
Add validation for endpoint authentication properties in authenticato…
ashanthamara Feb 4, 2025
ea246e4
Replace Authentication.Type.valueOf with Authentication.Type.valueOfName
ashanthamara Feb 4, 2025
f223c6c
Update framework version
ashanthamara Feb 4, 2025
8589ba2
Refactor federatedAuthenticatorConfig validation
ashanthamara Feb 4, 2025
84cb71b
Refactor error messages
ashanthamara Feb 4, 2025
7e784cd
Rename validation method names
ashanthamara Feb 4, 2025
95fe86c
Revert file change
ashanthamara Feb 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .../java/org/wso2/carbon/identity/api/server/action/management/v1/util/ActionMapperUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public static Action buildActionRequest(Action.ActionTypes actionType, ActionMod
throws ActionMgtException {

Authentication authentication = ActionMapperUtil.buildAuthentication(
Authentication.Type.valueOf(actionModel.getEndpoint().getAuthentication().getType().toString()),
Authentication.Type.valueOfName(actionModel.getEndpoint().getAuthentication().getType().toString()),
actionModel.getEndpoint().getAuthentication().getProperties());

ActionRule actionRule = null;
Expand Down Expand Up @@ -97,7 +97,7 @@ public static Action buildUpdatingActionRequest(Action.ActionTypes actionType, A

Authentication authentication = null;
if (actionUpdateModel.getEndpoint().getAuthentication() != null) {
authentication = buildAuthentication(Authentication.Type.valueOf(actionUpdateModel.getEndpoint()
authentication = buildAuthentication(Authentication.Type.valueOfName(actionUpdateModel.getEndpoint()
.getAuthentication().getType().toString()),
actionUpdateModel.getEndpoint().getAuthentication().getProperties());
}
Expand Down
11 changes: 11 additions & 0 deletions ...on/identity/api/server/authenticators/v1/impl/LocalAuthenticatorConfigBuilderFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ public static UserDefinedLocalAuthenticatorConfig build(UserDefinedLocalAuthenti
authConfig.setImageUrl(config.getImage());
authConfig.setDescription(config.getDescription());
authConfig.setEnabled(config.getIsEnabled());
validateEndpointAuthProperties(config.getEndpoint());
authConfig.setEndpointConfig(buildEndpointConfig(config.getEndpoint()));

return authConfig;
Expand Down Expand Up @@ -147,4 +148,14 @@ private static AuthenticatorPropertyConstants.AuthenticationType resolveAuthenti
return AuthenticatorPropertyConstants.AuthenticationType.IDENTIFICATION;
}
}

private static void validateEndpointAuthProperties(Endpoint endpoint) throws AuthenticatorMgtClientException {

if (endpoint.getAuthentication().getProperties() == null ||
endpoint.getAuthentication().getProperties().isEmpty()) {
AuthenticatorMgtError error = AuthenticatorMgtError.ERROR_CODE_INVALID_ENDPOINT_CONFIG;
throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(),
"Authentication properties are not provided");
}
}
}
25 changes: 21 additions & 4 deletions ...o2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ public static FederatedAuthenticatorConfig build(FederatedAuthenticator authenti
getDisplayNameOfAuthenticator(authenticatorName),
authenticator.getEndpoint(), properties, authenticator.getIsEnabled(), definedByType);

validateEndpointAuthProperties(config);
return FederatedAuthenticatorConfigBuilderFactory.createFederatedAuthenticatorConfig(config);
}

Expand Down Expand Up @@ -223,9 +224,11 @@ private static UserDefinedFederatedAuthenticatorConfig createUserDefinedFederate
new UserDefinedAuthenticatorEndpointConfig.UserDefinedAuthenticatorEndpointConfigBuilder();
endpointConfigBuilder.uri(config.endpoint.getUri());
endpointConfigBuilder.authenticationType(config.endpoint.getAuthentication().getType().toString());
endpointConfigBuilder.authenticationProperties(config.endpoint.getAuthentication().getProperties()
.entrySet().stream().collect(Collectors.toMap(
Map.Entry::getKey, entry -> entry.getValue().toString())));
if (config.endpoint.getAuthentication().getProperties() != null) {
endpointConfigBuilder.authenticationProperties(config.endpoint.getAuthentication().getProperties()
.entrySet().stream().collect(Collectors.toMap(
Map.Entry::getKey, entry -> entry.getValue().toString())));
}
authConfig.setEndpointConfig(endpointConfigBuilder.build());

return authConfig;
Expand Down Expand Up @@ -337,7 +340,7 @@ private static void validateSamlMetadata(List<Property> samlAuthenticatorPropert
}

/**
* Verify if scopes have not been set in both Scopes field and Additional Query Parameters field
* Verify if scopes have not been set in both Scopes field and Additional Query Parameters field.
*
* @param oidcAuthenticatorProperties Authenticator properties of OIDC authenticator.
*/
Expand Down Expand Up @@ -389,6 +392,20 @@ private static void validateDefaultOpenIDConnectScopes(List<Property> oidcAuthen
}
}

private static void validateEndpointAuthProperties(Config config) throws IdentityProviderManagementClientException {

if (DefinedByType.SYSTEM == config.definedByType) {
return;
}

if (config.endpoint.getAuthentication().getProperties() == null ||
config.endpoint.getAuthentication().getProperties().isEmpty()) {
throw new IdentityProviderManagementClientException(Constants.ErrorMessage
.ERROR_CODE_INVALID_INPUT.getCode(), Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT.getMessage(),
"Authenticator endpoint authentication properties are not provided");
}
}

static boolean areAllDistinct(List<Property> properties) {
return properties.stream()
.map(Property::getName)
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -848,7 +848,7 @@
<maven.buildnumber.plugin.version>1.4</maven.buildnumber.plugin.version>
<org.apache.felix.annotations.version>1.2.4</org.apache.felix.annotations.version>
<identity.governance.version>1.11.27</identity.governance.version>
<carbon.identity.framework.version>7.7.180</carbon.identity.framework.version>
<carbon.identity.framework.version>7.7.184</carbon.identity.framework.version>
<maven.findbugsplugin.version>3.0.5</maven.findbugsplugin.version>
<findsecbugs-plugin.version>1.12.0</findsecbugs-plugin.version>
<maven.checkstyleplugin.excludes>**/gen/**/*</maven.checkstyleplugin.excludes>
Expand Down
Loading